Alteon OS 22.0.

2

Command Reference

part number: 315393-J, January 2005

4655 Great America Parkway Santa Clara, CA 95054 Phone 1-800-4Nortel http://www.nortelnetworks.com

Alteon OS 22.0.2 Command Reference

Copyright 2005 Nortel Networks, Inc., 4655 Great America Parkway, Santa Clara, California 95054, USA. All rights reserved. Part Number: 315393-J. This document is protected by copyright and distributed under licenses restricting its use, copying, distribution, and decompilation. No part of this document may be reproduced in any form by any means without prior written authorization of Nortel Networks, Inc. Documentation is provided “as is” without warranty of any kind, either express or implied, including any kind of implied or express warranty of noninfringement or the implied warranties of merchantability or fitness for a particular purpose. U.S. Government End Users: This document is provided with a “commercial item” as defined by FAR 2.101 (Oct 1995) and contains “commercial technical data” and “commercial software documentation” as those terms are used in FAR 12.211-12.212 (Oct 1995). Government End Users are authorized to use this documentation only in accordance with those rights and restrictions set forth herein, consistent with FAR 12.211- 12.212 (Oct 1995), DFARS 227.7202 (JUN 1995) and DFARS 252.227-7015 (Nov 1995). Nortel Networks, Inc. reserves the right to change any products described herein at any time, and without notice. Nortel Networks, Inc. assumes no responsibility or liability arising from the use of products described herein, except as expressly agreed to in writing by Nortel Networks, Inc. The use and purchase of this product does not convey a license under any patent rights, trademark rights, or any other intellectual property rights of Nortel Networks, Inc.

Alteon OS, Alteon 2424, Alteon 2424-SSL, Alteon 2224, 2216, 2208, 3408, Alteon 180, Alteon 180e,
Alteon 184, Alteon AD3, Alteon AD4, and ACEswitch are trademarks of Nortel Networks, Inc. in the United States and certain other countries. Cisco® and EtherChannel® are registered trademarks of Cisco Systems, Inc. in the United States and certain other countries. Check Point® and FireWall-1® are trademarks or registered trademarks of Check Point Software Technologies Ltd. Any other trademarks appearing in this manual are owned by their respective companies. Originated in the U.S.A.

2

315393-J, January 2005

Contents
Preface 15 Who Should Use This Book 15 How This Book Is Organized 15 Related Documentation 16 Typographic Conventions 17 How to Get Help 18 Chapter 1: The Command Line Interface 19 Connecting to the Switch 20 Establishing a Console Connection 20 Requirements 20 Procedure 20 Establishing a Telnet Connection 21 Using a BOOTP Server 21 Running Telnet 21 Establishing an SSH Connection 22 Running SSH 22 Accessing the Switch 23 CLI Versus Setup 25 Command Line History and Editing 25 Idle Timeout 25 Chapter 2: First-Time Configuration 27 Using the Setup Utility 27 Information Needed For Setup 27 Starting Setup When You Log In 28 Stopping and Restarting Setup Manually 29 Stopping Setup 29 Restarting Setup 29 Setup Part 1: Basic System Configuration 29
3

315393-J, January 2005

Alteon OS 22.0.2 Command Reference

Setup Part 2: Port Configuration 31 Setup Part 3: VLANs 34 Setup Part 4: IP Configuration 35 IP Interfaces 35 Default Gateways 36 IP Routing 37 Setup Part 5: Final Steps 38 Optional Setup for SNMP Support 39 Optional Setup for Telnet Support 39 Setting Passwords 40 Changing the Default Administrator Password 40 Changing the Default User Password 42 Changing the Default Layer 4 Administrator Password 44 Chapter 3: Menu Basics 47 The Main Menu 47 Menu Summary 48 Global Commands 49 Command Line History and Editing 51 Command Line Interface Shortcuts 52 Command Stacking 52 Command Abbreviation 52 Tab Completion 52 Chapter 4: The Information Menu 53 Information Menu 53 System Information Menu 55 SNMPv3 System Information Menu 57 SNMPv3 USM User Table Information 58 SNMPv3 View Table Information 59 SNMPv3 Access Table Information 60 SNMPv3 Group Table Information 61 SNMPv3 Community Table Information 61 SNMPv3 Target Address Table Information 62 SNMPv3 Target Parameters Table Information 63 SNMPv3 Notify Table Information 64 SNMPv3 Dump Information 65 General System Information 66

4

Contents

315393-J, January 2005

Alteon OS 22.0.2 Command Reference

Show Last 30 Syslog Messages 67 Saved Syslog Messages 68 Management Port Information 69 SONMP Information 70 System Capacity Information 71 System Information Dump 74 Layer 2 Information Menu 77 Layer 2 FDB Information 78 Show All FDB Information 79 Clearing Entries from the Forwarding Database 80 Link Aggregation Control Protocol Information Menu 80 LACP Aggregator Information 81 LACP Port Information 82 LACP Dump Information 84 Layer 2 Spanning Tree Group Information 85 Trunk Group Information 87 VLAN Information 88 Layer2 Dump Information 89 Layer3 Information Menu 90 IP Routing Information 91 Show All IP Route Information 92 Type Parameters 92 Tag Parameters 93 ARP Information Menu 93 Show ARP Entries on Referenced SP 95 Show All ARP Entry Information 95 ARP Address List Information 96 BGP Information Menu 96 BGP Peer information 97 BGP Summary information 97 Dump BGP Information 98 OSPF Information Menu 98 OSPF General Information 100 OSPF Interface Information 100 OSPF Database Information 101 OSPF Information Route Codes 102 OSPF Dump Information 103 IP Information 104

315393-J, January 2005

Contents

5

Alteon OS 22.0.2 Command Reference

VRRP Information 105 Layer3 Dump Information 107 Layer 4 Information Menu 110 Session Table Information 112 Samples of Session Dumps for Different Applications 113 Session dump information in Alteon OS 115 Global SLB Information Menu 117 Show All Layer 4 Information 118 Link Status Information 119 Port Information 120 Bandwidth Management Information 121 BWM IP User Information Menu 122 BWM Contract Information 124 Security Information 126 Software Enabled Keys 127 Information Dump 127 Chapter 5: The Statistics Menu 129 Statistics Menu 129 Port Statistics Menu 131 Bridging Statistics 132 Ethernet Statistics 133 Interface Statistics 136 Interface Protocol Statistics 138 Link Statistics 139 RMON Statistics 140 Port Dump Statistics 143 Layer 2 Statistics Menu 144 FDB Statistics 145 LACP Statistics 146 Spanning Tree Group Statistics 147 Layer 3 Statistics Menu 148 OSPF Statistics Menu 150 OSPF Global Statistics 151 IP Statistics 155 Route Statistics 157 ARP statistics 159 VRRP Statistics 159

6

Contents

315393-J, January 2005

Alteon OS 22.0.2 Command Reference

DNS Statistics 160 ICMP Statistics 161 Interface Statistics 163 TCP Statistics 165 UDP Statistics 167 Server Load Balancing Statistics Menu 167 Server Load Balancing SP statistics Menu 170 SP Real Server Statistics 170 SP Filter Statistics 171 SP Maintenance Statistics 172 Global SLB Statistics Menu 174 Real Server Global SLB Statistics 175 Virtual Server Global SLB Statistics 175 Global SLB Site Statistics 176 Global SLB Maintenance Statistics 177 Real Server SLB Statistics 179 Per Service Octet Counters 179 Real Server Group Statistics 180 Virtual Server SLB Statistics 181 Filter SLB Statistics 181 SLB Layer7 Statistics Menu 182 Layer7 Redirection Statistics 182 Layer 7 SLB String Statistics 183 Layer 7 SLB Maintenance Statistics 184 SLB Secure Socket Layer Statistics 186 File Transfer Protocol SLB and Filter Statistics Menu 187 Active FTP SLB Parsing and Filter Statistics 188 Passive FTP SLB Parsing Statistics 188 FTP SLB Maintenance Statistics 189 FTP SLB Statistics Dump 189 RTSP SLB Statistics 190 DNS SLB Statistics 191 WAP SLB Statistics 192 SLB Maintenance Statistics 194 SIP SLB Statistics 196 Clearing the SLB Statistics 196 BWM Statistics Menu 198 BWM Switch Processor Statistics 199

315393-J, January 2005

Contents

7

Alteon OS 22.0.2 Command Reference

BWM Switch Processor Contract Statistics Menu 199 BWM Switch Processor Rate Contract Statistics 199 BWM Contract Statistics 200 BWM Contract Rate Statistics 201 BWM History Statistics 203 BWM Maintenance Statistics 204 BWM IP Users Statistics 204 Management Processor Statistics 205 MP Packet Statistics 206 TCP Statistics 208 UCB Statistics 208 MP-Specific SFD Statistics 209 CPU Statistics 209 SP Specific Statistics 210 SP-Specific Maintenance Statistics 211 CPU Statistics 211 Security Statistics 212 DOS Attack Statistics Menu 213 Types of DOS Attacks 214 IP Access Control List Statistics 214 UDP Blast Statistics 215 UDP Blast Dump Statistics 215 UDP Pattern Match Statistics 216 Rate Limiting Statistics 216 Dump Statistics for Security 217 SNMP Statistics 218 NTP Statistics 222 Port Mirroring Statistics Menu 224 Management Port Statistics 224 Dump Statistics 225 Chapter 6: The Configuration Menu 227 Configuration Menu 227 Viewing, Applying, and Saving Changes 228 Viewing Pending Changes 229 Applying Pending Changes 229 Saving the Configuration 229 System Configuration 231

8

Contents

315393-J, January 2005

Alteon OS 22.0.2 Command Reference

System Host Log Configuration 233 Seven Levels of Severity 234 Management Port Configuration Menu 234 Management Port Link Menu 237 SSH Server Configuration Menu 237 RADIUS Server Configuration 239 TACACS+ Server Configuration Menu 240 NTP Server Configuration 242 SynOptics Network Management Protocol Configuration 243 System SNMP Configuration 244 SNMPv3 Configuration Menu 247 User Security Model Configuration Menu 249 SNMPv3 View Configuration Menu 250 View-based Access Control Model Configuration Menu 251 SNMPv3 Group Configuration Menu 253 SNMPv3 Community Table Configuration Menu 254 SNMPv3 Target Address Table Configuration Menu 255 SNMPv3 Target Parameters Table Configuration Menu 256 SNMPv3 Notify Table Configuration Menu 257 System Health Check Configuration Menu 258 System Access Control Configuration 259 Management Networks Menu 260 User Access Control Menu 261 HTTPS Access Configuration Menu 263 System User ID Configuration Menu 264 Port Configuration 265 Alteon OS 2000 Series 265 Fast Ethernet Ports 265 SFP GBIC Ports 265 Port Link Configuration 267 Alteon OS 3000 Series 269 Port Configuration on Alteon OS 3408 269 Single-Mode ports 270 Single-Mode Copper Port Gigabit Ethernet Link Configuration Menu 271 Single-Mode SFP Gigabit Ethernet Port Link Configuration Menu 273 Dual-Mode Ports 274 Dual-Mode Copper Port Link Configuration 276 Dual-Mode SFP Gigabit Link Configuration Menu 277

315393-J, January 2005

Contents

9

0.Alteon OS 22. January 2005 .2 Command Reference Temporarily Disabling a Port 277 Port Mirroring Menu 278 Port-Mirroring Menu 278 Bandwidth Management Configuration 279 Bandwidth Management Contract Configuration 281 BWM Contract Time Policy Configuration Menu 283 Bandwidth Management Policy Configuration 284 Bandwidth Management Group Configuration Menu 285 Bandwidth Management Current Configuration 286 Layer 2 Configuration Menu 287 Spanning Tree Group Configuration 288 Bridge Spanning Tree Configuration 290 Spanning Tree Port Configuration 291 Trunk Configuration 292 Link Aggregation Control Protocol Menu 294 LACP Port Configuration Menu 296 VLAN Configuration 297 Layer 3 Configuration Menu 299 IP Interface Configuration 301 Default IP Gateway Configuration 302 Default Gateway Metrics 303 IP Static Route Configuration 304 ARP Configuration Menu 304 ARP Static Configuration Menu 305 IP Forwarding Configuration Menu 306 Local Network Route Caching Definition 306 Defining IP Address Ranges for the Local Route Cache 307 Network Filter Configuration 308 Route Map Configuration Menu 309 IP Access List Configuration Menu 311 Autonomous System Filter Path 312 Routing Information Protocol Configuration 313 Open Shortest Path First Configuration 315 Area Index Configuration Menu 317 OSPF Summary Range Configuration Menu 318 OSPF Interface Configuration Menu 319 OSPF Virtual Link Configuration Menu 321 OSPF Host Entry Configuration Menu 322 10 Contents 315393-J.

0. January 2005 Contents 11 .Alteon OS 22.2 Command Reference OSPF Route Redistribution Configuration Menu. 323 OSPF MD5 Key Configuration Menu 324 Border Gateway Protocol Configuration 324 BGP Peer Configuration Menu 326 BGP Redistribution Configuration Menu 328 BGP Aggregate Routing Configuration Menu 329 IP Forwarding Port Configuration Menu 330 Domain Name System Configuration Menu 331 Bootstrap Protocol Relay Configuration Menu 332 VRRP Configuration Menu 333 Virtual Router Configuration Menu 334 Virtual Router Priority Tracking Configuration 336 Virtual Router Group Menu 338 Virtual Router Group Priority Tracking Configuration Menu 340 Virtual Router Group Configuration 341 Virtual Router Group Priority Tracking Configuration 343 VRRP Interface Configuration 345 VRRP Tracking Configuration 346 Default Gateway Metrics 347 Security Configuration Menu 348 IP Address Access Control List Configuration Menu 349 Pattern Matching Menu 350 Port Security Configuration Menu 351 UDP Blast Protection Configuration Menu 352 Setup 353 Dump 353 Saving the Active Switch Configuration 354 Restoring the Active Switch Configuration 354 Chapter 7: The SLB Configuration Menu 355 SLB Configuration 356 Filtering and Layer 4 (Server Load Balancing) 358 Real Server SLB Configuration 358 Real Server Layer 7 Configuration 362 Real server IDS Configuration Menu 363 Real Server Group SLB Configuration 364 SLB Health Check Types 367 Server Load Balancing Metrics 370 315393-J.

Alteon OS 22.1p Advanced Menu 391 Advanced Filter TCP Configuration 392 IP Advanced Menu 393 ICMP Message Types 394 Layer 7 Advanced Filter Configuration Menu 395 SLB Filter Advanced Security Menu 397 Advanced Security Rate Limiting Configuration Menu 398 Port SLB Configuration 399 Global SLB Configuration 401 GSLB Remote Site Configuration 403 GSLB Network Preference Configuration Menu 405 GSLB Rule Configuration Menu 406 Global SLB Rule Metric Menu 408 Layer 7 SLB Resource Definition Menu 408 Web Cache Redirection Configuration 409 Server Load Balance Resource Configuration Menu 411 WAP Configuration 412 Synchronize Peer Switch Configuration 413 Peer Switch Configuration 414 Advanced Layer 4 Configuration 415 SYN Attack Detection Configuration Menu 418 Advanced SMT Real Server Port Configuration Menu 418 Inbound Link Load Balancing configuration Menu 419 Inbound Link Load Balancing Domain Record Menu 420 Inbound Link Load Balancing Mapping Menu 421 Advanced Health Check Configuration Menu 421 Scriptable Health Checks Configuration 423 SNMP Health Check Configuration 425 WAP Health Check Configuration 426 WSP Content Health Check 428 WTP and WSP Content Health Check Menu 429 12 Contents 315393-J.2 Command Reference Virtual Server SLB Configuration 372 Virtual Server Service Configuration 375 Virtual Server RTSP Configuration 380 Cookie-Based Persistence 381 SLB Filter Configuration 383 Defining IP Address Ranges for Filters 387 Advanced Filter Configuration 388 802. January 2005 .0.

January 2005 Contents 13 .2 Command Reference Proxy IP Address Configuration Menu 430 SLB Peer Proxy IP Address Menu 431 Chapter 8: The Operations Menu 433 Operations Menu 433 Operations-Level Port Options 435 Operations-Level SLB Options 436 Real Server Group Operations 437 Global SLB Operations Menu 438 Operations-Level VRRP Options. 439 Operations-Level Bandwidth Management Options 439 Operations-Level IP Options 440 Operations-Level BGP Options 440 Activating Optional Software 441 Removing Optional Software 442 Chapter 9: The Boot Options Menu 443 Boot Menu 443 Scheduled Reboot of the Switch 444 Scheduled Reboot Menu 444 Updating the Switch Software Image 444 Downloading New Software to Your Switch 444 Selecting a Software Image to Run 446 Uploading a Software Image from Your Switch 446 Selecting a Configuration Block 447 Resetting the Switch 448 Chapter 10: The Maintenance Menu 449 Maintenance Menu 449 System Maintenance Options 451 Forwarding Database Options 451 ARP Cache Options 452 ARP Entries on a Single Port 453 IP Route Manipulation 454 Debugging Options 455 Uuencode Flash Dump 456 TFTP System Dump Put 456 Clearing Dump Information 457 Panic Command 457 315393-J.Alteon OS 22.0.

January 2005 .0.2 Command Reference Unscheduled System Dumps 458 Appendix A: Alteon OS Syslog Messages 459 LOG_WARNING 459 LOG_ALERT 460 LOG_CRIT 461 LOG_ERR 461 LOG_NOTICE 467 LOG_INFO 469 Appendix B: Alteon OS SNMP Agent 471 Appendix C: Performing a Serial Download 475 Glossary 477 Index 481 14 Contents 315393-J.Alteon OS 22.

VLANs.” shows how to configure switch system parameters. ports. and menu shortcuts.1d Spanning Tree Protocol. the IEEE 802. “First-Time Configuration. “The Configuration Menu.2 Command Reference describes how to configure and use the Alteon OS software with your Alteon OS. 315393-J.” shows how to view switch configuration parameters. Port Trunking.” describes how to use the Setup utility for initial switch configuration and how to change the system passwords. Spanning Tree Protocol. Port Mirroring. For documentation on installing the switches physically.0. “The Statistics Menu. January 2005 15 . and more. SNMP.” shows how to view switch performance statistics. including a menu map. IP Routing. Who Should Use This Book This Command Reference is intended for network installers and system administrators engaged in configuring and maintaining a network. and SNMP configuration parameters.” provides an overview of the menu system. How This Book Is Organized “The Command Line Interface.” describes how to connect to the switch and access the information and configuration menus.Preface The Alteon OS 22. “The Information Menu. “Menu Basics. see the Hardware Installation Guide for your particular switch model. global commands. IP addressing. The administrator should be familiar with Ethernet concepts.

how to load a new software image.0. Related Documentation Alteon OS 22. but do not alter permanent switch configurations (such as temporarily disabling ports).” describes the use of the primary and alternate switch images.2 Release Notes (315397-H). “The Boot Options Menu. Alteon Application Switch Hardware Installation Guide (315396-E) Provides a description of the Alteon Application Switch hardware. “Glossary” defines the terminology used throughout the book. and how to reset the software to factory defaults.Alteon OS 22. and how to clear part or all of the forwarding database.” shows a listing of syslog messages. how to install it. The menu describes how to activate or deactivate optional software features. This document provides a description of new features and caveats and limitations. Appendix C. Global Server Load Balancing. in the software.2 Command Reference “The SLB Configuration Menu.0. “Index” includes pointers to the description of the key words used throughout the book.2 Application Guide (Part No. and how to troubleshoot it. “The Maintenance Menu.” shows how to use commands which affect switch performance immediately. 16 Preface 315393-J. how to clear it.” shows how to directly load a binary software image into the switch for upgrade or maintenance. “Alteon OS SNMP Agent. January 2005 . “Alteon OS Syslog Messages. “The Operations Menu. Alteon OS 22.” shows how to configure Server Load Balancing. Filtering. “Performing a Serial Download. Appendix B.0.” shows how to generate and access a dump of critical switch state information.” lists the Management Interface Bases (MIBs) sup- ported in the switch software. if any. Appendix A. Alteon OS Browser-Based Interface (BBI) Quick Guide (315395-C) Provides a description of the Switch BBI and how to configure and access it on the Switch. 315394-H) Provides application explanations and configuration examples for the Switch. the physical features. and more.

host# ls [-a] 315393-J. enter: examples as a parameter placeholder.2 Command Reference Typographic Conventions The following table describes the typographic styles used in this book. Main# sys <AaBbCc123> This italicized type appears in command To establish a Telnet session. January 2005 Preface 17 . It also depicts on-screen computer output and Main# prompts. and directories used within the text. [ ] Command items shown inside brackets are optional and can be used or excluded as the situation demands. special terms. Replace host# telnet <IP address> the indicated text with the appropriate real name or value when using the command. It shows text that must be typed in exactly as shown.Alteon OS 22.txt file. Do not type the brackets. Read your User’s Guide thoroughly. Do not type the brackets. files.0. or words to be emphasized. This also shows book titles. Example View the readme. Table 1 Typographic Conventions Typeface or Symbol AaBbCc123 Meaning This type is used for names of commands. AaBbCc123 This bold type appears in command examples.

nortelnetworks.html 18 Preface 315393-J. If you purchased a Nortel Networks service program.nortelnetworks. refer to the following URL: http://www. contact one of the following Nortel Networks Technical Solutions Centers: Technical Solutions Center Europe. When you use an ERC. your call is routed to a technical support person who specializes in supporting that product or service. Middle East. January 2005 .com/help/contact/erc/index.Alteon OS 22.com/help/contact/global An Express Routing Code (ERC) is available for many Nortel Networks products and services. To locate an ERC for your product or service. contact the technical support staff for that distributor or reseller for assistance. and Africa Telephone 00800 8008 9009 or +44 (0) 870 907 9009 (800) 4NORTEL or (800) 466-7835 (61) (2) 8870-8800 (800) 810-5000 North America Asia Pacific China Additional information about the Nortel Networks Technical Solutions Centers is available at the following URL: http://www.0.2 Command Reference How to Get Help If you purchased a service contract for your Nortel Networks product from a distributor or authorized reseller.

The extensive Alteon OS switching software included in your switch provides a variety of options for accessing and configuring the switch: A built-in. 315393-J. require some administrative configuration before they can be used effectively. you are presented with a hierarchy of menus that enable you to view information and statistics about the switch. Some of the more advanced features. This chapter explains how to access the Command Line Interface (CLI) to the switch. and to perform any necessary configuration.CHAPTER 1 The Command Line Interface Your Alteon Application Switch is ready to perform basic switching functions right out of the box. text-based command line interface and menu system for access via local terminal or remote Telnet session A GUI-based Element Management System (EMS) for interactive network access SNMP support for access through network management software such as HP OpenView Alteon OS Browser-Based Interface (BBI) The command line interface is the most direct method for collecting switch information and performing switch configuration. however. Using a basic terminal. January 2005 19 .

20 Chapter 1: The Command Line Interface 315393-J. (For more information. Procedure 1. Power on the terminal.Alteon OS 22. January 2005 . you will need the following: An ASCII terminal or a computer running terminal emulation software set to the parameters shown in the table below: Table 1-1 Console Configuration Parameters Parameter Baud Rate Data Bits Parity Stop Bits Flow Control Value 9600 8 None 1 None A standard serial cable with a male DB9 connector (see your switch hardware installation guide for specifics). You will next be required to enter a password for access to the switch. 2. Connect the terminal to the Console port using the serial cable. see “Setting Passwords” on page 40). To establish the connection. 3. press <Enter> a few times on your terminal.2 Command Reference Connecting to the Switch You can access the command line interface in any one of the following ways: Using a console connection via the console port Using a Telnet connection over the network Using an SSH connection to securely log into another computer over a network Establishing a Console Connection Requirements To establish a console connection with the switch.0.

you can access the CLI using a Telnet connection. NOTE – You need to enable Telnet and SSH. To configure the switch for Telnet access. NOTE – If connecting to the management port. The switch must have an IP address. Using a BOOTP Server By default. 315393-J. The port must be manually configured with the proper IP address. Refer to “Establishing a Telnet Connection” on page 21. before you can use these methods of accessing the switch. The switch can get its IP address in one of two ways: Dynamically. run the Telnet program on your workstation and issue the Telnet command. Running Telnet Once the IP parameters on the Alteon Application Switch are configured. To establish a Telnet connection with the switch. the Alteon OS software is set up to request its IP address from a BOOTP server. you need to have a device with Telnet software located on the same network as the switch. January 2005 Chapter 1: The Command Line Interface 21 . when you configure the switch IP address (see “Setup Part 1: Basic System Configuration” on page 29).0. BOOTP is not supported. The MAC address can also be found in the System Information menu (see “System Information” on page 55).Alteon OS 22. add the MAC address of the switch to the BOOTP configuration file located on the BOOTP server. from a BOOTP server on your network Manually. followed by the switch IP address: telnet <IP address> You will then be prompted to enter a password as explained on page 22.2 Command Reference Establishing a Telnet Connection A Telnet connection offers the convenience of accessing the switch from any workstation connected to the network. If you have a BOOTP server on your network. using serial connection. Telnet access provides the same options for user access and administrator access as those available through the console port. The MAC address can be found on a small white label on the back panel of the switch.

Alteon OS 22.0.2 Command Reference

Establishing an SSH Connection
Although a remote network administrator can manage the configuration of an Alteon Application Switch via Telnet, this method does not provide a secure connection. The SSH (Secure Shell) protocol enables you to securely log into another computer over a network to execute commands remotely. As a secure alternative to using Telnet to manage switch configuration, SSH ensures that all data sent over the network is encrypted and secure. The switch can do only one session of key/cipher generation at a time. Thus, a SSH/SCP client will not be able to login if the switch is doing key generation at that time or if another client has just logged in before this client. Similarly, the system will fail to do the key generation if a SSH/SCP client is logging in at that time. The supported SSH encryption and authentication methods are listed below. Server Host Authentication: Client RSA-authenticates the switch in the beginning of every connection. Key Exchange: RSA Encryption: 3DES-CBC, DES User Authentication: Local password authentication, Radius The following SSH clients have been tested: SSH 1.2.23 and SSH 1.2.27 for Linux (freeware) SecureCRT 3.0.2 and SecureCRT 3.0.3 (Van Dyke Technologies, Inc.) F-Secure SSH 1.1 for Windows (Data Fellows) NOTE – The Alteon OS implementation of SSH is based on SSH version 1.5 and supports SSH-1.5-1.X.XX. SSH clients of other versions (especially Version 2) will not be supported.

Running SSH
Once the IP parameters are configured and the SSH service is turned on the Alteon Application Switch, you can access the command line interface using an SSH connection. To establish an SSH connection with the switch, run the SSH program on your workstation by issuing the SSH command, followed by the switch IP address:
>> # ssh <switch IP address>

22

Chapter 1: The Command Line Interface

315393-J, January 2005

Alteon OS 22.0.2 Command Reference

or, if SecurID authentication is required, use the following command:
>> # ssh -1 ace <switch IP address>

You will then be prompted to enter your user name and password.

Accessing the Switch
To enable better switch management and user accountability, seven levels or classes of user access have been implemented on the Alteon Application Switch. Levels of access to CLI, Web management functions, and screens increase as needed to perform various switch management tasks. Conceptually, access classes are defined as follows: User interaction with the switch is completely passive—nothing can be changed on the Alteon Application Switch. Users may display information that has no security or privacy implications, such as switch statistics and current operational state information. Operators can only effect temporary changes on the Alteon Application Switch. These changes will be lost when the switch is rebooted/reset. Operators have access to the switch management features used for daily switch operations. Because any changes an operator makes are undone by a reset of the switch, operators cannot severely impact switch operation. Administrators are the only ones that may make permanent changes to the switch configuration—changes that are persistent across a reboot/reset of the switch. Administrators can access switch functions to configure and troubleshoot problems on the Alteon Application Switch. Because administrators can also make temporary (operator-level) changes as well, they must be aware of the interactions between temporary and permanent changes. Access to switch functions is controlled through the use of unique surnames and passwords. Once you are connected to the switch via local console, Telnet, or SSH, you are prompted to enter a password. The default user names/password for each access level are listed in the following table. NOTE – It is recommended that you change default switch passwords after initial configuration and as regularly as required under your network security policies. For more information, see “Setting Passwords” on page 40.

315393-J, January 2005

Chapter 1: The Command Line Interface

23

Alteon OS 22.0.2 Command Reference

Table 1-2 User Access Levels
User Account User Description and Tasks Performed The User has no direct responsibility for switch management. He or she can view all switch status information and statistics, but cannot make any configuration changes to the switch. Password user

SLB Operator

The SLB Operator manages Web servers and other Internet ser- slboper vices and their loads. In addition to being able to view all switch information and statistics, the SLB Operator can enable/disable servers using the Server Load Balancing operation menu. The Layer 4 Operator manages traffic on the lines leading to the l4oper shared Internet services. This user currently has the same access level as the SLB operator. and the access level is reserved for future use, to provide access to operational commands for operators managing traffic on the line leading to the shared Internet services. The Operator manages all functions of the switch. In addition to oper SLB Operator functions, the Operator can reset ports or the entire switch. The SLB Administrator configures and manages Web servers and other Internet services and their loads. In addition to SLB Operator functions, the SLB Administrator can configure parameters on the Server Load Balancing menus, with the exception of not being able to configure filters or bandwidth management. The Layer 4 Administrator configures and manages traffic on the lines leading to the shared Internet services. In addition to SLB Administrator functions, the Layer 4 Administrator can configure all parameters on the Server Load Balancing menus, including filters and bandwidth management. The superuser Administrator has complete access to all menus, information, and configuration commands on the Alteon Application Switch, including the ability to change both the user and administrator passwords. slbadmin

Layer 4 Operator

Operator

SLB Administrator

Layer 4 Administrator

l4admin

Administrator

admin

NOTE – With the exception of the “admin” user, access to each user level can be disabled by setting the password to an empty value. All user levels below “admin” will by default be initially disabled (empty password) until they are enabled by the “admin” user. This prevents inadvertently leaving the switch open to unauthorized users.

24

Chapter 1: The Command Line Interface

315393-J, January 2005

Alteon OS 22.0.2 Command Reference

CLI Versus Setup
Once the administrator password is verified, you are given complete access to the switch. If the switch is still set to its factory default configuration, the system will ask whether you wish to run Setup (see Chapter 2, “First-Time Configuration”), a utility designed to help you through the first-time configuration process. If the switch has already been configured, the Main Menu of the CLI is displayed instead. The following table shows the Main Menu with administrator privileges.
[Main Menu] info stats cfg oper boot maint diff apply save revert exit

-

Information Menu Statistics Menu Configuration Menu Operations Command Menu Boot Options Menu Maintenance Menu Show pending config changes [global command] Apply pending config changes [global command] Save updated config to FLASH [global command] Revert pending or applied changes [global command] Exit [global command, always available]

NOTE – If you are accessing a user account or Layer 4 administrator account, some menu options will not be available.

Command Line History and Editing
For a description of global commands, shortcuts, and command line editing functions, see “Menu Basics” on page 47.”

Idle Timeout
By default, the switch will disconnect your console or Telnet session after five minutes of inactivity. This function is controlled by the idle timeout parameter, which can be set from 1 to 10080 minutes. For information on changing this parameter, see “System Configuration” on page 231.

315393-J, January 2005

Chapter 1: The Command Line Interface

25

Alteon OS 22.0.2 Command Reference

26

Chapter 1: The Command Line Interface

315393-J, January 2005

CHAPTER 2

First-Time Configuration
To help with the initial process of configuring your switch, the Alteon OS software includes a Setup utility. The Setup utility prompts you step-by-step to enter all the necessary information for basic configuration of the switch. This chapter describes how to use the Setup utility and how to change system passwords. NOTE – If you are configuring a 2000-SSL Series Switch, you can use the Switch Setup Utility in the Alteon OS 2000-SSL Series Quick Setup Guide (part number 215102-A) instead for setting up the Switch and the SSL Processor. Then return to this guide for configuration and management information on your Switch.

Using the Setup Utility
Whenever you log in as the system administrator under the factory default configuration, you are asked whether you wish to run the Setup utility. Setup can also be activated manually from the command line interface any time after login.

Information Needed For Setup
Setup requests the following information: Basic system information Date & time Whether to use BOOTP or not Whether to use Spanning Tree Protocol or not Management port configuration Optional configuration for each port Speed, duplex, flow control, and negotiation mode (as appropriate) Whether to use VLAN tagging or not (as appropriate)
27

315393-J, January 2005

Alteon OS 22.0.2 Command Reference

Optional configuration for each VLAN Name of VLAN Which ports are included in the VLAN Optional configuration of IP parameters IP address, subnet mask, and broadcast address, and VLAN for each IP interface IP addresses for up to four default gateways Destination, subnet mask, and gateway IP address for each IP static route Whether IP forwarding is enabled or not Whether the RIP supply is enabled or not

Starting Setup When You Log In
The Setup prompt appears automatically whenever you login as the system administrator under the factory default settings. 1. Connect to the switch console. After connecting, the login prompt will appear as shown below.
Enter Password:

2.

Enter admin as the default administrator password. If the factory default configuration is detected, the system prompts:
Connected to Alteon Application Switch 2424 18:44:05 Mon April 12, 2004 The switch is booted with factory default configuration. To ease the configuration of the switch, a "Set Up" facility which will prompt you with those configuration items that are essential to the operation of the switch is provided. Would you like to run "Set Up" to configure the switch? [y/n]:

NOTE – If the default admin login is unsuccessful, or if the administrator Main Menu appears instead, the system configuration has probably been changed from the factory default settings. If you are certain that you need to return the switch to its factory default settings, see “Selecting a Configuration Block” on page 447. 3.
28

Enter y to begin the initial configuration of the switch, or n to bypass the Setup facility.

Chapter 2: First-Time Configuration

315393-J, January 2005

Alteon OS 22.0.2 Command Reference

Stopping and Restarting Setup Manually
Stopping Setup
To abort the Setup utility, press <Ctrl-C> during any Setup question. When you abort Setup, the system will prompt:
Would you like to run from top again? [y/n]

Enter n to abort Setup, or y to restart the Setup program at the beginning.

Restarting Setup
You can restart the Setup utility manually at any time by entering the following command at the administrator prompt:
# /cfg/setup

Setup Part 1: Basic System Configuration
When Setup is started, the system prompts:
"Set Up" will walk you through the configuration of System Date and Time, BOOTP, Spanning Tree, Management port, Port Speed/Mode, VLANs, and IP interfaces. [type Ctrl-C to abort "Set Up"] -----------------------------------------------------------Will you be configuring VLANs? [y/n]

1.

Enter y if you will be configuring VLANs. Otherwise enter n. If you decide not to configure VLANs during this session, you can configure them later using the configuration menus, or by restarting the Setup facility. For more information on configuring VLANs, see the Alteon OS 22.0.2 Application Guide. Next, the Setup utility prompts you to input basic system information.

2.

Enter the year of the current date at the prompt:
System Date: Enter year [2004]:

Enter the last two digits of the year as a number from 00 to 99. “00” is considered 2000. To keep the current year, press <Enter>.

315393-J, January 2005

Chapter 2: First-Time Configuration

29

Alteon OS 22.0.2 Command Reference

3.

Enter the month of the current system date at the prompt:
System Date: Enter month [4]:

Enter the month as a number from 1 to 12. To keep the current month, press <Enter>. 4. Enter the day of the current date at the prompt:
Enter day [12]:

Enter the date as a number from 1 to 31. To keep the current day, press <Enter>. 5. Enter the hour of the current system time at the prompt:
System Time: Enter hour in 24-hour format [18]:

Enter the hour as a number from 00 to 23. To keep the current hour, press <Enter>. 6. Enter the minute of the current time at the prompt:
Enter minutes [55]:

Enter the minute as a number from 00 to 59. To keep the current minute, press <Enter>. 7. Enter the seconds of the current time at the prompt:
Enter seconds [37]:

Enter the seconds as a number from 00 to 59. To keep the current second, press <Enter>. The system displays the date and time settings:
System clock set to 18:55:36 Mon April 12, 2004.

8.

Enable or disable the use of BOOTP at the prompt:
BootP Option: Current BOOTP usage: Enter new BOOTP usage [d/e]:

disabled

30

Chapter 2: First-Time Configuration

315393-J, January 2005

2 Command Reference If available on your network. To skip port configuration. 315393-J. press <Enter> without specifying any port and go to “Setup Part 3: VLANs” on page 34. default gateway. some of the prompts and options may be different. Select the port to configure. BOOTP must be disabled however. or skip port configuration at the prompt: Port Config: Enter port number: (1-28) If you wish to change settings for individual ports. 9. If desired. Enter d to disable the use of BOOTP.Alteon OS 22. Turn Spanning Tree Protocol on or off at the prompt: Spanning Tree: Current Spanning Tree setting: ON Turn Spanning Tree OFF? [y/n] Enter y to turn off Spanning Tree. 1. or enter n to leave Spanning Tree on. subnet mask. 2. or enter e to enable the use of BOOTP. broadcast address. enter the number of the port you wish to configure. set up the management port: Management Port Config: Configure management port? [y/n] y If you answer y to configure the management port. Setup Part 2: Port Configuration NOTE – The port configuration options shown in these steps are for the Alteon OS 2424. press <Enter>. When configuring port options for other switches. and other management port options.0. a BOOTP server can supply the switch with IP parameters so that you do not have to enter them manually. January 2005 Chapter 2: First-Time Configuration 31 . you will be prompted for IP address. before the system will prompt for IP parameters. To keep the current setting.

both to enable both. If appropriate. 5. If you selected a port that has an Ethernet/Fast Ethernet connector. half for half-duplex. configure Ethernet/Fast Ethernet port duplex mode. January 2005 . configure Ethernet/Fast Ethernet port speed. If you selected a port that has an Ethernet/Fast Ethernet connector.2 Command Reference 3.Alteon OS 22. press <Enter>. 32 Chapter 2: First-Time Configuration 315393-J. or none to turn flow control off for the port. tx for transmit flow control. or press <Enter> to keep the current setting. configure Ethernet/Fast Ethernet port autonegotiation mode. If you selected a port that has an Ethernet/Fast Ethernet connector. To keep the current setting. If appropriate. or enter any to have the switch auto-sense the port speed. If you selected a port that has an Ethernet/Fast Ethernet connector. To keep the current setting.0. or any to have the switch auto-negotiate. the system prompts: Port Flow Control: Current Port 1 flow control setting: both Enter new value ["rx"/"tx"/"both"/"none"]: Enter rx to enable receive flow control. the system prompts: Port Mode: Current port 1 mode setting: any Enter new speed ["full"/"half"/"any"] Enter full for full-duplex. the system prompts: Port Auto Negotiation: Current Port 1 autonegotiation: Enter new value ["on"/"off"]: on Enter on to enable autonegotiation. configure Ethernet/Fast Ethernet port flow control. press <Enter>. If appropriate. off to disable it. the system prompts: Fast Link Configuration: Port Speed: Current Port 1 speed setting: 10/100 Enter new speed ["10"/"100"/"any"]: Enter the port speed from the options available. 6. If appropriate. press <Enter>. To keep the current setting. 4.

the system prompts: Gig Link Configuration: Port Flow Control: Current Port 1 flow control setting: both Enter new value ["rx"/"tx"/"both"/"none"]: Enter rx to enable receive flow control. enable or disable VLAN tagging for the port. the system prompts: Port VLAN tagging config (tagged port can be a member of multiple VLANs) Current TAG flag: disabled Enter new TAG status [d/e]: Enter d to disable VLAN tagging for the port or enter e to enable VLAN tagging for the port. If you have selected to configure VLANs back in Part 1. 10. If appropriate. tx for transmit flow control.0. Otherwise. 315393-J. press <Enter> without specifying any port. the system prompts: Port Auto Negotiation: Current Port 1 autonegotiation: Enter new value ["on"/"off"]: on Enter on to enable port autonegotiation. configure Gigabit Ethernet port autonegotiation mode. If you selected a port that has a Gigabit Ethernet connector. or press <Enter> to keep the current setting. January 2005 Chapter 2: First-Time Configuration 33 . both to enable both. press <Enter>. press <Enter>.2 Command Reference 7. If appropriate. or none to turn flow control off for the port. repeat the steps in this section. off to disable it. The system prompts you to configure the next port: Enter port number: When you are through configuring ports.Alteon OS 22. To keep the current setting. configure Gigabit Ethernet port flow parameters. To keep the current setting. 8. If you selected a port that has a Gigabit Ethernet connector. If configuring VLANs. 9.

0. 4. 2. To use the pending new VLAN name. Enter the VLAN port numbers. Pending new VLAN name: "VLAN 2" Enter new VLAN name. To skip VLAN configuration. The system prompts you to configure the next VLAN: VLAN Config: Enter VLAN number from 2 to 4090. NULL at end: 34 Chapter 2: First-Time Configuration 315393-J. or skip VLAN configuration at the prompt: VLAN Config: Enter VLAN number from 2 to 4090. press <Enter>. 3. The system prompts you to define the first port in the VLAN: Define ports in VLAN: Current VLAN 2: empty Enter port numbers one per line. NULL at end: If you wish to change settings for individual VLANs. The right angle prompt appears: > For each additional port in the VLAN.2 Command Reference Setup Part 3: VLANs If you chose to skip VLANs configuration back in Part 1.Alteon OS 22. enter the number of the VLAN you wish to configure. NULL at end: Type the first port number to add to the current VLAN and press <Enter>. press <Enter> without specifying any port. Repeat this until all ports for the VLAN being configured are entered. without quotes: Entering a new VLAN name is optional. January 2005 . Select the VLAN to configure. skip to “Setup Part 4: IP Configuration” on page 35. Enter the new VLAN name at the prompt: VLAN is newly created. When you are finished adding ports to this VLAN. press <Enter> without typing a VLAN number and go to “Setup Part 4: IP Configuration” on page 35. type the port number and press <Enter> to move to the next line. 1.

and for routing between subnets and VLANs (if used).0.0 To keep the current setting. press <Enter> without specifying any VLAN. No two IP interfaces can be on the same IP subnet. enter the IP subnet mask in dotted decimal notation: Current subnet mask: Enter new subnet mask: 0. press <Enter>.0 315393-J.0. January 2005 Chapter 2: First-Time Configuration 35 . enter the IP address in dotted decimal notation: Current IP address: Enter new IP address: 0. When all VLANs have been configured. Up to 256 IP interfaces can be configured on the Alteon Application Switch. The IP address assigned to each IP interface provides the switch with an IP presence on your network. To skip IP interface configuration. if you disabled BOOTP.0.2 Command Reference Repeat the steps in this section until all VLANs have been configured. Setup Part 4: IP Configuration If BOOTP was enabled back in Part 1. the system prompts for IP parameters.0. press <Enter> without typing an interface number and go to “Default Gateways” on page 36. 2. enter the number of the IP interface you wish to configure. Select the IP interface to configure.Alteon OS 22. Otherwise.0. or skip interface configuration at the prompt: IP Config: IP interfaces: Enter interface number: (1-256) NOTE – The total number of interfaces on an Alteon Application Switch 2424-SSL is 1-255. IP Interfaces IP interfaces are used for defining subnets to which the switch belongs. At the prompt. 1. 3. The interfaces can be used for connecting to the switch for remote configuration. If you wish to configure individual IP interfaces. For the specified IP interface. skip to Setup Part 5: Final Steps.

press <Enter>.0.0. 5. press <Enter> without specifying any interface number. January 2005 . At the prompt. This prompt appears if you selected to configure VLANs back in Part 1: Current VLAN: Enter new VLAN: 1 Enter the number for the VLAN to which the interface belongs.2 Command Reference To keep the current setting. 4. At the prompt. Default Gateways 1. specify a VLAN for the interface.0. The system prompts you to configure another interface: Enter interface number: (1-256) Repeat the steps in this section until all IP interfaces have been configured. 36 Chapter 2: First-Time Configuration 315393-J. press <Enter>.0 To keep the current setting. select a default gateway for configuration. enter the broadcast IP address in dotted decimal notation: Current broadcast address: Enter new broadcast address: 0. If configuring VLANs. press <Enter> without typing a gateway number and go to “IP Routing” on page 37. or skip default gateway configuration: IP default gateways: Enter default gateway number: (1-259) Enter the number for the default gateway to be configured. When all interfaces have been configured.Alteon OS 22. 6. enter y to enable the IP interface. At the prompt. To skip default gateway configuration. or n to leave it disabled: Enable IP interface? [y/n] 7. or press <Enter> without specifying a VLAN number to accept the current setting.

This part of the Setup program prompts you to configure the various routing parameters.0. IP routing between them can be performed entirely within the switch. enter the IP address for the selected default gateway: Current IP address: Enter new IP address: 0. enter y to enable the default gateway. January 2005 Chapter 2: First-Time Configuration 37 .Alteon OS 22. where subnets may not have a direct presence on the Alteon Application Switch. IP Routing When IP interfaces are configured for the various subnets attached to your switch. At the prompt.2 Command Reference 2. can be accomplished through configuring static routes or by letting the switch learn routes dynamically. enable or disable forwarding for IP Routing: Enable IP forwarding? [y/n] Enter y to enable IP forwarding. press <Enter> without specifying any number. At the prompt.0. At the prompt.0 Enter the IP address in dotted decimal notation. To disable IP forwarding. enable or disable the RIP supply: Enable RIP supply? [y/n] 315393-J.To keep the current setting. The system prompts you to configure another default gateway: Enter default gateway number: (1-259) Repeat the steps in this section until all default gateways have been configured. or press <Enter> without specifying an address to accept the current setting. 2. Routing on more complex networks. At the prompt. 1.0. This eliminates the need to bounce inter-subnet communication off an external router device. When all default gateways have been configured. enter n and proceed to Step 2. or n to leave it disabled: Enable default gateway? [y/n] 4. 3. press <Enter>.

Enter n to continue without reviewing the changes. NOTE – After initial configuration is complete. it is recommended that you change the default passwords as shown in “Setting Passwords” on page 40.Alteon OS 22. If you do not apply or save the changes. We recommend that you review the changes. decide whether to make the changes permanent: Save changes to flash? [y/n] Enter y to save the changes to flash. the system prompts whether to abort them: Abort all changes? [y/n] Enter y to discard the changes. 3. When prompted. When prompted. decide whether to restart Setup or continue: Would you like to run from top again? [y/n] Enter y to restart the Setup utility from the beginning. 38 Chapter 2: First-Time Configuration 315393-J. Changes are normally applied. decide whether to apply the changes at the prompt: Apply the changes? [y/n] Enter y to apply the changes. January 2005 . 5.2 Command Reference Setup Part 5: Final Steps 1. At the prompt. Changes are normally saved at this point.0. 4. Next. or n to continue without applying. decide whether you wish to review the configuration changes: Review the changes made? [y/n] Enter y to review the changes made during this session of the Setup utility. 2. Enter n to continue without saving the changes. Enter n to return to the Apply the changes? prompt. or n to continue.

>> System# apply >> System# save 315393-J. Apply and save SNMP and /or telnet configuration(s). >> # /cfg/sys/access/snmp (disabled/read-only/read-write) [d/r/w]: 2. By default. NOTE – If you need to configure SNMPv3. Apply and save configuration if you are not configuring the switch with Telnet support. >> System# apply >> System# save Optional Setup for Telnet Support NOTE – This step is optional. refer to “SNMPv3 Configuration Menu” on page 247 of this manual.Alteon OS 22. Enable SNMP and select one of the options. Enable telnet. 1. >> # /cfg/sys/ssnmp/rcomm|wcomm 3. January 2005 Chapter 2: First-Time Configuration 39 . Otherwise apply and save after “Optional Setup for Telnet Support” on page 39.2 Command Reference Optional Setup for SNMP Support NOTE – This step is optional.0. such as Alteon EMS. Perform this procedure only if you are planning on connecting to the switch through any telnet application. they are public and private respectively. Set SNMP read or write community string. >> # /cfg/sys/access/tnet ena 2. Perform this procedure only if you are planning on using SNMPbased tools. 1.

2. information. RIP listen is set by default. use the following command to access the Configuration Menu: Main# /cfg 40 Chapter 2: First-Time Configuration 315393-J. The default password for the administrator account is admin. Changing the Default Administrator Password The administrator has complete access to all menus.0. enter n to disable it. enter y to enable the RIP supply. January 2005 . Passwords cannot be modified from the user command mode.2 Command Reference If your network uses Routing Interface Protocol (RIP). When RIP is enabled. follow this procedure: 1.Alteon OS 22. To change both the user password and the administrator password. call your technical support representative for help using the password fix-up mode. NOTE – If you forget your administrator password. From the Main Menu. Connect to the switch and log in using the admin password. Otherwise. Setting Passwords It is recommended that you change the user and administrator passwords after initial configuration and as regularly as required under your network security policies. and configuration commands. To change the default password. including the ability to change both the user and administrator passwords. you must login using the administrator password.

Security Menu setup .Bandwidth Management Menu l2 .System-wide Parameter Menu port . January 2005 Chapter 2: First-Time Configuration 41 .Backup current configuration to tftp server gtcfg .Restore current configuration from tftp server 3.Layer 2 Menu l3 .Step by step configuration set up dump .Dump current configuration to script file ptcfg . [Configuration Menu] sys .2 Command Reference The Configuration Menu is displayed.Layer 3 Menu slb .Server Load Balancing (Layer 4-7) Menu security .Port Mirroring Menu bwm . [System Menu] syslog mmgmt sshd radius tacacs ntp sonmp ssnmp health access date time idle notice bannr smtp hprompt bootp cur - Syslog Menu Management Port Menu SSH Server Menu RADIUS Authentication Menu TACACS+ Authentication Menu NTP Server Menu SONMP Menu System SNMP Menu System Health Check Menu System Access Menu Set system date Set system time Set timeout for idle CLI sessions Set login notice Set login banner Set SMTP host Enable/disable display hostname (sysName) in CLI prompt Enable/disable use of BOOTP Display current system-wide parameters 315393-J. From the Configuration Menu. use the following command to select the System Menu: >> Configuration# sys The System Menu is displayed.0.Alteon OS 22.Port Menu pmirr .

Enter the current administrator password at the prompt: Changing ADMINISTRATOR password. Only the administrator has the ability to change passwords. use the following path to select the User menu: System# access/user 5.0. validation required. Enter current administrator password: NOTE – If you forget your administrator password. Enter the new administrator password.2 Command Reference 4. call your technical support representative for help using the password fix-up mode. 42 Chapter 2: First-Time Configuration 315393-J. Apply and save your change by entering the following commands: System# apply System# save Changing the Default User Password The user login has limited control of the switch. From the System menu. System# user/admpw 6. you can view switch information and statistics.Alteon OS 22. Select the administrator password. as shown in the following procedure. again. The default password for the user account is user. Enter the new administrator password at the prompt: Enter new administrator password: 8. Through a user account. but you can’t make configuration changes. 7.. January 2005 .. This password cannot be changed from the user account. at the prompt: Re-enter new administrator password: 9.

Only the administrator can change the user password. again.. Apply and save your changes: System# apply System# save 315393-J.2 Command Reference 1. use the following command to select the System Menu: >> Configuration# sys 4. Connect to the switch and log in using the admin password. use the following command to access the Configuration Menu: Main# cfg 3. Enter the new user password at the prompt: Enter new user password: 7.0. Enter current administrator password: 6. System# access/user/usrpw 5. 2. at the prompt: Re-enter new user password: 8. validation required. Select the user password. Changing USER password. From the Main Menu.Alteon OS 22. Enter the current administrator password at the prompt. From the Configuration Menu. Entering the administrator password confirms your authority.. Enter the new user password. January 2005 Chapter 2: First-Time Configuration 43 .

validation required. 2. at the prompt: Re-enter new L4 administrator password: 44 Chapter 2: First-Time Configuration 315393-J. Connect to the switch and log in using the administrator account. To change the default password. you must login using the administrator password. again.0. Select the Layer 4 administrator password: System# l4apw 4. January 2005 . you can view all switch information and statistics. Enter the current administrator password (not the Layer 4 administrator password) at the prompt: Changing L4 ADMINISTRATOR password. To change any switch password. but can configure changes only on the Server Load Balancing menus. Enter the new administrator password. Enter the new Layer 4 administrator password at the prompt: Enter new L4 administrator password: 6. Enter current administrator password: NOTE – If you forget your administrator password. 5. Through a Layer 4 administrator account. call your technical support representative for help using the password fix-up mode.. use the following path to access the user command: Main# /cfg/sys/access/user 3.2 Command Reference Changing the Default Layer 4 Administrator Password The Layer 4 administrator has limited control of the switch.Alteon OS 22. Passwords cannot be modified from the Layer 4 administrator account or the user account. The default password for the Layer 4 administrator account is l4admin. follow this procedure: 1.. From the Main Menu.

2 Command Reference 7. January 2005 Chapter 2: First-Time Configuration 45 .Alteon OS 22. Apply and save your change by entering the following commands: System# apply System# save 315393-J.0.

0.2 Command Reference 46 Chapter 2: First-Time Configuration 315393-J.Alteon OS 22. January 2005 .

Each menu displays a list of commands and/or sub-menus that are available. and provides a list of commands and shortcuts that are commonly available from all the menus within the CLI. This chapter describes the Main Menu commands. In addition.CHAPTER 3 Menu Basics The Alteon Application Switch’s Command Line Interface (CLI) is used for viewing switch information and statistics. along with a summary of what each command will do. Some features are not available under the user login. The Main Menu The Main Menu appears after a successful connection and login. The following table shows the Main Menu for the administrator login. January 2005 47 . [Main Menu] info stats cfg oper boot maint diff apply save revert exit - Information Menu Statistics Menu Configuration Menu Operations Command Menu Boot Options Menu Maintenance Menu Show pending config changes [global command] Apply pending config changes [global command] Save updated config to FLASH [global command] Revert pending or applied changes [global command] Exit [global command. Below each menu is a prompt where you can enter any command appropriate to the current menu. NOTE – The ssl option is only visible on the Alteon OS 2000-SSL Series. the administrator can use the CLI for performing all levels of switch configuration. To make the CLI easy to use. always available] 315393-J. the various commands have been logically grouped into a series of menus and sub-menus.

2 Command Reference Menu Summary Information Menu Provides sub-menus for displaying information about the current status of the switch: from basic system settings to VLANs. enabling you to generate a dump of the critical state information in the switch. It includes sub-menus for configuring every aspect of the switch. and to clear entries in the forwarding database and the ARP and routing tables. and for resetting the switch when necessary. Configuration Menu This menu is available only from an administrator login. VRRP. ARP. Maintenance Menu This menu is used for debugging purposes. routing. and enabling or disabling Server Load Balancing functions. Statistics Menu Provides sub-menus for displaying switch performance statistics. SNMP. IF. Boot Options Menu This menu is used for upgrading switch software. selecting configuration blocks. TCP. performing port mirroring. This menu is used for bringing ports temporarily in and out of service. ICMP.0. UDP. 48 Chapter 3: Menu Basics 315393-J. DNS. January 2005 . It is also used for activating or deactivating optional software packages. Included are port. Layer 4 settings. Changes to configuration are not active until explicitly applied. and Layer 4 statistics. Changes can be saved to non-volatile memory. Operations Command Menu Operations-level commands are used for making immediate and temporary changes to switch configuration. IP.Alteon OS 22. and more.

If placed at the beginning of a command. Write configuration changes to non-volatile flash memory. a summary of the global commands is displayed. Apply pending configuration changes.0. When used without a value. go to the Main Menu. Display the current menu. The default is 24 lines. Move up one menu level / Top menu if first. the current setting is displayed..Alteon OS 22. type help. Go up one level in the menu structure. Show any pending configuration changes. For help on a specific command. These commands are useful for obtaining online help. Exit from the command line interface and log out. January 2005 Chapter 3: Menu Basics 49 .. navigating through menus. You will see the following screen: Global Commands: [can be issued from any menu] help up print lines verbose exit diff apply save ping traceroute telnet pushd popd who The following are used to navigate the menu structure: . this is used to separate multiple commands placed on the same line. Use this command to restore configuration parameters set since last “apply” command. or up / Action Provides more information about a specific command on the current menu.2 Command Reference Global Commands Some basic commands are recognized throughout the menu hierarchy. and for applying and saving configuration changes. or print . When used without the command parameter. Set the number of lines (n) that display on the screen at one time. lines diff apply save revert exit or quit 315393-J. Print current menu . Remove pending configuration changes between “apply” commands. Otherwise. or command separator ! Execute command from history pwd quit revert history Table 3-1 Description of Global Commands Command ? command or help .

This command displays the currently logged user’s session information. By default.0. January 2005 .Alteon OS 22. specify the -m or -mgmt option. and delay (optional) is the number of milliseconds for wait for the response. the current setting is displayed. maxhops (optional) is the maximum distance to trace (1-16 devices). The format is as follows: ping <host name>|<IP address> [tries <(1-32)> [msec delay]] [-m| -mgmt|-d|-data] Where IP address is the hostname or IP address of the device. the -d or -data option for network ports is in effect. The format is as follows: <hostname>|<IP address> [port] [-m|-mgmt|-d|-data]. tries (optional) is the number of attempts (1-32). Where IP address is the hostname or IP address of the device. The format is as follows: traceroute <host name>| <IP address> [<max-hops (1-32)> [msec delay]] [-m|-mgmt|-d|-data] Where IP address is the hostname or IP address of the target station. This command is used to telnet out of the switch. Sets the level of information displayed on the screen: 0 =Quiet: Nothing appears except errors—not even prompts.2 Command Reference Table 3-1 Description of Global Commands Command ping Action Use this command to verify station-to-station connectivity across the network. If the management port is used. Use this command to identify the route used for station-to-station connectivity across the network. This command takes the user one level back to the menu location stored by the last pushd command. If the management port is used. specify the -m or -mgmt option. msec delay (optional) is the number of milliseconds between attempts. specify the -m or -mgmt option. the DNS parameters must be configured if specifying hostnames. 2 =Verbose: Everything is shown. the -d or -data option for network ports is in effect. When used without a value. The DNS parameters must be configured if specifying hostnames (see “Domain Name System Configuration Menu” on page 331). Display the command path used to reach the current menu. By default. the -d or -data option for network ports is in effect. As with ping. 1 =Normal: Prompts and requested output are shown. This command stores the current location of the menu tree. but no menus. This command brings up the history of the last 10 commands. If the management port is used. traceroute pwd verbose n telnet history pushd popd who 50 Chapter 3: Menu Basics 315393-J. By default.

or edited using the options below. Insert new characters at the cursor position. Move cursor to the end of the command line.Alteon OS 22. (Also the up arrow key.) Move the cursor forward one position to the right. Delete one character at the cursor position.0. January 2005 Chapter 3: Menu Basics 51 . Repeat the nth command shown on the history list.) Recall the next command from the history list. This can be used multiple times to work forward through the last 10 commands. (Also the Delete key. you can retrieve and modify previously entered commands with just a few keystrokes.2 Command Reference Command Line History and Editing Using the command line interface. <Ctrl-n> <Ctrl-a> <Ctrl-e> <Ctrl-b> <Ctrl-f> <Backspace> <Ctrl-d> <Ctrl-k> <Ctrl-l> <Ctrl-u> Other keys 315393-J. This can be used multiple times to work backward through the last 10 commands.) Recall the previous command from the history list. The recalled command can be entered as is. (Also the right arrow key. (Also the down arrow key. or edited using the options below.) Move the cursor back one position to the left. Kill (erase) all characters from the cursor position to the end of the command line. The following options are available globally at the command line: Table 3-2 Command Line History and Editing Options Option history !! !n <Ctrl-p> Description Display a numbered list of the last 10 previously entered commands. The recalled command can be entered as is. (Also the left arrow key. Move the cursor to the beginning of command line. Clear the entire line.) Erase one character to the left of the cursor position. Repeat the last entered command. Redraw the screen.

the command shown above could also be entered as follows: Main# c/l2/st/p Tab Completion By entering the first letter of a command at any menu prompt and hitting <Tab>. the CLI will display all commands or options in that menu that begin with that letter. that command will be supplied on the command line. If only one command fits the input text when <Tab> is pressed.2 Command Reference Command Line Interface Shortcuts Command Stacking As a shortcut. If the <Tab> key is pressed without any input on the command line. you can type multiple commands on a single line. separated by forward slashes (/). 52 Chapter 3: Menu Basics 315393-J. the currently active menu will be displayed.Alteon OS 22. January 2005 . waiting to be entered.0. You can connect as many commands as required to access the menu option that you want. the keyboard shortcut to access the Spanning Tree Port Configuration Menu from the Main# prompt is as follows: Main# cfg/l2/stg/port Command Abbreviation Most commands can be abbreviated by entering the first characters which distinguish the command from the others in the same menu or sub-menu. Entering additional letters will further refine the list of commands or options displayed. For example. For example.

For details. To view menu options. see page 77.Layer 4-7 Information Menu link .Dump all information The information provided by each menu option is briefly described in Table 4-1 on page 53.Show link status port . /info Information Menu [Information Menu] sys . l2 Displays the Layer 2 Information Menu.Layer 3 Information Menu slb . l3 Displays the Layer 3 information menu. 315393-J. Table 4-1 Information Menu Options (/info) Command Syntax and Usage sys Displays system menu information.Layer 2 Information Menu l3 .System Information Menu l2 . with pointers to where detailed information can be found.CHAPTER 4 The Information Menu You can view configuration information for the switch in both the user and administrator command modes. see page 90. For details. January 2005 53 .Show Security status swkey .Show enabled software features dump .Show port information bwm . This chapter discusses how to use the command line interface to display switch infor- mation. see page 55.Bandwidth Management Information Menu security .

To view menu options. or auto) Link status (up or down) For details. see page 126. security Displays current UDP blast settings and the security status of the port.Alteon OS 22. see page 120.0. yes. see page 127. For details. swkey Displays a list of all the optional software packages which have been activated or installed on your switch. see page 110. see page 119. port Displays port status information. If you want to capture dump data to a file. full. January 2005 . dump Dumps all switch information available from the Information Menu (10K or more. link Displays configuration information about each port. see page 121. bwm Displays Bandwidth Management information. depending on your configuration). For details. or 1000) Duplex mode (half. To view a sample. For details see page 127. including: Port number Port speed (10. including: Port number Whether the port uses VLAN Tagging or not Port VLAN ID (PVID) Port name VLAN membership For details.2 Command Reference Table 4-1 Information Menu Options (/info) Command Syntax and Usage slb Displays the Layer 4 Information Menu. 100. 10/100. set your communication software on your workstation to capture session data prior to issuing the dump commands. 54 Chapter 4: The Information Menu 315393-J. or auto) Flow control for transmit and receive (no.

Alteon OS 22.2 Command Reference /info/sys System Information Menu [System Menu] snmpv3 general log savedlog mgmt sonmp capacity fan temp dump SNMPv3 Information Menu Show general system information Show last 30 syslog messages Display syslog messages saved in flash Show Management Port information Show SONMP topology table information Show switch capacity information Show switch fan status Show switch temperature sensor status Dump all system information Table 4-2 Information System Menu Options (/info/sys) Command Syntax and Usage snmpv3 Displays SNMPv3 Information Menu. mgmt Displays Management port information. See page 67 for a sample output and detailed information. January 2005 Chapter 4: The Information Menu 55 . 315393-J. Management Processor Board Hardware. See page 68 for a sample output. To view the menu options. and Fast Ethernet Board Hardware Software image file and version number Configuration name Log-in banner. see page 57. if one is configured See page 66 for a sample output. See page 69 for detailed information. and date. log Displays last 30 syslog messages.0. day. Switch model name and number How long the switch has been up Time of last boot MAC address of the switch management processor Internal SSL Processor MAC Address if the switch is 2424-SSL IP address of IP interface #1 Hardware order number and part numbers of the Mainboard Hardware. general Displays general system information including: System information like time. savedlog Displays syslog messages that are saved in flash.

Health Checks. General switch information. which includes Server Load Balancing. OSPF. 56 Chapter 4: The Information Menu 315393-J. See page 74 for a sample output. See page 70 for detailed information. and SNMPv3. RIP. The output contains capacity information about Layer 2. VRRP. Layer 3. Filters. Route Maps. This output displays the maximum switch capacity for the various applications and services that the switch supports. Network Filters. Bandwidth Management. capacity gen|bwm|l2|l3|slb|port Displays the switch capacity information. temp Displays the temperature status of the switch sensors.2 Command Reference Table 4-2 Information System Menu Options (/info/sys) Command Syntax and Usage sonmp Displays SONMP topology table information. GSLB. January 2005 . Layer 4-7. dump Displays all system information. BGP.Alteon OS 22.0. See page 71 for a sample output. fan Displays the fan status of the switch.

Show usmUser table information view .Show vacmSecurityToGroup table information comm .Show vacmViewTreeFamily table information access .Show targetParams table information notify . user name. view Displays information about view.Show community table information taddr . To view a sample. see page 61.2 Command Reference /info/sys/snmpv3 SNMPv3 System Information Menu SNMP version 3 (SNMPv3) is an extensible SNMP Framework that supplements the SNMPv2 Framework by supporting the following: a new SNMP message format security for messages access control remote configuration of SNMP parameters For more details on the SNMPv3 architecture please refer to RFC2271 to RFC2276. and group name. To view a sample.Alteon OS 22. To view a sample. To view a sample. access Displays View-based Access Control information. see page 58.Show all SNMPv3 information Table 4-3 SNMPv3 information Menu Options (/info/sys/snmpv3) Command Syntax and Usage usm Displays User Security Model (USM) table information. 315393-J. the security model. see page 62. [SNMPv3 Information Menu] usm . see page 59. group Displays information about the group that includes. see page 60.Show notify table information dump . January 2005 Chapter 4: The Information Menu 57 . mask and type of view. comm Displays information about the community table information. To view a sample. see page 61. To view the table. taddr Displays the Target Address table information.0.Show targetAddr table information tparam . sub tress.Show vacmAccess table information group .

usmUser Table: User Name -------------------------------admin adminmd5 adminsha v1v2only Protocol -------------------------------NO AUTH.0. This security model makes use of a defined set of user identities displayed in the USM user table. /info/sys/snmpv3/usm SNMPv3 USM User Table Information The User-based Security Model (USM) in SNMPv3 provides security services such as authentication and privacy of messages. January 2005 . dump Displays all the SNMPv3 information. notify Displays the Notify table information. DES PRIVACY NO AUTH. The USM user table contains information like: the user name a security name in the form of a string whose format is independent of the Security Model an authentication protocol. To view a sample. NO PRIVACY 58 Chapter 4: The Information Menu 315393-J. To view a sample.2 Command Reference Table 4-3 SNMPv3 information Menu Options (/info/sys/snmpv3) Command Syntax and Usage tparam Displays the Target parameters table information. NO PRIVACY HMAC_MD5.Alteon OS 22. see page 63. To view a sample. see page 65. DES PRIVACY HMAC_SHA. see page 64. which is an indication that the messages sent on behalf of the user can be authenticated the privacy protocol.

Mask Type 315393-J.2 supports DES algorithm for privacy. This indicates whether messages sent on behalf of this user are protected from disclosure using a privacy protocol.3 1.3.1.3 1.0. The software also supports two authentication algorithms: MD5 and HMAC-SHA. Displays the bit mask.6.3.18 Mask -------------Type -------included included excluded excluded excluded Table 4-5 SNMPv3 View Table Information Parameters (/info/sys/snmpv3/view) Field View Name Subtree Description Displays the name of the view.6. Displays the MIB subtree as an OID string.0.1.6. Displays whether a family of view subtrees is included or excluded from the MIB view.6.3.6. January 2005 Chapter 4: The Information Menu 59 .1.16 1.15 1. /info/sys/snmpv3/view SNMPv3 View Table Information The user can control and restrict the access allowed to a group to only a subset of the management information in the management domain that the group can access within each context by specifying the group’s rights in terms of a particular MIB view for security reasons. A view subtree is the set of all MIB object instances which have a common Object Identifier prefix to their names. Alteon OS 22.6.3.3.Alteon OS 22. View Name ----------------org v1v2only v1v2only v1v2only v1v2only Subtree -----------------1.2 Command Reference Table 4-4 USM User Table Information Parameters (/info/sys/usm) Field User Name Protocol Description This is a string that represents the name of the user that you can use to access the switch.3.

-----. Displays the security model used. The notify-view represents the set of object instances authorized for the group when sending a notification. which could be the read or write type of operation or notification into a MIB view. January 2005 . Displays the Notify view to which this entry authorizes the notify access.Alteon OS 22. Displays the MIB view to which this entry authorizes the read access. The options are: exact and prefix. For example.------. Level Match ReadV WriteV NotifyV 60 Chapter 4: The Information Menu 315393-J. SNMPv1. Displays the MIB view to which this entry authorizes the write access.2 Command Reference /info/sys/snmpv3/access SNMPv3 Access Table Information The access control sub system provides authorization services. and a message type. authNoPriv. or authPriv. The write-view represents the set of object instances authorized for the group when writing objects.----------. for example. This group's access rights are determined by a read-view. a context. Displays the minimum level of security required to gain rights of access. a write-view and a notify-view. Group Name Prefix Model Level Match ReadV WriteV NotifyV ---------. The View-based Access Control Model defines a set of services that an application can use for checking access rights of a group.---------admin usm noAuthNoPriv exact org org org v1v2grp snmpv1 noAuthNoPriv exact org org v1v2only admingrp usm authPriv exact org org org Table 4-6 SNMPv3 Access Table Information (/info/sys/snmpv3/access) Field Group Name Prefix Model Description Displays the name of group.0. or SNMPv2 or USM. The read-view represents the set of object instances authorized for the group while reading the objects. Displays the prefix that is configured to match the values.-----. Displays the match for the contextName. The vacmAccessTable maps a group name. noAuthNoPriv. security information.

Sec Model ---------snmpv1 usm usm usm User Name ------------------------------v1v2only admin adminmd5 adminsha Group Name -------------------v1v2grp admin admingrp admingrp Table 4-7 SNMPv3 Group Table Information Parameters (/info/sys/snmpv3/group) Field Sec Model User Name Group Name Description Displays the security model used.---------trap1 public v1v2only v1v2trap 315393-J. /info/sys/snmpv3/comm SNMPv3 Community Table Information This command displays the community table information stored in the SNMP engine. Displays the name for the group.---------. January 2005 Chapter 4: The Information Menu 61 .-------------------. and SNMPv3. Displays the access name of the group. The group is identified by a group name. SNMPv2.0. Index Name User Name Tag ---------.Alteon OS 22. which is any one of: USM.2 Command Reference /info/sys/snmpv3/group SNMPv3 Group Table Information A group is a combination of security model and security name that defines the access rights assigned to all the security names belonging to that group. SNMPv1.

Alteon OS 22.0.2 Command Reference

Table 4-8 SNMPv3 Community Table Parameters (/info/sys/snmpv3/comm)
Field Index Name User Name Tag Description Displays the unique index value of a row in this table Displays the community string, which represents the configuration. Displays the User Security Model (USM) user name. Displays the community tag. This tag specifies a set of transport endpoints from which a command responder application accepts management requests and to which a command responder application sends an SNMP trap.

/info/sys/snmpv3/taddr
SNMPv3 Target Address Table Information
This command displays the SNMPv3 target address table information, which is stored in the SNMP engine.
Name Transport Addr Port Taglist Params ---------- --------------- ---- ---------- --------------trap1 47.81.25.66 162 v1v2trap v1v2param

Table 4-9 SNMPv3 Target Address Table Information Parameters (/info/sys/ snmpv3/taddr)
Field Name Transport Addr Port Taglist Params Description Displays the locally arbitrary, but unique identifier associated with this snmpTargetAddrEntry. Displays the transport addresses. Displays the SNMP UDP port number. This column contains a list of tag values which are used to select target addresses for a particular SNMP message. The value of this object identifies an entry in the snmpTargetParamsTable. The identified entry contains SNMP parameters to be used when generating messages to be sent to this transport address.

62

Chapter 4: The Information Menu

315393-J, January 2005

Alteon OS 22.0.2 Command Reference

/info/sys/snmpv3/tparam
SNMPv3 Target Parameters Table Information
Name MP Model --------------- -------v1v2param snmpv2c User Name -------------v1v2only Sec Model --------snmpv1 Sec Level --------noAuthNoPriv

Table 4-10 SNMPv3 Target Parameters Table Information (/info/sys/snmpv3/ tparam)
Field Name MP Model User Name Sec Model Description Displays the locally arbitrary, but unique identifier associated with this snmpTargeParamsEntry. Displays the Message Processing Model used when generating SNMP messages using this entry. Displays the securityName, which identifies the entry on whose behalf SNMP messages will be generated using this entry. Displays the security model used when generating SNMP messages using this entry. The system may choose to return an inconsistentValue error if an attempt is made to set this variable to a value for a security model which the system does not support. Displays the level of security used when generating SNMP messages using this entry.

Sec Level

315393-J, January 2005

Chapter 4: The Information Menu

63

Alteon OS 22.0.2 Command Reference

/info/sys/snmpv3/notify
SNMPv3 Notify Table Information
Name Tag -------------------- -------------------v1v2trap v1v2trap

Table 4-11 SNMPv3 Notify Table Information (/info/sys/snmpv3/notify)
Field Name Tag Description The locally arbitrary, but unique identifier associated with this snmpNotifyEntry. This represents a single tag value which is used to select entries in the snmpTargetAddrTable. Any entry in the snmpTargetAddrTable that contains a tag value equal to the value of this entry, is selected. If this entry contains a value of zero length, no entries are selected.

64

Chapter 4: The Information Menu

315393-J, January 2005

Alteon OS 22.0.2 Command Reference

/info/sys/snmpv3/dump
SNMPv3 Dump Information
usmUser Table: User Name -------------------------------admin adminmd5 adminsha v1v2only Protocol -------------------------------NO AUTH, NO PRIVACY HMAC_MD5, DES PRIVACY HMAC_SHA, DES PRIVACY NO AUTH, NO PRIVACY

vacmAccess Table: Group Name Prefix Model Level Match ReadV WriteV NotifyV ---------- ------ ------- ---------- ------ ------- -------- -----admin usm noAuthNoPriv exact org org org v1v2grp snmpv1 noAuthNoPriv exact org org v1v2only admingrp usm authPriv exact org org org vacmViewTreeFamily Table: View Name Subtree -------------------- --------------org 1.3 v1v2only 1.3 v1v2only 1.3.6.1.6.3.15 v1v2only 1.3.6.1.6.3.16 v1v2only 1.3.6.1.6.3.18

Mask ------------

Type -------------included included excluded excluded excluded

vacmSecurityToGroup Table: Sec Model User Name ---------- ------------------------------snmpv1 v1v2only usm admin usm adminsha

Group Name ----------------------v1v2grp admin admingrp

snmpCommunity Table: Index Name User Name Tag ---------- ---------- -------------------- ---------snmpNotify Table: Name Tag -------------------- -------------------snmpTargetAddr Table: Name Transport Addr Port Taglist Params ---------- --------------- ---- ---------- --------------snmpTargetParams Table: Name MP Model User Name Sec Model Sec Level -------------------- -------- ------------------ --------- -------

315393-J, January 2005

Chapter 4: The Information Menu

65

Alteon OS 22.0.2 Command Reference

/info/sys/general
General System Information
On an Alteon Application Switch 2424:
Enter password: System Information at

9:06:50 Tue Oct 26, 2004

Alteon Application Switch 2424 Switch is up 1 day, 19 hours, 52 minutes and 55 seconds. Last boot: 13:13:52 Fri Oct 22, 2004 (power cycle) MAC Address: 00:0e:40:2f:5b:00 IP Hardware Order No: EB1412003 Mainboard Hardware: Management Processor Board Hardware: Fast Ethernet Board Hardware: (If 1) Address: 47.80.23.249 Part No: P314090-A Part No: P314080-A Part No: P314091-A Rev: 03 Rev: 02 Rev: 03

Software Version 22.0.2.0 (FLASH image2), active configuration.

On an Alteon Application Switch 2424-SSL:
Enter password: System Information at 19:03:14 Tue Oct 26, 2004 Alteon Application Switch 2424-SSL Switch is up 2 days, 19 hours, 6 minutes and 33 seconds. Last boot: 23:56:35 Mon Oct 25, 2004 (unknown reason or power cycle) Last apply: 14:43:37 Fri Oct 22, 2004 Last save: 14:45:44 Fri Oct 22, 2004 MAC Address: 00:0c:f8:90:ee:00 IP (If 20) Address: 21.10.0.1 Internal SSL Processor MAC Address: 00:0c:f8:90:ee:1f Hardware Order No: EB1412006 Mainboard Hardware: Part No: P315720-A Rev: 03 Management Processor Board Hardware: Part No: P314080-A Rev: 02 Fast Ethernet Board Hardware: Part No: P314091-A Rev: 03 Software Version 22.0.2 (FLASH image1), active configuration.

66

Chapter 4: The Information Menu

315393-J, January 2005

Alteon OS 22.0.2 Command Reference

NOTE – The display of temperature will come up only if the temperature of any of the sensors exceeds 60oC. There will be a warning from the software if any of the sensors exceeds this temperature threshold. The switch will shut down if the power supply overheats and the temperature gets to 100oC. Information about fan failures will also be displayed if one or more fans are not functioning.

/info/sys/log
Show Last 30 Syslog Messages
Date Time Criticality level Message Nov 19 12:16:51 ALERT stp: STG 1, new root bridge Nov 19 13:52:03 ALERT ip: cannot contact default gateway 47.80.22.1 Nov 19 13:52:23 NOTICE ip: default gateway 47.80.22.1 operational Nov 19 13:52:23 NOTICE ip: default gateway 47.80.22.1 enabled Nov 19 14:21:27 ALERT ip: cannot contact default gateway 47.80.22.1 Nov 19 14:21:47 NOTICE ip: default gateway 47.80.22.1 operational Nov 19 14:21:47 NOTICE ip: default gateway 47.80.22.1 enabled Nov 19 14:38:55 NOTICE mgmt: admin login from host 47.81.27.4 Nov 19 14:44:02 NOTICE mgmt: admin idle timeout from Telnet/SSH Nov 19 16:15:06 INFO mgmt: new configuration applied Nov 19 16:15:20 INFO mgmt: new configuration saved Nov 19 16:18:44 INFO mgmt: new configuration applied Nov 19 16:19:37 ERROR mgmt: Error: Apply not done Nov 19 16:19:57 INFO mgmt: new configuration applied Nov 19 16:34:35 NOTICE mgmt: admin login from host 47.81.27.4 Nov 19 16:39:43 NOTICE mgmt: admin idle timeout from Telnet/SSH Nov 19 16:39:59 NOTICE mgmt: admin login from host 47.81.27.4 Nov 19 16:54:13 NOTICE mgmt: admin idle timeout from Telnet/SSH Nov 19 17:20:37 NOTICE mgmt: admin login from host 47.81.27.4 Nov 19 17:26:21 NOTICE mgmt: admin login from host 47.81.25.49 Nov 19 17:31:53 NOTICE mgmt: admin idle timeout from Telnet/SSH

Each syslog message has a criticality level associated with it, included in text form as a prefix to the log message. One of eight different prefixes is used, depending on the condition that the administrator is being notified of, as shown below. EMERG: indicates the system is unusable ALERT: Indicates action should be taken immediately CRIT: Indicates critical conditions ERR: indicates error conditions or error operations
Chapter 4: The Information Menu 67

315393-J, January 2005

Alteon OS 22.0.2 Command Reference

WARNING: indicates warning conditions NOTICE: indicates a normal but significant condition INFO: indicates an information message DEBUG: indicates a debut-level message

/info/sys/savedlog
Saved Syslog Messages
Aug 20 13:54:21 NOTICE 47.80.22.1 operational Aug 20 13:57:53 ALERT gateway 47.80.22.1 Aug 20 13:57:57 NOTICE 47.80.22.1 operational Aug 20 13:58:23 ALERT gateway 47.80.22.1 Aug 20 13:58:33 NOTICE 47.80.22.1 operational Aug 24 14:43:43 NOTICE Aug 24 14:49:50 NOTICE Aug 24 14:51:38 NOTICE Aug 24 14:57:30 NOTICE Aug 24 15:05:54 NOTICE Aug 24 15:11:40 NOTICE Aug 24 16:00:40 NOTICE Aug 24 16:00:52 NOTICE ip: management port default gateway ip: cannot contact management port default ip: management port default gateway ip: cannot contact management port default ip: management port default gateway mgmt: mgmt: mgmt: mgmt: mgmt: mgmt: mgmt: mgmt: admin login from host 47.81.25.12 admin idle timeout from Telnet/SSH admin login from host 47.81.25.12 admin idle timeout from Telnet/SSH admin login from host 47.81.25.12 admin idle timeout from Telnet/SSH admin login from host 47.81.25.12 switch reset from CLI

68

Chapter 4: The Information Menu

315393-J, January 2005

Alteon OS 22.0.2 Command Reference

/info/sys/mgmt
Management Port Information
Speed ----100 Duplex -----full Link ---up

MAC address: 00:01:81:2e:a4:8d Interface information: 47.80.23.251 255.255.254.0 Gateway information: 47.80.22.1

47.80.23.255

Use this command to display Management port information on an Alteon Application Switch including: Port speed (10/100) Duplex mode (half, full, any, or auto) Link (Up or down) MAC Address of the system IP address of the Interface IP address of the gateway.

315393-J, January 2005

Chapter 4: The Information Menu

69

Alteon OS 22.0.2 Command Reference

/info/sys/sonmp
SONMP Information
This command displays the SynOptics Network Management Protocol (SONMP) topology table. SONMP protocol is enabled on Alteon Application Switches using the /cfg/sys/ sonmp on command, and is necessary so that an Alteon switch can be discovered by the Nortel Networks Optivity Switch Manager.When SONMP is enabled, devices on the network exchange multicast packets namely: flatnet hellos and segment hellos. The IP address of the device is written into the hello packets. As the network devices exchange information, a topology table is built like the one shown below.
Slot Port ----0 /0 1 /11 1 /11 1 /11 1 /11 1 /11 Seg Id --------------- --47.80.23.247 0 47.80.22.1 770 47.80.23.25 259 47.80.23.25 260 47.80.23.241 257 50.10.10.1 263 IP address MAC address ----------------00:01:81:2e:a3:60 00:e0:16:7c:28:24 00:60:cf:81:54:28 00:60:cf:81:54:38 00:60:cf:43:a2:10 00:60:cf:46:d5:60 Local State Seg ------------------ ----- ----Alteon2224 true topChanged Passport1200 true heartbeat Passport8610 true heartbeat Passport8610 true heartbeat AlteonAD4 true topChanged Alteon184 true topChanged Chassis Type

Table 4-12 SONMP Information Parameters Description
Parameter Slot Port Description Specifies the slot and port on which the topology message was received. This is the IP address of the sender of the topology message. The “segment identifier” of the segment from which the remote agent send the topology message. Different devices may use different methods for representing the segment identifier. The MAC address of the sender of the topology message. The chassis type of the device that sent the topology message. Indicates if the sender of the topology message is on the same Ethernet segment (i.e. not across a bridge) as the reporting agent. The current state of the sender of the topology message. the values are: topChanged—topology information has recently changed heartbeat—topology information unchanged. new—sending agent is in new state.

IP Address Seg ID

Mac Address Chassis Type Local Seg

State

70

Chapter 4: The Information Menu

315393-J, January 2005

315393-J...2 Command Reference /info/sys/capacity System Capacity Information The following sample output from an Alteon OS 2424 displays the maximum and currently enabled switch capacity for various services and applications from Layer 2-7.0. Maximum LAYER 2 FDB FDB per SP VLANs Static Trunk Groups LACP Trunk Groups Trunks per Trunk Group Spanning Tree Groups Monitor Ports LAYER 3 IP Interfaces IP Gateways IP Routes Static Routes ARP Entries Static ARP Entries Local Nets DNS Servers BOOTP Servers RIP Interfaces OSPF OSPF OSPF OSPF OSPF LSDB Interfaces Areas Summary Ranges Virtual Links Hosts Limit 16384 8192 255 12 28 8 16 1 Current(Enabled) 54 1(1) 0(0) 16(1) 256 4+255 4096 128 8192 128 5 2 2 256 256 3 16 3 128 12288 1(1) 1+0(1+0) 7 0 5 0 0 0 0 0 0(0) 0(0) 0(0) 0(0) 0(0) Continued. January 2005 Chapter 4: The Information Menu 71 .Alteon OS 22.

PORTS Port # Client Server Filter RTS Continued. January 2005 .2 Command Reference BGP Peers BGP Route Aggregators Route Maps Network Filters AS Filters VRRP Routers VRRP Router Groups VRRP Interfaces SLB (LAYER 4-7) Real Servers Server Groups Virtual Servers Virtual Services Real Services Global Global Global Global Global Global Global Global Global Global SLB SLB SLB SLB SLB SLB SLB SLB SLB SLB Domains Services Local Servers Remote Servers Remote Sites Failovers per Remote Site Networks Geographical Regions Rules Metrics Per Rule 16 16 32 256 8 1024 16 256 0(0) 0(0) 0(0) 0(0) 0(0) 0(0) 0 1024 1024 1024 1024 8192 1024 8192 1024 1024 64 2 128 7 128 8 2048 32 32 5 1024 2097104 16 64 8 0(0) 0 0(0) 0(0) 0(0) 0(0) 0(0) 0(0) 2(2) 0(0) 7(7) 0(1) 8(8) 0(0) 0 0 0 1 0 0(0) Filters PIPs Scriptable Health Checks SNMP Health Checks Rules for URL Parsing SLB Sessions Number of Rports to Vport Domain Records Mapping Per Domain Record LAYER 4 ..0.. 72 Chapter 4: The Information Menu 315393-J.Alteon OS 22.

Alteon OS 22.2 Command Reference BWM Policies Contracts Groups Contracts per Group Time Policies per Contract GENERAL Syslog hosts RADIUS servers NTP servers SMTP hosts Mnet/Mmask End Users Panic Dumps MP memory SP memory SNMPv3 SNMPv3 SNMPv3 SNMPv3 SNMPv3 Users Views Access Groups Target Address Entries Target Params Entries 512 256 32 8 2 0 1(1) 0 2 2 1 1 5 10 2 128M 128M 16 128 32 16 16 0 0 0 1 0 3 5 2 0 0 315393-J.0. January 2005 Chapter 4: The Information Menu 73 .

81.8. 7 minutes and 58 seconds.81. Last 30 syslog message information: Jun 22 15:16:00 NOTICE system: link up on port 9 Jun 22 15:16:30 NOTICE system: rebooted (power cycle) Jun 22 15:16:32 NOTICE ip: default gateway 47.249 Part No: P314090-A Part No: P314080-A Part No: P314091-A Rev: 03 Rev: 02 Rev: 03 6.25.81.25. active configuration.23.27.Alteon OS 22. Last boot: 15:15:56 Tue Jun 22.81.81.81.1 enabled Jun 22 15:17:05 ALERT stp: STG 1. 2004 Software Version 22.27.99 Jul 2 9:56:11 NOTICE mgmt: admin logout from Telnet/SSH Jul 6 9:41:55 NOTICE mgmt: admin login from host 47.2 Command Reference /info/sys/dump System Information Dump System Information at 10:23:41 Tue Jul Alteon Application Switch 2424 Switch is up 13 days.25. 19 hours.80.0.0 (FLASH image1). 2008 (power cycle) MAC Address: 00:0e:40:2f:5b:00 IP Hardware Order No: EB1412003 Mainboard Hardware: Management Processor Board Hardware: Fast Ethernet Board Hardware: (If 1) Address: 47.12 Jun 22 15:32:57 ERROR cli: No apply needed Jun 22 15:35:33 INFO mgmt: new configuration applied Jun 22 15:40:37 NOTICE mgmt: admin idle timeout from Telnet/SSH Jun 23 12:13:04 NOTICE mgmt: admin login from host 47.80.12 Jul 6 9:47:06 NOTICE mgmt: admin idle timeout from Telnet/SSH Jul 6 10:22:32 NOTICE mgmt: admin login from host 47. January 2005 .1 operational Jun 22 15:16:32 NOTICE ip: default gateway 47.80.22.0. Jun 23 12:18:36 NOTICE mgmt: admin idle timeout from Telnet/SSH Jun 30 12:32:11 NOTICE mgmt: admin login from host 47.0.12 Jun 23 12:13:39 INFO mgmt: new configuration applied Jun 23 12:13:53 NOTICE mgmt: Failed login attempt via BBI.6 Continued 74 Chapter 4: The Information Menu 315393-J.22. topology change detected Jun 22 15:28:55 NOTICE mgmt: admin login from host 47.6 Jun 30 12:37:26 NOTICE mgmt: admin idle timeout from Telnet/SSH Jul 2 9:51:57 NOTICE mgmt: admin login from host 47.

3.6. NO PRIVACY HMAC_MD5.1.15 1.6.6. January 2005 Chapter 4: The Information Menu 75 . NO PRIVACY Level Match ReadV WriteV NotifyV -----------.-----.16 Continued 315393-J. DES PRIVACY HMAC_SHA.0. DES PRIVACY NO AUTH. NO PRIVACY NO AUTH.Alteon OS 22.6.3.2 Command Reference Management port information: Speed ----10/100 Duplex -----any Link ---disabled Interface information: Gateway information: Engine ID = 80:00:07:50:03:00:0E:40:2F:5B:00 usmUser Table: User Name -------------------------------test wyin adminmd5 adminsha v1v2only vacmAccess Table: Group Name Prefix Model ---------.3.1.--------noAuthNoPriv exact iso iso iso noAuthNoPriv exact iso iso noAuthNoPriv authPriv noAuthNoPriv noAuthNoPriv exact exact exact exact iso iso iso iso iso iso iso iso iso iso iso iso vacmViewTreeFamily Table: View Name Subtree -------------------.-------.-----.3.------------------------iso 1 included v1v2only included v1v2only excluded v1v2only excluded 1 Mask ------------ Type ---- 1.------testgrp usm v1v2grp snmpv1 v1v2only wyingrp usm admingrp usm test1grp usm test2grp usm Protocol -------------------------------NO AUTH.

2 Command Reference v1v2only excluded 1.-------.-------------------.Alteon OS 22.3.6.--------------snmpTargetParams Table: Name MP Model User Name Sec Model Sec Level -------------------.---.--------------.--------.6.0.1.-------------------snmpTargetAddr Table: Name Transport Addr Port Taglist Params ---------.---------.---------snmpNotify Table: Name Tag -------------------.------------Local Seg ----State ----- 76 Chapter 4: The Information Menu 315393-J.--------------.---------------.---. January 2005 .------------------------------.-----------------------snmpv1 v1v2only v1v2grp usm test testgrp usm wyin wyingrp usm test1 test1grp usm adminmd5 admingrp usm adminsha admingrp snmpCommunity Table: Index Name User Name Tag ---------.------Slot IP address Seg MAC address Chassis Type Port Id ----.3.------------.18 vacmSecurityToGroup Table: Sec Model User Name Group Name ---------.---------.

you can view the state of each port in the various trunk groups. For details. trunk When trunk groups are configured. For details.0. see page 78.2 Command Reference /info/l2 Layer 2 Information Menu [Layer 2 Menu] fdb lacp stg trunk vlan dump Forwarding Database Information Menu Link Aggregation Control Protocol Menu Show STG information Show Trunk Group information Show VLAN information Dump all layer 2 information Table 4-13 Layer 2 Information Menu Options Command Syntax and Usage fdb Displays the Forwarding Database Information Menu. stg <STG index to display or carriage return for all STGs> In addition to seeing if Spanning Tree Protocol is enabled or disabled. see page 80. see page 83. For details.Alteon OS 22. see page 87. lacp Displays Link Aggregation Control Protocol Information Menu. you can view the following STP bridge information: Priority Hello interval Maximum age value Forwarding delay Aging time You can also see the following port-specific STP information: Port number and priority Cost State For details. 315393-J. January 2005 Chapter 4: The Information Menu 77 .

xx:xx:xx:xx:xx:xx.0. You are prompted to enter the MAC address of the device. dump Displays all Layer 2 information.Show FDB entries on a single VLAN refpt . [Forwarding Database Menu] find .Show a single FDB entry by MAC address port .Show FDB entries on a single port trunk . For example. Each SP supports up to 8K entries. Table 4-14 Layer 2 FDB Information Menu Options (/info/l2/fdb) Command Syntax and Usage find <MAC address> [<VLAN>] Displays a single database entry by its MAC address. see page 88. 08:00:20:12:34:56.Show FDB entries on a single trunk vlan . xxxxxxxxxxxx. You can also enter the MAC address using the format. The FDB also shows which other ports have seen frames destined for a particular MAC address. 080020123456. including: VLAN Number VLAN Name Status Port membership of the VLAN For details. /info/l2/fdb Layer 2 FDB Information The forwarding database (FDB) contains information that maps the media access control (MAC) address of each known device to the switch port where the device address was learned.Alteon OS 22.Show all FDB entries NOTE – The master forwarding database supports up to 16K MAC address entries on the MP per switch. 78 Chapter 4: The Information Menu 315393-J. Enter the MAC address using the format.Show FDB entries referenced by a single SP dump . January 2005 .2 Command Reference Table 4-13 Layer 2 Information Menu Options Command Syntax and Usage vlan <VLAN number to display or carriage return to display all VLANs> Displays VLAN configuration information. For example.

If the state for the port is listed as unknown (UNK). the port field represents the trunk group number. means that it has been learned by the switch. no outbound port is indicated.0.------------00:02:01:00:00:00 300 23 FWD 1 2 1 23 00:02:01:00:00:01 300 23 FWD 1 2 1 23 00:02:01:00:00:02 300 23 FWD 1 2 1 23 00:02:01:00:00:03 300 23 FWD 1 2 1 23 00:02:01:00:00:04 300 23 FWD 1 2 1 23 00:02:01:00:00:05 300 23 FWD 1 2 1 23 00:02:01:00:00:06 300 23 FWD 1 2 1 23 00:02:01:00:00:07 300 23 FWD 1 2 1 23 00:02:01:00:00:08 300 23 FWD 1 2 1 23 00:02:01:00:00:09 300 23 FWD 1 2 1 23 00:02:01:00:00:0a 300 23 FWD 1 2 1 23 00:02:01:00:00:0b 300 23 FWD 1 2 1 23 00:02:01:00:00:0c 300 23 FWD 1 2 1 23 An address that is in the forwarding (FWD) state.----. 0 for "unknown"> Displays all FDB entries for a particular port.” 315393-J. /info/l2/fdb/dump Show All FDB Information MAC address VLAN Port State Referenced SPs Referenced ports ----------------. see page 79. For more information. refpt <SP number (1-4)> Displays the FDB entries referenced by a single port. When an address is in the unknown state. the MAC address has not yet been learned by the switch.---. but has only been seen as a destination address. dump Displays all entries in the Forwarding Database. although ports which reference the address as a destination will be listed under “Reference ports.---.Alteon OS 22.-------------. January 2005 Chapter 4: The Information Menu 79 . vlan <VLAN number (1-4090)> Displays all FDB entries on a single VLAN.2 Command Reference Table 4-14 Layer 2 FDB Information Menu Options (/info/l2/fdb) Command Syntax and Usage port <port number. trunk <trunk group number> Displays all FDB entries on a single trunk. When in the trunking (TRK) state.

see port <port index 1 to max num ports> Displays information of an LACP port. the MAC address is for a standard VRRP virtual router.Alteon OS 22. To view a sample output.2 Command Reference If the state for the port is listed as an interface (IF). /info/l2/lacp Link Aggregation Control Protocol Information Menu The following menu options display the Link Aggregation Control Protocol (LACP) information on the Alteon OS. see dump Displays LACP information of all the ports. [LACP Menu] aggr port dump .Show LACP aggregator information for the port . To view a sample output. refer to “Forwarding Database Options” on page 451.0. January 2005 . see page 83.Show LACP port information . the MAC address is for a virtual server router—a virtual router with the same IP address as a virtual server.Show all LACP ports information Table 4-15 Link Aggregation Control Protocol Information Menu Options (/info/ lacp) Command Syntax and Usage aggr <aggregator index 1 to max num ports> Displays information an LACP aggregator. 80 Chapter 4: The Information Menu 315393-J. Use this command to verify the state of ports in an LACP trunk group. To view a sample output. Clearing Entries from the Forwarding Database To delete a MAC address from the forwarding database (FDB) or to clear the entire FDB. If the state is listed as a virtual server (VIP).

32768 Partner System ID .FALSE Actor Admin Key .2 Command Reference /info/lacp/aggr LACP Aggregator Information Aggregator Id 1 ---------------------------------------------MAC address .300 Actor Oper Key .00:01:81:2e:a1:b0 Individual .00:01:81:2e:a1:d1 Actor System Priority .32768 Actor System ID .00:0d:29:e3:4a:00 Partner Oper Key .TRUE Number of Ports in aggr .1 ready .10 index 0 port 1 index 1 port 2 index 2 port 3 index 3 port 4 index 4 port 5 index 5 port 6 index 6 port 7 index 7 port 8 index 8 port 9 index 9 port 10 315393-J. January 2005 Chapter 4: The Information Menu 81 .Alteon OS 22.0.300 Partner System Priority .

2 Command Reference /info/lacp/port LACP Port Information port 1 ---------------------------------------------lacp_enabled .TRUE Actor Actor Actor Actor Actor Actor System ID System Priority Admin Key Oper Key Port Number Port Priority Admin System Priority Oper System Priority Admin System ID Oper System ID Admin Key Oper Key Admin Port Number Admin Port Priority Oper Port Number Oper Port Priority 00:01:81:2e:a1:b0 32768 300 300 1 32768 0 32768 00:00:00:00:00:00 00:0d:29:e3:4a:00 0 1 0 0 4 32768 Partner Partner Partner Partner Partner Partner Partner Partner Partner Partner Actor Admin Port state Activity: Active Timeout: Synchronization:FALSE Collecting: Defaulted: FALSE Expired: Actor Oper Port state Activity: Active Timeout: Synchronization:TRUE Collecting: Defaulted: FALSE Expired: Partner Admin Port state .Alteon OS 22.0. January 2005 .TRUE lacp_admin_enabled .0x0 Partner Oper Port state Activity: Active Timeout: Long FALSE FALSE Aggregation: Distributing: TRUE FALSE Long Aggregation: TRUE Distributing: FALSE TRUE TRUE Long Aggregation: TRUE Continued 82 Chapter 4: The Information Menu 315393-J.

2 Command Reference Synchronization: TRUE Defaulted: FALSE Collecting: Expired: TRUE Distributing: FALSE TRUE Rx machine state Mux machine state Periodic machine state Individual Selected Aggregator ID Attached Aggregator ID ready_n ntt selected port_moved Collision and Detection state .LACP_PERIODIC_SLOW_STATE .FALSE turned ON! 315393-J.1 .FALSE .FALSE .FALSE .1 .Alteon OS 22.LACP_MUX_COL_DIS_STATE .LACP_RX_CURRENT_STATE .Selected . January 2005 Chapter 4: The Information Menu 83 .0.

0. January 2005 .Alteon OS 22.2 Command Reference /info/lacp/dump LACP Dump Information port attached trunk aggr ------------------------------------------------------------------1 active 300 300 y 32768 1 13 2 active 300 300 y 32768 1 13 3 active 300 300 y 32768 1 13 4 active 300 300 y 32768 1 13 5 active 300 300 y 32768 1 13 6 active 300 300 y 32768 1 13 7 active 300 300 y 32768 1 13 8 active 300 300 y 32768 1 13 9 active 300 300 n 32768 --10 active 300 300 n 32768 --11 active 300 300 n 32768 --12 active 300 300 n 32768 --13 active 300 300 n 32768 --14 off 14 14 n 32768 --15 off 15 15 n 32768 --16 off 16 16 n 32768 --17 off 17 17 n 32768 --18 off 18 18 n 32768 --19 off 19 19 n 32768 --20 off 20 20 n 32768 --21 off 21 21 n 32768 --22 off 22 22 n 32768 --23 off 23 23 n 32768 --24 off 24 24 n 32768 --25 off 25 25 n 32768 --26 off 26 26 n 32768 --27 off 27 27 n 32768 --28 off 28 28 n 32768 --lacp adminkey operkey selected prio 84 Chapter 4: The Information Menu 315393-J.

NOTE – Alteon OS 22.Alteon OS 22.1d Spanning Tree Protocol (STP). Spanning Tree Group 1: On Current Root: 8000 00:01:81:2e:a1:80 Parameters: Priority 32768 Cost ---0 0 0 0 5 0 0 0 0 0 0 Path-Cost 0 Port Hello MaxAge FwdDel Aging 0 2 20 15 300 FwdDel 15 Aging 300 Hello 2 MaxAge 20 Port ----1 2 3 4 5 6 7 8 9 10 11 Priority -------128 128 128 128 128 128 128 128 128 128 128 State ---------DISABLED DISABLED DISABLED DISABLED FORWARDING DISABLED DISABLED DISABLED DISABLED DISABLED DISABLED Designated Bridge Des Port ---------------------.2 supports up to 16 multiple Spanning Tress or Spanning Tree Groups.------- 8000-00:01:81:2e:a1:80 32773 The switch software uses the IEEE 802.0. you can view the following STP bridge information: Priority Hello interval Maximum age value Forwarding delay Aging time 315393-J.0. January 2005 Chapter 4: The Information Menu 85 .2 Command Reference /info/l2/stg Layer 2 Spanning Tree Group Information When multiple paths exist on a network. Spanning Tree Protocol (STP) configures the network so that a switch uses only the most efficient path. In addition to seeing if STP is enabled or disabled.

The aging time parameter specifies. in seconds. The maximum age parameter specifies. or DISABLED. January 2005 . The port priority parameter helps determine which bridge port becomes the designated port. the lower the path cost.0. The forward delay parameter specifies. the port with the lowest port priority becomes the designated port for the segment. FORWARDING. A setting of 0 indicates that the cost will be set to the appropriate default after the link speed has been auto negotiated. in seconds. the maximum time the bridge waits without receiving a configuration bridge protocol data unit before it reconfigure the STP network. The state field shows the current state of the port. in seconds. Table 4-16 Spanning Tree Parameter Descriptions Parameter Priority (bridge) Hello Description The bridge priority parameter controls which bridge on the network will become the STP root bridge. in seconds. MaxAge FwdDel Aging priority (port) Cost State 86 Chapter 4: The Information Menu 315393-J. the amount of time that a bridge port has to wait before it changes from learning state to forwarding state. LISTENING.Alteon OS 22. The port path cost parameter is used to help determine the designated port for a segment. Any bridge that is not the root bridge uses the root bridge hello value. the amount of time the bridge waits without receiving a packet from a station before removing the station from the Forwarding Database. In a network topology that has multiple bridge ports connected to a single segment. the faster the port. LEARNING. how often the root bridge transmits a configuration bridge protocol data unit (BPDU). The hello time parameter specifies.2 Command Reference You can also see the following port-specific STP information: Port number and priority Cost State Designated Bridge Designated Port The following table describes the STP parameters. Generally speaking. The state field can be either BLOCKING.

For example.0. This is a number that is the numerical sum of bridge priority and the actual physical port number. a physical port number four with bridge priority 32768 will be displayed as 32678+4=32772. the remaining ports in the trunk group will also be set to forwarding. January 2005 Chapter 4: The Information Menu 87 . Trunk group 1. When trunk groups are configured. larger virtual link. multi-link connections between Alteon Application Switches or other trunk-capable devices.2 Command Reference Table 4-16 Spanning Tree Parameter Descriptions (Continued) Parameter Designated Bridge Description The designated bridge resides closest to the root bridge and is responsible for forwarding packets from LAN towards the root bridge. 315393-J.Alteon OS 22. combining their bandwidth to create a single. Designated port /info/l2/trunk Trunk Group Information Trunk groups can provide super-bandwidth. This bridge is displayed as character string starting with the bridge priority (1-65535) followed by a hyphen and six byte MAC address of that switch. you can view the state of each port in the various trunk groups. The designated port identifies a physical port. bw contract 256. A trunk group is a group of ports that act together. port state: 1: STG 1 forwarding 2: STG 1 forwarding NOTE – If Spanning Tree Protocol on any port in the trunk group is set to forwarding.

Port membership is represented in slot/port format. January 2005 .0.----Default VLAN ena n 256 ena 1-28 This information display includes all configured VLANs and all member ports that have an active link state.----.2 Command Reference /info/l2/vlan VLAN Information VLAN ---1 Name Status Jumbo BWC Learn Ports -------------------------------.---.Alteon OS 22.-----. VLAN information includes: VLAN Number VLAN Name Status Jumbo Frames Bandwidth Contract if BWM is enabled Source MAC Address Learning Port membership of the VLAN 88 Chapter 4: The Information Menu 315393-J.----.

2 Command Reference /info/l2/dump Layer2 Dump Information Spanning Tree Group 1: On Current Root: 8000 00:01:81:2e:a1:80 Parameters: Priority 32768 Cost ---0 0 0 0 5 0 0 0 0 0 0 0 Path-Cost 0 Hello 2 Port Hello MaxAge FwdDel Aging 0 2 20 15 300 FwdDel 15 Aging 300 MaxAge 20 Port -----1 2 3 4 5 6 7 8 9 10 11 12 Priority -------128 128 128 128 128 128 128 128 128 128 128 128 State ---------DISABLED DISABLED DISABLED DISABLED FORWARDING DISABLED DISABLED DISABLED DISABLED DISABLED DISABLED DISABLED Designated Bridge Des Port ---------------------.Alteon OS 22. January 2005 Chapter 4: The Information Menu 89 .0.------ 8000-00:01:81:2e:a1:80 32773 315393-J.

arp Displays the Address Resolution Protocol (ARP) Information Menu. ospf Displays OSPF routing information menu. Default gateway information: Metric for selecting which configured gateway to use. ip Displays IP Information. VLAN number. For details. For details. subnet mask. lnet and lmask Port status 90 Chapter 4: The Information Menu 315393-J. For details. see page 96. see page 98. or 16 for infinite hops) The IP interface that the route uses For details. see page 91. subnet mask. IP information.2 Command Reference /info/l3 Layer3 Information Menu [Layer 3 Menu] route arp bgp ospf ip vrrp dump IP Routing Information Menu ARP Information Menu BGP Information Menu OSPF Routing Information Menu Show IP information Show Virtual Router Redundancy Protocol information Dump all layer 3 information Table 4-17 Layer 3 Information Menu Options Command Syntax and Usage route Displays the IP Routing Menu. the system displays the following for each configured or learned route: Route destination IP address. To view menu options. see page 93. January 2005 . bgp Displays BGP Information Menu. and operational status. IP address. Using the options of this menu. and health status IP forwarding information: Enable status. specifying the number of hops to the destination (1-15 hops. see page 104. includes: IP interface information: Interface number. and gateway address Type of route Tag indicating origin of route Metric for RIP tagged routes. broadcast address. IP address. gateway number.Alteon OS 22.0.

4. 192. dump Displays all Layer 3 information. see Table 4-19 on page 92. For details.4. tag fixed|static|addr|rip|ospf|bgp|broadcast|martian|vip Displays routes of a single tag. see Table 4-20 on page 93. gw <default gateway address (such as. /info/l3/route IP Routing Information [IP Routing Menu] find . January 2005 Chapter 4: The Information Menu 91 .Show tag .Show if .Alteon OS 22. if <interface number (1-256)> Displays routes on a single interface. you can display all or a portion of the IP routes currently held in the switch.Show type . 315393-J. Table 4-18 Route Information Menu Options (/info/route) Command Syntax and Usage find <IP address (such as.0.17. For a description of IP routing types. see page 105.17. type indirect|direct|local|broadcast|martian|multicast Displays routes of a single type.101)> Displays a single route by destination IP address. For a description of IP routing types.Show dump .2 Command Reference Table 4-17 Layer 3 Information Menu Options Command Syntax and Usage vrrp Displays the VRRP Information Menu. NOTE – The total number of interfaces on an Alteon Application Switch 2424-SSL is 1-255.Show gw . 192.Show a single route by destination IP address routes to a single gateway routes of a single type routes of a single tag routes on a single interface all routes Using the commands listed below.44)> Displays routes to a single gateway.

Indicates a route to one of the switch’s IP interfaces.0.80.249 255.255. The destination belongs to a host or subnet which is filtered out.80.0.0.0.80.255 255.255.0.255.0 255.255 broadcast broadcast 1 * 127.0.0.23. Table 4-19 IP Routing Type Parameters (/info/l3/route/dump/type) Parameter indirect Description The next hop to the host or subnet destination will be forwarded through a router at the Gateway address. /info/l3/route/dump Show All IP Route Information Status code: * .255 0.0 47.255.0 martian martian * 224.0.0.0.255 255.0 0.255. January 2005 .255.255 broadcast broadcast Type Parameters The following table describes the Type parameters.0 0.0. direct local broadcast martian multicast 92 Chapter 4: The Information Menu 315393-J.255 255.5 255.0.2 Command Reference Table 4-18 Route Information Menu Options (/info/route) Command Syntax and Usage dump Displays all routes configured in the switch. see page 92.255 0.0 multicast addr * 255.0.0.0 224.255.255.255.--------------.0. Packets to this destination are discarded.0.23.255 47.255.0.23.0.0.255.0.254.--------.80.0 multicast addr * 224.255.0.23. For more information.6 255.------------.0 martian martian * 224.0.249 direct fixed 1 * 47.80.0. Indicates a multicast route.-* 0.255 47.23.80.0 47.1 indirect static 1 * 47.----.best Destination Mask Gateway Type Tag Metr If --------------. Indicates a broadcast route.0.255.0 255. Packets will be delivered to a destination host or subnet attached to the switch.22.Alteon OS 22.255.22.80.0.249 local addr 1 * 47.255.0 0.

Show ARP address list 315393-J.Alteon OS 22. Table 4-20 IP Routing Tag Parameters (info/l3/route/tag) Parameter fixed static Description The address belongs to a host or subnet attached to the switch.Show help on the fields of ARP entries addr . The address belongs to a filtered group. In any IP communication. ARP also maintains IP to physical address pairs in its cache memory.Show ARP entries on a single port vlan . the ARP cache is consulted to see if the IP address of the router is present in the ARP cache. ARP resolves a physical address from an IP address. ARP queries machines on the local network for their physical addresses. addr rip ospf bgp broadcast martian vip /info/l3/Arp ARP Information Menu Address Resolution Protocol (ARP) is the TCP/IP protocol that resides within the Internet layer. Indicates a route destination that is a virtual server IP address.0.Show all ARP entries help .2 Command Reference Tag Parameters The following table describes the Tag parameters. [Address Resolution Protocol Menu] find . The address was learned by Open Shortest Path First (OSPF). The address belongs to one of the switch’s IP interfaces. Then the corresponding physical address is used to send a packet. The address is a static route which has been configured on the Alteon Application Switch.Show a single ARP entry by IP address port . January 2005 Chapter 4: The Information Menu 93 .Show ARP entries on a single VLAN refpt . VIP routes are needed to advertise virtual server IP addresses via BGP. The address was learned by the Routing Information Protocol (RIP). The address was learned via Border Gateway Protocol (BGP) Indicates a broadcast address.Show ARP entries referenced by a single SP dump .

For details. see page 95.Layer 4 IP address (VIP) u . MAC address.2 Command Reference The ARP information includes IP address and MAC address of each entry. 192.Permanent ARP entry (not obtained via ARP request). address status flags (see Table 4-22 on page 95).Indirect ARP (cache) entry for IP address reachable via indirect routes (static/dynamic) 4 .Alteon OS 22. refpt <SP number (1-4)> Displays the ARP entries referenced by a single SP. The MAC address has not been learned.g.4. and port referencing information. Table 4-21 ARP Information Menu Options (/info/l3/arp) Command Syntax and Usage find <IP address (such as. IP interface. January 2005 . see page 95. etc.ARP entry belongs to a Jumbo capable VLAN P . For example: IP address: Flags: IP address of ARP entry J . help Displays help on the ARP field entries. R .101> Displays a single ARP entry by IP address. IP mask. and VLAN flags. VIP.0. including: IP address and MAC address of each entry Address status flag (see below) The VLAN and port to which the address belongs The ports which have referenced the address (empty if no port has routed traffic to the IP address shown) For more information. VLAN and port for the address. vlan <VLAN number (1-4090)> Displays the ARP entries on a single VLAN.17. port <port number> Displays the ARP entries on a single port. dump Displays all ARP entries. MAC address: VLAN: Port: Referenced SPs: MAC address of ARP entry VLAN of this ARP entry Physical port where this IP address owner is connected SPs on which this ARP entry is present addr Displays the ARP address list: IP address. e. 94 Chapter 4: The Information Menu 315393-J.Unresolved ARP entry.

10.23.81 P 00:09:97:16:5f:00 1 172.1 P 00:09:97:16:5f:00 1 172. Unresolved ARP entry.3.---1. the designated port will be the normal ingress port.1.10 P 4 00:09:97:16:5f:01 47.31.10.23. the referenced port will be the designated port.31.11 00:b0:d0:98:d8:1b 1 3 Referenced SPs ------------1-4 1-4 empty 1-4 1-4 empty empty Referenced ports are the ports that request the ARP entry.Alteon OS 22.1 00:e0:16:7c:28:86 1 23 47. NOTE – If you have VMA turned on.---.3. Indirect route entry.2 Command Reference /info/l3/arp/refpt Show ARP Entries on Referenced SP IP address Flags ------------.----------------.80.----47.11.80.0. So the traffic coming into the referenced ports has the destination IP address.249 P MAC address VLAN Port ----------------. The Flag field is interpreted as follows: Table 4-22 ARP Dump Flag Parameters Flag P P 4 Description Permanent entry created for switch IP interface.---.----.31. January 2005 Chapter 4: The Information Menu 95 .1 P 4 00:09:97:16:5f:01 10. Permanent entry created for Layer 4 proxy IP address or virtual server IP address. If you have VMA turned off.80.3. From the ARP entry (the referenced ports). this traffic needs to be forwarded to the egress port (port 6 in the above example).10 00:b0:d0:98:d8:1b 1 3 172. The MAC address has not been learned. ARP entry belongs to a Jumbo capable VLAN R U J 315393-J.----00:0e:40:2f:5b:00 1 Referenced SPs -----------1-4 /info/l3/arp/dump Show All ARP Entry Information IP address Flags MAC address VLAN Port --------------.22.

10.255. See page 97 for a sample output. January 2005 .255 255. For more information.200 172.1 172.31. See page 97 for a sample output.255. refer to BGP section in chapter: “The Configuration Menu” on page 227 and the Application Guide.Show all BGP peers summary .31. [BGP Menu] peer .255.3. state.10.255. 96 Chapter 4: The Information Menu 315393-J.Alteon OS 22.255.0.255 255.4.1.11.255 255. up/down. message sent.4.255. message received. summary Displays peer summary information such as AS.Show BGP routing table Table 4-23 BGP Peer Information Menu Options (/info/l3/bgp) Command Syntax and Usage peer Displays BGP peer information.255.23.1 172.255.1 47.255 255.80.255 255.255 MAC address ----------------00:09:97:16:5f:01 00:09:97:16:5f:01 00:09:97:16:5f:0e 00:09:97:16:5f:00 00:09:97:16:5f:00 00:09:97:16:5f:00 VLAN ---Flags ----- D 1 1 1 /info/l3/bgp BGP Information Menu Border Gateway Protocol (BGP) is an Internet protocol that enables routers on a network to share routing information with each other and advertise information about the segments of the IP address space they can access within their network with routers on external networks.81 IP mask --------------255.10 1. dump Displays the BGP routing table.255.Show all BGP peers in summary dump .31.2 Command Reference /info/l3/arp/addr ARP Address List Information IP address --------------10.255. See page 98 for a sample output.255.255.

0.201. Link type: IBGP Remote router ID: 0.1.5 BGP status: idle.1. Old status: idle Total received packets: 0.142 4 142 113 121 00:00:28 established 2: 205.0. Total sent packets: 0 Received updates: 0. January 2005 Chapter 4: The Information Menu 97 . Sent updates: 0 Keepalive: 0.148 0 148 0 0 never connect 315393-J. Local router ID: 1. MinAdvTime: 60 LastErrorCode: unknown(0). Holdtime: 0. Local AS: 0.23. version 0.1.---------1: 205.201. Local router ID: 1. BGP Peer Summary Information: Peer V AS MsgRcvd MsgSent Up/Down State --------------. TTL 1 Remote AS: 0.0.1.178.-------.0. Holdtime: 0.Alteon OS 22. version 0.1.5 BGP status: idle.4 .0.. Old status: idle Total received packets: 0. Local AS: 0.1.178.1 .-------. Total sent packets: 0 Received updates: 0. LastErrorSubcode: unspecified(0) Established state transitions: 0 4: 2.0.0. Sent updates: 0 Keepalive: 0. LastErrorSubcode: unspecified(0) Established state transitions: 0 /info/l3/bgp/summary BGP Summary information Following is an example of the information that /info/l3/bgp/summary provides. TTL 1 Remote AS: 0.-------. Link type: IBGP Remote router ID: 0.2 Command Reference /info/l3/bgp/peer BGP Peer information Following is an example of the information that /info/l3/bgp/peer provides.15. BGP Peer Information: 3: 2. MinAdvTime: 60 LastErrorCode: unknown(0).-------.

178.Show details of virtual links nbr . The backbone acts as the central OSPF area.21.21.Show neighbor(s) information dbase .178.0 * 205.147 1 128 *> 205. The Alteon OS implementation conforms to the OSPF version 2 specifications detailed in Internet RFC 1583. one area must be designated as area 0.incomplete Network Next Hop Metr LcPrf Wght --------------.21.15.17.0.Show NSSA summary address list routes .Alteon OS 22.21.Show OSPF information 98 Chapter 4: The Information Menu 315393-J.147 1 128 13. Areas inject summary routing information into the backbone.178. which then distributes it to other areas as needed.Show OSPF routes dump .0 0.EGP. e . In any AS with multiple areas.0. >> BGP# dump Status codes: * valid.Database Menu sumaddr .internal Origin codes: i .0.IGP.Show interface(s) information virtual .----. January 2005 . i . All other areas in the AS must be connected to the backbone.---.0 205.178.0 205.178.--------------. known as the backbone.0.0.----*> 10.Show summary address list nsumadd .0. > best.2 Command Reference /info/l3/bgp/dump Dump BGP Information Following is an example of the information that /info/l3/bgp/dump provides. OSPF is designed for routing traffic within a single IP domain called an Autonomous System (AS).0. [OSPF Information Menu] general .178. The AS can be divided into smaller logical units known as areas.147 1 256 *>i205. For more information on how to configure OSPF on the switch.Show general information aindex .0 205. ? . refer to the OSPF section in chapter “The Configuration Menu” on page 227 and your Alteon OS Application Guide.147 1 256 Path -------------147 148 i 0 i 147 i 147 i 147 {35} ? /info/l3/ospf OSPF Information Menu Alteon OS supports the Open Shortest Path First (OSPF) routing protocol.Show area(s) information if .

See page 100 for a sample output.C. virtual Displays information about all the configured virtual links. To view menu options. January 2005 Chapter 4: The Information Menu 99 .D)> Displays the status of a neighbor with a particular router ID.Alteon OS 22.0. If no parameter is supplied.B. nbr <nbr router-id (A. dbase Displays OSPF database menu. dump Display all the OSPF information. If no router ID is supplied. nsumadd <area index (0-2)> Displays the list of summary ranges belonging to NSSA areas.2 Command Reference Table 4-24 OSPF Information Menu (/info/l3/ospf) Command Syntax and Usage general Displays general OSPF information. it displays information for all the interfaces. See for a sample output. see page 101. routes Displays OSPF routing table. it displays area information for all the areas. sumaddr <area index (0-2)> Displays the list of summary ranges belonging to non-NSSA areas. If no parameter is supplied. aindex <area index [0-2]> Displays area information for a particular area index. if <interface number [1-256]> Displays interface information for a particular interface. See page 100 for a sample output. See page 102 for a sample output. it displays the information about all the current neighbors. 315393-J.

Retransmit 5.14.1. Area 0.1.1 Backup Designated Router (ID) 10.0 Authentication : none Import ASExtern : yes Number of times SPF ran : 8 Area Border Router count : 2 AS Boundary Router count : 0 LSA count : 5 LSA Checksum sum : 0x2237B Summary : noSummary /info/l3/ospf/if OSPF Interface Information Ip Address 10.0.247 Started at 95 and the process uptime is 352315 Area Border Router: yes.23.12.10. 2 are >=EXCH state. Priority 1 Designated Router (ID) 10. Authentication type none 100 Chapter 4: The Information Menu 315393-J.12.Alteon OS 22.80. Wait 1663.10. 2 are =FULL state Number of areas is 2. Poll interval 0.2 Command Reference /info/l3/ospf/general OSPF General Information OSPF Version 2 Router ID: 47. State DR.10.10.1.10.0. of which 2 are >=INIT state. Admin Status UP Router ID 10.1.10. Ip Address 10. January 2005 . Ip Address 10.0. AS Boundary Router: no LS types supported are 6 External LSA count 0 External LSA checksum sum 0x0 Number of interfaces in this router is 2 Number of virtual links in this router is 1 16 new lsa received and 34 lsa originated from this router Total number of entries in the LSDB 10 Database checksum sum 0x0 Total neighbors are 1. Dead 40.12.0.10.1. Hello 10.0.10.2 Timer intervals. Transit delay 1 Neighbor count is 1 If Events 4. of which 3-transit 0-nssa Area Id : 0.

1 displays ASBR summary LSAs having the advertising router 20.D)>|<link_state_id (A. The usage of this command is the same as the usage of the command asbrsum.1.2 Command Reference /info/l3/ospf/dbase OSPF Database Information [OSPF Database Menu] advrtr .C.B. c) asbrsum self displays the self advertised ASBR summary LSAs.LS Database summary ext .C.0.D)>|<self> Displays the AS-external (type 5) LSAs with detailed information of each field of the LSAs.1.B.1. ext <adv-rtr (A.Alteon OS 22.External LS Database info nw .1.1.1.1.B. b) the total number of LSAs for each area.1.1.All Table 4-25 OSPF Database Information Menu (/info/l3/ospf/dbase) Command Syntax and Usage advrtr <router-id (A. dbsumm Displays the following information about the LS database in a table format: a) the number of LSAs of each type in each area.D)>|<self> Displays ASBR summary LSAs.NSSA External LS Database info rtr . for example: 20. d) asbrsum with no parameters displays all the ASBR summary LSAs.B. January 2005 Chapter 4: The Information Menu 101 . d) the total number of LSAs for all LSA types for all areas combined.B. Displays all the Link State Advertisements (LSAs) in the LS database that have the advertising router with the specified router ID.1. 315393-J.1. asbrsum <adv-rtr (A.Self Originated LS Database info summ . c) the total number of LSAs for each LSA type for all areas combined.LS Database info for an Advertising Router asbrsum .Network-Summary LS Database info all .D)> Takes advertising router as a parameter.C. No parameters are required.D)>|<link_state_id (A.1.ASBR Summary LS Database info dbsumm .1. b) asbrsum link_state_id 10.Network LS Database info nssa .1 displays ASBR summary LSAs having the link state ID 10.C. The usage of this command is as follows: a) asbrsum adv-rtr 20.Router LS Database info self .C.

18.10.1. /info/l3/ospf/routes OSPF Information Route Codes Codes: IA .1/32 via 30.0/28 via 20.1. The usage of this command is the same as the usage of the command asbrsum.1.1.18.1.C.18.0/27 via 20.C.18.B.OSPF external type 1.B. E2 .B.D)>|<link_state_id (A.D)>|<link_state_id (A.0/24 via 20.C.2 E2 172.C.8/32 via 30.2 IA 100.2 IA 40.1.5/32 via 30.0/28 via 200.D)>|<self> Displays the network (type 2) LSAs with detailed information of each field of the LSA.1.2 E2 172. N2 .1.1.1.1. No parameters are required.1.OSPF NSSA external type 2 E1 .2 E2 172. The usage of this command is the same as the usage of the command asbrsum. N1 .2 IA 150.D)>|<self> Displays the NSSA (type 7) LSAs with detailed information of each field of the LSAs. The usage of this command is the same as the usage of the command asbrsum. self Displays all the self-advertised LSAs.OSPF NSSA external type 1.1.B.1.D)>|<self> Displays the network summary (type 3) LSAs with detailed information of each field of the LSAs.B.C.1.1.1.1.2/32 via 30. rtr <adv-rtr (A.C.1.0/24 via 200.D)>|<self> Displays the router (type 1) LSAs with detailed information of each field of the LSAs.1.1.2 E2 172.2 E2 172.18.1.OSPF inter area. The usage of this command is the same as the usage of the command asbrsum.1.B.Alteon OS 22.2 IA 140.4/32 via 30.0.C.3/32 via 30.0/16 via 200.6/32 via 30.1.1.1.network LS database.2 E2 172.B. nssa <adv-rtr (A.1.1.1.1.OSPF external type 2 IA 10.1.C.2 Command Reference Table 4-25 OSPF Database Information Menu (/info/l3/ospf/dbase) Command Syntax and Usage nw <adv-rtr (A.1.1.18.1.1.1.1.1.D)>|<link_state_id (A.18. January 2005 .2 IA 80.1.2 E2 172.2 E2 172.1.7/32 via 30.1.0.1.2 102 Chapter 4: The Information Menu 315393-J.D)>|<link_state_id (A.1.B.1.1.18. summ <adv-rtr (A. all Displays all the LSAs.1.

1 Started at 42 and the process uptime is 1197051 Area Border Router: no.Alteon OS 22.1.1) No areas enabled. 0 are >=EXCH state. 315393-J.---------- Prio ---- State ----- Address ------- OSPF LS Database: OSPF LSDB breakdown for router with ID (1. 0 are =FULL state Number of areas is 0.2 Command Reference /info/ospf/dump OSPF Dump Information OSPF Version 2 Router ID: 1.1. of which 0-transit 0-nssa OSPF Neighbors: Intf NeighborID ---.1. January 2005 Chapter 4: The Information Menu 103 .0.1. of which 0 are >=INIT state. AS Boundary Router: no External LSA count 0 Number of interfaces in this router is 0 Number of virtual links in this router is 0 0 new lsa received and 0 lsa originated from this router Total number of entries in the LSDB 0 Total neighbors are 0.

23.0 47.255.1.255.80.31. vlan any.1.3.255.255.1 255.255.0 3: 172.0 2: 172.255.3.80.31.81 255. up Current IP forwarding settings: ON.31.1 255. dirbr disabled Current local networks: Current IP port settings: All other ports have forwarding ON Current network filter settings: none Current route map settings: Current OSPF settings: ON Default route none Router ID: 1. January 2005 .23.255.4.80. up Default gateway information: metric strict 2: 47.2 Command Reference /info/l3/ip IP Information Interface information: 1: 47.1.255. up vlan 1. up vlan 1.31. vlan 1.4. 172.1 lsdb limit 0 104 Chapter 4: The Information Menu 315393-J.Alteon OS 22.254.0. 172.22.

master.2. if if if if if if if if if if 10.2.200. if 2: vrid 1. January 2005 Chapter 4: The Information Menu 105 . 14.202.1. 205. prio 118. 205. One of the virtual routers is then elected as the master.200. master 12. 13: vrid 13. renter.200. based on a number of priority criteria.1.2. master if 27. prio 110.2. server 255: vrid 255. renter. 27. 100: vrid 100.200. VRRP information: 10: vrid 10. prio 100. 1. if 3: vrid 3.200. renter. master. proxy When virtual routers are configured. 11. 11: vrid 11. prio 118. 27: vrid 27. 27. renter identifies virtual routers which are not owned by this device. renter.8. master 27.100. backup 172.2. backup 13.1. one of the backup virtual routers will assume routing authority and take control of the virtual router IP address. 12. prio 118. 28: vrid 28.1.200. 172. server 1. 20: vrid 20.200. master 14. prio 110.Alteon OS 22.210. renter. prio 118.200. master 28.8. 172. backup 1.178. renter.2 Command Reference /info/l3/vrrp VRRP Information Virtual Router Redundancy Protocol (VRRP) support on Alteon Application Switch provides redundancy between routers in a LAN. Refer to your Alteon OS Application Guide for more information on VRRP.21.2. backup.2.2. 28. and assumes control of the shared virtual router IP address. 315393-J. renter. prio 102. 254: vrid 254. This is accomplished by configuring the same virtual router IP address and ID number on each participating VRRP-capable routing device. prio 110. 12: vrid 12. VRRP information includes: Virtual router number Virtual router ID and IP address Interface number Ownership status owner identifies the preferred master virtual router.178. server 172: vrid 172. 205. server VRRP information: 1: vrid 2. prio 102. renter. 28. renter.18. A virtual router is the owner when the IP address of the virtual router and its IP interface are the same. prio 100.1. master 11.178.2.200. prio 102.100.1. prio 100. 10. 13.21.1.1.18.100. if 28. If the master fails. if 172. master.2. renter. renter.0. master. backup 20. renter. prio 102.1. prio 110. renter.18. you can view the status of each virtual router using this command. renter.1. renter. 14: vrid 14.204. 20.

Server status. where the virtual router shares the same IP address as a proxy IP address. 106 Chapter 4: The Information Menu 315393-J.Alteon OS 22. These are known as virtual server routers: any virtual router whose IP address is the same as any configured virtual server IP address. minimizing the number of unique IP addresses that must be configured. backup identifies that the virtual router is in backup mode. the virtual router with the highest priority becomes master. The use of virtual proxy routers enables redundant switches to share the same IP address. The proxy state identifies virtual proxy routers. January 2005 .0. The server state identifies virtual routers that support Layer 4 services. During the election process. Activity status master identifies the elected master virtual router. Proxy status.2 Command Reference Priority value.

dirbr disabled Current local networks: Current IP port settings: All other ports have forwarding ON Current network filter settings: none Current route map settings: Current BGP settings: ON.Alteon OS 22.255 .1. pref 100.0 45.0 4: 172. 205. hold 180.255.2 Command Reference /info/l3/dump Layer3 Dump Information This command dumps all the information about Layer 3 parameters.1. alive 60.201.1. enabled metric none.0. January 2005 Chapter 4: The Information Menu 107 .0. ospf disabled fixed disabled.1.1.255 .201 255. IP information: IP information: Router ID: 45. vip disabled in-rmap: empty out-rmap: empty Current BGP aggr settings: Continued 315393-J. AS number 100 Interface information: 2: 45. ttl 1.1.254 255.0. static disabled. adv 60 retry 120. up Default gateway information: metric strict Current IP forwarding settings: ON. 172.21. up vlan 1. This dump is a collection of all the individual commands described in the sections above.1.255.255.1.255.1.203.201 255.255. up vlan 1.1. orig 15.255.0 3: 205.1.21. default none.255 . rip disabled. AS number 100 Current BGP peer settings: 1: 45. ras 300. vlan 1.1.

0.3 00:09:6b:00:6f:b7 1 24 empty 205.0.1.1.----.0.255 255.255 45.1.201 255.0 172.1.255.---------------45.254 local addr 4 * 172.1.254 255.255 172.1.21.0.255 172.255 MAC address VLAN Flags ----------------.1.255.1.1.255 255.255.100 P 4 00:01:81:2e:a2:2e 1-4 205.21.1.255.255.1.75 00:0f:06:ec:8a:00 1 24 empty 45.1.1.21.201 local addr 2 * 45.4 00:09:6b:00:76:1b 1 24 empty 205.1.-* 45.0.1.255.255.2 Command Reference Virtual Router Redundancy is globally turned OFF.1.201 direct fixed 2 * 45.1.0.------------.1.21.21.1.0.1.1.254 direct fixed 4 * 172. ARP cache information: IP address Flags MAC address VLAN Port Referenced SPs --------------.---.201 P 00:01:81:2e:a2:20 1 1-4 45.1.----.255.0 martian martian * 172.255broadcast broadcast 2 * 127.255 205.----------------.21.255.21.202 00:09:97:5e:69:00 1 24 empty 172.255.254 255.255 45.1.255.0.255.1.best Destination Mask Gateway Type Tag Metr If --------------.1.201 255.---.255.1.1.201 P 00:01:81:2e:a2:20 1 1-4 ARP address information: IP address IP mask --------------.0 0.201 255.255.1.255 broadcast broadcast 4 Continued 108 Chapter 4: The Information Menu 315393-J.255.1.0 255.-----------.0 255.1.1.1.0 255.1.1.255.255.255 172.255.------------.0 45.255.1.0.1.1. January 2005 .Alteon OS 22.--------------205.1.255.0.1.1 00:09:6b:b5:0b:d6 1 24 empty 205.255 45.1.255.----00:01:81:2e:a2:2e D 00:01:81:2e:a2:20 1 00:01:81:2e:a2:20 1 00:01:81:2e:a2:20 1 Route table information: Status code: * .0.1.255.6 00:09:6b:00:71:bb 1 24 empty 205.1.100 255.2 00:09:6b:b5:08:48 1 24 empty 205.5 00:09:6b:00:74:97 1 24 empty 205.21.254 P 00:01:81:2e:a2:20 1 1-4 205.

255.255.0.255 255.255.255.0.1.0 0.1.1.1.255.0 205.0.255 broadcast broadcast 3 * 224.0.255.201 local addr 3 * 205.0 0.2 Command Reference * 205.255 205.0 255.EGP.0 0 ? 315393-J.1.1. ? .255 broadcast broadcast OSPF is disabled. > best.0.1.0.0 0.1.0. i .255.0 martian martian * 255.0.1.0 0 ? *> 205.0.201 255. January 2005 Chapter 4: The Information Menu 109 .255.1.0 0.1.255.255.100 255.----. Status codes: * valid.100 direct vip * 205.0.--------------*> 45.1.1.----.1.201 direct fixed 3 * 205.255 205.1.Alteon OS 22.255.0.255.1.255 255.0.IGP.incomplete Network Next Hop Metr LcPrf Wght Path --------------.255.255.255 255.21.255 205.1.internal Origin codes: i .----.0 224.1.1.--------------.0 0 ? *> 172.0.0. e .0.

or minmisses metric cookie . real IP address. MAC address.: [Server Load Balancing Information Menu] sess . physical switch port. Refer to your Alteon OS Application Guide for detailed information on this feature. VLAN. real <real server number (1-1023)> Displays Real server number.Alteon OS 22. see page 117. RIP and Rport synatk . phash. In an average network that employs multiple servers without server load balancing. based on a variety of load-balancing algorithms. gslb Displays the Global SLB Information Menu. To view menu options.Session Table Information Menu gslb . With this software feature.Show port information idshash . Placing this kind of strain on a server can decrease the performance of the entire network as user requests are rejected by the server and then resubmitted by the user stations. January 2005 .Show SYN attack detection information dump . To view menu options. If one of these servers provides access to applications or data that is in high demand.Show filter information port .Show real server information virt .Global SLB Information Menu real .Show all layer 4 information Table 4-26 Layer 4 Information Menu Options (/info/slb) Command Syntax and Usage sess Displays the Session Table Information Menu.Show IDS server selected by hash or minmisses metric bind . 110 Chapter 4: The Information Menu 315393-J.Decode the HEX value to get VIP. each server usually specializes in providing one or two unique services.Show virtual server information filt . the switch is aware of the services provided by each server and can direct user session traffic to an appropriate server.Show real server selected by hash. it can become overutilized. see page 112.0. layer where health check is performed. and health check result.2 Command Reference /info/slb Layer 4 Information Menu Server Load Balancing (SLB) allows you to configure the Alteon Application Switch to balance user session traffic among a pool of available servers that provide shared services.

Alteon OS 22. URL for health checks. see page 118. cookie <16 or 20 bytes cookie value in HEX as 0xXXXXXXXXXXXXXXXX> Decodes the hexadecimal value to get the virtual server IP address. backup server. bind <IP address> <mask> <group number> Displays the real server selected by hash. and client and/or server Layer 4 activity. group backup server. or minmisses metric. and status. proxy IP address. a list of applied filters. virtual MAC address Virtual Port State: Virtual service or port. For details. filter status. for example. real server IP address. real server port. real server group. group backup server. To identify whether or not the server is under SYN attack. port <port number> Displays the physical port number. the number of new half open sessions is examined within a set period of time. server port mapping. This feature requires dbind to be enabled. and real server group. idshash <IP address 1> <IP address 2> Displays the Intrusion Detection System server selected by hash or minmisses metric.0. real server group. IP address. dump Displays all Layer 4 information for the switch. phash. every two seconds. destination port. synatk Displays SYN attack detection information. filt <filter ID (1-2048)>|list|allow|deny|redir|nat Displays the filter number. health check layer. 315393-J. January 2005 Chapter 4: The Information Menu 111 . IP address. and real server port.2 Command Reference Table 4-26 Layer 4 Information Menu Options (/info/slb) Command Syntax and Usage virt <virtual server number (1-1024)> Displays Virtual Server State: Virtual server number.

pip <Proxy IP address> Displays all session entries with proxy IP address. dport <Destination real port> Displays all session entries with destination port.Show all session entries with destination IP address dport . pport <proxy port> Displays all session entries with proxy port.Show all session entries with ingress port real .Show all session entries with destination port pip .2 Command Reference /info/slb/sess Session Table Information [Session Table Information Menu] cip . flag <E|L|N|P|S|Rt|Ru|Ri|Vi|Vr|Vs|Vm|U|W> Displays all session entries with matching flag.Show all session entries on sp dump . See “Session dump information in Alteon OS” on page 115 for a description of these options.Show all session entries with matching flag port .Session entry description Table 4-27 Session Information Menu Options (/info/slb/sess) Command Syntax and Usage cip <IP address> Displays all session entries with client’s source IP address. dip <Destination IP address> Displays all session entries with the destination IP address.Show all session entries with source port dip .Show all session entries with proxy port filter .Show all session entries with proxy IP address pport . cport <real port> Displays all session entries with source (client) port.Alteon OS 22. 112 Chapter 4: The Information Menu 315393-J.Show all session entries with real IP address sp .Show all session entries help . January 2005 .0.Show all session entries with matching filter flag . filter <filter ID (1-2048)> Displays all session entries with matching filter.Show all session entries with source IP address cport .

21.21.2.1.200 44687.11 wcr age 4 f:12 E 3.21.12. real <IP address> Displays all session entries with real server IP address.79 urlwcr age 6 f:123 E RTSP L4-L7 RTSP 3.1 rtsp -> 47.13 0 age 10 P During client-server port negotiation.0.3.16: 172.1 http -> 47.01: 172.19 4586.13 rtsp age 10 EU 3.2.1 http -> 47.144.51 http -> 192. help Displays the description of the session entry.1 4586.Alteon OS 22.2. Information similar to the following may appear in a session entry dump: 3.21. 2.1 21220 -> 47.1 http age 6 f:10 EUSPT c (1) (2) (3) (4) (5) (6) (7a) (7) (8) (9) (10) (11) (12) (13) Note: The fields.81.21. 39.144.19 6970.2. the destination port shows “rtsp” and server port shows “0” L7 WCR RTSP Chapter 4: The Information Menu 113 315393-J.01: 172.19 1040.2.8.12.12.01: 172.13 21220 age 10 P The first session is RTSP TCP control connection.12.1 rtsp -> 47. 01: 1.2.1.81.2.24. dump Displays all session entries.21.2 Command Reference Table 4-27 Session Information Menu Options (/info/slb/sess) Command Syntax and Usage port <port number> Displays all session entries on the ingress port.144. are described in “Session dump information in Alteon OS” on page 115. Samples of Session Dumps for Different Applications L4 HTTP 3.81.1 http -> 1.21.19 6970.1.2.2. January 2005 . sp <port number (1-4)> Displays all session entries on switch processor.12.168.2. 39.8.3. 172.01: 172. 39.1.79 http age 4 L4-L7 WCR HTTP 2.81. 3. The second session is RTSP UDP data connection.2.1.2.81. 1 to 13 associated with a session as identified in the above example.24.2 3567 3. 39.19 1040. 39.01: 172.

12.215 4102.21.10.4.19 6970.01: 172.00: 237.31.3.31.26 1706.200 0 172.11 age 8 EP c:1 1.Alteon OS 22.31.2.26 http NAT age 2 f:24 E Persistent session 3.2.09: 172.14.07: 10.16 2559.0.31.215 4098.4.81. 10.10 linklb age 8 f:10 E FTP 1. 39.215 80.4.31.4.31.4.123 160.4.13 21220 age 10 P Filtering LinkLB 2.30 age 4 EPS C:3 The destination port.168. 172.84 http -> 192.144.2.09: 172.52.4.31. 39.31.8.21.1.31.2 Command Reference 3.200 ftp-data ->172.3. 114 Chapter 4: The Information Menu 315393-J.0. 205.1 rtsp -> 47.162.21.81.2.144.13 urlwcr age 10 f:100 EU 3. 172.20.00: 172.12.01: 172.20 ftp age 10 EU 1. January 2005 .178.1 21220 -> 47.0.3.1.200 ftp ->172.20 ftp-data age 10 E NAT 2.19 4586. real server IP and server port are not shown for persistent session.05: 172. 172.

1.1 1706. for load balancing.01: 1.2.1.1 1040. This field shows the physical port through which the client traffic enters the switch. 2. For example: 3. Deny or NAT.01: 1.2.1 http -> 3. 2.07: 1. This field identifies the destination port from client’s TCP/UDP packet.1 http age 10 3.2. This field contains the Proxy IP address substituted by the switch. This field contains the source IP address from the client’s IP packet. No address is shown if the filter action is Allow.0.1 6970. For load balancing. this field is the same as destination IP address (as in row 5). January 2005 Chapter 4: The Information Menu 115 .2. This field also shows the real server IP address for filtering.Alteon OS 22. “DENY” or “NAT” instead.1.4.2. DENY or NAT instead.1. this field contains the IP address of the real server that the switch selects to forward client packet to. this field contains the same information as the destination IP address mentioned in field (5).3.1 rtsp -> 2. It will show “ALLOW”.2.2. No address is shown if the filter action is Allow.2.1 1040. This field identifies the destination IP address from the client’s TCP/UDP packet.1.1 http-> 192. (2) Ingress port (3) Source IP address (4) Source port (5) Destination IP address (6) Destination port (7a) Proxy IP address (7) Proxy Port This field identifies the TCP/UDP source port substituted by the switch.10 linklb age 8 f:10 E (8) Real Server IP Address 315393-J. Deny or NAT.1. This field contains the real server IP address of the corresponding server that the switch selects to forward the client packet to. 2. This field identifies the source port from the client’s TCP/UDP packet.1. If the switch does not find live server. For example: 3. 2.3. this field also shows the real server IP address.01: 1. It will show ALLOW.2 Command Reference Session dump information in Alteon OS Field (1) SP number Description This field indicates the Switch Processor number that created the session.1.1 21220 age 10 P For filtering.2. If the switch does not find a live server.3.2.168.1 http age 10 f:11 2.3.1 http -> 3.

January 2005 . “N”: Indicates no NAT. “Vm”: Indicates the session is a SIP MESSAGE session. For RTSP UDP session. “Ru”: Indicates UDP rate limiting for every client entry. “P”: Indicates the session is a persistent session and is not to be aged out. For example.The session is aged out in 10 minutes. this server port is obtained from the client-server negotiation. linkslb or nonat. which means the session only translates the destination MAC when forwarding client traffic to the real server. 116 Chapter 4: The Information Menu 315393-J. If no packet is received within the value specified. This field can be urlwcr.2 Command Reference Field (9) Server port Description This field is the same as the destination port (field 6) for load balancing except for the RTSP UDP session. or Cookie Pbind. “Vr”: Indicates the session is a SIP REGISTER session. The user can configure slowage by using the command: /cfg/slb/adv/slowage.Alteon OS 22. “Vs”: Indicates the session is a SIP SUBSCRIBE session. “U”: Indicates the session is Layer 7 delayed binding and the switch is trying to open TCP connection to the real server.0. “Rt”: Indicates the session is TCP rate limiting for every client entry. “S”: Indicates the session is a persistent session and the application is SSL session ID. “E”: Indicates the session is established and will be aged out if no traffic is received within session timeout value. It is for internal use only. idslb. (11) Filter number (12) Flag This field indicates the session created by filtering code as a result of the IP header keys matching the filtering criteria. the session is freed. This field is the filtering application port for filtering. (7) and (8) cannot have persistent session. if: age 10 . (10) Age This is the session timeout value. (13) Persistent session user count This counter indicates the number of client sessions created to associate with this persistent session. “L”: Indicates the session is a link load balance session. “W”: Indicates the session only translates the destination MAC when forwarding Layer 7 WCR traffic to the real server. “Vi”: Indicates the session is a SIP INVITE session. “Ri”: Indicates the session is ICMP rate limiting per-client entry.The session is aged out in 160 minutes. age < 160 . Fields (6). This indicates that slowage is used. wcr.

and the group of real servers associated with the local and remote virtual servers.Show Global SLB site . 315393-J.Show Global SLB dump . The menu for this feature displays the following information: [Global SLB Information Menu] virt .Show Global SLB rule . geo Displays the Global SLB geographical preference information. dump Displays all Global SLB information. the number of the local and remote virtual servers. site Displays the Global SLB remote site information.2 Command Reference /info/slb/gslb Global SLB Information Menu An Alteon OS running Global SLB selects the most appropriate site to direct the client traffic for a given domain during the initial client connection.Show Global SLB geo .Alteon OS 22. the number of virtual services on those virtual servers. January 2005 Chapter 4: The Information Menu 117 .Show all Global virtual server information remote site information rule information geographical preference information SLB information Table 4-28 Global SLB Information Menu Options (/info/slb/gslb) Command Syntax and Usage virt <virtual server number (1-1024)> Displays the Global SLB virtual server information such as the domain name of the virtual server.0.

20. health 3. 00:60:cf:47:5c:1e virtual ports: http: rport http. backup none.20. filters: 80 idslb filt enabled.2. 00:01:02:c1:4b:48.1. vlan 1.1.0.20. January 2005 .200. rport 3128.20. 1 ms.2. filters: 50 200 118 Chapter 4: The Information Menu 315393-J.20. 00:03:47:07:a4:9e. dbind HTTP Application: urlslb real servers: 26: 20. health 3.102.2.200. 00:01:02:70:4d:4a.1.20. up 20. health 3. port 7. backup none. backup none proxy enabled. 2 ms.200. port 8. port 6.20. group 88. 3 ms.101. backup none.20. up 2: 210. filters: 200 filt disabled.2 Command Reference /info/slb/dump Show All Layer 4 Information Real 1: 2: 26: 27: server state: 210. radius snoop disabled real servers: 1: 210. up Port 1: 2: 3: 4: state: filt disabled. 2 ms. up 20. health 3.101.Alteon OS 22. up Virtual server state: 1: 20.102. up exclusionary string matching: disabled 3: urltwo 4: urlthree Redirect filter state: Action redir dport http.20. 00:01:02:71:9c:a6. health 3. vlan 1.1.1.2. up 210.20. vlan any 200: group 1. backup none. up exclusionary string matching: disabled 1: any 2: urlone 27: 20. filters: 200 idslb filt enabled. vlan 1.1. port 1. vlan 1. backup none.

100. 10/100. January 2005 Chapter 4: The Information Menu 119 .Alteon OS 22. yes. or 1000) Duplex mode (half. any. full. including: Port number Port speed (10. or auto) Link status (up or down) 315393-J.2 Command Reference /info/link Link Status Information Port ----1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 Speed ----10/100 10/100 10/100 10/100 10/100 10/100 10/100 10/100 100 10/100 10/100 10/100 10/100 10/100 10/100 10/100 10/100 10/100 10/100 10/100 10/100 10/100 10/100 10/100 1000 1000 1000 1000 Duplex -------any any any any any any any any half any any any any any any any any any any any any any any any full full full full Flow Ctrl --TX-----RX-yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes no no yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes Link -----down down down down down down down down up down down down down down down down down down down down down down down down down down down down Use this command to display link status information about each port on an Alteon Application Switch slot. or auto) Flow control for transmit and receive (no.0.

January 2005 .Alteon OS 22.2 Command Reference /info/port Port Information Port ----1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 Tag --n n n n n n n n n n n n n n n n n n n n n n n n n n n n RMON ---e d d d d d d d d d d d d d d d d d d d d d d d d d d d PVID ---1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 BWC ----256 256 256 256 256 256 256 256 256 256 256 256 256 256 256 256 256 256 256 256 256 256 256 256 256 256 256 256 NAME -------------VLAN(s) --------------------1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 Port information includes: Port number Whether the port uses VLAN tagging or not (y or n) Whether Remote Monitor is enabled or disabled Port VLAN ID (PVID) Port name VLAN membership Whether RMON is enabled or disabled on the port 120 Chapter 4: The Information Menu 315393-J.0.

BWM policies can be configured to set lower and upper bounds on the bandwidth allocation.Show Bandwidth Management Contract information Table 4-29 Bandwidth Management Information Command Syntax and Usage ipuser Displays the IP user entries with their IP addresses.0.Alteon OS 22. See page 122 for sample output. Traffic classification can be based on user or application information. January 2005 Chapter 4: The Information Menu 121 . such as e-commerce transactions.BWM IP User Entries Information Menu cont . receive higher priority versus non-criticaltraffic. You can see the following information on your switch when you execute this command: [Bandwidth Management Information Menu] ipuser .2 Command Reference /info/bwm Bandwidth Management Information Bandwidth Management (BWM) enables Web site managers to allocate a portion of the available bandwidth for specific users or applications. It allows companies to guarantee that critical business traffic. 315393-J. cont Displays the BWM contract information configured on this switch.

122 Chapter 4: The Information Menu 315393-J. cont <BW Contract number.0.Show all IP user entries with IP address cont .Show all IP user entries Table 4-30 BWM IP User Information Menu (/info/bwm/ipuser) Command Syntax and Usage ip <IP address> Displays the IP user entries for a specific IP address. 1-256> Displays the IP user entries for a specific BWM contract.Alteon OS 22.Show all IP user entries for a contract sp . January 2005 .2 Command Reference /info/bwm/ipuser BWM IP User Information Menu [BWM IP User Entries Information Menu] ip . The same fields as described in cont above are displayed. but only for the specified sp number. sp <SP number (1-4)> Displays the IP user entries on the Switch Processor.Show all IP user entries on sp dump . dump Displays all the IP user entries.

104 16 204554 0 99 99 2 10 11. Contract Rate: the BWM contract number of the ipuser entry.109 16 203016 0 99 99 SP Rate: the switch processor number (1-4) of the ipuser entry.1.101 16 201478 0 98 98 2 10 11.---------------.100 86 1076600 0 97 97 2 10 11.0.1.---------.1.0.0.1.0.0.0.---------. Octets: the number of octets processed on this ipuser entry Discards: the number of octets discarded on this ipuser entry Allowed Rate: the rate of traffic allowed for this IP address Offered Rate: the rate including the discards for this IP address 315393-J.1.1.Alteon OS 22.1.0.0.105 16 198402 0 96 96 2 10 11.0.102 16 198402 0 96 96 2 10 11.0.1.2 Command Reference The format of the output of the above commands: SP Contract IP Address Age Octets Discards Allowed Offered Rate Rate -.----2 11 11.-------.0.1.0.1.106 16 199940 0 97 97 2 10 11.107 16 199940 0 97 97 2 10 11. Age: the age of the entry in seconds.--. IP address: the IP address of the ipuser entry.100 86 21500000 301001440 1953 29297 2 10 11.108 16 199940 0 97 97 2 10 11. January 2005 Chapter 4: The Information Menu 123 .103 16 196864 0 96 96 2 10 11.1.

Alteon OS 22.0.2 Command Reference

/info/bwm/cont
BWM Contract Information
Current Bandwidth Management setting: ON Policy Enforcement:enabled BWM history will be mailed in a minute to 'abcd' at host '100.81.138.26' BWM IP user table entries 64k

Contract Policy Per User Traffic Num Name Prec Hard Soft Resv Limit Key State Shaping 1 123456789012345 2 1 50M 1M 500K E D 2 vlan 4 1 60M 2M 500K E D 3 filter 7 20 2M 1M 500K E D 4 5 1 2M 1M 500K D D 5 512 1 2M 1M 500K E D 10 10 1 1M 0K 0K 500K sip E D 11 11 1 100M 80M 500K 2M sip E D 12 12 1 2M 1M 500K E D 13 13 1 3M 1M 500K E D 14 14 1 4M 400K 100K E D 15 15 1 2M 1M 500K E D

This command displays information about any configured contracts and the BWM policies applied to the contracts. Table 4-31 BWM Contract Information
Field Contract Policy Description

Displays the BWM contract number. Displays specific information about a policy applied to a contract. Includes the following:
The policy number applied to the contract Prec: the precedence applied to the policy Hard: the hard limit applied to the policy Soft: the soft limit applied to the policy Resv: the reserve limit applied to the policy

124

Chapter 4: The Information Menu

315393-J, January 2005

Alteon OS 22.0.2 Command Reference

Table 4-31 BWM Contract Information
Field Per User Description These two columns display information for an ipuser limit, if applied to the contract. Includes the following: Limit: the user rate limit applied to the ipuser. Key: If an ipuser rate limit is enforced, this field displays whether the user limit is enforced on a source IP address (sip) or a destination IP address (dip). Displays whether the BWM contract is enabled (E) or disabled (D).

State Traffic Shaping

Displays whether Traffic Shaping is enabled (E) or disabled (D) for this contract.

315393-J, January 2005

Chapter 4: The Information Menu

125

Alteon OS 22.0.2 Command Reference

/info/security Security Information
This command displays information about the current security settings that includes: rate threshold for security logging
whether the out-of-order IP fragment packets have the option of allow or deny on the filters

the current IP addresses in the Access Control List (ACL) the current UDP blast protection settings the current port security settings
Current security settings: seclog 128 fragment allow pdepth none Current IP address ACL settings: Number Address Mask -------- ---------------- ---------------Current UDP blast protection settings: UDP Port ----------1-5000 Packet Rate (per second) -----------------------20

Port security state:

126

Chapter 4: The Information Menu

315393-J, January 2005

Alteon OS 22.0.2 Command Reference

/info/swkey Software Enabled Keys
For optional Layer 4 switching software, the information would be displayed as follows:
Enabled Software features: Layer 4: GSLB Bandwidth Management Security Pack Enabled Software features: Layer 4: GSLB Inbound Linklb Intelligent Traffic Management

Software key information includes a list of all the optional software packages which have been activated or installed on your switch. For information on ordering optional software license keys, see “How to Get Help” on page 18.

/info/dump Information Dump
Use the dump command to dump all switch information available from the Information Menu (10K or more, depending on your configuration). This data is useful for tuning and debugging switch performance. If you want to capture dump data to a file, set your communication software on your workstation to capture session data prior to issuing the dump commands.

315393-J, January 2005

Chapter 4: The Information Menu

127

Alteon OS 22.0.2 Command Reference

128

Chapter 4: The Information Menu

315393-J, January 2005

CHAPTER 5

The Statistics Menu
You can view switch performance statistics in both the user and administrator command modes. This chapter discusses how to use the command line interface to display switch statistics.

/stats Statistics Menu
[Statistics Menu] port - Port Stats Menu l2 - Layer 2 Stats Menu l3 - Layer 3 Stats Menu slb - Server Load Balancing (L4-7) Stats Menu bwm - Bandwidth Management Stats Menu mp - MP-specific Stats Menu sp - SP-specific Stats Menu security - Security Stats Menu snmp - Show SNMP stats ntp - Show NTP stats pm - Port Mirroring Stats Menu mgmt - Management Port Stats dump - Dump all stats

315393-J, January 2005

129

Alteon OS 22.0.2 Command Reference

Table 5-1 Statistics Menu Options (/stats)
Command Syntax and Usage port <port number> Displays the Port Statistics Menu for the specified port. Use this command to display traffic statistics on a port-by-port basis. Traffic statistics are included in SNMP Management Information Base (MIB) objects. To view menu options, see page 131. l2 Displays Layer 2 Statistics Menu. To view menu options, see page 144. l3 Displays Layer3 Statistics Menu. To view menu options, see page 148. slb Displays the Server Load Balancing (SLB) Menu. To view menu options, see page 167. bwm Displays the Bandwidth Management Menu. To view menu options, see page 198. mp Displays the Management Processor Statistics Menu. Use this command to view information on how switch management processes and resources are currently being allocated. To view menu options, see page 205. sp <SP number (1-4)> Displays Switch Processor-Specific Menu. To view menu options, see page 210. security Displays Security Statistics Menu. To view menu options, see page 212. snmp Displays SNMP Statistics. See page 218 for a sample output and description of SNMP statistics. ntp <clear> Displays Network Time Protocol (NTP) Statistics. See page 222 for a sample output and a description of NTP Statistics. You can execute the clear command option to delete all statistics. pm Displays Port Mirroring Statistics Menu. To view menu options, see page 224. mgmt Displays interface statistics for the Management Port. See page 224 for sample output. dump Dumps all switch statistics. Use this command to gather data for tuning and debugging switch performance. If you want to capture dump data to a file, set your communication software on your workstation to capture session data prior to issuing the dump command. For details, see page 225.

130

Chapter 5: The Statistics Menu

315393-J, January 2005

Alteon OS 22.0.2 Command Reference

/stats/port <port number> Port Statistics Menu
This menu displays traffic statistics on a port-by-port basis. Traffic statistics include SNMP Management Information Base (MIB) objects.
[Port Statistics Menu] brg - Show bridging ("dot1") stats ether - Show Ethernet ("dot3") stats if - Show interface ("if") stats ip - Show Internet Protocol ("IP") stats link - Show link stats rmon - Show RMON stats dump - Dump port stats clear - Clear all port stats

Table 5-2 Port Statistics Menu Options (/stats/port)
Command Syntax and Usage brg Displays bridging (“dot1”) statistics for the port. See page 132 for a sample output and the description of statistics. ether Displays Ethernet (“dot1”) statistics for the port. See page 133 for a sample output and the description of statistics. if Displays interface statistics for the port. See page 136 for a sample output and the description of statistics. ip Displays IP statistics for the port. See page 138 for a sample output and the description of statistics. link Displays link statistics for the port. See page 139 for a sample output and the description of statistics. rmon Displays Remote Monitor (RMON) statistics for the port. See page 140 for a sample output and the description of statistics. dump Displays all the port statistics.

315393-J, January 2005

Chapter 5: The Statistics Menu

131

Alteon OS 22.0.2 Command Reference

Table 5-2 Port Statistics Menu Options (/stats/port) (Continued)
Command Syntax and Usage clear This command clears all the statistics on this port.

/stats/port <port number>/brg
Bridging Statistics
This menu option enables you to display the bridging statistics of the selected port.
Bridging statistics for port 1: dot1PortInFrames: dot1PortOutFrames: dot1PortInDiscards: dot1TpLearnedEntryDiscards: dot1BasePortDelayExceededDiscards: dot1BasePortMtuExceededDiscards: dot1StpPortForwardTransitions:

63242584 63277826 0 0 NA NA 0

Table 5-3 Bridging Statistics of a Port (/stats/port/brg)
Statistics dot1PortInFrames Description The number of frames that have been received by this port from its segment. A frame received on the interface corresponding to this port is only counted by this object if and only if it is for a protocol being processed by the local bridging function, including bridge management frames. The number of frames that have been transmitted by this port to its segment. Note that a frame transmitted on the interface corresponding to this port is only counted by this object if and only if it is for a protocol being processed by the local bridging function, including bridge management frames. Count of valid frames received which were discarded (that is, filtered) by the Forwarding Process. The total number of Forwarding Database entries, which have been or would have been learnt, but have been discarded due to a lack of space to store them in the Forwarding Database. If this counter is increasing, it indicates that the Forwarding Database is regularly becoming full (a condition which has unpleasant performance effects on the subnetwork). If this counter has a significant value but is not presently increasing, it indicates that the problem has been occurring but is not persistent.

dot1PortOutFrames

dot1PortInDiscards

dot1TpLearnedEntry Discards

132

Chapter 5: The Statistics Menu

315393-J, January 2005

The count represented by an instance of this object is incremented when the alignmentError status is returned by the MAC service to the Logical Link Control (LLC) (or other MAC user). 315393-J. The number of frames discarded by this port due to an excessive size. dot1BasePortMtu ExceededDiscards dot1StpPortForward Transitions /stats/port <port number>/ether Ethernet Statistics This menu option enables you to display the ethernet statistics of the selected port Ethernet statistics for port 1: dot3StatsAlignmentErrors: dot3StatsFCSErrors: dot3StatsSingleCollisionFrames: dot3StatsMultipleCollisionFrames: dot3StatsSQETestErrors: dot3StatsDeferredTransmissions: dot3StatsLateCollisions: dot3StatsExcessiveCollisions: dot3StatsInternalMacTransmitErrors: dot3StatsCarrierSenseErrors: dot3StatsFrameTooLongs: dot3StatsInternalMacReceiveErrors: dot3CollFrequencies [1-15]: 0 0 0 0 NA 0 0 0 NA 0 0 0 NA Table 5-4 Ethernet Statistics for Port (/stats/port/ether) Statistics dot3StatsAlignment Errors Description A count of frames received on a particular interface that are not an integral number of octets in length and do not pass the Frame Check Sequence (FCS) check.2 Command Reference Table 5-3 Bridging Statistics of a Port (/stats/port/brg) Statistics dot1BasePortDelay ExceededDiscards Description The number of frames discarded by this port due to excessive transit delay through the bridge. It is incremented by both transparent and source route bridges. The number of times this port has transitioned from the Learning state to the Forwarding state. January 2005 Chapter 5: The Statistics Menu 133 .Alteon OS 22. Received frames for which multiple error conditions are obtained are. It is incremented by both transparent and source route bridges. according to the conventions of IEEE 802.3 Layer Management. counted exclusively according to the error status presented to the LLC.0.

A count of times that the SQE TEST ERROR message is generated by the PLS sub layer for a particular interface.3 Layer Management. Received frames for which multiple error conditions are obtained are. January 2005 .31998 Edition. or ifOutBroadcastPkts. A count of successfully transmitted frames on a particular interface for which transmission is inhibited by exactly one collision. Note: Coding errors detected by the physical layer for speeds above 10 Mb/s will cause the frame to fail FCS check.6. This count does not include frames received with frametoo-long or frame-too-short errors. This counter does not increment when the interface is operating in fullduplex mode. counted exclusively according to the error status presented to the LLC. The count represented by an instance of this object is incremented when the frameCheckError status is returned by the MAC service to the LLC (or other MAC user). A frame that is counted by an instance of this object is also counted by the corresponding instance of either the ifOutUcastPkts. or ifOutBroadcastPkts.0. and is not counted by the corresponding instance of the dot3StatsSingleCollisionFrames object. The SQE TEST ERROR is set in accordance with the rules for the verification of the SQE detection mechanism in the PLS Carrier Sense Function as described in IEEE Std. A frame that is counted by an instance of this object is also counted by the corresponding instance of either the ifOutUcastPkts. according to the conventions of IEEE 802. section 7. dot3StatsSingleCollisionFrames dot3StatsMultipleCollisionFrames dot3StatsSQETestErrors 134 Chapter 5: The Statistics Menu 315393-J.2.4. ifOutMulticastPkts. and is not counted by the corresponding instance of the dot3StatsMultipleCollisionFrame object. A count of successfully transmitted frames on a particular interface for which transmission is inhibited by more than one collision.802.Alteon OS 22.2 Command Reference Table 5-4 Ethernet Statistics for Port (/stats/port/ether) Statistics dot3StatsFCSErrors Description A count of frames received on a particular interface that are an integral number of octets in length but do not pass the Frame Check Sequence (FCS) check. ifOutMulticastPkts. This counter does not increment when the interface is operating in fullduplex mode. This counter does not increment when the interface is operating in fullduplex mode.

The count represented by an instance of this object is incremented at most once per transmission attempt. This counter does not increment when the interface is operating in fullduplex mode. the dot3StatsExcessiveCollisions object. an instance of this object may represent a count of transmission errors on a particular interface that are not otherwise counted. The precise meaning of the count represented by an instance of this object is implementation-specific. even if the carrier sense condition fluctuates during a transmission attempt.2 microseconds on a 10 Mbit/s system.Alteon OS 22. Five hundred and twelve bit-times corresponds to 51. In particular. January 2005 Chapter 5: The Statistics Menu 135 . This counter does not increment when the interface is operating in fullduplex mode.2 Command Reference Table 5-4 Ethernet Statistics for Port (/stats/port/ether) Statistics dot3StatsDeferredTransmissions Description A count of frames for which the first transmission attempt on a particular interface is delayed because the medium is busy. A frame is only counted by an instance of this object if it is not counted by the corresponding instance of either the dot3StatsLateCollisions object. The count represented by an instance of this object does not include frames involved in collisions. The number of times that a collision is detected on a particular interface later than one slotTime into the transmission of a packet. A (late) collision included in a count represented by an instance of this object is also considered as a (generic) collision for purposes of other collision-related statistics. A count of frames for which transmission on a particular interface fails due to excessive collisions. or the dot3StatsCarrierSenseErrors object.0. This counter does not increment when the interface is operating in fullduplex mode. A count of frames for which transmission on a particular interface fails due to an internal MAC sub layer transmit error. This counter does not increment when the interface is operating in fullduplex mode. dot3StatsLateCollisions dot3StatsExcessive Collisions dot3StatsInternalMacTransmitErrors dot3StatsCarrierSenseErrors 315393-J. The number of times that the carrier sense condition was lost or never asserted when attempting to transmit a frame on a particular interface.

the dot3StatsAlignmentErrors object.2 Command Reference Table 5-4 Ethernet Statistics for Port (/stats/port/ether) Statistics dot3StatsFrameTooLongs Description A count of frames received on a particular interface that exceed the maximum permitted frame size. The precise meaning of the count represented by an instance of this object is implementation-specific. A count of individual MAC frames for which the transmission (successful or otherwise) on a particular interface occurs after the frame has experienced exactly the number of collisions specified by the index. A frame is only counted by an instance of this object if it is not counted by the corresponding instance of either the dot3StatsFrameTooLongs object.Alteon OS 22. Received frames for which multiple error conditions are obtained are. January 2005 . A count of frames for which reception on a particular interface fails due to an internal MAC sub layer receive error. No other instance of dot3CollFrequencies would be incremented in this example. For example. This counter does not increment when the interface is operating in fullduplex mode. In particular. a frame which is transmitted after experiencing exactly 4 collisions would be indicated by incrementing only dot3CollFrequencies [4]. or the dot3StatsFCSErrors object. Interface statistics for port 1: ifHCIn Counters Octets: 51697080313 UcastPkts: 65356399 BroadcastPkts: 0 MulticastPkts: 0 Discards: 0 Errors: 0 ifHCOut Counters 51721056808 65385714 6516 0 0 0 136 Chapter 5: The Statistics Menu 315393-J. dot3StatsInternalMacReceiveErrors dot3CollFrequencies /stats/port <port number>/if Interface Statistics This menu option enables you to display the interface statistics of the selected port. an instance of this object may represent a count of received errors on a particular interface that are not otherwise counted.3 Layer Management.0. The count represented by an instance of this object is incremented when the frameTooLong status is returned by the MAC service to the LLC (or other MAC user). according to the conventions of IEEE 802. counted exclusively according to the error status presented to the LLC.

The total number of packets that higher-level protocols requested to be transmitted. this includes both Group and Functional addresses. This does include the number of octets in valid MAC Control frames received on this interface.Alteon OS 22. dot3StatsFrameTooLongs. One possible reason for discarding such a packet could be to free up buffer space. For a MAC layer protocol. dot3StatsFCSErrors. One possible reason for discarding such a packet could be to free up buffer space. including the MAC header and FCS. this includes both Group and Functional addresses. and which were addressed to a broadcast address at this sublayer.0. The sum for this interface of dot3statsAlignmentErrors.2 Command Reference Table 5-5 Interface Statistics for Port (/stats/port/if) Statistics ifHCInOctets Description The number of octets in valid MAC frames received on the interface. January 2005 Chapter 5: The Statistics Menu 137 . including the MAC header and FCS. delivered by this sub-layer to a higher sub. For a MAC layer protocol.layer. including those that were discarded or not sent. which were addressed to a broadcast address at this sub-layer. ifHCInUcastPkts ifHCInBroadcastPkts ifHCInMulticastPkts ifHCInDiscards ifHCInErrors ifHCOutOctets ifHCOutUcastPkts ifHCOutBroadcastPkts ifHCOutMulticastPkts ifHCOutDiscards 315393-J. The number of outbound packets which were chosen to be discarded even though no errors had been detected to prevent their being transmitted. including those that were discarded or not sent. This does not include the number of octets in valid MAC Control frames transmitted on this interface. The number of packets delivered by this sub-layer to a higher (sub) layer. delivered by this sub-layer to a higher sub. and which were not addressed to a multicast or broadcast address at this sub-layer. which were not addressed to a multicast or broadcast address at this sublayer. which were addressed to a multicast address at this sub-layer. The total number of packets that higher-level protocols requested to be transmitted. The number of packets. The total number of packets that higher-level protocols requested to be transmitted. The number of inbound packets which were chosen to be discarded even though no errors had been detected to prevent their being delivered to a higher-layer protocol.layer. dot3StatsInternalMacReceiveErrors and dot3StatsSymbolErrors. The number of packets. The number of octets transmitted in valid MAC frames on this interface. including those that were discarded or not sent. and which were addressed to a multicast address at this sublayer.

including those received in error. as a result of which an attempt was made to find a route to forward them to that final destination. For entities which are not IP Gateways and therefore do not forward datagrams. Class E). January 2005 .Route option processing was successful.0. The number of locally-addressed datagrams received successfully but discarded because of an unknown or unsupported protocol.2 Command Reference Table 5-5 Interface Statistics for Port (/stats/port/if) Statistics ifHCOutErrors Description The sum for this interface of: dot3statsSQETestErrors. and the Source. /stats/port <port number>/ip Interface Protocol Statistics This menu option enables you to display the interface statistics of the selected port.0. 0. ipInAddrErrors ipForwDatagrams ipInUnknownProtos 138 Chapter 5: The Statistics Menu 315393-J. The number of input datagrams discarded because the IP address in their IP header's destination field was not a valid address to be received at this entity (the switch). This count includes invalid addresses (for example. dot3StatsExcessiveCollisions. dot3StatsLateCollisions.Alteon OS 22. this counter includes datagrams discarded because the destination address was not a local address. The number of input datagrams for which this entity (the switch) was not their final IP destination. dot3StatsInternalMacTransmitErrors and dot3StatsCarrierSenseErrors. IP statistics for port 1: ipInReceives: ipInAddrErrors: ipInUnknownProtos: ipInDelivers: ipTtlExceeds: ipLANDattacks: 0 0 0 0 0 0 ipForwDatagrams: ipInDiscards: 0 0 Table 5-6 Interface Protocol Statistics (/stats/port/ip) Statistics ipInReceives Description The total number of input datagrams received from interfaces. In entities which do not act as IP Gateways. this counter will include only those packets which were Source-Routed via this entity (the switch).0) and addresses of unsupported Classes (for example.0.

Link statistics for port 1: linkStateChange: 4 Table 5-7 Link Statistics (/stats/port/link) Statistics linkStateChange Description The total number of link state changes. The number of IP datagram for which an ICMP TTL exceeded message was sent. The number of packets that have the same source and destination IP address. ipInDelivers ipTtlExceeds ipLANDattacks /stats/port <port number>/link Link Statistics This menu enables you to display the link statistics of the selected port.0. 315393-J. Note that this counter does not include any datagrams discarded while awaiting re-assembly.Alteon OS 22.2 Command Reference Table 5-6 Interface Protocol Statistics (/stats/port/ip) Statistics ipInDiscards Description The number of input IP datagrams for which no problems were encountered to prevent their continued processing. but which were discarded (for example. for lack of buffer space). The total number of input datagrams successfully delivered to IP userprotocols (including ICMP). January 2005 Chapter 5: The Statistics Menu 139 .

0. This object can be used as a reasonable estimate of utilization (which is the percent utilization of the ethernet segment).8 ) Utilization = --------------------------------------------------------------------------------------Interval × 10.Alteon OS 22. If greater precision is desired. the etherStatsPkts and etherStatsOctets objects should be sampled before and after a common interval. Note that this number is not necessarily the number of packets dropped. 000 The result of this equation is the percent value of utilization. etherStatsOctets 140 Chapter 5: The Statistics Menu 315393-J.2 Command Reference /stats/port <port number>/rmon RMON Statistics This menu option enables you to display the remote monitor statistics of the selected port. The total number of octets of data (including those in bad packets) received on the network (excluding framing bits but including FCS octets). RMON statistics for port 1: etherStatsDropEvents: etherStatsOctets: etherStatsPkts: etherStatsBroadcastPkts: etherStatsMulticastPkts: etherStatsCRCAlignErrors: etherStatsUndersizePkts: etherStatsOversizePkts: etherStatsFragments: etherStatsJabbers: etherStatsCollisions: etherStatsPkts64Octets: etherStatsPkts65to127Octets: etherStatsPkts128to255Octets: etherStatsPkts256to511Octets: etherStatsPkts512to1023Octets: etherStatsPkts1024to1518Octets: 0 129677 1485 734 712 0 0 0 0 0 0 954 578 35 26 16 8 Table 5-8 Remote Monitor Statistics (/stats/port/rmon) Statistics etherStatsDrop Events Description The total number of events in which packets were dropped by the probe due to lack of resources.4 ) + ( Octets × 0. These values are used to calculate the utilization as follows: Pkts × ( 9. it is just the number of times this condition has been detected. The differences in the sampled values are Pkts and Octets. and the number of seconds in the interval is Interval.6 + 6. January 2005 . respectively.

etherStatsBroadcastPkts etherStatsMulticastPkts etherStatsCRCAlign Errors etherStatsUndersizePkts etherStatsOversizePkts etherStatsFragments etherStatsJabbers 315393-J. The total number of good packets received that were directed to a multicast address. and had either a bad Frame Check Sequence (FCS) with an integral number of octets (FCS Error) or a bad FCS with a non-integral number of octets (Alignment Error).0.1. The allowed range to detect jabber is between 20 milliseconds and 150 milliseconds. Note that it is entirely normal for etherStatsFragments to increment.5 (10Base-5) and section 10. but including FCS octets) and were otherwise well formed. Note that this definition of jabber is different than the definition in IEEE802. The total number of good packets received that were directed to the broadcast address. The total number of packets received that were longer than 1518 octets (excluding framing bits. The total number of packets received that had a length (excluding framing bits. January 2005 Chapter 5: The Statistics Menu 141 . broadcast packets.3 section 8. (A runt is a packet that is less than 64 bytes.2 Command Reference Table 5-8 Remote Monitor Statistics (/stats/port/rmon) Statistics etherStatsPkts Description The total number of packets (including bad packets. but including FCS octets). inclusive. The total number of packets received that were less than 64 octets long (excluding framing bits.1.3. Note that this number does not include packets directed to the broadcast address. These documents define jabber as the condition where any packet exceeds 20 ms. but including Frame Check Sequence (FCS) octets) of between 64 and 1518 octets.) The total number of packets received that were longer than 1518 octets (excluding framing bits.2.Alteon OS 22. and multicast packets) received. but including FCS octets) and were otherwise well formed. The total number of packets received that were less than 64 octets in length (excluding framing bits but including FCS octets) and had either a bad Frame Check Sequence (FCS) with an integral number of octets (FCS Error) or a bad FCS with a non-integral number of octets (Alignment Error). This is because it counts both runts (which are normal occurrences due to collisions) and noise hits. Note that this does not include multicast packets.4 (10Base-2). but had either a bad Frame Check Sequence (FCS) with an integral number of octets (FCS Error) or a bad FCS with a non-integral number of octets (Alignment Error).

The value returned will depend on the location of the RMON probe.1.3 defines a collision as the simultaneous presence of signals on the DO and RD circuits (transmitting and receiving at the same time). Note also that an RMON probe inside a repeater should ideally report collisions between the repeater and one or more other hosts (transmit collisions as defined by IEEE 802. The total number of packets (including bad packets) received that were between 512 and 1023 octets in length (excluding framing bits but including FCS octets). if three or more stations are transmitting simultaneously.4 (10Base-T) of IEEE standard 802.1. A 10Base-T station can only detect collisions when it is transmitting. The total number of packets (including bad packets) received that were 64 octets in length (excluding framing bits but including Frame Check Sequence (FCS) octets). January 2005 .2 Command Reference Table 5-8 Remote Monitor Statistics (/stats/port/rmon) Statistics etherStatsCollisions Description The best estimate of the total number of collisions on this Ethernet segment. 14. in the receive mode. Thus a probe placed on a repeater port could record more collisions than a probe connected to a station on the same segment would. The total number of packets (including bad packets) received that were between 128 and 255 octets in length (excluding framing bits but including Frame Check Sequence (FCS) octets).3. Thus probes placed on a station and a repeater. A repeater port must detect a collision when two or more stations are transmitting simultaneously.0.3 states that a station must detect a collision. The total number of packets (including bad packets) received that were between 256 and 511 octets in length (excluding framing bits but including FCS octets). Section 8.1. The total number of packets (including bad packets) received that were between 1024 and 1518 octets in length (excluding framing bits but including FCS octets). should report the same number of collisions.2.Alteon OS 22.2.3k) plus receiver collisions observed on any coax segments to which the repeater is connected. The total number of packets (including bad packets) received that were between 65 and 127 octets in length (excluding framing bits but including FCS octets). Probe location plays a much smaller role when considering 10Base-T. etherStatsPkts64Octets etherStatsPkts65to127Octets etherStatsPkts128to255Octets etherStatsPkts256to511Octets etherStatsPkts512to1023Octets etherStatsPkts1024to1518Octets 142 Chapter 5: The Statistics Menu 315393-J.3 (10Base-5) and section 10.3 (10Base-2) of IEEE standard 802.

January 2005 Chapter 5: The Statistics Menu 143 .Alteon OS 22.2 Command Reference /stats/port <port number>/dump Port Dump Statistics Bridging statistics for port 1: dot1PortInFrames: 1284 dot1PortOutFrames: 142 dot1PortInDiscards: 130 dot1TpLearnedEntryDiscards: 0 dot1BasePortDelayExceededDiscards: NA dot1BasePortMtuExceededDiscards: NA dot1StpPortForwardTransitions: 2 -----------------------------------------------------------------Ethernet statistics for port 1: dot3StatsAlignmentErrors: 0 dot3StatsFCSErrors: 0 dot3StatsSingleCollisionFrames: 0 dot3StatsMultipleCollisionFrames: 0 dot3StatsSQETestErrors: NA dot3StatsDeferredTransmissions: 0 dot3StatsLateCollisions: 0 dot3StatsExcessiveCollisions: 0 dot3StatsInternalMacTransmitErrors: NA dot3StatsCarrierSenseErrors: 1 dot3StatsFrameTooLongs: 0 dot3StatsInternalMacReceiveErrors: 0 dot3CollFrequencies [1-15]: NA -----------------------------------------------------------------Interface statistics for port 1: ifHCIn Counters ifHCOut Counters Octets: 124166 19560 UcastPkts: 39 27 BroadcastPkts: 631 14 MulticastPkts: 614 101 Discards: 130 0 Errors: 1 0 -----------------------------------------------------------------IP statistics for port 1: ipInReceives: 0 ipInAddrErrors: 0 ipForwDatagrams: 0 ipInUnknownProtos: 0 ipInDiscards: 0 ipInDelivers: 0 ipTtlExceeds: 0 ipLANDattacks: 0 -----------------------------------------------------------------Link statistics for port 1: linkStateChange: 3 ------------------------------------------------------------------ 315393-J.0.

To view statistics and their description.Show FDB stats lacp . see page 145. stg Displays Spanning Tree Group statistics.Show LACP stats stg .0. To view statistics and their description.Alteon OS 22. lacp <port number (1 to max num ports)> Displays Link Aggregation Control Protocol statistics. 144 Chapter 5: The Statistics Menu 315393-J. see page 146. January 2005 .2 Command Reference RMON statistics for port 1: etherStatsDropEvents: etherStatsOctets: etherStatsPkts: etherStatsBroadcastPkts: etherStatsMulticastPkts: etherStatsCRCAlignErrors: etherStatsUndersizePkts: etherStatsOversizePkts: etherStatsFragments: etherStatsJabbers: etherStatsCollisions: etherStatsPkts64Octets: etherStatsPkts65to127Octets: etherStatsPkts128to255Octets: etherStatsPkts256to511Octets: etherStatsPkts512to1023Octets: etherStatsPkts1024to1518Octets: 0 123840 1406 698 669 0 0 0 0 0 0 906 548 35 25 16 8 /stats/l2 Layer 2 Statistics Menu [Layer 2 Statistics Menu] fdb . see page 147.Show STG stats Table 5-9 Layer 2 Statistics Menu Options (/stats/l2) Command Syntax and Usage fdb Displays Forwarding Database statistics. To view statistics and their description.

Number of entries deleted from the Forwarding Database. Number of entries found or created in the Forwarding Database. Highest number of entries recorded at any given time in the Forwarding Database.2 Command Reference /stats/l2/fdb FDB Statistics FDB statistics: creates: current: lookups: finds: find_or_c's: max: 9611 58 850254 5832 11874 16384 deletes: hiwat: lookup fails: find fails: overflows: 9553 65 151373 0 0 This menu option enables you to display statistics regarding the use of the forwarding database. Number of successful searches in the Forwarding Database. Number of search failures in the Forwarding Database. and unsuccessful searches. lookup fails find fails overflows max 315393-J. January 2005 Chapter 5: The Statistics Menu 145 . finds. Number of unsuccessful searches made in the Forwarding Database. Number of entries overflowing the Forwarding Database. Current number of entries in the Forwarding Database.0. Number of maximum Forwarding Database entries supported by the switch. Number of entry lookups in the Forwarding Database. including the number of new entries. FDB statistics are described in the following table: Table 5-10 Forwarding Database Statistics (/stats/l2/fdb) Statistic creates current lookups finds find_or_c’s deletes hiwat Description Number of entries created in the Forwarding Database.Alteon OS 22.

Alteon OS 22. The number of Marker PDUs transmitted out of this port. January 2005 .0. Valid Marker PDUs received Valid Marker Rsp PDUs received Unknown version/TLV type Illegal subtype received LACPDUs transmitted Marker PDUs transmitted The number of valid Marker PDUs that the switch received on this port.2 Command Reference /stats/l2/lacp LACP Statistics >> Layer 2 Statistics# lacp 1 port 1 Valid LACPDUs received Valid Marker PDUs received Valid Marker Rsp PDUs received Unknown version/TLV type Illegal subtype received LACPDUs transmitted Marker PDUs transmitted Marker Rsp PDUs transmitted - 9394 0 0 0 0 8516 0 0 Table 5-11 LACP Statistics Parameters (/stats?l2/lacp) Field Description Valid LACPDUs received The number of LACPDUs that the switch received on this port. The number of unknown version or TLV type that the switch received on this port. The number of LACPDUs transmitted out of this port. Marker Rsp PDUs trans.The number of Marker Responses transmitted out of this port. mitted 146 Chapter 5: The Statistics Menu 315393-J. The number of valid Marker Responses that the switch received on this port. The number of illegal LACP subtype received on this port.

Xmt Cfg 315393-J.Alteon OS 22. January 2005 Chapter 5: The Statistics Menu 147 . Displays the number of configuration BPDUs transmitted.2 Command Reference /stats/l2/stg Spanning Tree Group Statistics Spanning Tree Group 1: Port Rcv Cfg Rcv TCN ----. Displays the number of configuration BPDUs received Displays the number of TCN (Topology Change Notification) messages received.0.------------------1 0 0 2 0 0 3 0 0 4 0 0 5 0 0 6 0 0 7 0 0 8 0 0 9 139046 176 10 0 0 11 0 0 12 0 0 13 0 0 14 0 0 15 0 0 16 0 0 17 0 0 18 0 0 19 0 0 20 0 0 21 0 0 22 0 0 23 0 0 24 0 0 25 0 0 26 0 0 27 0 0 28 0 0 Xmt Cfg ---------0 0 0 0 0 0 0 0 27 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Xmt TCN ---------0 0 0 0 0 0 0 0 15 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Table 5-12 Spanning Tree Group Statistics Parameters (/stats/l2/stg) Field Port Rcv cfg Rcv TCN Description Displays the port number.

See page 159 for sample output. arp Displays Address Resolution Protocol (ARP) statistics.Show TCP stats udp .Clear IP interface ("if") stats ipclear .Show IP stats route .Show UDP stats ifclear .Dump layer 3 stats Table 5-13 Layer 3 Statistics Menu (/stats/l3) Command Syntax and Usage ospf Displays OSPF statistics Menu.Show DNS stats icmp . January 2005 .0.Alteon OS 22. See page 155 for sample output.Show ICMP stats if .OSPF Statistics Menu ip .Show ARP stats vrrp .Show VRRP stats dns .Clear IP stats dump .Show route stats arp .Show IP interface ("if") stats tcp .2 Command Reference Table 5-12 Spanning Tree Group Statistics Parameters (/stats/l2/stg) Field Xmt TCN Description Displays the number of TCN (Topology Change Notification) messages transmitted /stats/l3 Layer 3 Statistics Menu [Layer 3 Statistics Menu] ospf . See page 150 for sample output. route Displays route statistics. ip Displays IP statistics. 148 Chapter 5: The Statistics Menu 315393-J. See page 157 for sample output.

icmp Displays ICMP statistics.Alteon OS 22. ipclear Clears IP statistics. January 2005 Chapter 5: The Statistics Menu 149 . if <interface number (1-256)> Displays IP interface statistics for the management processors. but ignored (vrrpBadAdvers) See page 159 for sample output. 315393-J. tcp Displays TCP statistics. dns Displays Domain Name Server/System (DNS) statistics. See page 161 for sample output. Use this command with caution as it will delete all the IP interface statistics. See page 167 for sample output. See page 163 for sample output.2 Command Reference Table 5-13 Layer 3 Statistics Menu (/stats/l3) Command Syntax and Usage vrrp When virtual routers are configured. See page 165 for sample output.0. you can display the following protocol statistics for VRRP: Advertisements received (vrrpInAdvers) Advertisements transmitted (vrrpOutAdvers) Advertisements received. Use this command to gather data for tuning and debugging Layer 3 switch performance. ifclear Clears IP interface statistics. set your communication software on your workstation to capture session data prior to issuing the dump command. udp Displays UDP statistics. dump Dumps all Layer 3 switch statistics. Use this command with caution as it will delete all the IP statistics. If you want to capture dump data to a file. See page 160 for sample output.

if <interface number (1-256)> Displays interface statistics. See page 151 for sample output and details. 150 Chapter 5: The Statistics Menu 315393-J.Alteon OS 22.Show global stats aindex . aindex <area index (0-2)> Displays area index statistics. January 2005 .2 Command Reference /stats/l3/ospf OSPF Statistics Menu [OSPF stats Menu] general .Show interface(s) stats Table 5-14 OSPF Statistics Menu (/stats/l3/ospf) Command Syntax and Usage general Displays global statistics.0.Show area(s) stats if .

OSPF stats ---------Rx/Tx Stats: Pkts hello database ls requests ls acks ls updates Nbr change stats: hello start n2way adjoint ok negotiation done exchange done bad requests bad sequence loading done n1way rst_ad down Timers kickoff hello retransmit lsa lock lsa ack dbage summary ase export Rx -------0 23 4 3 7 9 Tx -------0 518 12 1 7 7 Intf change Stats: hello down loop unloop wait timer backup nbr change 2 0 2 2 2 2 0 0 2 0 0 1 4 2 0 0 2 0 5 514 1028 0 0 0 0 0 315393-J. January 2005 Chapter 5: The Statistics Menu 151 .Alteon OS 22.2 Command Reference /stats/l3/ospf/general OSPF Global Statistics The OSPF General Statistics contain the sum total of all OSPF packets received on all OSPF areas and interfaces.0.

The sum total of all Link State Update packets transmitted on all OSPF areas and interfaces. January 2005 . The sum total of all Link State Request packets transmitted on all OSPF areas and interfaces. The sum total of all Link State Acknowledgement packets received on all OSPF areas and interfaces. The sum total of all OSPF packets transmitted on all OSPF areas and interfaces.0. Description Tx Pkts Rx Hello Tx Hello Rx Database Tx Database Rx ls Requests Tx ls Requests Rx ls Acks Tx ls Acks Rx ls Updates Tx ls Updates 152 Chapter 5: The Statistics Menu 315393-J. The sum total of all Hello packets transmitted on all OSPF areas and interfaces. The sum total of all Database Description packets transmitted on all OSPF areas and interfaces. The sum total of all Database Description packets received on all OSPF areas and interfaces. The sum total of all Link State Acknowledgement packets transmitted on all OSPF areas and interfaces.Alteon OS 22. The sum total of all Hello packets received on all OSPF areas and interfaces. The sum total of all Link State Request packets received on all OSPF areas and interfaces.2 Command Reference Table 5-15 OSPF General Statistics (stats/l3/ospf/general) Statistics Rx/Tx Stats: Rx Pkts The sum total of all OSPF packets received on all OSPF areas and interfaces. The sum total of all Link State Update packets received on all OSPF areas and interfaces.

Alteon OS 22. The sum total number of times the Neighbor adjacency has been reset across all OPSF areas and interfaces. an indication that Hello packets should now be sent to the neighbor at intervals of HelloInterval seconds) across all OSPF areas and interfaces. in an adjacency's final state) having transmitted a full sequence of Database Description packets. Any of these conditions indicate that some error has occurred during adjacency establishment for all OSPF areas and interfaces. The sum total number of neighbors in this state (that is. The sum total number of bidirectional communication establishment between this router and other neighboring routers. across all OSPF areas and interfaces. in which this router is not mentioned across all OSPF interfaces and areas. Chapter 5: The Statistics Menu 153 Description Start n2way adjoint ok negotiation done exchange done bad requests bad sequence loading done n1way rst_ad down 315393-J. The sum total number of Hello packets received from neighbors.0. and sequence numbers have been exchanged. The sum total number of Database Description packets which have been received that either: a) Has an unexpected DD sequence number b) Unexpectedly has the init bit set c) Has an options field differing from the last Options field received in a Database Description packet. in the initial state of a neighbor conversation) across all OSPF areas and interfaces. The sum total number of decisions to be made (again) as to whether an adjacency should be established/maintained with the neighbor across all OSPF areas and interfaces. The sum total number of neighbors in this state wherein the Master/slave relationship has been negotiated. January 2005 . The sum total number of Link State Requests which have been received for a link state advertisement not contained in the database across all interfaces and OSPF areas. across all OSPF areas and interfaces. The sum total number of link state updates received for all out-of-date portions of the database across all OSPF areas and interfaces. The total number of Neighboring routers down (that is.2 Command Reference Table 5-15 OSPF General Statistics (stats/l3/ospf/general) (Continued) Statistics Nbr Change Stats: hello The sum total of all Hello packets received from neighbors on all OSPF areas and interfaces. The sum total number of neighbors in this state (that is.

The sum total number of times the LSA Ack timer has been fired across all OSPF areas and interfaces. The sum total number of interfaces down in all OSPF areas. The sum total number of times the Link State Advertisement (LSA) lock timer has been fired across all OSPF areas and interfaces. retransmit lsa lock lsa ack dbage summary ase export 154 Chapter 5: The Statistics Menu 315393-J. indicating the end of the waiting period that is required before electing a (Backup) Designated Router across all OSPF areas and interfaces. The sum total number of times the Wait Timer has been fired.2 Command Reference Table 5-15 OSPF General Statistics (stats/l3/ospf/general) (Continued) Statistics Intf Change Stats: hello down loop The sum total number of Hello packets sent on all interfaces and areas. The sum total number of interfaces. The total number of times the Summary timer has been fired. The sum total of interfaces no longer connected to the attached network across all OSPF areas and interfaces. Description unloop wait timer backup nbr change Timers Kickoff: hello The sum total number of times the Hello timer has been fired (which triggers the send of a Hello packet) across all OPSF areas and interfaces. January 2005 . The sum total number of changes in the set of bidirectional neighbors associated with any interface across all OSPF areas. connected to the attached network in all OSPF areas. The sum total number of times the Retransmit timer has been fired across all OPSF areas and interfaces. The sum total number of Backup Designated Routers on the attached network for all OSPF areas and interfaces.Alteon OS 22. The total number of times the data base age (Dbage) has been fired.0. The total number of times the Autonomous System Export (ASE) timer has been fired.

ipInHdrErrors ipInAddrErrors ipForwDatagrams ipInUnknownProtos 315393-J.0. and so forth.0. time-to-live exceeded. 0. Class E). as a result of which an attempt was made to find a route to forward them to that final destination. In entities which do not act as IP Gateways. For entities which are not IP Gateways and therefore do not forward datagrams.0) and addresses of unsupported Classes (for example. this counter will include only those packets.Alteon OS 22. errors discovered in processing their IP options. January 2005 Chapter 5: The Statistics Menu 155 . this counter includes datagrams discarded because the destination address was not a local address. which were Source-Routed via this entity (the switch). The number of locally addressed datagrams received successfully but discarded because of an unknown or unsupported protocol. The number of input datagrams discarded due to errors in their IP headers. including those received in error. version number mismatch. including bad checksums. The number of input datagrams discarded because the IP address in their IP header's destination field was not a valid address to be received at this entity (the switch). other format errors.Route option processing was successful.2 Command Reference /stats/l3/ip IP Statistics IP statistics: ipInReceives: ipInAddrErrors: ipInUnknownProtos: ipInDelivers: ipOutDiscards: ipReasmReqds: ipReasmFails: ipFragFails: ipRoutingDiscards: ipReasmTimeout: 3115873 35447 500504 2334166 4 0 0 0 0 5 ipInHdrErrors: ipForwDatagrams: ipInDiscards: ipOutRequests: ipOutNoRoutes: ipReasmOKs: ipFragOKs: ipFragCreates: ipDefaultTTL: 1 0 0 1010542 4 0 0 0 255 Table 5-16 IP Statistics (/stats/l3/ip) Statistics ipInReceives Description The total number of input datagrams received from interfaces. and the Source.0. The number of input datagrams for which this entity (the switch) was not their final IP destination. This count includes invalid addresses (for example.

because their Don't Fragment flag was set. for lack of buffer space). and so forth). but which were discarded (for example. Note that this counter includes any packets counted in ipForwDatagrams. The number of IP datagrams successfully re. The number of failures detected by the IP re. The total number of input datagrams successfully delivered to IP userprotocols (including ICMP). but which were discarded (for example.assembly algorithm (for whatever reason: timed out. ipInDelivers ipOutRequests ipOutDiscards ipOutNoRoutes ipReasmReqds ipReasmOKs ipReasmFails ipFragOKs ipFragFails ipFragCreates 156 Chapter 5: The Statistics Menu 315393-J. Note that this counter does not include any datagrams counted in ipForwDatagrams. for lack of buffer space). The number of IP datagrams discarded because no route could be found to transmit them to their destination. The number of output IP datagrams for which no problem was encountered to prevent their transmission to their destination. which meet this no-route criterion. Note that this is not necessarily a count of discarded IP fragments since some algorithms (notably the algorithm in RFC 815) can lose track of the number of fragments by combining them as they are received. for example. January 2005 .Alteon OS 22. Note that this counter would include datagrams counted in ipForwDatagrams if any such packets met this (discretionary) discard criterion. Note that this counter does not include any datagrams discarded while awaiting re-assembly. errors. The number of IP datagrams that have been discarded because they needed to be fragmented at this entity (the switch) but could not be.2 Command Reference Table 5-16 IP Statistics (/stats/l3/ip) Statistics ipInDiscards Description The number of input IP datagrams for which no problems were encountered to prevent their continued processing. Note that this includes any datagrams which a host cannot route because all of its default gateways are down. The number of IP datagrams that have been successfully fragmented at this entity (the switch). The total number of IP datagrams which local IP user-protocols (including ICMP) supplied to IP in requests for transmission. The number of IP datagram fragments that have been generated as a result of fragmentation at this entity (the switch).0. The number of IP fragments received which needed to be reassembled at this entity (the switch).assembled.

The maximum number of seconds. which received fragments are held while they are awaiting reassembly at this entity (the switch).2 Command Reference Table 5-16 IP Statistics (/stats/l3/ip) Statistics ipRoutingDiscards Description The number of routing entries. The default value inserted into the Time-To-Live (TTL) field of the IP header of datagrams originated at this entity (the switch). which were chosen to be discarded even though they are valid.------------.------------1 3 3 4096 2 3 3 4096 3 3 3 4096 4 3 3 4096 -----------------------------------------------------------------RIP statistics: ripInPkts: ripDiscardPkts: BGP statistics: bgpInPkts: bgpBadPkts: bgpRoutesAdded: bgpRoutesCur: bgpRoutesIgnored: 0 ripOutPkts: 0 ripRoutesAgedOut: 0 0 0 0 0 0 0 bgpOutPkts: bgpSessFailures: bgpRoutesRemoved: bgpRoutesFailed: bgpRoutesFiltered: 0 0 0 0 0 315393-J. ipDefaultTTL ipReasmTimeout /stats/l3/route Route Statistics Route statistics: ipRoutesCur: 3 ipRoutesHighWater: 3 ipRoutesMax: 4096 -----------------------------------------------------------------SP Route statistics: SP ipRoutesCur ipRoutesHighWater ipRoutesMax --.Alteon OS 22.------------------. One possible reason for discarding such an entry could be to free-up buffer space for other routing entries.0. whenever a TTL value is not supplied by the transport layer protocol. January 2005 Chapter 5: The Statistics Menu 157 .

The maximum number of supported routes. January 2005 . The total number of routes learned via RIP that has aged out.0. The total number of routes ignored because the peer was not connected locally or multihop was not configured. The total number of RIP advertisement packets received that were dropped. The total number of routes that were removed from the routing table. The total number of failed sessions. The total number of BGP routes that failed to add in the routing table. The total number of routes that were added to the routing table.2 Command Reference Table 5-17 Route Statistics (/stats/l3/route) Statistics Route Statistics & SP Route Statistics: ipRoutesCur ipRoutesHighWater ipRoutesMax RIP statistics: ripInPkts ripOutPkts ripDiscardPkts The total number of good RIP advertisement packets received. The total number of current BGP routes. Description ripRoutesAgedOut BGP statistics: bgpInPkts bgpOutPkts bgpBadPkts bgpSessFailures bgpRoutesAdded bgpRoutesRemoved bgpRoutesCur bgpRoutesFailed bgpRoutesIgnored The total number of BGP packets received.Alteon OS 22. bgpRoutesFiltered 158 Chapter 5: The Statistics Menu 315393-J. The total number of BGP packets sent. The total number of BGP packets dropped. The total number of routes dropped by the filter. The highest number of routes ever recorded in the route table. The total number of outstanding routes in the route table. The total number of RIP advertisement packets sent.

--------------. January 2005 Chapter 5: The Statistics Menu 159 . The maximum number of ARP entries that are supported. based on a number of priority criteria. MP ARP statistics: arpEntriesCur: 2 arpEntriesHighWater: 2 arpEntriesMax: 8192 -----------------------------------------------------------------SP ARP statistics: SP arpEntriesCur arpEntriesHighWater arpEntriesMax --.0. This is accomplished by configuring the same virtual router IP address and ID number on each participating VRRP-capable routing device.Alteon OS 22.2 Command Reference /stats/l3/arp ARP statistics This menu option enables you to display Address Resolution Protocol statistics. but ignored (vrrpBadAdvers) 315393-J. you can display the following protocol statistics for VRRP: Advertisements received (vrrpInAdvers) Advertisements transmitted (vrrpOutAdvers) Advertisements received. one of the backup virtual routers will assume routing authority and take control of the virtual router IP address. The highest number of ARP entries ever recorded in the ARP table. and assumes control of the shared virtual router IP address. If the master fails.--------------------.--------------1 1 1 8192 2 1 1 8192 3 1 1 8192 4 1 1 8192 Table 5-18 ARP Statistics (/stats/l3/arp) Statistics arpEntriesCur arpEntriesHighWater arpEntriesMax Description The total number of outstanding ARP entries in the ARP table. /stats/l3/vrrp VRRP Statistics Virtual Router Redundancy Protocol (VRRP) support on the Alteon Application Switch provides redundancy between routers in a LAN. One of the virtual routers is then elected as the master. When virtual routers are configured.

Alteon OS 22. /stats/l3/dns DNS Statistics This menu option enables you to display Domain Name System statistics. DNS statistics: dnsInRequests: dnsBadRequests: 0 0 dnsOutRequests: 0 Table 5-20 DNS Statistics (/stats/l3/dns) Statistics dnsInRequests dnsOutRequests dnsBadRequests Description The total number of DNS request packets that have been received. The total number of DNS response packets that have been transmitted. The total number of VRRP advertisements received that were dropped. The total number of DNS request packets received that were dropped.2 Command Reference The statistics for the VRRP LAN are displayed: VRRP statistics: vrrpInAdvers: vrrpOutAdvers: vrrpBadVersion: vrrpBadAddress: vrrpBadPassword: 0 0 0 0 0 vrrpBadAdvers: vrrpBadVrid: vrrpBadData: vrrpBadInterval: 0 0 0 0 Table 5-19 VRRP Statistics (/stats/l3/vrrp) Statistics vrrpInAdvers vrrpBadAdvers vrrpOutAdvers vrrpBadVersion vrrpBadVrid vrrpBadAddress vrrpBadData vrrpBadPassword vrrpBadInterval Description The total number of VRRP advertisements that have been received. January 2005 . The total number of VRRP advertisements that have been sent. 160 Chapter 5: The Statistics Menu 315393-J.0.

2 Command Reference /stats/l3/icmp ICMP Statistics ICMP statistics: icmpInMsgs: icmpInDestUnreachs: icmpInParmProbs: icmpInRedirects: icmpInEchoReps: icmpInTimestampReps: icmpInAddrMaskReps: icmpOutErrors: icmpOutTimeExcds: icmpOutSrcQuenchs: icmpOutEchos: icmpOutTimestamps: icmpOutAddrMasks: 245802 41 0 0 244350 0 0 0 0 0 253777 0 0 icmpInErrors: icmpInTimeExcds: icmpInSrcQuenchs: icmpInEchos: icmpInTimestamps: icmpInAddrMasks: icmpOutMsgs: icmpOutDestUnreachs: icmpOutParmProbs: icmpOutRedirects: icmpOutEchoReps: icmpOutTimestampReps: icmpOutAddrMaskReps: 1393 0 0 18 0 0 253810 15 0 0 18 0 0 Table 5-21 ICMP Statistics (/stats/l3/icmp) Statistics icmpInMsgs Description The total number of ICMP messages which the entity (the switch) received. The number of ICMP Echo (request) messages received. The number of ICMP Echo Reply messages received. The number of ICMP messages which the entity (the switch) received but determined as having ICMP-specific errors (bad ICMP checksums. The number of ICMP Parameter Problem messages received. The number of ICMP Timestamp (request) messages received. icmpInErrors icmpInDestUnreachs icmpInTimeExcds icmpInParmProbs icmpInSrcQuenchs icmpInRedirects icmpInEchos icmpInEchoReps icmpInTimestamps icmpInTimestampReps icmpInAddrMasks 315393-J. The number of ICMP Destination Unreachable messages received. The number of ICMP Address Mask Request messages received. bad length. The number of ICMP Timestamp Reply messages received. and so forth).0. The number of ICMP Source Quench (buffer almost full. Note that this counter includes all those counted by icmpInErrors.Alteon OS 22. January 2005 Chapter 5: The Statistics Menu 161 . The number of ICMP Time Exceeded messages received. stop sending data) messages received. The number of ICMP Redirect messages received.

Alteon OS 22. icmpOutErrors icmpOutDestUnreachs icmpOutTimeExcds icmpOutParmProbs icmpOutSrcQuenchs icmpOutRedirects icmpOutEchos icmpOutEchoReps icmpOutTimestamps icmpOutTimestampReps icmpOutAddrMasks icmpOutAddrMaskReps 162 Chapter 5: The Statistics Menu 315393-J.2 Command Reference Table 5-21 ICMP Statistics (/stats/l3/icmp) Statistics icmpInAddrMaskReps icmpOutMsgs Description The number of ICMP Address Mask Reply messages received. January 2005 . stop sending data) messages sent. The number of ICMP Address Mask Reply messages sent. The number of ICMP Time Exceeded messages sent. The total number of ICMP messages which this entity (the switch) attempted to send. The number of ICMP Address Mask Request messages sent. This value should not include errors discovered outside the ICMP layer such as the inability of IP to route the resultant datagram. The number of ICMP Echo (request) messages sent. since hosts do not send redirects. Note that this counter includes all those counted by icmpOutErrors. The number of ICMP Timestamp Reply messages sent. The number of ICMP Parameter Problem messages sent. In some implementations there may be no types of errors that contribute to this counter's value. The number of ICMP Destination Unreachable messages sent. For a host. this object will always be zero. The number of ICMP messages which this entity (the switch) did not send due to problems discovered within ICMP such as a lack of buffer.0. The number of ICMP Source Quench (buffer almost full. The number of ICMP Redirect messages sent. The number of ICMP Echo Reply messages sent. The number of ICMP Timestamp (request) messages sent.

2 Command Reference /stats/l3/if <interface number> Interface Statistics IP interface 1 statistics: ifInOctets: 48948386 ifInNUCastPkts: 167895 ifInErrors: 0 ifOutOctets: 27100789 ifOutNUcastPkts: 218652 ifOutErrors: 0 ifInUcastPkts: ifInDiscards: ifInUnknownProtos: ifOutUcastPkts: ifOutDiscards: ifStateChanges 220553 0 0 441938 0 1 Table 5-22 Interface Statistics (/stats/if) Statistics ifInOctets Description The total number of octets received on the interface. delivered by this sub-layer to a higher (sublayer). including framing characters.Alteon OS 22. This object is deprecated in favor of ifInMulticastPkts and ifInBroadcastPkts. the number of inbound transmission units that contained errors preventing them from being deliverable to a higher-layer protocol. which were not addressed to a multicast or broadcast address at this sub-layer. For packet-oriented interfaces. The number of inbound packets that were chosen to be discarded even though no errors had been detected to prevent their being delivered to a higher-layer protocol. For character-oriented or fixed-length interfaces which support protocol multiplexing the number of transmission units received via the interface which were discarded because of an unknown or unsupported protocol. For character-oriented or fixed-length interfaces. the number of inbound packets that contained errors preventing them from being delivered to a higher-layer protocol.0. ifInUcastPkts ifInNUCastPkts ifInDiscards ifInErrors ifInUnknownProtos 315393-J. For any interface which does not support protocol multiplexing. which were addressed to a multicast or broadcast address at this sub-layer. The number of packets. For packet-oriented interfaces. delivered by this sub-layer to a higher (sublayer). One possible reason for discarding such a packet could be to free up buffer space. January 2005 Chapter 5: The Statistics Menu 163 . the number of packets received via the interface which were discarded because of an unknown or unsupported protocol. this counter will always be 0. The number of packets.

One possible reason for discarding such a packet could be to free up buffer space. the number of outbound packets that could not be transmitted because of errors. January 2005 .0. The total number of packets that higher-level protocols requested to be transmitted. For packet-oriented interfaces. and which were addressed to a multicast or broadcast address at this sub-layer. The number of outbound packets. including those that were discarded or not sent. and which were not addressed to a multicast or broadcast address at this sub-layer. which were chosen to be discarded even though no errors had been detected to prevent their being transmitted. including those that were discarded or not sent. the number of outbound transmission units that could not be transmitted because of errors.2 Command Reference Table 5-22 Interface Statistics (/stats/if) Statistics ifOutOctets Description The total number of octets transmitted out of the interface.Alteon OS 22. This object is deprecated in favor of ifOutMulticastPkts and ifOutBroadcastPkts. including framing characters. The number of times an interface has transitioned from either down to up or from up to down. For character-oriented or fixed-length interfaces. ifOutUcastPkts ifOutNUcastPkts ifOutDiscards ifOutErrors ifStateChanges 164 Chapter 5: The Statistics Menu 315393-J. The total number of packets that higher-level protocols requested to be transmitted.

0. In particular.2 Command Reference /stats/l3/tcp TCP Statistics TCP statistics: tcpRtoAlgorithm: tcpRtoMax: tcpActiveOpens: tcpAttemptFails: tcpInSegs: tcpRetransSegs: tcpCurBuff: tcpCurInConn: tcpCurLstnConn: tcpAllocTCBFails: 4 240000 0 0 0 0 0 0 3 0 tcpRtoMin: tcpMaxConn: tcpPassiveOpens: tcpEstabResets: tcpOutSegs: tcpInErrs: tcpCurConn: tcpCurOutConn: tcpOutRsts: 0 1600 0 0 0 0 6 0 0 Table 5-23 TCP Statistics (/stats/l3/tcp) Statistics tcpRtoAlgorithm Description The algorithm used to determine the timeout value used for retransmitting unacknowledged octets. when the timeout algorithm is rsre(3). January 2005 Chapter 5: The Statistics Menu 165 . More refined semantics for objects of this type depend upon the algorithm used to determine the retransmission timeout. The number of times TCP connections have made a direct transition to the SYN-SENT state from the CLOSED state. an object of this type has the semantics of the UBOUND quantity described in RFC 793. when the timeout algorithm is rsre(3). The maximum value permitted by a TCP implementation for the retransmission timeout. More refined semantics for objects of this type depend upon the algorithm used to determine the retransmission timeout. In entities where the maximum number of connections is dynamic. The limit on the total number of TCP connections the entity (the switch) can support. tcpRtoMin tcpRtoMax tcpMaxConn tcpActiveOpens tcpPassiveOpens 315393-J. The minimum value permitted by a TCP implementation for the retransmission timeout. this object should contain the value -1.Alteon OS 22. The number of times TCP connections have made a direct transition to the SYN-RCVD state from the LISTEN state. In particular. measured in milliseconds. measured in milliseconds. an object of this type has the semantics of the LBOUND quantity described in RFC 793.

This count includes segments received on currently established connections.that is. including those on current connections but excluding those containing only retransmitted octets. The total number of outstanding TCP sessions that are currently opened. The total number of outstanding memory allocations from heap by TCP protocol stack.Alteon OS 22. plus the number of times TCP connections have made a direct transition to the LISTEN state from the SYN-RCVD state. The total number of segments retransmitted . January 2005 .2 Command Reference Table 5-23 TCP Statistics (/stats/l3/tcp) Statistics tcpAttemptFails Description The number of times TCP connections have made a direct transition to the CLOSED state from either the SYN-SENT state or the SYN-RCVD state. bad TCP checksums). The total number of segments received in error (for example. The total number of segments sent. including those received in error. The total number of switch-originated TCP connection requests. the number of TCP segments transmitted containing one or more previously transmitted octets. The number of TCP segments sent containing the RST flag. The number of times TCP connections have made a direct transition to the CLOSED state from either the ESTABLISHED state or the CLOSEWAIT state.0. The total number of remotely-initiated TCP connections. The total number of TCP ports on which the switch is listening. tcpEstabResets tcpInSegs tcpOutSegs tcpRetransSegs tcpInErrs tcpCurBuff tcpCurConn tcpCurInConn tcpCurOutConn tcpCurLstnConn tcpOutRsts tcpAllocTCBFails 166 Chapter 5: The Statistics Menu 315393-J. The total number of segments received.

Show DNS SLB stats wap .Show SSL SLB stats ftp .Show virtual server stats filt .Show SIP SLB stats clear .Show real server group stats virt .Dump all SLB statistics 315393-J.SLB Switch SP Stats Menu gslb .Show WAP SLB stats maint .Alteon OS 22.Show RTSP SLB stats dns .Show FTP SLB parsing and NAT stats rtsp .Show maintenance stats sip .0. The total number of received UDP datagrams for which there was no application at the destination port. udpNoPorts /stats/slb Server Load Balancing Statistics Menu [Server Load Balancing Statistics Menu] sp .Global SLB Stats Menu real . The total number of UDP datagrams sent from this entity (the switch).Show auxiliary session table stats dump .Show filter stats layer7 .Show real server stats group . January 2005 Chapter 5: The Statistics Menu 167 . The number of received UDP datagrams that could not be delivered for reasons other than the lack of an application at the destination port.Show Layer 7 stats ssl .2 Command Reference /stats/l3/udp UDP Statistics UDP statistics: udpInDatagrams: udpInErrors: 54 0 udpOutDatagrams: udpNoPorts: 43 1578077 Table 5-24 UDP Statistics (/stats/l3/udp) Statistics udpInDatagrams udpOutDatagrams udpInErrors Description The total number of UDP datagrams delivered to the switch.Clear non-operational Server Load Balancing stats aux .

see page 174. real <real server number (1-1023)> Displays the following real server statistics: Number of times the real server has failed its health checks Number of sessions currently open on the real server Total sessions the real server was assigned Highest number of simultaneous sessions recorded for each real server Real server transmit/receive octets See page 179 for sample output. virt <virtual server number (1-1024)> Displays the following virtual server statistics: Current and total sessions for each real server associated with the virtual server. Real server transmit/receive octets. See page 182 for sample output. filt <filter ID (1-2048)> Displays the total number of times any filter has been used. Real server transmit/receive octets. Highest number of simultaneous sessions recorded for each real server. For per-service octet counters. layer7 Displays Layer 7 statistics. For more information. To view menu options. See page 186 for sample output. See page 180 for sample output. Current and total sessions for all real servers associated with the real server group. ssl Displays SSL server load balancing statistics. 168 Chapter 5: The Statistics Menu 315393-J. see page 179. Highest number of simultaneous sessions recorded for each real server. rtsp Displays RTSP SLB statistics. see page 170. see page 179. For per-service octet counters. See page 181 for sample output. ftp Displays FTP SLB parsing and NAT statistics.0. See page 187 for sample output. See page 181 for sample output. January 2005 . See page 190 for sample output. Current and total sessions for all real servers associated with the virtual server.2 Command Reference Table 5-25 SLB Statistics Menu Options (/stats/slb) Command Syntax and Usage sp <SP number (1-4)> Displays the server load balancing statistics menu.Alteon OS 22. gslb Displays the Global SLB Statistics menu. group <real server group number (1-256)> Displays the following real server group statistics: Current and total sessions for each real server in the real server group.

See page 194 for sample output. This command does not reset the switch and does not affect the following counters: Counters required for Layer 4 and Layer 7 operation (such as current real server sessions). All related SNMP counters. To view the statistics reset by this command.0.2 Command Reference Table 5-25 SLB Statistics Menu Options (/stats/slb) Command Syntax and Usage dns Displays DNS SLB statistics. aux Displays auxiliary session table statistics. See page 192 for sample output. See page 196 for sample output. To save dump data to a file. 315393-J. See page 191 for sample output.Alteon OS 22. maint Displays SLB maintenance statistics. wap Displays WAP SLB statistics. clear [y|n] Clears all non-operating SLB statistics on the Alteon Application Switch. sip Displays SIP SLB statistics. refer to Table 5-48 on page 196. set your communication software on your workstation to capture session data prior to issuing the dump command. resetting them to zero. Use this command to gather data for tuning and debugging switch performance. dump Dumps all switch SLB statistics. January 2005 Chapter 5: The Statistics Menu 169 .

See page 171 for a sample output.Show real server stats group .Show virtual server stats filt . filt <filter ID (1-2048)> Displays statistics of the filter. See page 170 for a sample output. See page 171 for a sample output.Show filter stats maint .Show maintenance stats aux .0. virt <virtual server number (1-1024)> Displays statistics of the virtual server. See page 171 for a sample output.Show auxiliary session table stats clear . group <real server group number (1-1024)> Displays real server group statistics of the switch port.Alteon OS 22.Show real server group stats virt . /stats/slb/sp/real <real server number> SP Real Server Statistics Port 1 Real server 1 stats: Current sessions: Total sessions: Octets: 3 3 24 170 Chapter 5: The Statistics Menu 315393-J.Clear SP stats Table 5-26 SP Statistics Menu options (/stats/slb/sp) Command Syntax and Usage real <real server number (1-1023)> Displays real server statistics of the switch port.2 Command Reference /stats/slb/sp Server Load Balancing SP statistics Menu [Server Load Balancing SP Statistics Menu] real . See page 172 for a sample output. January 2005 . maint Displays the SP maintenance statistics. clear Deletes all the SP statistics. aux Displays the statistics of the auxiliary session table.

15 20 77 12 ---.-------.100.-------200.100.100 40 137 21 Octets --------------480000 616000 --------------1096000 /stats/slb/sp <sp number>/filt <filter number> SP Filter Statistics SP 1 Filter 1 stats: Total firings: 2 315393-J.2 Command Reference /stats/slb/sp <sp number>/group <real group server number> SP Real Group Server Statistics Real server group 1 stats: Current Total Highest Real IP address Sessions Sessions Sessions ---.10.Alteon OS 22.10.100.10.14 20 60 9 2 200.14 20 60 9 2 200.0.---------.-------.---------.-------1 200.-------.-------.100.--------------.--------------.15 20 77 12 ---.--------------.-------1 200.10.---------.---------.100. January 2005 Chapter 5: The Statistics Menu 171 .--------------.10.-------40 137 21 Octets --------------480000 616000 --------------1096000 /stats/slb/sp <sp number>/virt <virtual server number> SP Virtual Server Statistics Real server group 1 stats: Current Total Highest Real IP address Sessions Sessions Sessions ---.

January 2005 . Indicates the number of non-IP based frames received by the virtual server. Number of sessions removed from the session table because the server assigned to them failed and graceful server failure was not enabled. Indicates the number of times the switch received a Layer 4 request for a virtual server which was not configured. Indicates that the virtual server IP address and MAC are receiving UDP frames when UDP balancing is not turned on.0. Number of session bindings currently in use (the last 4 and 64 seconds).Alteon OS 22. Indicates instances where the Switch ran out of available sessions for a port.2 Command Reference /stats/slb/sp <sp number>/maint SP Maintenance Statistics SP 1 SLB Maintenance stats: Maximum sessions: Current sessions: 4 second average: 64 second average: Terminated sessions: Allocation failures: Non TCP/IP frames: UDP datagrams: Incorrect VIPs: Incorrect Vports: No available real server: Filtered (denied) frames: LAND attacks: No TCP control bits: Invalid reset packet drops: Total IP fragment sessions: IP fragment sessions: IP fragment discards: IP fragment table full: 524276 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Table 5-27 SP Maintenance Statistics (/stats/slb/sp/maint) Statistic Maximum sessions Current Sessions Description The maximum number of simultaneous sessions supported. Terminated Sessions Allocation Failures UDP Datagrams Non TCP/IP Frames Incorrect VIPs 172 Chapter 5: The Statistics Menu 315393-J.

January 2005 Chapter 5: The Statistics Menu 173 . Normally this indicates a mis-configuration on the virtual server or the client. There are no real servers (in the case of redirection filters. The number of packets that were dropped because the packet had no control bits set in the TCP header.Alteon OS 22. IP fragment table full This counter indicates how many times session table is full.2 Command Reference Table 5-27 SP Maintenance Statistics (/stats/slb/sp/maint) Statistic Incorrect Vports Description This dropped frames counter indicates that the virtual server has received frames for TCP/UDP services that have not been configured. This indicates the number of times a real server has reached the maxcon limit and caused an overflow server to be brought online. No Available Real Server Backup Server Activations Overflow Server Activations Filtered (Denied) Frames LAND attacks No TCP Control Bits Invalid reset packet drops Total IP fragment ses. This indicates the number of frames that were dropped because of one of the following reasons: 1.) 3. This counter increases whenever a packet has the same source and destination IP addresses and ports.0. but it may be an indication of a potential security probing application like SATAN. Current IP fragment sessions IP fragment discards This represents the current number of fragment sessions. They matched an active filter with the deny action set.This represents the total number of fragment sessions the switch has sions processed so far. Free service pool entries 315393-J. This dropped frames counter indicates that all real servers are either out of service or at their maxcon limit. This indicates the number of times a real server failure has occurred and caused a backup server to be brought online. The number of fragmented packets that are discarded due to lack of resources. When there are no available session entries. 2.

network <network. rule <rule. January 2005 . clear Deletes all Global SLB statistics.Alteon OS 22.Show Global SLB virtual server stats site . see page 175.Show Global SLB rule stats geo . To view an example.Show Global SLB remote real server stats virt . maint To view an example and description of Global SLB maintenance statistics.Show Global SLB maintenance stats clear . dump Displays all Global SLB statistics.Show Global SLB remote site stats network .Show Global SLB network preference stats rule . To view an example and description of what is displayed on-screen.Clear all Global SLB stats dump . under which the remote server is configured.Show Global SLB geographical preference stats maint .Show all Global SLB stats Table 5-28 Global SLB Statistics Menu Options (/stats/slb/gslb) Command Syntax and Usage real <real server number (1-1023)> Where the real server number represents the real server ID on this switch. virt <virtual server number (1-1024)> To view an example and description of what is displayed on-screen.0. see page 177. see page 176. 1-64> Displays Global SLB statistics for the network. geo Displays Global SLB statistics for the geographical preference. see page 175.2 Command Reference /stats/slb/gslb Global SLB Statistics Menu [Global SLB Statistics Menu] real . 1-64> Displays Global SLB statistics for the remote site. site <remote site. 174 Chapter 5: The Statistics Menu 315393-J. 1-64> Displays Global SLB statistics for the rule.

----------.200. 315393-J. Since each remote sites is configured on its peers as if it were a real server (with certain special properties).gslb. January 2005 Chapter 5: The Statistics Menu 175 . the following statistics can be viewed: Number of DNS responses directed to the remote real server Number of HTTP redirects to the remote real server /stats/slb/gslb/virt <virtual server number> Virtual Server Global SLB Statistics Global SLB virtual server 1 http service stats: Domain: www.0.10 5 0 0 -----. IP Address Site DNS directs IP address of the server. under which the remote server is configured.2 Command Reference /stats/slb/gslb/real <real server number> Real Server Global SLB Statistics Real server 1 global stats: DNS directs: HTTP redirects: 3210 12 For any remote real server configured for Global Server Load Balancing.example.-------------Totals 0 0 Table 5-29 Virtual Server Global SLB Statistics (/stats/slb/gslb/virt) Field Server Description Type of server configuration and server ID number.----------. v# represents a local virtual server number r# represents a remote site.--------------.---. The remote site number.Alteon OS 22.---.200.--------------.-------------v1 200. the number represents the real server ID on this switch.com Server IP address Site DNS directs HTTP redirects -----.200.200.1 0 0 r2 200. The number of DNS responses that return the IP address of the corresponding server.

The number of remote site updates received using DSSP version 1. The number of remote site updates sent using DSSP version 2. January 2005 .Alteon OS 22.0.2 Command Reference Table 5-29 Virtual Server Global SLB Statistics (/stats/slb/gslb/virt) Field HTTP redirects Description The number of HTTP requests redirected to the corresponding server. /stats/slb/gslb/site Global SLB Site Statistics Global SLB remote site 1 stats: Bad remote site packets received: DSSPv1 remote site updates sent: DSSPv1 remote site updates received: DSSPv2 remote site updates sent: DSSPv2 remote site updates received: 386 0 0 768 348 Table 5-30 Global SLB Site Statistics Parameters (/stats/slb/gslb/site) Field Bad remote site packets received DSSPv1 remote site updates sent DSSPv1 remote site updates received DSSPv2 remote site updates sent DSSPv2 remote site updates received Description The number of bad packets received from remote site. 176 Chapter 5: The Statistics Menu 315393-J. The number of remote site updates received using DSSP version 2. The number of remote site updates sent using DSSP version 1.

January 2005 Chapter 5: The Statistics Menu 177 . The number of Distributed Site State Protocol (DSSP) version two updates/packets received from the remote sites. check your syslog for configuration error messages. DSSPv1 remote site updates sent DSSPv1 remote site updates received DSSPv2 remote site updates sent DSSPv2 remote site updates received 315393-J.0. The number of Distributed Site State Protocol (DSSP) version one updates/packets sent to the remote sites. The number of Distributed Site State Protocol (DSSP) version one updates/packets received from the remote sites. If bad updates or dropped packets occur.0.0 Table 5-31 Global SLB Maintenance Statistics (/stats/slb/gslb/maint) Field Bad remote site packets received Description The number of bad packets received from the remote site. Bad updates or dropped packets usually indicate that there is a configuration problem at local or remote GSLB switches.Alteon OS 22.2 Command Reference /stats/slb/gslb/maint Global SLB Maintenance Statistics Global SLB maintenance stats: Bad remote site packets received: DSSPv1 remote site updates sent: DSSPv1 remote site updates received: DSSPv2 remote site updates sent: DSSPv2 remote site updates received: DNS queries received: Bad DNS queries received: DNS responses sent: HTTP requests received: Bad HTTP requests received: HTTP responses sent: Hostname domain hits: Network domain hits: Basic domain hits: No server selected for hostname domain: No server selected for network domain: No server selected for basic domain: No matching domain: Last no result domain: Last source IP: 0 0 0 127746 85164 0 0 0 0 0 0 0 0 0 0 0 0 0 0.0. The number of Distributed Site State Protocol (DSSP) version two updates/packets sent to the remote sites.

The number of times no server was selected after matching the network domain name. The number of times no server was selected after matching the basic domain name. or the network domain configured.Alteon OS 22.2 Command Reference Table 5-31 Global SLB Maintenance Statistics (/stats/slb/gslb/maint) Field DNS queries received Bad DNS queries received DNS responses sent Description The number of DNS queries received. The number of bad DNS queries received. Client HTTP GET request packets that do not contain the entire URL are considered bad and are dropped. The number of times the DNS queries received matched for the network domain name configured. The number of times no server was selected after matching the host name domain. The domain in the last DNS query received that did not match the host name. domain name. The source IP address of the last DNS query or HTTP request received. Bad HTTP requests received The number of bad/dropped client HTTP requests.0. or the network domain configured. The number of times the DNS queries received did not match the host name. The number of DNS responses sent by the switch that includes DNS directs and DNS error responses. HTTP responses sent Hostname domain hits Network domain hits Basic domain hits No server selected for hostname domain No server selected for network domain No server selected for basic domain No matching domain Last no result domain Last source IP 178 Chapter 5: The Statistics Menu 315393-J. The number of times the DNS queries received matched for the hostname configured. HTTP requests received The number of HTTP requests received. January 2005 . The number of times the DNS queries received matched for the basic domain name configured. domain name. The number of HTTP responses sent by the switch that includes HTTP redirects.

21 for FTP services on the same physical server. 315393-J.1. January 2005 Chapter 5: The Statistics Menu 179 . For instance. you can configure IP address 10.1. and 10. These counters are then added to report the total octets for each virtual server. unless configured as described in “Per Service Octet Counters” on page 179. the octet counters represent the combined number of transmit and receive bytes (octets).2 Command Reference /stats/slb/real <real server number> Real Server SLB Statistics Real server 1 stats: Current sessions: Total sessions: Highest sessions: Octets 129 65478 4343 523824000 NOTE – Octets are provided per server. you can accomplish this through the following configuration: 1. The octet counters are provided per server–not per service.0. Table 5-32 Real Server SLB Statistics (/stats/slb/real) Statistics Current sessions Description The total number of outstanding sessions that are established to the particular real server.1. Total sessions Highest sessions Octets Per Service Octet Counters For each load-balanced real server. The total number of octets sent by the particular real server.1. The total number of sessions that have been established to the particular real server.20 for HTTP services. Configure a separate IP address for each service on each server being load balanced. The highest number of sessions ever recorded for the particular real server.Alteon OS 22. not per service. If you need octet counters on a perservice basis.

Thus. Current and total sessions for all real servers associated with the real server group. Real server transmit/receive octets. 4. 10 real servers would have to be configured: five for the HTTP services on each physical server. Continuing the example above.--------------.10. On the Alteon Application Switch. January 2005 .14 20 60 9 2 200.-------40 137 21 Octets --------------480000 616000 --------------1096000 Real server group statistics include the following: Current and total sessions for each real server in the real server group. and group each appropriate real server IP address into the group that handles the specific service.---------. and five for the FTP services on each physical server. two real servers would be configured for the physical server (representing each real service). see the procedure on “Per Service Octet Counters” on page 179. Highest number of simultaneous sessions recorded for each real server.2 Command Reference 2.100.--------------.0. two groups would be configured: one for handling HTTP and one for handling FTP. 180 Chapter 5: The Statistics Menu 315393-J.100. configure one real server group for each type of service.Alteon OS 22.10. 3. /stats/slb/group <real server group number> Real Server Group Statistics Real server group 1 stats: Current Total Highest Real IP address Sessions Sessions Sessions ---.15 20 77 12 ---. configure a real server with a real IP address for each service above. Configure a virtual server and add the appropriate services to that virtual server.-------1 200. For per-service octet counters.---------. If there were five physical servers providing the two services (HTTP and FTP).-------. On the Alteon Application Switch.-------. in keeping with our example.

0.-------200. January 2005 Chapter 5: The Statistics Menu 181 . 315393-J.---------.100.--------------.10.-------. /stats/slb/filt <filter number> Filter SLB Statistics Filter 1 stats: Total firings: 1011 You can obtain the total number of times any filter has been matched. below the real server IP addresses.2 Command Reference /stats/slb/virt <virtual server number> Virtual Server SLB Statistics Virtual server 1 stats: Current Total Highest Real IP address Sessions Sessions Sessions ---. Real server transmit/receive octets. Highest number of simultaneous sessions recorded for each real server. Current and total sessions for all real servers associated with the virtual server.10.20 40 309 21 Octets --------------480000 616000 --------------1096000 NOTE – The virtual server IP address is shown on the last line.10.Alteon OS 22.-------.15 20 77 12 ---. Virtual server statistics include the following: Current and total sessions for each real server associated with the virtual server.14 20 60 9 2 200. For per-service octet counters.-------1 200.100.--------------.100. see “Per Service Octet Counters” on page 179.---------.

See page 182 for a sample output.Show Layer 7 Maintenance stats Table 5-33 SLB Layer 7 Statistics Menu Options (/stats/slb/layer7) Command Syntax & Usage redir Displays URL Redirection statistics.Alteon OS 22. January 2005 . Total none-GETs hits The total number of none GET requests forwarded to the origin server.2 Command Reference /stats/slb/layer7 SLB Layer7 Statistics Menu [Layer 7 Statistics Menu] redir . 182 Chapter 5: The Statistics Menu 315393-J. See page 183 for a sample output.Show URL Redirection stats str . Total straight to ori. Total origin server hits The total number of HTTP requests forwarded to the origin server. /stats/slb/layer7/redir Layer7 Redirection Statistics Total Total Total Total Total Total Total Total Total Total URL based web cache redirection stats: cache server hits: origin server hits: straight to origin server hits: none-GETs hits: 'Cookie: ' hits: no-cache hits: RTSP cache server hits: RTSP origin server hits: HTTP redirection hits: 0 0 0 0 0 0 0 0 0 Table 5-34 Layer 7 Redirection Statistics (/stats/slb/layer7/redir) Statistics Description Total cache server hits The total number of HTTP requests redirected to the cache server. str Displays SLB string statistics. maint Displays Layer 7 maintenance statistics.0. See page 184 for a sample output.The total number of HTTP requests forwarded from straight to the gin server hits origin server.Show SLB String stats maint .

The total number of RTSP requests redirected to the cache server. The total number of instances that are load-balanced due to matching of the particular URL ID.junk. The total number of RTSP requests forwarded to the origin server.Alteon OS 22. The total number of requests containing no-cache header forwarded to the origin server. The total number of HTTP requests that were redirected by redirection filter. January 2005 Chapter 5: The Statistics Menu 183 .[abcdefjhijklm]*.org Hits 1527115 0 0 0 0 0 0 Table 5-35 Layer 7 SLB String Statistics (/stats/slb/layer7/str) Statistics ID SLB String Hits Description The user-defined strings being used in URL matching.org 7 www. 315393-J.[nopqrstuvwxyz]*.com 5 www.2 Command Reference Table 5-34 Layer 7 Redirection Statistics (/stats/slb/layer7/redir) Statistics Total 'Cookie:' hits Total no-cache hits Total RTSP cache server hits Total RTSP origin server hits Total HTTP redirection hits Description The total number of cookie requests forwarded to the origin server.abc.[nopqrstuvwxyz]*.com 6 www.com 3 www. /stats/slb/layer7/str Layer 7 SLB String Statistics SLB String stats: ID SLB String 1 any 2 www.com 4 www.[abcdefghijklm]*.0.

Seq buffers: 0 Alloc Fails . This means that when the switch could not connect to the real sever and the client’s retries exceeded the threshold due to delayed binding.0.Alteon OS 22.1 client requests.0 Clients reset by switch on server side Connection Splicing to support HTTP/1.2 Command Reference /stats/slb/layer7/maint Layer 7 SLB Maintenance Statistics Layer 7 maintenance stats: Clients reset by switch on client side: 0 Clients reset by switch on server side: 0 Connection Splicing to support HTTP/1. January 2005 .Ubufs: Max sessions per bucket: 0 Max frames per session: Max bytes buffered (sess): 0 1260 1260 1260 1260 0 0 0 0 0 0 0 Table 5-36 SLB Layer 7 Maintenance Statistics (/stats/slb/layer7/maint) Statistics Clients reset by switch on client side Description The number of reset frames sent to the client by the switch during server connection termination. The number of reset frames sent to the server by the switch during server connection termination due to delayed binding. the switch will send a reset frame to the client to terminate the connection.1 184 Chapter 5: The Statistics Menu 315393-J.1: 0 Invalid HTTP methods: 0 Aged delayed binding sessions: 0 Half open connections: 0 Switch retries: 0 Random early drops: 0 Requests exceeded 9000 bytes: 0 Invalid 3-way handshakes: 0 Exceeded max frame size: 0 Out of order packet drops: 0 Current SP[1] memory units: 1260 Lowest: Current SP[2] memory units: 1260 Lowest: Current SP[3] memory units: 1260 Lowest: Current SP[4] memory units: 1260 Lowest: Current SP memory units: 5040 Current SEQ buffer entries: 0 Highest: Current Data buffer use: 0 Highest: Current SP buffer entries: 0 Highest: Total Nonzero SEQ Alloc: 0 Total SEQ Buffer Allocs: 0 Total SEQ Frees: Total Data Buffer Allocs: 0 Total Data Frees: Alloc Fails . The total number of connection swapping between different real servers in supporting multiple HTTP/1.

Aged delayed binding sessions Half open connections Switch retries Random early drops Requests exceeded 4500 bytes Invalid 3-way handshakes Exceeded max frame size Out of order packet drops: Current SP memory units Current SEQ buffer entries Highest SEQ buffer entries Current Data buffer use Highest Data buffer use Total Nonzero SEQ Alloc Total SEQ Buffer Allocs Total SEQ Frees 315393-J. The total number of SYN frames dropped when the buffer is low. The total numbers of outstanding TCP connections that are half opened. The number of outstanding data buffers used. The currently available SP memory units. The total number of TCP packets dropped because they were received out of order. It is incremented when the switch responds to TCP SYN packet and decremented upon receiving TCP SYN ACK packet from the requester. The total number of sequence buffer is freed. The highest number of sequence buffers ever used. The number of outstanding sequence buffers used. The total number of GET requests that exceeded 4500 bytes. The total number of switch retries to connect to the real server. The total number of sequence buffer allocated.0.Alteon OS 22.2 The total number of sequence buffer allocations. The total number of aged delayed binding sessions caused by failed connection initialization between the switch and the server.2 Command Reference Table 5-36 SLB Layer 7 Maintenance Statistics (/stats/slb/layer7/maint) Statistics Invalid HTTP methods Description The total number of HTTP requests that contain invalid methods sent by the client. January 2005 Chapter 5: The Statistics Menu 185 . The highest number of data buffers ever used. The total number of switch-generated frames that exceeded the maximum allowed frame size. The total number of dropped frames because of invalid 3-way hand shakes.

Seq buffers Alloc Fails . /stats/slb/ssl SLB Secure Socket Layer Statistics SSL SLB maintenance stats: SessionId allocation fails: Total number of SSL ID reassignments: 0 0 Current Total Highest Sessions Sessions Sessions ------------------------.0.Alteon OS 22.Ubufs Max sessions per bucket Description The total number of buffers allocated to store client request.-------Unique SessionIds 0 0 0 SSL connections 0 0 0 Persistent Port Sessions 0 0 0 Table 5-37 SLB Secure Socket Layer Statistics (/stats/slb/ssl) Statistics SSL SLB maintenance stats SessionId allocation fails Total number of SSL ID reassignments Description Debug stats for SSL SessionId based persistence.2 The total of number buffers freed. 186 Chapter 5: The Statistics Menu 315393-J. The maximum number of items (sessions) allowed in the session table hash bucket chain. The number of times allocation of a session table entry failed when attempting to store a SessionId in the table. The number of times the URL data buffer allocation failed.2 Command Reference Table 5-36 SLB Layer 7 Maintenance Statistics (/stats/slb/layer7/maint) Statistics Total Data Buffer Allocs Total Data Frees Alloc Fails .-------. January 2005 . Max bytes buffered (sess) The maximum number of bytes to be buffered per session. The number of times sequence buffer allocation failed. Max frames per session The maximum number of frames to be buffered per session.---------.

these should all bind to the same server. See page 189 for sample output. See page 188 for sample output. January 2005 Chapter 5: The Statistics Menu 187 .2 Command Reference Table 5-37 SLB Secure Socket Layer Statistics (/stats/slb/ssl) Statistics Description The table shows the Current Sessions. parsing Shows parsing statistics.Alteon OS 22.Show maint . the total sessions seen on the switch since last reset and the high water mark of current sessions for the following: Unique SessionIds Many SSL sessions can use the same SessionId. maint Shows maintenance statistics. The number of different TCP connections using SSL service.Dump Filter Statistics Menu] active FTP NAT filter stats FTP SLB parsing server stats FTP maintenance stats all FTP SLB/NAT stats Table 5-38 FTP SLB Parsing and Filter Statistics Menu Options (/stats/slb/ftp) Command Syntax and Usage active Shows active FTP SLB parsing and filter statistics. See page 188 for sample output. The number of SessionIds maintained to allow for persistence across different client ports.0. This number shows the number of unique SSL sessions seen on the switch. 315393-J.Show dump . dump Shows all FTP SLB/NAT statistics. SSL connections Persistent Port Sessions /stats/slb/ftp File Transfer Protocol SLB and Filter Statistics Menu [FTP SLB parsing and active . See page 189.Show parsing .

The difference in the numbers of ACK and SEQ that the switch needs FTP SLB parsing. January 2005 . The difference in the numbers of ACK and SEQ that the Switch needs for packet adjustment.2 Command Reference /stats/slb/ftp/active Active FTP SLB Parsing and Filter Statistics Total Active FTP NAT stats(PORT): Total FTP: Total New Active FTP Index: Active FTP NAT ACK/SEQ diff: 0 0 0 Table 5-39 Active FTP Slb Parsing and Filter statistics (/stats/slb/ftp/active) Statistics Total Active FTP NAT stats (PORT) Total FTP Total New Active FTP Index Active FTP NAT ACK/SEQ diff Description The number of times the switch receives the port command from the client. The number of times the switch receives both active and passive FTP connections. The number of times the switch creates a new index in response to the pasv command from the client. /stats/slb/ftp/parsing Passive FTP SLB Parsing Statistics Total FTP SLB Parsing Stats(PASV): Total FTP: Total New FTP SLB parsing Index: FTP SLB parsing ACK/SEQ diff: 0 0 0 Table 5-40 Passive FTP SLB Parsing Statistics (/stats/slb/ftp/parsing) Statistics Total FTP Description The number of times the switch receives both active and passive FTP connections. Total New FTP SLB parsing Index FTP SLB parsing ACK/ SEQ diff 188 Chapter 5: The Statistics Menu 315393-J.0.Alteon OS 22. The number of times the switch creates a new index due to port command from the client.

Total FTP NAT Filtered The total number of FTP NAT filter sessions that occurred. The total number of times the adjustment between ACK and SEQ occurred on the filter.2 Command Reference /stats/slb/ftp/maint FTP SLB Maintenance Statistics FTP mode switch error: 0 Table 5-41 FTP SLB Maintenance Statistics (/stats/slb/ftp/maint) Statistics FTP mode switch error Description The number of times the switch is not able to switch modes from active to passive and vice versa. The number of times the switch creates a new index in response to the pasv command from the client. The number of times the switch could not switch mode from active to passive and vice versa. Total new active FTP NAT Index Total new FTP SLB parsing Index FTP Active FTP NAT ACK/SEQ diff FTP SLB parsing ACK/ SEQ diff FTP mode switch error The total number of new data sessions created for FTP NAT filter in active mode.0.Alteon OS 22. The difference in the numbers of ACK and SEQ that the switch needs for FTP SLB parsing. January 2005 Chapter 5: The Statistics Menu 189 . 315393-J. /stats/slb/ftp/dump FTP SLB Statistics Dump Total FTP : Total FTP NAT Filtered: Total new active FTP NAT Index: Total new FTP SLB parsing Index: FTP Active FTP NAT ACK/SEQ diff: FTP SLB parsing ACK/SEQ diff: FTP mode switch error: 0 0 0 0 0 0 0 Table 5-42 FTP SLB Statistics Dump (/stats/slb/ftp/dump) Statistics Total FTP Description The total number of FTP sessions that occurred.

The total number of UDP connections for data channels.---------. The total number of buffer allocations used. Redirect ConnectionDenied BufferAllocs AllocFailures 190 Chapter 5: The Statistics Menu 315393-J.---------.---------1 0 0 0 0 0 0 2 0 0 0 0 0 0 3 0 0 0 0 0 0 4 0 0 0 0 0 0 -. The total number of times the connection got redirected.0.---------.2 Command Reference /stats/slb/rtsp RTSP SLB Statistics Control UDP Connection Buffer Alloc SP Connection Streams Redirect Denied Allocs Failures -.---------. The total number of times the connections got denied due to shortage of resources or the real server being down.---------. January 2005 .---------.Alteon OS 22. The number depends upon the type of media player being used.-------0 0 0 0 0 0 Table 5-43 RTSP SLB Statistics (/stats/slb/rtsp) Statistics ControlConnection UDP Streams Description The total number of TCP connections for RTSP control connection.---------.---------. The total number of times the buffer allocation failed.---------.---------.

January 2005 Chapter 5: The Statistics Menu 191 . The total number of DNS queries that have short or invalid domain names to be resolved. The total number of malformed DNS queries received.0. The total number of out of memory and other unexpected errors the user gets while processing the DNS query. The total number of DNS queries that contain more than one domain name to be resolved. Total number of domain name parse errors Total number of failed real server name matches Total number of DNS parsing internal errors 315393-J. Currently only one domain name resolution per request is supported. The total number of DNS queries received through UDP requests.2 Command Reference /stats/slb/dns DNS SLB Statistics Total Total Total Total Total Total Total number number number number number number number of of of of of of of TCP DNS queries: UDP DNS queries: invalid DNS queries: multiple DNS queries: domain name parse errors: failed real server name matches: DNS parsing internal errors: 0 0 0 0 0 0 0 Table 5-44 DNS SLB Statistics (/stats/slb/dns) Statistics Total number of TCP DNS queries Total number of UDP DNS queries Total number of invalid DNS queries Total number of multiple DNS queries Description The total number of DNS queries that received through TCP connections. The total number of times the user failed to find a real server which has the same layer 7 strings that match the domain name to be resolved.Alteon OS 22.

Indicates instances where the switch ran out of available bindings for a port. This dropped frames counter indicates that the virtual server has received frames for TCP/UDP services that have not been configured. Indicates the number of times the switch received a Layer 4 request for a virtual server which was not configured. Normally this indicates a mis-configuration on the virtual server or the client. incorrect VIPs incorrect Vports no available real server requests to wrong SP The number of session add/delete requests sent to the wrong SP. WAP Maintenance stats: current sessions: 0 allocation failures: 0 incorrect VIPs: 0 incorrect Vports: 0 no available real server: 0 requests to wrong SP: 0 -----------------------------------------------------------------TPCP External Notification stats: add session reqs: 0 del session reqs: 0 req fails.2 Command Reference /stats/slb/wap WAP SLB Statistics This command displays all the Radius and WAP related counters. January 2005 . This dropped frames counter indicates that all real servers are either out of service or at their maxcon limit.SP dead: 0 req fails.0. 192 Chapter 5: The Statistics Menu 315393-J.DMA: 0 Table 5-45 WAP SLB Statistics (/stats/slb/wap) Statistics Description WAP Maintenance stats: current sessions allocation failures The number of session bindings currently in use.SP dead: 0 req fails.SP dead: 0 -----------------------------------------------------------------RADIUS Snooping stats: acct reqs: 0 acct wrap reqs: 0 acct start reqs: 0 acct update reqs: 0 acct stop reqs: 0 acct bad reqs: 0 acct reqs(FIP): 0 acct reqs(no FIP): 0 add session reqs: 0 del session reqs: 0 req fails.Alteon OS 22.

acct start reqs acct update reqs acct stop reqs acct bad reqs add session reqs del session reqs req fails. The number of add/delete requests failed due to DMA write failure.0. January 2005 Chapter 5: The Statistics Menu 193 . The number of WAP session add requests via RADIUS snooping. The number of RADIUS Accounting Update frames.2 Command Reference Table 5-45 WAP SLB Statistics (/stats/slb/wap) Statistics Description TPCP External Notification stats: add session reqs req fails. RADIUS Snooping stats: acct reqs acct wrap reqs The number of RADIUS Accounting frames received.DMA 315393-J. The number of wrapped RADIUS Accounting frames received. The number of add/delete request failures due to dead target SP.Alteon OS 22. The number of RADIUS Accounting Stop frames received. The number of bad RADIUS Accounting frames received. The number of WAP session delete requests via RADIUS snooping.SP dead req fails. The number of add-request failures due to dead target SP.SP dead The number of WAP session add requests via TPCP. The number of RADIUS Accounting Start frames received.

Indicates the number of times the switch received a Layer 4 request for a virtual server which was not configured. Table 5-46 Server Load Balancing Maintenance Statistics (/stats/slb/maint) Statistic Maximum sessions Current Sessions Description The maximum number of simultaneous sessions supported. UDP Datagrams Non TCP/IP Frames Incorrect VIPs Indicates that the virtual server IP address and MAC are receiving UDP frames when UDP balancing is not turned on. Indicates the number of non-IP based frames received by the virtual server.Alteon OS 22. January 2005 . Number of session bindings currently in use (the last 4 and 64 seconds).2 Command Reference /stats/slb/maint SLB Maintenance Statistics SLB Maintenance stats: Maximum sessions: Current sessions: 4 second average: 64 second average: Terminated sessions: Allocation failures: UDP datagrams: Non TCP/IP frames: Incorrect VIPs: Incorrect Vports: No available real server: Backup server activations: Overflow server activations: Filtered (denied) frames: LAND attacks: No TCP control bits: Invalid reset packet drops: Total IP fragment sessions: Current IP fragment sessions IP fragment discards: IP fragment table full: Free Service pool entries: 2097104 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 8192 SLB Maintenance statistics are described in the following table. Allocation Failures Indicates instances where the Switch ran out of available sessions for a port. Terminated Sessions Number of sessions removed from the session table because the server assigned to them failed and graceful server failure was not enabled. 194 Chapter 5: The Statistics Menu 315393-J.0.

but it may be an indication of a potential security probing application like SATAN. Normally this indicates a mis-configuration on the virtual server or the client. This counter indicates how many times session table is full. This indicates the number of frames that were dropped because they matched an active filter with the deny action set.0. This dropped frames counter indicates that all real servers are either out of service or at their maxcon limit. This counter increases whenever a packet has the same source and destination IP addresses and ports. This indicates the number of times a real server failure has occurred and caused a backup server to be brought online. The number of fragmented packets that are discarded due to lack of resources. Invalid reset packet drops Total IP fragment sessions Current IP fragment sessions IP fragment discards IP fragment table full Free service pool entries This represents the total number of fragment sessions the switch has processed so far.Alteon OS 22. January 2005 Chapter 5: The Statistics Menu 195 .2 Command Reference Table 5-46 Server Load Balancing Maintenance Statistics (/stats/slb/maint) Statistic Incorrect Vports Description This dropped frames counter indicates that the virtual server has received frames for TCP/UDP services that have not been configured. This represents the current number of fragment sessions. 315393-J. No Available Real Server Backup Server Activations Overflow Server Activations Filtered (Denied) Frames LAND attacks No TCP Control Bits The number of packets that were dropped because the packet had no control bits set in the TCP header. This indicates the number of times a real server has reached the maxcon limit and caused an overflow server to be brought online.

January 2005 . The total number of errors encountered during server processing when parsing an incoming SIP packet. Total number of SIP Incomplete Messages Total number of packets received which do not have the complete SIP message in a single packet.2 Command Reference /stats/slb/sip SIP SLB Statistics SIP Stats: Total number Total number Total number Total number of of of of SIP SIP SIP SIP Client Parse Errors Server Parse Errors Unknown Method packets Incomplete Messages : : : : 0 0 0 0 Table 5-47 SIP SLB Statistics (/stats/slb/sip) Statistics Total number of SIP Client Parse Errors Total number of SIP Server Parse Errors Description The total number of errors encountered during client processing when parsing an incoming SIP packet. /stats/slb/clear Clearing the SLB Statistics The following statistics are reset to zero when the clear command is given and confirmed: Table 5-48 SLB Statistics Reset (/stats/slb/clear) Statistics Real server stats: Description Health check failures Total sessions Highest sessions Octets Total sessions Highest sessions Octets Total sessions Highest sessions Octets Real server group stats: Virtual server stats 196 Chapter 5: The Statistics Menu 315393-J.Alteon OS 22. Total number of SIP Total number of packets received with methods not known to the Unknown Method packets SIP parser on the switch.0.

Total sessions Real server group: Octets. January 2005 Chapter 5: The Statistics Menu 197 . Total sessions Total firings: Octets Per real server: DNS handoffs HTTP redirects Per server group: DNS handoffs HTTP redirects Redir: Total cache server hits Total origin server hits Total none-GETs hits Total 'Cookie: ' hits Total no-cache hits LB: ID SLB String hits Total Sessions Highest Sessions Total FTP Total FTP NAT Filtered Total new active FTP NAT Index Total new FTP SLB parsing Index FTP Active FTP NAT ACK/SEQ diff FTP SLB parsing ACK/SEQ diff Health check failures Total sessions Highest sessions Octets Total sessions Highest sessions Octets Total sessions Highest sessions Octets Global SLB stats URL SLB and Redirection stats SSL SLB stats FTP SLB parsing and NAT stats Real server stats Real server group stats Virtual server stats 315393-J.0. Total sessions Virtual server: Octets.2 Command Reference Table 5-48 SLB Statistics Reset (/stats/slb/clear) Statistics Filter stats SLB switch port stats.Alteon OS 22. per port Description Total firings Real server stats: Octets.

2 Command Reference /stats/bwm BWM Statistics Menu [Bandwidth Management Statistics Menu] port . See page 201 for details. rcont <BW Contract number (1-256)> Displays bandwidth management contract rate statistics.Clear BWM statistics Table 5-49 Bandwidth Management Statistics Menu Options (/stats/bwm) Command Syntax and Usage port <port number> Displays Switch Port Contract Statistics Menu. cont <BW Contract number (1-256)> Displays bandwidth management contract statistics.Show BWM maint statistics ipusers .BW Contract rate stats hist . 198 Chapter 5: The Statistics Menu 315393-J.Dump all BWM statistics clear .0. maint Displays bandwidth management maintenance statistics. hist Displays bandwidth management history statistics. January 2005 .Show BWM IP user stats for iplimit contracts dump . See page 203 for sample output. ipusers Displays Bandwidth Management IP user stats for iplimit contracts. see page 199.Alteon OS 22. To view menu options. clear Clears all bandwidth management statistics.BW History stats maint . See page 204 for sample output. dump Displays all bandwidth management statistics.Switch Port Contract Stats Menu cont . Each IP address is limited to the user limit configured in /cfg/bwm/contract on page 281. See page 200 for details.BW Contract stats rcont . See page 204 for sample output.

rcont <BW Contract number (1-256)> Displays bandwidth management contract rate statistics.0. For example: >> AAS_2424 .BW Contract rate stats Table 5-50 Management Port Statistics Menu Options (/stats/bwm/sp) Command Syntax and Usage cont <BW Contract number (1-256)> Displays bandwidth management contract statistics.---------. You can configure the number of CLI lines per screen using the global (hidden) command: lines <number of lines>. If the CLI lines are configured at zero per screen.Alteon OS 22.-----1 cont1 40465360 262049256 0 16320 2 cont2 0 0 0 16320 20 cont20 674252832 1798583472 16384 16320 26 cont26 0 0 0 16320 256 Default 772710 0 0 16320 /stats/bwm/port <port number>/rcont BWM Switch Processor Rate Contract Statistics This command repeats its output when the printed lines are less than the configured CLI lines per screen.2 Command Reference /stats/bwm/port <port number> BWM Switch Processor Statistics [Bandwidth Management Port Statistics Menu] cont .Bandwidth Management Statistics# lines ? lines sets lines-per-screen 0-300. the command will continue to repeat its output until you type a key on the console or telnet session.--------------. zero for infinite 315393-J.BW Contract stats rcont . January 2005 Chapter 5: The Statistics Menu 199 . /stats/bwm/port <port number>/cont BWM Switch Processor Contract Statistics Menu BW Contract statistics Contract Name Octets Discards BufUsed BufMax -------.------. See page 199 for a sample output.Bandwidth Management Statistics# lines Current lines-per-screen: 24 >> AAS_2424 .---------.

2 Command Reference BW Contract statistics Contract Name Rate(Kbps) Octets Discards BufUsed BufMax -------.---------.------. The number of octets that are being transmitted through a particular contract since the switch is booted.---------.0. January 2005 . Table 5-51 Bandwidth Management Contract Statistics (/stats/bwm/cont) Statistics Contract Name Octets Description The contract number.Alteon OS 22.------.---------.---------. The contract name. The number of octets that are being discarded because of seeing more traffic than the bandwidth contract limit permits.--------------.----1 cont1 0 40465360 262049256 0 16320 2 cont2 0 0 0 0 16320 20 cont20 5230 682947936 1822133376 16384 16320 26 cont26 0 0 0 0 16320 256 Default 0 773974 0 0 16320 1 cont1 0 40465360 262049256 0 16320 2 cont2 0 0 0 0 16320 20 cont20 5238 684289056 1825753104 16384 16320 26 cont26 0 0 0 0 16320 256 Default 0 774114 0 0 16320 /stats/bwm/cont <contract number> BWM Contract Statistics BW Contract statistics Contract Name Octets Discards BufUsed BufMax -------.--------------.-----1 cont1 223868832 568900584 16384 456960 2 cont2 0 0 0 456960 20 cont20 224149728 568632456 16384 456960 25 cont25 0 0 0 456960 26 cont26 0 0 0 456960 256 Default 401270 0 0 456960 The following description of statistics applies on a specific switch port for all enabled contracts. NOTE – This command displays enabled contracts only.---------. Discards 200 Chapter 5: The Statistics Menu 315393-J.

2 Command Reference Table 5-51 Bandwidth Management Contract Statistics (/stats/bwm/cont) Statistics BufUsed Description The current amount of buffer space used to store the packets that is waiting to be transmitted. the command will continue to repeat its output until you type a key on the console or telnet session. January 2005 Chapter 5: The Statistics Menu 201 . This command repeats its output when the printed lines are less than the configured CLI lines per screen.Bandwidth Management Statistics# lines Current lines-per-screen: 24 >> AAS_2424 . zero for infinite 315393-J.Bandwidth Management Statistics# lines ? lines sets lines-per-screen 0-300. The switch starts dropping the packets of a particular contract after the maximum buffer space allocated for that contract is being occupied.0. BufMax /stats/bwm/rcont BWM Contract Rate Statistics Use this command to show the rate statistics of all the enabled contracts. Maximum buffer space that can be used to store the packets before they can be transmitted.Alteon OS 22. If the CLI lines are configured at zero per screen. You can configure the number of CLI lines per screen using the global (hidden) command: lines <number of lines>. NOTE – This command displays enabled contracts only. For example: >> AAS_2424 .

January 2005 .2 Command Reference BW Contract statistics Contract Name Rate(Kbps) Octets Discards BufUsed BufMax -------. Maximum buffer space that can be used to store the packets before they can be transmitted.---------. The number of octets that are being discarded because of seeing more traffic than the bandwidth contract limits. The current amount of buffer space used to store the packets that is waiting to be transmitted. Rate at which the packets are going out of the switch on a particular contract.---------. The number of octets that are being transmitted through a particular contract since the switch is booted.Alteon OS 22. The switch starts dropping the packets of a particular contract after the maximum buffer space allocated for that contract is being occupied.---------.--------------.----1 cont1 5222 285408288 735607152 16384 456960 2 cont2 0 0 0 0 456960 20 cont20 5238 285720864 735308784 16384 456960 26 cont26 0 0 0 0 456960 256 Default 4 517182 0 0 456960 1 cont1 5230 286747296 739228896 16384 456960 2 cont2 0 0 0 0 456960 20 cont20 5230 287059872 738930528 16384 456960 26 cont26 0 0 0 0 456960 256 Default 8 519400 0 0 456960 1 cont1 5222 288084192 742853160 16384 456960 2 cont2 0 0 0 0 456960 20 cont20 5238 288400992 742550760 16384 456960 26 cont26 0 0 0 0 456960 256 Default 8 521578 0 0 456960 Table 5-52 Bandwidth Management Contract Rate Statistics (/stats/bwm/rcont) Statistics Contract Name Rate (in Kbps) Description The contract number.------. Octets Discards BufUsed BufMax 202 Chapter 5: The Statistics Menu 315393-J. The contract name.0.

Use this command to show the history of all the contracts for which history command is enabled.23.124 3 filter_number03 0 0 20030910:15:11/ -8:00 47. The number of octets discarded because of seeing more traffic than the bandwidth contract limit permits.80.124 256 Default 608 0 20030910:15:11/ -8:00 Switch IP Cont Name Octets You can dump the stats kept in the SMTP history buffer that get dumped periodically when an E-mail is sent.23. The sampling is done at one-minute intervals.80. This command is used to keep long term history only for the contracts that are enabled and have history command turned on.124 8 filter_number08 0 0 20030910:15:11/ -8:00 47.---------47.23.124 1 filter_number01 0 0 20030910:15:11/ -8:00 47.23.23.80. January 2005 Chapter 5: The Statistics Menu 203 . Indicates the time the packets were received or discarded.---------.---.80.124 9 filter_number09 0 0 20030910:15:11/ -8:00 47.80.124 5 filter_number05 0 0 20030910:15:11/ -8:00 47.80.124 10 filter_number10 0 0 20030910:15:11/ -8:00 47.23.23.Alteon OS 22.124 7 filter_number07 0 0 20030910:15:11/ -8:00 47.23.80.23. The number of octets sent out on a particular contract. Table 5-53 Bandwidth Management History Statistics (/stats/bwm/hist) Statistics Contract Octets Discards Description The contract number for which history is enabled.124 2 filter_number02 0 0 20030910:15:11/ -8:00 47.80.---------------.80. TimeStamp 315393-J.23.---------.23.80.124 6 filter_number06 0 0 20030910:15:11/ -8:00 47.124 4 filter_number04 0 0 20030910:15:11/ -8:00 47.2 Command Reference /stats/bwm/hist BWM History Statistics Discards TimeStamp YyyyMmDd:Hr:Mi/TmZone --------------.80.0.

---------0 20 0 0 20 204 Chapter 5: The Statistics Menu 315393-J. January 2005 .0.---------10 0 10 0 0 10 11 0 10 0 0 10 ---------.2 Command Reference /stats/bwm/maint BWM Maintenance Statistics BWM Maint statistics -----------------------------------------------------------------Maint Stats for rate limiting contracts Discard pkts 0 Discard octets 0 Out pkts 0 Out octets 0 Transmit failed 0 User Limit entry allocation failures 0 -----------------------------------------------------------------Maint Stats for traffic shaping contracts QFull Discard pkts 0 QFull Discard octets 0 Out of buffers pkts 0 Out of buffers pkts 0 Transmit failed 0 TDT set when qfull 0 TDT set between soft and hard 0 TDT set at soft 0 /stats/bwm/ipusers BWM IP Users Statistics This command displays the number of BWM IP user entries for each BWM contract for each SP.---------.---------.---------.---------.---------.---------. BWM IP users statistics Contract SP1 SP2 SP3 SP4 Total -------.---------.Alteon OS 22.

ucb Displays all UDP control blocks that are in use.Show All UDP control blocks in use sfd . sfd Displays all Socket File Descriptors that are in use.Show memory stats Table 5-54 Management Processor Statistics Menu Options (/stats/mp) Command Syntax and Usage pkt Displays packet statistics.Show All Socket FD in use cpu . cpu Displays CPU utilization for periods of up to 1.Show Packet and TCP stats tcb . To view a sample output and a description of the stats. To view a sample output. To view a sample output and a description of the stats. 4. to check for leads and load. see page 208.2 Command Reference /stats/mp Management Processor Statistics [MP-specific Statistics Menu] pkt . tcb Displays all TCP control blocks that are in use. 315393-J.0.Show CPU utilization mem . see page 206. see page 209. January 2005 Chapter 5: The Statistics Menu 205 . see page 209.Show All TCP control blocks in use ucb . To view a sample output. To view a sample output and a description of the stats.Alteon OS 22. mem Displays memory statistics. see page 208. and 64 seconds.

0.2 Command Reference /stats/mp/pkt MP Packet Statistics Packet counts: allocs: mediums: jumbos: smalls: alloc fails: TCP counts: allocs: current: alloc fails: 89262 0 0 0 0 4866 46 0 frees: mediums hi-watermark: jumbos hi-watermark: smalls hi-watermark: packet discards: frees: current hi-watermark: alloc discards: 89262 4 0 4 0 4827 146 0 Table 5-55 Packet Statistics (/stats/mp/pkt) Statistics Packet counts: allocs Total number of packet allocations from the packet buffer pool by the TCP/IP protocol stack. Total number of packet allocations with size between 128 to 1536 bytes from the packet buffer pool by the TCP/IP protocol stack. 206 Chapter 5: The Statistics Menu 315393-J. Total number of packet allocation failures from the packet buffer pool by the TCP/IP protocol stack. Total number of packet allocations with size between 1536 bytes to 9K bytes from the packet buffer pool by the TCP/IP protocol stack. Total number of times the packet buffers are freed (released) to the packet buffer pool by the TCP/IP protocol stack. Description frees mediums jumbos smalls alloc fails frees mediums hi-watermark jumbos hi-watermark The highest number of packet allocation with size between 1536 bytes to 9K bytes from the packet buffer pool by the TCP/IP protocol stack. smalls hi-watermark The highest number of packet allocation with size less than 128 bytes from the packet buffer pool by the TCP/IP protocol stack. January 2005 . Total number of packet allocations with size less than 128 bytes from the packet buffer pool by the TCP/IP protocol stack.Alteon OS 22. The highest number of packet allocation with size between 128 to 1536 bytes from the packet buffer pool by the TCP/IP protocol stack. Total number of packets freed from the packet buffer pool by the TCP/IP protocol stack.

0. The packets are discarded because buffer resources are not available or the buffer threshold is reached and the low priority packets are discarded.2 Command Reference Table 5-55 Packet Statistics (/stats/mp/pkt) Statistics packet discards Description The number of packets that are discarded by the MP.Alteon OS 22. TCP counts: allocs Total number of TCP packet allocations from MP memory by the TCP/IP protocol stack. Total number of TCP packet allocations from MP memory by the TCP/IP protocol stack. Total number of times the TCP packet buffers are freed (released) to MP memory by the TCP/IP protocol stack. The highest number of TCP packet allocation from MP memory by the TCP/IP protocol stack. The number of TCP packets that are discarded by the MP. January 2005 Chapter 5: The Statistics Menu 207 . Total number of TCP packet allocation failures from MP memory by the TCP/IP protocol stack. current alloc fails frees current hi-watermark alloc discards 315393-J. The packets are discarded because MP memory resources are not available.

27.0.80.59 80/23 listen/established Description Memory Destination IP address Destination port Source IP Source port State /stats/mp/ucb UCB Statistics All UDP allocated control blocks: 161: listen 1985: listen 3122: listen Table 5-57 UCB Statistics on MP (/stats/mp/ucb) Field 161/1985/3122 Listen Description UDP port number State 208 Chapter 5: The Statistics Menu 315393-J.0.81.0.16. January 2005 .0.27.59 80 23 listen established Table 5-56 MP Specified TCP Statistics (/stats/mp/tcb) Statistics 117f6d00/117f81a8 0.80.0.0/47.6 0/1331 0.16.6 1331 <=> 47.0 0 <=> 0.0.81.0.Alteon OS 22.0.0 117f81a8: 47.2 Command Reference /stats/mp/tcb TCP Statistics All TCP allocated control blocks: 117f6d00: 0.0.0/47.

88.31 0 <=> 47.133.31 81 23 22 443 listen listen listen listen TCP TCP TCP TCP /stats/mp/cpu CPU Statistics This menu option enables you to display the CPU utilization statistics on MP.88.0.0.0 server 0 <=> 47.0.0.0.88. CPU utilization: cpuUtil1Second: cpuUtil4Seconds: cpuUtil64Seconds: 100% 100% 100% Table 5-58 CPU Statistics (stats/mp/cpu) Statistics cpuUtil1Second Description The percentage of CPU utilization as measured over the last one second interval. The percentage of CPU utilization as measured over the last 64 second interval.0.0.133.0 server 1 -1 17 108c5bd8: 0. cpuUtil4Seconds cpuUtil64Seconds 315393-J.31 0 <=> 47.0. January 2005 Chapter 5: The Statistics Menu 209 .0 server 2 -1 18 108d5cfc: 0.133.0 server 3 -1 19 1180a258: 0.133.0. The percentage of CPU utilization as measured over the last four second interval.88.31 0 <=> 47.Alteon OS 22.2 Command Reference /stats/mp/sfd MP-Specific SFD Statistics All Socket FD allocated: 0 -1 16 1180b128: 0.

To view a sample output and a description of the stats. and MP DOS shield statistics. Displays what percentage of the CPU has been utilized. see page 211.Show maintenance stats clear .0.2 Command Reference /stats/sp <SP Number> SP Specific Statistics [SP-specific Statistics Menu] maint . See page 211 for a sample output. Deletes all the maintenance statistics. Layer 2 FDB maintenance statistics.Clear maintenance stats cpu . January 2005 .Alteon OS 22.Show CPU utilization Table 5-59 SP Specific Statistics (/stats/sp) Statistics maint Description Displays internal statistics. clear cpu 210 Chapter 5: The Statistics Menu 315393-J.

Alteon OS 22. 315393-J. January 2005 Chapter 5: The Statistics Menu 211 . CPU utilization for SP 1: cpuUtil1Second: cpuUtil4Seconds: cpuUtil64Seconds: 6% 6% 6% Table 5-60 CPU Statistics (stats/sp/cpu) Statistics cpuUtil1Second Description The percentage of CPU utilization as measured over the last one second interval.0.2 Command Reference /stats/sp <SP number>/maint SP-Specific Maintenance Statistics Maintenance statistics for SP 1: Receive Letter success from MP: 158648 Receive Letter success from SP 2: 0 Receive Letter success from SP 3: 0 Receive Letter success from SP 4: 0 Receive Letter errors from MP: 0 Receive Letter errors from SP 2: 0 Receive Letter errors from SP 3: 0 Receive Letter errors from SP 4: 0 Send Letter success to MP: 125516 Send Letter success to SP 2: 0 Send Letter success to SP 3: 6799 Send Letter success to SP 4: 6791 Send Letter failures to MP: 0 Send Letter failures to SP 2: 0 Send Letter failures to SP 3: 0 Send Letter failures to SP 4: 0 learnErrNoddw: 0 resolveErrNoddw: ageMPNoddw: 0 deleteMiss: pfdbFreeEmpty: 0 arpDiscards: 0 icmpDiscards: tcpDiscards: 0 udpDiscards: 0 0 0 0 /stats/sp/cpu CPU Statistics This menu option enables you to display the CPU utilization statistics on the Switch Processor (SP).

see page 213. see page 214. see page 216. January 2005 . ratelim Displays the Rate Limiting statistics menu.DoS Attack Statistics Menu ipacl .Show pattern match group statistics ratelim . cpuUtil64Seconds /stats/security Security Statistics [Security Statistics Menu] dos .0. To view a sample output and a description of the statistics. see page 215. see page 216. To view a sample output and a description of the stats. pgroup Displays the Pattern Match Group statistics menu.2 Command Reference Table 5-60 CPU Statistics (stats/sp/cpu) Statistics cpuUtil4Seconds Description The percentage of CPU utilization as measured over the last four second interval.Show rate limiting statistics dump . udpblast Displays the UDP Blast statistics menu. To view a sample output and a description of the statistics. To view a sample output and a description of the stats. To view a sample output and a description of the statistics. The percentage of CPU utilization as measured over the last 64 second interval. ipacl Displays the IP Address Access Control List statistics menu.Alteon OS 22.IP Address ACL Statistics Menu udpblast . 212 Chapter 5: The Statistics Menu 315393-J.Dump all security statistics Command Syntax and Usage dos Displays the DOS Attack statistics menu.UDP Blast Statistics Menu pgroup .

clear Deletes all DOS attack statistics.Dump all DoS attack statistics clear . PortZero. on the selected port only. 315393-J. /stats/security/dos DOS Attack Statistics Menu [DoS Attack Statistics Menu] port .Alteon OS 22. help Displays a description of each type of DOS attack by name and how it works. see “Types of DOS Attacks” on page 214. Nullscan. dump Displays the number of times the packets were dropped on the switch. Blat For a description of these different types of DOS attacks. for each of the following types of DOS attacks: Smurf.2 Command Reference Command Syntax and Usage dump Displays all security statistics.Clear all DoS attack statistics help . January 2005 Chapter 5: The Statistics Menu 213 . ScanSynFin. LandAttack. Xmascan.0.Port DoS attack statistics dump .DoS attack statistics description Table 5-61 DOS Attacks Statistics Menu Options (/stats/security/dos) Command Syntax and Usage port <port number> Displays the number of times the packets were dropped for each of the following types of DOS attacks. Fraggle.

255). Fraggle. Nullscan.x. LandAttack. 214 Chapter 5: The Statistics Menu 315393-J.Clear all access control Stats Table 5-62 IPACL Security Statistics Menu Options (/stats/security/ipacl) Command Syntax and Usage dump Displays the accumulated blocked packets for each IP address and mask pair.Alteon OS 22.IP address access control Stats clear . PortZero: TCP/UDP Packets with either source/destination port is zero. ScanSynFin: SYN and FIN bits are set in the packet. and ScanSynFin.255). URG and PSH bits are set. /stats/security/ipacl IP Access Control List Statistics The following IP Access Control List statistics can be viewed with this command: [IP ACL Statistics Menu] dump . Nullscan: TCP sequence number is zero and all control bits are zeros. Enable DOS protection on ports connected to any network that could be the source of an attack. Blat: TCP packets with SIP!=DIP and SPORT=DPORT. Xmascan. Fraggle: The UDP packet to a broadcast destination IP(x.0.x. LandAttack: Packets with source IP equal destination IP. January 2005 . You can use the help command to obtain a brief explanation of each type of DOS attack detected by the switch.x.2 Command Reference Types of DOS Attacks Alteon OS can protect switch ports against a variety of Denial of Service (DOS) attacks including Port Smurf. Refer to your Alteon OS Application Guide for a detailed description of DOS attacks. PortZero. clear Deletes all the statistics of accumulated blocked packets.x. Xmascan: TCP sequence number is zero and the FIN. >> /stats/security/dos help Smurf: The ICMP ping request to a broadcast destination IP(x.

Alteon OS 22.UDP Blast Stats clear . clear Deletes all the accumulated blocked packets. The number of blocked packets. January 2005 Chapter 5: The Statistics Menu 215 . Displays the current rate of packet to the UDP port.2 Command Reference /stats/security/udpblast UDP Blast Statistics [UDP Blast Statistics Menu] dump .Clear all UDP Blast Stats Table 5-63 UDP Blast Statistics Menu Options (/stats/security/udpblast) Command Syntax and Usage dump Displays all the accumulated blocked packets for each port. 315393-J.0. See page 215 for a sample output and a description of the statistics. and the current packet rate per second. /stats/security/udpblast/dump UDP Blast Dump Statistics UDP blast protection stats: UDP Port Blocked Packets ------------------------Current Packet Rate/Second -------------------------- Table 5-64 UDP Blast Dump Statistics Parameters (/stats/security/udpblast/dump) Field UDP Port Blocked Packets Current Packet Rate/ Second Description UDP ports that experienced UDP blast attacks.

216 Chapter 5: The Statistics Menu 315393-J.2 Command Reference /stats/security/pgroup UDP Pattern Match Statistics Pattern Match Group stats: ID Name 1 Hits 0 This menu displays how many times each configured pattern group has been matched and a subsequent filtering action performed. /stats/security/ratelim Rate Limiting Statistics Rate limiting stats: TCP: Total hold downs triggered: Current per-client state entries: UDP: Total hold downs triggered: Current per-client state entries: ICMP: Total hold downs triggered: Current per-client state entries: 0 0 0 0 0 0 Table 5-65 Rate Limiting Statistics (/stats/security/ratelim) Field Total holds down triggered Current per-client state entries Description The total number of packets dropped after the hold-down period expired. January 2005 .Alteon OS 22. Pattern groups are configured in the “Pattern Matching Menu” on page 350.0. The total number of per-client state entries for TCP/UDP/ICMP rate limiting.

2 Command Reference /stats/security/dump Dump Statistics for Security IP ACL stats: Address Blocked Packets ---------------------------------------------------------------------------------------------UDP blast protection stats: UDP Port Blocked Packets Current Packet Rate/Second ------------------------------------------------------------------------------------------------------------------Pattern Match Group stats: ID Name Hits 1 0 100 0 101 0 -----------------------------------------------------------------Rate limiting stats: TCP: Total hold downs triggered: Current per-client state entries: UDP: Total hold downs triggered: Current per-client state entries: ICMP: Total hold downs triggered: Current per-client state entries: 0 0 0 0 0 0 315393-J. January 2005 Chapter 5: The Statistics Menu 217 .Alteon OS 22.0.

2 Command Reference /stats/snmp SNMP Statistics NOTE – You can reset the SNMP counter to zero by using clear command as follows: >> Statistics# snmp clear SNMP statistics: snmpInPkts: snmpInBadC'tyNames: snmpInASNParseErrs: snmpOutPkts: snmpInTooBigs: snmpInBadValues: snmpInGenErrs: snmpInTotalSetVars: snmpInGetNexts: snmpInGetResponses: snmpOutTooBigs: snmpOutBadValues: snmpOutGenErrs: snmpOutGetNexts: snmpOutGetResponses: snmpSilentDrops: 150097 0 0 150097 0 0 0 2731 131389 0 0 0 1 0 150093 0 snmpInBadVersions: snmpInBadC'tyUses: snmpEnableAuthTraps: snmpInBadTypes: snmpInNoSuchNames: snmpInReadOnlys: snmpInTotalReqVars: snmpInGetRequests: snmpInSetRequests: snmpInTraps: snmpOutNoSuchNames: snmpOutReadOnlys: snmpOutGetRequests: snmpOutSetRequests: snmpOutTraps: snmpProxyDrops: 0 0 0 0 0 0 798464 17593 615 0 1 0 0 0 4 0 SNMPv3 Statistics: snmpUnknownSecurityModels: snmpInvalidMsgs: snmpUnknownPDUHandlers: snmpUnknownContexts: snmpUnavailableContexts: usmStatsUnsupportedSecLevels: usmStatsNotInTimeWindows: usmStatsUnknownUserNames: usmStatsUnknownEngineIDs: usmStatsWrongDigests: usmStatsDecryptionErrors: 0 0 0 0 0 0 0 2 2 0 0 Table 5-66 SNMP Statistics (/stats/snmp) Statistics snmpInPkts Description The total number of Messages delivered to the SNMP entity from the transport service.0.Alteon OS 22. 218 Chapter 5: The Statistics Menu 315393-J. January 2005 .

Note: OSI's method of specifying abstract objects is called ASN. The total number of valid SNMP Protocol Data Units (PDUs).1 is a flexible notation that allows one to define a variety of data types. which contains the value `read-Only' in the error-status field. January 2005 Chapter 5: The Statistics Menu 219 . The total number of SNMP Messages which were passed from the SNMP protocol entity to the transport service. which were delivered to the SNMP protocol entity and were for an unsupported SNMP version. defined in X. It should be noted that it is a protocol error to generate an SNMP PDU. The total number of SNMP Messages which failed ASN parsing. The total number of SNMP Messages delivered to the SNMP entity which used an SNMP community name not known to the said entity (the switch). defined in X. ASN. The total number of SNMP Messages delivered to the SNMP protocol entity which represented an SNMP operation which was not allowed by the SNMP community named in the Message. snmpInBadC'tyNames snmpInBadC'tyUses snmpInASNParseErrs snmpEnableAuth Traps snmpOutPkts snmpInBadTypes snmpInTooBigs snmpInNoSuchNames snmpInBadValues snmpInReadOnlys 315393-J.1 or BER errors encountered by the SNMP protocol entity when decoding SNMP Messages received. and one set of rules for representing such objects as strings of ones and zeros is called the BER (Basic Encoding Rules. As such.208).1 (Abstract Syntax Notation One. The total number of SNMP Protocol Data Units (PDUs) which were delivered to the SNMP protocol entity and for which the value of the error-status field is badValue. BER describes how to represent or encode values of each ASN. The total number of SNMP Protocol Data Units (PDUs) which were delivered to the SNMP protocol entity and for which the value of the error-status field is noSuchName.209).1 type as a string of eight-bit octets. from simple types such as integers and bit strings to structured types such as sets and sequences. this object is provided as a means of detecting incorrect implementations of the SNMP.Alteon OS 22.0.2 Command Reference Table 5-66 SNMP Statistics (/stats/snmp) Statistics snmpInBadVersions Description The total number of SNMP Messages. The total number of SNMP Protocol Data Units (PDUs) which were delivered to the SNMP protocol entity and for which the value of the error-status field is too big. which were delivered to the SNMP protocol entity and for which the value of the error-status field is `read-Only'. The total number of ASN. An object to enable or disable the authentication traps generated by this entity (the switch).

The total number of SNMP Protocol Data Units (PDUs). The total number of SNMP Set-Request Protocol Data Units (PDUs). The total number of SNMP Get-Request Protocol Data Units (PDUs). which were generated by the SNMP protocol entity and for which the value of the errorstatus field is badValue. which have been accepted and processed by the SNMP protocol entity. which have been altered successfully by the SNMP protocol entity as a result of receiving valid SNMP SetRequest Protocol Data Units (PDUs). which have been accepted and processed by the SNMP protocol entity. which have been accepted and processed by the SNMP protocol entity. The total number of SNMP Protocol Data Units (PDUs). which were generated by the SNMP protocol entity and for which the value of the errorstatus field is genErr. The total number of SNMP Get-Next Protocol Data Units (PDUs). which have been accepted and processed by the SNMP protocol entity. which have been generated by the SNMP protocol entity. The total number of SNMP Protocol Data Units (PDUs). snmpInTotalReqVars snmpInTotalSetVars snmpInGetRequests snmpInGetNexts snmpInSetRequests snmpInGetResponses snmpInTraps snmpOutTooBigs snmpOutNoSuchNames snmpOutBadValues snmpOutReadOnlys snmpOutGenErrs snmpOutGetRequests 220 Chapter 5: The Statistics Menu 315393-J. which were generated by the SNMP protocol entity and for which the value of the errorstatus field is too big. which were delivered to the SNMP protocol entity and for which the value of the error-status field is genErr. The total number of SNMP Protocol Data Units (PDUs).0. The total number of SNMP Get-Response Protocol Data Units (PDUs). The total number of MIB objects which have been retrieved successfully by the SNMP protocol entity as a result of receiving valid SNMP GetRequest and Get-Next Protocol Data Units (PDUs). The total number of MIB objects. The total number of SNMP Trap Protocol Data Units (PDUs).2 Command Reference Table 5-66 SNMP Statistics (/stats/snmp) Statistics snmpInGenErrs Description The total number of SNMP Protocol Data Units (PDUs). Not in use. January 2005 . which were generated by the SNMP protocol entity and for which the value of the errorstatus is noSuchName.Alteon OS 22. which have been accepted and processed by the SNMP protocol entity. The total number of SNMP Get-Request Protocol Data Units (PDUs).

which have been generated by the SNMP protocol entity.0. The total number of SNMP Get-Response Protocol Data Units (PDUs).2 Command Reference Table 5-66 SNMP Statistics (/stats/snmp) Statistics snmpOutGetNexts Description The total number of SNMP Get-Next Protocol Data Units (PDUs). snmpInvalidMsgs snmpUnknownPDUHandlers snmpUnknownContexts snmpUnavailableContexts 315393-J. The total number of GetRequest-PDUs. which have been generated by the SNMP protocol entity. and InformRequest-PDUs delivered to the SNMP entity which were silently dropped because the transmission of the message to a proxy target failed in a manner such that no Response-PDU could be returned. SetRequest-PDUs. January 2005 Chapter 5: The Statistics Menu 221 . The total number of SNMP Trap Protocol Data Units (PDUs). The total number of SNMP Set-Request Protocol Data Units (PDUs). which have been generated by the SNMP protocol entity. The total number of packets received by the SNMP engine which were dropped because the context contained in the message was unavailable. GetBulkRequest-PDUs. GetNextRequest-PDUs.Alteon OS 22. The total number of packets received by the SNMP engine which were dropped because there were invalid or inconsistent components in the SNMP message. The total number of packets received by the SNMP engine which were dropped because the PDU contained in the packet could not be passed to an application responsible for handling the pduType. which have been generated by the SNMP protocol entity. GetNextRequest-PDUs. The total number of GetRequest-PDUs. snmpOutSetRequests snmpOutGet Responses snmpOutTraps snmpSilentDrops snmpProxyDrops SNMPv3 Statistics: snmpUnknownSecurityModels The total number of packets received by the SNMP engine which were dropped because they referenced a securityModel that was not known to or supported by the SNMP engine. SetRequest-PDUs. no SNMP application had registered for the proper combination of the contextEngineID and the pduType. GetBulkRequest-PDUs. and InformRequest-PDUs delivered to the SNMPv2 entity which were silently dropped because the size of a reply containing an alternate ResponsePDU with an empty variable bindings field was greater than either a local constraint or the maximum message size associated with the originator of the request. The total number of packets received by the SNMP engine which were dropped because the context contained in the message was unknown. for example.

the switch can accurately update its internal clock to be consistent with other devices on the network and generates accurate syslogs. The total number of packets received by the SNMP engine which were dropped because they referenced a user that was not known to the SNMP engine. With NTP enabled. NTP statistics: Primary Server: Requests Sent: 17 Responses Received: 17 Updates: 1 Secondary Server: Requests Sent: 0 Responses Received: 0 Updates: 0 Last update based on response from primary server. The total number of packets received by the SNMP engine which were dropped because they referenced an snmpEngineID that was not known to the SNMP engine. The total number of packets received by the SNMP engine which were dropped because they could not be decrypted.0. January 2005 . usmStatsNotInTimeWindows usmStatsUnknownUserNames usmStatsUnknownEngineIDs usmStatsWrong Digests usmStatsDecryption Errors /stats/ntp NTP Statistics Alteon OS uses NTP (Network Timing Protocol) version 3 to synchronize the switch’s internal clock with an atomic time calibrated NTP server. Last update time: 18:04:16 Tue Jul 13. The total number of packets received by the SNMP engine which were dropped because they didn't contain the expected digest value. 2004 222 Chapter 5: The Statistics Menu 315393-J.2 Command Reference Table 5-66 SNMP Statistics (/stats/snmp) Statistics usmStatsUnsupportedSecLevels Description The total number of packets received by the SNMP engine which were dropped because they requested a securityLevel that was unknown to the SNMP engine or otherwise unavailable. The total number of packets received by the SNMP engine which were dropped because they appeared outside of the authoritative SNMP engine's window. 2004 Current system time: 18:55:49 Tue Jul 13.Alteon OS 22.

Responses Received: The total number of NTP responses received from the secondary NTP server. Updates: The total number of times the switch updated its time based on the NTP responses received from the secondary NTP server. Last update based on response from primary server Last update time Current system time Last update of time on the switch based on either primary or secondary NTP response received. The switch system time when the command /stats/ntp was issued. 315393-J.Alteon OS 22. January 2005 Chapter 5: The Statistics Menu 223 . NOTE – You can issue /stats/ntp/clear command to delete all statistics. The time stamp showing the time when the switch was last updated. Updates: The total number of times the switch updated its time based on the NTP responses received from the primary NTP server. Secondary Server Requests Sent: The total number of NTP requests the switch sent to the secondary NTP server to synchronize time.0. Responses Received: The total number of NTP responses received from the primary NTP server.2 Command Reference Table 5-67 NTP Statistics Parameters (/stats/ntp) Field Primary Server Description Requests Sent: The total number of NTP requests the switch sent to the primary NTP server to synchronize time.

The total number of incoming packets successfully transferred by the interface.Port Mirroring Stats clear . /stats/mgmt Management Port Statistics Management port interface RX bytes: RX packets: RX errors: RX dropped: RX overruns: RX frame errors: RX multicast: statistics: 0 TX bytes: 0 TX packets: 0 TX errors: 0 TX dropped: 0 TX overruns: 0 TX carrier errors: 0 TX collisions: 0 0 0 0 0 0 0 Table 5-69 Management Port Statistics (/stats/mgmt) Statistics RX bytes Description The total number of incoming bytes successfully transferred by the interface.Clear all Port Mirroring Stats Table 5-68 Port Mirroring Command Syntax and Usage dump Displays the port number.Alteon OS 22. January 2005 . The number of bad packets received.2 Command Reference /stats/pm Port Mirroring Statistics Menu [Port Mirroring Statistics Menu] dump .0. and the statistics of the traffic on the ingress and egress ports. CAUTION—Use this command carefully as it will delete all statistics permanently. clear Deletes all the port mirroring statistics. RX packets RX errors 224 Chapter 5: The Statistics Menu 315393-J.

The total number of outgoing bytes successfully transferred by the interface. 315393-J. depending on your configuration). set your communication software on your workstation to capture session data prior to issuing the dump commands. January 2005 Chapter 5: The Statistics Menu 225 . Collisions occur when two or more stations are transmitting signals at the same time. Not applicable. The number of packets dropped due to lack of transmit buffers. The number of packets dropped because size exceeded that of the transmit queue. If you want to capture dump data to a file.Alteon OS 22. RX overruns RX frame errors RX multicast TX bytes TX packets TX errors TX dropped TX overruns TX carrier errors TX collisions /stats/dump Dump Statistics Use the dump command to dump all switch statistics available from the Statistics Menu (40K or more. The number of packets dropped due to transmission problems. The number of multicast packets received.2 Command Reference Table 5-69 Management Port Statistics (/stats/mgmt) Statistics RX dropped Description The number of incoming packets that were dropped due to lack of receive buffers. The number of received packets that were dropped because their size exceeded that of the receive queue. The total number of outgoing packets successfully transferred by the interface. This data can be used to tune or debug switch performance.0. The number of incoming packets dropped due to IP framing errors. The number of collisions due to congestion on the medium.

January 2005 .2 Command Reference 226 Chapter 5: The Statistics Menu 315393-J.Alteon OS 22.0.

To view menu options. January 2005 .System-wide Parameter Menu port . To view menu options. although not new.CHAPTER 6 The Configuration Menu This chapter discusses how to use the Command Line Interface (CLI) for making. /cfg Configuration Menu [Configuration Menu] sys . display more or different information than in the previous version.Layer 2 Menu l3 . viewing. see page 231. To make finding information easier.Step by step configuration set up dump .Port Menu pmirr . Many of the commands.Security Menu setup .Server Load Balancing (Layer 4-7) Menu security . port <port number> Displays the Port Configuration Menu.Restore current configuration from tftp server Table 6-1 Configuration Menu Options (/cfg) Command Syntax and Usage sys Displays the System-wide parameter Configuration Menu. see page 265. the menu options under the Server Load Balancing Menu (/cfg/slb) are in Chapter 7.Dump current configuration to script file ptcfg . 227 315393-J.Backup current configuration to tftp server gtcfg . and saving switch configuration changes. Important difference are called out in the text.Port Mirroring Menu bwm .Bandwidth Management Menu l2 .Layer 3 Menu slb .

Alteon OS 22. bwm Displays the Bandwidth Management Configuration Menu. While configuration changes are in the pending state. dump Dumps current configuration to a script file. and Saving Changes As you use the configuration menus to set switch parameters. For details. l2 Displays Layer 2 Configuration Menu.2 Command Reference Table 6-1 Configuration Menu Options (/cfg) Command Syntax and Usage pmirr Displays the Mirroring Configuration Menu. slb Displays the Server Load Balancing Configuration Menu. security Displays the Security Menu. For details. gtcfg <host name or IP address of TFTP server> <filename on host> Restores current configuration from TFTP server. see Chapter 7. see page 299. To view menu options. Applying. Viewing. see page 353. “The SLB Configuration Menu”. Also. To view menu options. January 2005 . see page 279. For details. the changes you make do not take effect immediately. l3 Displays Layer 3 Configuration Menu.0. For details. see page 348. see page 278. ptcfg <host name or IP address of TFTP server> <filename on host> Backs up current configuration to TFTP server. any changes are lost the next time the switch boots unless the changes are explicitly saved. To view menu options. see page 354. To view menu options. see page 287. To view menu options. setup Step-by-step configuration set-up of the switch. see page 354. All changes are considered “pending” until you explicitly apply them. you can do the following: View the pending changes Apply the pending changes Save the changes to flash memory 228 Chapter 6: The Configuration Menu 315393-J. see page 353. To view menu options.

NOTE – All configuration changes take effect immediately when applied.0. except for starting Spanning Tree Protocol. # apply NOTE – The apply command is a global command. January 2005 Chapter 6: The Configuration Menu 229 . enter the following command at any CLI prompt: # save 315393-J. Saving the Configuration In addition to applying the configuration changes. you must apply the changes. you can save them to flash memory on the Alteon Application Switch. you can enter apply at any prompt in the administrative interface. they will be lost the next time the system is rebooted.2 Command Reference Viewing Pending Changes You can view all pending configuration changes by entering diff at the menu prompt. NOTE – If you do not save the changes. enter apply at any prompt in the CLI. you can enter diff at any prompt in the CLI. NOTE – The diff command is a global command. Therefore. Therefore. To save the new configuration. and then reset the switch (see “Resetting the Switch” on page 448). you must apply them. To turn STP on or off.Alteon OS 22. save them (see below). To apply configuration changes. Applying Pending Changes To make your configuration changes active.

the changes are saved to the active configuration block. 230 Chapter 6: The Configuration Menu 315393-J. The configuration being replaced by the save is first copied to the backup configuration block. Your options include: The active configuration block The backup configuration block Factory default configuration You can view all pending configuration changes that have been applied but not saved to flash memory using the diff flash command. January 2005 . For instructions on selecting the configuration to run at the next system reset. enter the following instead: # save n You can decide which configuration you want to run the next time you reset the switch.Alteon OS 22.0. see “Selecting a Configuration Block” on page 447. If you do not want the previous configuration block copied to the backup configuration block. It is a global command that can be executed from any menu.2 Command Reference When you save configuration changes.

Table 6-2 System Configuration Menu Options (/cfg/sys) Command Syntax and Usage syslog Displays the Syslog Menu. To view menu options. mmgmt Displays Management Port Menu. see page 237. see page 233. see page 234. radius Displays the RADIUS Authentication Menu. January 2005 Chapter 6: The Configuration Menu 231 . see page 240. To view menu options. sshd Displays the SSH Server Menu. To view menu options.Alteon OS 22. tacacs Displays TACACS+ authentication Menu. and management access list. see page 239.2 Command Reference /cfg/sys System Configuration [System Menu] syslog mmgmt sshd radius tacacs ntp sonmp ssnmp health access date time idle notice bannr smtp hprompt bootp cur Syslog Menu Management Port Menu SSH Server Menu RADIUS Authentication Menu TACACS+ Authentication Menu NTP Server Menu SONMP Menu System SNMP Menu System Health Check Menu System Access Menu Set system date Set system time Set timeout for idle CLI sessions Set login notice Set login banner Set SMTP host Enable/disable display hostname (sysName) in CLI prompt Enable/disable use of BOOTP Display current system-wide parameters This menu provides configuration of switch management parameters such as user and administrator privilege mode passwords.0. 315393-J. To view menu options. Web-based management settings. To view menu options.

smtp <SMTP host name or IP address> Sets the Simple Mail Transfer Protocol (SMTP) host. idle <idle timeout in minutes. When a user or administrator logs into the switch. To view menu options.2 Command Reference Table 6-2 System Configuration Menu Options (/cfg/sys) Command Syntax and Usage ntp Displays the Network Time Protocol (NTP) Server Menu. which is used for sending bandwidth management history information. bootp disable|enable Enables or disables the use of BOOTP. bannr <string. To view menu options. ssnmp Displays the System SNMP Menu. January 2005 . maximum 80 characters> Configures a login banner of up to 80 characters. cur Displays the current system parameters. To view menu options. see page 259. To view menu options. If you enable BOOTP. time Configures the system time using a 24-hour clock format. notice <max 1024 char multi-line login notice> <'-' to end> Displays login notice immediately before the “Enter password:” prompt. see page 244. This command is disabled by default. It is also displayed as part of the output from the /info/sys command. see page 243. hprompt disable|enable Enables or disables displaying of the host name (system administrator’s name) in the Command Line Interface (CLI).0. health Displays system health check menu. The default is 5 minutes. sonmp Displays the SynOptics Network Management Protocol (SONMP) menu. access Displays System Access Menu. from 1 to 10080 minutes. affects both console and Telnet> Sets the idle timeout for CLI sessions. see page 242. the switch will query its BOOTP server for all of the switch IP parameters. To view menu options.Alteon OS 22. This notice can contain up to 1024 characters and new lines. the login banner is displayed. see page 258. date Prompts the user for the system date. 232 Chapter 6: The Configuration Menu 315393-J.

The default is 7. January 2005 Chapter 6: The Configuration Menu 233 . 315393-J. which means. see page 234. For a detailed description of the seven levels of severity.Alteon OS 22. sever2 <syslog host local severity (0–7)> This option sets the severity level of the second syslog host displayed. sever <syslog host local severity (0–7)> This option sets the severity level of the first syslog host displayed.0. You can choose to enable/ disable specific features (such as vlans. log all the seven severity levels. or enable/disable syslog on all available features.223)> Sets the IP address of the first syslog host. The default is 7. When necessary. see page 234. For a detailed description of the seven levels of severity. 192. disabling console ensures the switch is not affected by syslog messages. cur Displays the current syslog settings. filter). host2 <new syslog host IP address (such as. log <feature|all> <enable|disable> Displays a list of features for which syslog messages can be generated. It is enabled by default.17.17.4. 192. console disable|enable Enables or disables delivering syslog messages to the console. gslb.2 Command Reference /cfg/sys/syslog System Host Log Configuration [Syslog Menu] host host2 sever sever2 facil facil2 console log cur Set IP address of first syslog host Set IP address of second syslog host Set the severity of first syslog host Set the severity of second syslog host Set facility of first syslog host Set facility of second syslog host Enable/disable console output of syslog messages Enable/disable syslogging of features Display current syslog settings Table 6-3 System Configuration Menu Options (/cfg/sys/syslog) Command Syntax and Usage host <new syslog host IP address (such as. The default is 0. The default is 0. which means log all the seven severity levels. facil2 <syslog host local facility (0-7)> This option sets the facility level of the second syslog host displayed.4. facil <syslog host local facility (0-7)> This option sets the facility level of the first syslog host displayed.223)> Sets the IP address of the second syslog host.

the factory default settings for some of the management features remain with the network ports. Debug. This means that corrective action must be taken immediately.2 Command Reference Seven Levels of Severity Following is the description of the seven levels of severity: 0: Emergency. or in some cases. 3: Error. This means that the system is giving a warning. This means that the system is giving out debug-level messages. This means that the system has errors that should be corrected. This means the condition of the system is critical. If this port is disabled. 7. 5: Notice. You can change the defaults by configuring these features to permanently use the management port. 234 Chapter 6: The Configuration Menu 315393-J. SNMP. the Management port saves consuming a port that could otherwise be used for processing data and traffic. 1: Alert. This means that the system is unusable. While the switch can be managed from any network port. and default gateway. If this port is enabled. This means that the system is working but giving out information about certain unfavorable conditions.Alteon OS 22. by using the operational commands to set these options on a one-time basis. subnet mask. January 2005 . This means that the condition of the system is normal but with significant conditions that need attention. and must be enabled before it can be used. the network ports have to perform all switch management (other than the switch management using the console). 6: Informational. /cfg/sys/mmgmt Management Port Configuration Menu The Management port is a Fast Ethernet port that is used exclusively to manage the switch. or HTTP. This port is isolated from and does not participate in the networking protocols that run on the network ports. broadcast address.0. The Management port must be configured with a static IP address. 2: Critical. 4: Warning. This port manages the switch using either telnet CLI.

[Management Port Menu] port .Management Port Phy Menu addr . 192. mask <subnet mask (such as. 192.Enable management port dis . intr <interval (0 . gw <gateway address (such as.0.Set interval between gateway ping attempts retry . 315393-J.4. dns default port mgmt|data Sets DNS over management or data port. retry <number of attempts (1-120> Sets the number of failed ping attempts before a gateway is declared DOWN.255.2 Command Reference NOTE – The Management port does not support BOOTP.1)> Sets the IP address for the default gateway.Set number of failed attempts to declare gateway DOWN dns .Set default port for SYSLOG sonmp .255.17.101)> Sets the IP address.Set default port for SNMP traps syslog .60 seconds)> Sets the interval between gateway ping attempts. addr <IP address (such as.Set default port for DNS ntp .Disable management port cur .Set default port for TFTP ena . see page 237.0)> Sets the subnet mask.Display current configuration Table 6-4 Management Port Configuration Menu Options (/cfg/sys/mmgmt) Command Syntax and Usage port Displays the management port link menu.Set default port for TACACS+ smtp .4.Set subnet mask gw .Set default port for SMTP snmp .Set default port for NTP radius . 255.Alteon OS 22. To view the menu options.Set default port for RADIUS tacacs .Set IP address mask .17.Set default IP for SONMP hello packets tftp . January 2005 Chapter 6: The Configuration Menu 235 . Default is data port.Set default gateway address intr .

Default is data port. smtp default port mgmt|data Sets SMTP over management or data ports.0. When this option is set to mgmt then the Management Port IP address is used in the SONMP hello packets transmitted by the switch. ena Enables the Management port.2 Command Reference Table 6-4 Management Port Configuration Menu Options (/cfg/sys/mmgmt) Command Syntax and Usage ntp default port mgmt|data Sets NTP over management or data ports. The default is data port.Alteon OS 22. then the IP address of the data port interface specified by srcif (/cfg/sys/sonmp/srcif) command is used in the hello packets. sonmp default port mgmt|data Sets default IP address for SONMP hello packets. Default is data port. Default is data port. radius default port mgmt|data Sets RADIUS over management or data ports. Default is data port. Default is data port. 236 Chapter 6: The Configuration Menu 315393-J. But if it is set to data. syslog default port mgmt|data Sets syslog host access over management or data ports. tacacs mgmt|data Sets TACACS+ over management or data ports. snmp default port mgmt|data Sets SNMP trap host over management or data ports. dis Disables the Management port. tftp default port mgmt|data Sets TFTP over management or data port. cur Displays the current configuration. January 2005 . Default is data port.

2 Command Reference /cfg/sys/mmgmt/port Management Port Link Menu [Management Port Link Menu] speed . auto on|off Sets auto negotiation for the port.Set autonegotiation cur . and rcp. mode full|half|any Sets half or full duplex mode. SSH commands are encrypted and secure in several ways. SSH uses RSA public key cryptography for both connection and authentication. sometimes known as Secure Socket Shell. Default is any.Alteon OS 22. Default is any. rlogin. /cfg/sys/sshd SSH Server Configuration Menu Secure Shell (SSH). and passwords are protected by being encrypted. SSH is actually a suite of three utilities .Set full or half duplex mode auto .that are secure versions of the earlier UNIX utilities. January 2005 Chapter 6: The Configuration Menu 237 .0. ssh. 315393-J.Set link speed mode .Display current link configuration Table 6-5 Management Port Link Menu Options (/cfg/sys/mgmt/port) Command Syntax and Usage speed 10|100|any Sets the speed of the link with the Management port. rsh. is a UNIX-based command interface and protocol for securely getting access to a remote computer. By default this command is turned on. and scp . cur Displays the current link configuration.slogin. Both ends of the client/server connection are authenticated using a digital certificate. It is widely used by network administrators to control Web and other kinds of servers remotely.

on Enables the SSH server. hkeygen Generates the RSA host key. SSH scripts can be viewed by using the /cfg/dump command (see page 353).Alteon OS 22. cur Displays the current SSH server configuration.0. When you enter this command. ena Enables SCP.2 Command Reference [SSHD Menu] intrval scpadm hkeygen skeygen sshport ena dis on off cur - Set Interval for generating the RSA server key Set SCP-only admin password Generate the RSA host key Generate the RSA server key Set SSH server port number Enable the SCP apply and save Disable the SCP apply and save Turn SSH server ON Turn SSH server OFF Display current SSH server configuration NOTE – For the Alteon Application Switch. sshport <TCP port number> Sets the SSH server port number. skeygen Generates the RSA server key. Table 6-6 System Configuration Menu Options (/cfg/sys/sshd) Command Syntax and Usage intrval <interval (0-24)> Sets the interval for generating the RSA server key. this menu enables Secure Shell access from any SSH client. RSA host key generation starts immediately. RSA server key generation starts immediately. When you enter this command. dis Disables SCP. scpadm Sets the Secure Copy (SCP)-only admin password. January 2005 . 238 Chapter 6: The Configuration Menu 315393-J.

The default is 3 seconds. between 1500 . timeout <RADIUS server timeout seconds (1-10)> Sets the amount of time.Turn RADIUS authentication ON off . in seconds. 315393-J. secret2 <1-32 character secret> This is the shared secret password between the switch and the secondary RADIUS server(s).Set RADIUS server timeout telnet .3000.Set secondary RADIUS server secret port .Set secondary RADIUS server address secret .Set primary RADIUS server secret secret2 . before a RADIUS server authentication attempt is considered to have failed. port <RADIUS port to configure.2 Command Reference NOTE – The top four commands are only accessible at the serial port /cfg/sys/radius RADIUS Server Configuration [RADIUS Server Menu] prisrv . secret <1-32 character secret> This is the shared secret password between the switch and the primary RADIUS server(s).0.Set RADIUS port retries .Set primary RADIUS server address secsrv . The default is 3 requests. January 2005 Chapter 6: The Configuration Menu 239 . The default is 1645. default 1645> Enter the number of the UDP port to be configured.Alteon OS 22.Enable/disable RADIUS backdoor for telnet on .Display current RADIUS configuration Table 6-7 RADIUS Server Configuration Menu Options (/cfg/sys/radius) Command Syntax and Usage prisrv <IP address> Sets the primary RADIUS server address. retries <RADIUS server retries (1-3)> Sets the number of failed authentication requests before switching to a different RADIUS server.Turn RADIUS authentication OFF cur .Set RADIUS server retries timeout . secsrv <IP address> Sets the secondary RADIUS server address.

0. /cfg/sys/tacacs TACACS+ Server Configuration Menu TACACS (Terminal Access Controller Access Control System) is an authentication protocol that allows a remote access server to forward a user's logon password to an authentication server to determine whether access can be allowed to a given system. TACACS+ offers the following advantages over RADIUS as the authentication device: TACACS+ is TCP-based so it facilitates connection-oriented traffic. Apart from that. 240 Chapter 6: The Configuration Menu 315393-J. Telnet also applies to SSH/SCP connections. It supports full-packet encryption as against password-only in authentication requests. whereas TACACS+ separates the two operations. RADIUS combines authentication and authorization in a user profile. and accounting. authorization. TACACS+ protocol has been implemented on Alteon OS to support the customers that have Cisco’s TACACS+ protocol as their network security feature.2 Command Reference Table 6-7 RADIUS Server Configuration Menu Options (/cfg/sys/radius) Command Syntax and Usage telnet disable|enable Enables or disables the RADIUS back door for telnet. January 2005 . (Both TACACS and TACACS+ are described in Request for Comments 1492. TACACS is an encryption protocol and therefore less secure than TACACS+ and Remote Authentication Dial-In User Service (RADIUS) protocols. off Disables the RADIUS server. cur Displays the current RADIUS server parameters. on Enables the RADIUS server.Alteon OS 22. Supports decoupled authentication. Also.) TACACS+ protocol is seen as more reliable than RADIUS as TACACS+ uses the Transmission Control Protocol (TCP) whereas RADIUS uses the User Datagram Protocol (UDP).

before a TACACS+ server authentication attempt is considered to have failed. The default is 1645. secsrv <IP address> Defines the secondary TACACS+ server address.0. January 2005 Chapter 6: The Configuration Menu 241 . secret2 <1-32 character secret> This is the shared secret between the switch and the secondary TACACS+ server(s).3000. retries <RADIUS server retries. secret <1-32 character secret> This is the shared secret between the switch and the primary TACACS+ server(s). timeout <RADIUS server timeout seconds. 1-10> Sets the amount of time. telnet disable|enable Enables or disables the TACACS+ back door for telnet. The default is 3 seconds. between 1500 .2 Command Reference [TACACS+ Server prisrv secsrv secret secret2 port retries timeout telnet on off cur - Menu] Set primary TACACS+ server address Set secondary TACACS+ server address Set primary TACACS+ server secret Set secondary TACACS+ server secret Set TACACS+ TCP port Set TACACS+ server retries Set TACACS+ server timeout (seconds) Enable/disable TACACS+ backdoor for telnet Turn TACACS+ authentication ON Turn TACACS+ authentication OFF Display current TACACS+ configuration Table 6-8 TACACS+ Server Menu Options (/cfg/sys/tacacs) Command Syntax and Usage prisrv <IP address> Defines the primary TACACS+ server address. default 1645> Enter the number of the TCP port to be configured. on Enables the TACACS+ server.Alteon OS 22. in seconds. port <RADIUS port configure. 315393-J. 1-3> Sets the number of failed authentication requests before switching to a different TACACS+ server. The default is 3 requests. Telnet also applies to SSH/SCP connections.

of the switch you are synchronizing from Greenwich Mean Time (GMT).Alteon OS 22. [NTP Server Menu] prisrv .Enable/Disable daylight savings time on . 242 Chapter 6: The Configuration Menu 315393-J. intrval <resync interval in minutes> Specifies how often the switch will re-synchronize the switch clock with the NTP server.Set NTP timezone offset from GMT dlight . January 2005 .0. The default value is 1440 minutes.Turn NTP service ON off .Set NTP server resync interval tzone . /cfg/sys/ntp NTP Server Configuration This menu enables you to synchronize the switch clock to a Network Time Protocol (NTP) server.Set secondary NTP server address intrval . this option is disabled.Set primary NTP server address secsrv . cur Displays current TACACS+ configuration parameters. secsrv <secondary NTP server IP address> Prompts for the IP address of the secondary NTP server to which you want to synchronize the switch clock. in hours and minutes. tzone <offset from GMT.2 Command Reference Table 6-8 TACACS+ Server Menu Options (/cfg/sys/tacacs) Command Syntax and Usage off Disables the TACACS+ server. By default. in HH:MM> Prompts for the NTP time zone offset. This interval of time will be specified in minutes (1-44640).Turn NTP service OFF cur .Display current NTP configuration Table 6-9 NTP Server Configuration Menu Options (/cfg/sys/ntp) Command Syntax and Usage prisrv <primary NTP server IP address> Prompts for the IP address of the primary NTP server to which you want to synchronize the switch clock.

When enabled. the switch will add an extra hour to the system clock so that it is consistent with the local clock. January 2005 Chapter 6: The Configuration Menu 243 . The following commands add support for the Ethernet Autotopology algorithm and the Bay Topology MIB. 315393-J.Alteon OS 22. off Disables the NTP synchronization service. this option is disabled.0. then the first interface which is up and running is used in the hello packets.2 Command Reference Table 6-9 NTP Server Configuration Menu Options (/cfg/sys/ntp) Command Syntax and Usage dlight disable|enable Disables or enables daylight savings time in the system clock. Table 6-10 System Configuration Menu Options (/cfg/sys/sonmp) Command Syntax and Usage srcif <interface number (1-256)> This command specifies the IP address to be used in the hello packets. The topology algorithm is executed by each Alteon switch on which SONMP is enabled. /cfg/sys/sonmp SynOptics Network Management Protocol Configuration [SONMP Menu] srcif on off cur Set source interface to be used in hello packets Turn Ethernet Autotopology ON Turn Ethernet Autotopology OFF Display current SONMP configuration SynOptics Network Management Protocol (SONMP) is a proprietary network management protocol that is used by Nortel Networks Optivitiy Switch Manager (OSM) to discover Alteon Application Switches on the network. and turns Ethernet Autotopology on. If the interface specified by this command is not up. cur Displays the current NTP service settings. on This command enables the SONMP protocol. By default. on Enables the NTP synchronization service.

2 Command Reference Table 6-10 System Configuration Menu Options (/cfg/sys/sonmp) Command Syntax and Usage off This command disables the SONMP protocol.0. SNMP parameters that can be modified include: System name System location System contact Use of the SNMP system authentication trap function Read community string Write community string Trap community strings 244 Chapter 6: The Configuration Menu 315393-J. Each SNMP message sent to the agent contains a list of management objects to retrieve or to modify. If you are running an SNMP network management station on your network. a management station (client/manager) accesses a set of variables known as MIBs (Management Information Base) provided by the managed device (agent). January 2005 .Alteon OS 22. /cfg/sys/ssnmp System SNMP Configuration Alteon OS supports SNMP-based network management. you can manage the switch using the following standard SNMP MIBs: MIB II (RFC 1213) Ethernet MIB (RFC 1643) Bridge MIB (RFC 1493) An SNMP agent is a software process on the managed device that listens on UDP port 161 for SNMP messages. and turns Ethernet Autotopology off. cur This command displays the current SONMP configuration. In SNMP model of network management.

January 2005 Chapter 6: The Configuration Menu 245 . It can have a maximum of 32 characters. cont <new string (maximum 64 characters)> Configures the name of the system contact. The write community string controls SNMP “set” and “get” access to the switch.Set SNMP trap source interface timeout .Set SNMP "sysLocation" cont . NOTE – This command is applicable only to SNMPv1 and SNMPv2 traps because only the SNMPv1 and SNMPv2 trap packets contain the source IP address that can be set with this command.Display current system SNMP configuration Table 6-11 SNMP Configuration Menu Options (/cfg/sys/ssnmp) Command Syntax and Usage snmpv3 Displays SNMPv3 menu. The name can have a maximum of 64 characters. The location can have a maximum of 64 characters. trsrc <interface number (1-256)> Defines the interface number for SNMP trap source interface.Set SNMP "sysName" locn .Set timeout for the SNMP state machine auth . see page 247. The SNMPv3 packets do not contain this field.SNMPv3 Menu name .Enable/disable SNMP link up/down trap cur . name <new string (maximum 64 characters)> Configures the name for the system. The contact can have a maximum of 64 characters. To view menu options. The default write community string is private. This command enables the user to select one of the configured interfaces as the source interface using the interface number. locn <new string (maximum 64 characters)> Configures the name of the system location. The default read community string is public.Set SNMP write community string trsrc . rcomm <new SNMP read community string (maximum 32 characters)> Configures the SNMP read community string. It can have a maximum of 32 characters.Set SNMP read community string wcomm . The read community string controls SNMP “get” access to the switch.Enable/disable SNMP "sysAuthenTrap" linkt . wcomm <new SNMP write community string (maximum 32 characters)> Configures the SNMP write community string.Alteon OS 22.2 Command Reference [System SNMP Menu] snmpv3 . 315393-J.0.Set SNMP "sysContact" rcomm .

memory is allocated to store the output of the command. The timeout period determines when the resources/memory allocated for the output will be freed. 1-30> Defines the timeout period for SNMP state machine.Alteon OS 22. auth disable|enable Enables or disables the use of the system authentication trap facility. January 2005 .2 Command Reference Table 6-11 SNMP Configuration Menu Options (/cfg/sys/ssnmp) Command Syntax and Usage timeout <SNMP state machine timeout minutes. The default setting is enabled. When you use diff and apply. linkt <port> <disable|enable> Enables or disables the sending of SNMP link up and link down traps.0. cur Displays the current STP port parameters. 246 Chapter 6: The Configuration Menu 315393-J. The default setting is disabled.

0. You need access control when you have to process retrieval or modification request from an SNMP entity. You can also configure this entry through SNMP. 315393-J. To view menu options. To view menu options. The View-based Access Control Model defines a set of services that an application can use for checking access rights of the user. [SNMPv3 Menu] usm view access group comm taddr tparam notify v1v2 cur - usmUser Table menu vacmViewTreeFamily Table menu vacmAccess Table menu vacmSecurityToGroup Table menu community Table menu targetAddr Table menu targetParams Table menu notify Table menu Enable/disable V1/V2 access Display current SNMPv3 configuration Table 6-12 SNMPv3 Configuration Menu Options (/cfg/sys/ssnmp/snmpv3) Command Syntax and Usage usm <usmUser number [1-16]> This command allows you to create a user security model (USM) entry for an authorized user. To view menu options. see page 249. access <vacmAccess number [1-32]> This command allows you to specify access rights. see page 251. January 2005 Chapter 6: The Configuration Menu 247 .2 Command Reference /cfg/sys/ssnmp/snmpv3 SNMPv3 Configuration Menu SNMP version 3 (SNMPv3) is an extensible SNMP Framework that supplements the SNMPv2 Framework by supporting the following: a new SNMP message format security for messages access control remote configuration of SNMP parameters For more details on the SNMPv3 architecture please refer to RFC2271 to RFC2276. see page 250. view <vacmViewTreeFamily number [1-128]> This command allows you to create different MIB views.Alteon OS 22.

see page 256. and for selecting community strings based on target addresses for outgoing notifications. The SNMP MIB provides a mechanism for performing source address validation on incoming requests. v1v2 disable|enable This command allows you to enable or disable the access to SNMP version 1 and version 2. see page 255. This command is enabled by default. To view menu options. consisting of message processing model. cur Displays the current SNMPv3 configuration. tparam <target params index [1-16]> This command allows you to configure SNMP parameters. notify <notify index [1-16]> A notification application typically monitors a system for particular events or conditions. To view menu options. security level. security model.0. see page 253. To view menu options. To view menu options.Alteon OS 22. There may be multiple transport endpoints associated with a particular set of SNMP parameters. 248 Chapter 6: The Configuration Menu 315393-J. This is also termed as transport endpoint. January 2005 . or a particular transport endpoint may be associated with several sets of SNMP parameters. see page 254. To view menu options. taddr <snmpTargetAddr number [1-16]> This command allows you to configure destination information. see page 257. and security name information. consisting of a transport domain and a transport address. comm <snmpCommunity number [1-16]> The community table contains objects for mapping community strings and version-independent SNMP message parameters.2 Command Reference Table 6-12 SNMPv3 Configuration Menu Options (/cfg/sys/ssnmp/snmpv3) group <vacmSecurityToGroup number [1-16]> A group maps the user name to the access group names and their access rights needed to access SNMP management objects. and generates Notification-Class messages based on these events or conditions. A group defines the access rights assigned to all names that belong to a particular group.

315393-J.Alteon OS 22. privpw This command allows you to create or change the privacy password. January 2005 Chapter 6: The Configuration Menu 249 . This command allows you to create or change your password for authentication. you will get an error message. This menu helps you create a user security model entry for an authorized user. This is the login name that you need in order to access the switch. If you specify des as the privacy protocol.0. The privacy protocol protects messages from disclosure. If you select none as the authentication protocol.2 Command Reference /cfg/sys/ssnmp/snmpv3/usm User Security Model Configuration Menu You can make use of a defined set of user identities using this Security Model. The default algorithm is none. you need to provide a password. authpw If you selected an authentication algorithm using the above command. You need to provide a security name to create the USM entry. auth md5|sha|none This command allows you to configure the authentication protocol between HMAC-MD5-96 or HMAC-SHA-96. [SNMPv3 usmUser name auth authpw priv privpw del cur 1 Menu] Set USM user name Set authentication protocol Set authentication password Set privacy protocol Set privacy password Delete usmUser entry Display current usmUser configuration Table 6-13 User Security Model Configuration Menu Options (/cfg/sys/ssnmp/ snmpv3/usm) Command Syntax and Usage name <32 character name> This command allows you to configure a string up to 32 characters long that represents the name of the user. The options are des (CBC-DES Symmetric Encryption Protocol) or none. An SNMP engine must have the knowledge of applicable attributes of a user. priv des|none This command allows you to configure the type of privacy protocol on your switch. otherwise you will get an error message during validation. then make sure that you have selected one of the authentication protocols (MD5 or HMAC-SHA-96).

1.Delete vacmViewTreeFamily entry cur .0. 1.2 Command Reference Table 6-13 User Security Model Configuration Menu Options (/cfg/sys/ssnmp/ snmpv3/usm) Command Syntax and Usage del Deletes the USM user entries. which is included in or excluded from the MIB view. mask <bitmask. cfg/sys/ssnmp/snmpv3/view SNMPv3 View Configuration Menu [SNMPv3 vacmViewTreeFamily 1 Menu] name .Set view mask type . max size 32 characters> This command defines the bit mask. which in combination with the corresponding tree defines a family of view subtrees.1.6.3.Set MIB subtree(OID) which defines a family of view subtrees mask .Display current vacmViewTreeFamily configuration Table 6-14 SNMPv3 View Menu Options (/cfg/sys/ssnmp/snmpv3/view) Command Syntax and Usage name <32 character name> This command defines the name for a family of view subtrees up to a maximum of 32 characters.. January 2005 .2. type included|excluded This command indicates whether the corresponding instances of vacmViewTreeFamilySubtree and vacmViewTreeFamilyMask define a family of view subtrees.1.1. cur Displays the current vacmViewTreeFamily configuration. max 32 characters> This command defines MIB tree. 250 Chapter 6: The Configuration Menu 315393-J. which when combined with the corresponding mask defines a family of view subtrees. del Deletes the vacmViewTreeFamily group entry.0. a string of maximum 32 characters.Alteon OS 22.Set view name tree . tree <object identifier. such as. cur Displays the USM user entries.Set view type del .

January 2005 Chapter 6: The Configuration Menu 251 .Set prefix only or exact match rview . The level noAuthNoPriv means that the SNMP message will be sent without authentication and without using a privacy protocol.Set write view index nview .Set minimum level of security match .Set group name prefix .Display current vacmAccess configuration Table 6-15 View-based Access Control Model Menu Options (/cfg/sys/ssnmp/ snmpv3/access) Command Syntax and Usage name <32 character name> Defines the name of the group.Alteon OS 22.Set notify view index del .Set content prefix model . The authPriv means that the SNMP message will be sent both with authentication and using a privacy protocol.Set read view index wview . Access control is needed when the user has to process SNMP retrieval or modification request from an SNMP entity. model usm|snmpv1|snmpv2 Allows you to select the security model to be used. level noAuthNoPriv|authNoPriv|authPriv Defines the minimum level of security required to gain access rights. An SNMP context is a collection of management information that an SNMP entity can access.Delete vacmAccess entry cur .0.Set security model level . The view-based Access Control Model defines a table that lists the locally available contexts by contextName. The level authNoPriv means that the SNMP message will be sent with authentication but without using a privacy protocol. For more information on naming the management information. the SNMP Architecture document. see RFC2571. 315393-J.2 Command Reference /cfg/sys/ssnmp/snmpv3/access View-based Access Control Model Configuration Menu The view-based Access Control Model defines a set of services that an application can use for checking access rights of the user. prefix <32 character name> Defines the name of the context. [SNMPv3 vacmAccess 1 Menu] name . An SNMP entity has access to many contexts.

0. If the value is empty or if there is no active MIB view having this value then no access is granted. cur Displays the View-based Access Control configuration.2 Command Reference Table 6-15 View-based Access Control Model Menu Options (/cfg/sys/ssnmp/ snmpv3/access) Command Syntax and Usage match exact|prefix If the value is set to exact. rview <32 character view name> This is a 32 character long read view name that allows you read access to a particular MIB view. wview <32 character view name> This is a 32 character long write view name that allows you write access to the MIB view.Alteon OS 22. 252 Chapter 6: The Configuration Menu 315393-J. If the value is set to prefix then the all the rows where the starting octets of the contextName exactly match the prefix are selected. nview <32 character view name> This is a 32 character long notify view name that allows you notify access to the MIB view. del Deletes the View-based Access Control entry. If the value is empty or if there is no active MIB view having this value then no access is granted. January 2005 . then all the rows whose contextName exactly matches the prefix are selected.

January 2005 Chapter 6: The Configuration Menu 253 .Display current vacmSecurityToGroup configuration Table 6-16 SNMPv3 Group Menu Options (/cfg/sys/ssnmp/snmpv3/group) Command Syntax and Usage model usm|snmpv1|snmpv2 Defines the security model.0. cur Displays the current vacmSecurityToGroup configuration.Set USM user name gname .Set security model uname .2 Command Reference /cfg/sys/ssnmp/snmpv3/group SNMPv3 Group Configuration Menu [SNMPv3 vacmSecurityToGroup 1 Menu] model . uname <32 character name> Sets the user name as defined in /cfg/sys/ssnmp/snmpv3/usm/name on page 249.Alteon OS 22. gname <32 character name> The name for the access group as defined in /cfg/sys/ssnmp/snmpv3/access/name on page 251. del Deletes the vacmSecurityToGroup entry. 315393-J.Set group gname del .Delete vacmSecurityToGroup entry cur .

January 2005 . uname <32 character name> Defines a readable 32 character long string that represents the corresponding value of an SNMP community name in a security model.Display current communityTable configuration Table 6-17 SNMPv3 Community Table Configuration Menu Options (/cfg/sys/ ssnmp/snmpv3/comm) Command Syntax and Usage index <32 character name> Allows you to configure the unique index value of a row in this table consisting of 32 characters maximum. This table is used to configure community strings in the Local Configuration Datastore (LCD) of SNMP engine. [SNMPv3 snmpCommunityTable 1 Menu] index .Set community string uname . cur Displays the community table configuration.Alteon OS 22. The configured entry is stored in the community table list in the SNMP engine.Set community index name .Set USM user name tag . This tag specifies a set of transport endpoints to which a command responder application sends an SNMP trap.2 Command Reference /cfg/sys/ssnmp/snmpv3/comm SNMPv3 Community Table Configuration Menu This command is used for configuring the community table entry. name <32 character name> Defines the user name as defined in /cfg/sys/ssnmp/snmpv3/usm/name on page 249.Set community tag del . del Deletes the community table entry. tag <list of tag string. max 255 characters> Allows you to configure a tag of up to 255 characters maximum.Delete communityTable entry cur .0. 254 Chapter 6: The Configuration Menu 315393-J.

The configured entry is stored in the target address table list in the SNMP engine.0.Set target transport address port taglist .2 Command Reference /cfg/sys/ssnmp/snmpv3/taddr SNMPv3 Target Address Table Configuration Menu This command is used to configure the target transport entry. pname <32 character name> Defines the name as defined in /cfg/sys/ssnmp/snmpv3/tparam/name on page 256.Alteon OS 22. but unique identifier. January 2005 Chapter 6: The Configuration Menu 255 . [SNMPv3 snmpTargetAddrTable 1 Menu] name . target address name associated with this entry. taglist <list of tag string. cur Displays the current Target Address Table configuration.Set targetParams name del .Delete targetAddrTable entry cur .Set target address name addr .Set target transport address IP port . addr <transport address ip> Allows you to configure a transport address IP that can be used in the generation of SNMP traps. This table of transport addresses is used in the generation of SNMP messages.Set tag list pname . max 255 characters> Allows you to configure a list of tags that are used to select target addresses for a particular operation. del Deletes the Target Address Table entry. 315393-J. port <transport address port> Allows you to configure a transport address port that can be used in the generation of SNMP traps.Display current targetAddrTable configuration Table 6-18 Target Address Table Menu Options (/cfg/sys/ssnmp/snmpv3/taddr) Command Syntax and Usage name <32 character name> Allows you to configure the locally arbitrary.

The level authNoPriv means that the SNMP message will be sent with authentication but without using a privacy protocol.Display current targetParamsTable configuration Table 6-19 Target Parameters Table Configuration Menu Options (/cfg/sys/ ssnmp/snmpv3/tparam) Command Syntax and Usage name <32 character name> Allows you to configure the locally arbitrary.Set target params name mpmodel . 256 Chapter 6: The Configuration Menu 315393-J.Alteon OS 22.Set message processing model model . model usm|snmpv1|snmpv2 Allows you to select the security model to be used when generating the SNMP messages. SNMPv1). the security model (for example: USM). and the security level (noAuthnoPriv. or authPriv).0.Set minimum level of security del . authNoPriv.Set security model uname . The authPriv means that the SNMP message will be sent both with authentication and using a privacy protocol.2 Command Reference /cfg/sys/ssnmp/snmpv3/tparam SNMPv3 Target Parameters Table Configuration Menu You can configure the target parameters entry and store it in the target parameters table in the SNMP engine. mpmodel snmpv1|snmpv2c|snmpv3 Allows you to configure the message processing model that is used to generate SNMP messages.Delete targetParamsTable entry cur . [SNMPv3 snmpTargetParamsTable 1 Menu] name . This table contains parameters that are used to generate a message. The parameters include the message processing model (for example: SNMPv3. SNMPv2c. the security name. uname <32 character name> Defines the name that identifies the user in the USM table (page 249) on whose behalf the SNMP messages are generated using this entry. level noAuthNoPriv|authNoPriv|authPriv Allows you to select the level of security to be used when generating the SNMP messages using this entry. but unique identifier that is associated with this entry. The level noAuthNoPriv means that the SNMP message will be sent without authentication and without using a privacy protocol.Set USM user name level . January 2005 .

A notification typically monitors a system for particular events or conditions.0.Set notify name tag . max 255 characters> Allows you to configure a tag of 255 characters maximum that contains a tag value which is used to select entries in the Target Address Table. tag <list of tag string. [SNMPv3 snmpNotifyTable 1 Menu] name . is selected. Any entry in the snmpTargetAddrTable.Display current notifyTable configuration Table 6-20 Notify Table Menu Options (/cfg/sys/ssnmp/snmpv3/notify) Command Syntax and Usage name <32 character name> Defines a locally arbitrary but unique identifier associated with this SNMP notify entry.Set notify tag del .2 Command Reference Table 6-19 Target Parameters Table Configuration Menu Options (/cfg/sys/ ssnmp/snmpv3/tparam) Command Syntax and Usage del Deletes the targetParamsTable entry. and generates Notification-Class messages based on these events or conditions. 315393-J. del Deletes the notify table entry. /cfg/sys/ssnmp/snmpv3/notify SNMPv3 Notify Table Configuration Menu SNMPv3 uses Notification Originator to send out traps. January 2005 Chapter 6: The Configuration Menu 257 .Alteon OS 22. that matches the value of this tag.Delete notifyTable entry cur . cur Displays the current targetParamsTable configuration. cur Displays the current notify table configuration.

Specify a TCP service port number. such as 80 for HTTP. cur Displays the current TCP health check services configuration. off Turns off the TCP health check services. on Turns on the TCP health check services. Specify a TCP service port number. such as 80 for HTTP.Turn system TCP health services ON off .Turn system TCP health services OFF cur . rem <TCP port (2-65534)> Removes TCP services that were added for listening to health checks. January 2005 .2 Command Reference /cfg/sys/health System Health Check Configuration Menu [System TCP Health Menu] add .Remove TCP services from listening on .Add TCP services to listen for health check rem .0.Display current TCP health services configuration Table 6-21 System Health Check Configuration Menu Options (/cfg/sys/health) Command Syntax and Usage add <TCP port (2-65534)> Adds TCP services to listen to the health checks.Alteon OS 22. 258 Chapter 6: The Configuration Menu 315393-J.

tnport <TCP port number> The TCP port number that the telnet server listens for telnet sessions. To view menu options. https Displays HTTPS Server Access Menu.Set max rate of ARP.0. or read-write. You will see this command only if you are connected to the switch through the console port. TCP. see page 261. see page 263.Alteon OS 22. If Global Server Load Balancing is to be used. or UDP packets to MP cur . Sets an optional telnet server port number for cases where the server listens for telnet sessions on a non-standard port. January 2005 Chapter 6: The Configuration Menu 259 .2 Command Reference /cfg/sys/access System Access Control Configuration [System Access Menu] mgmt .HTTPS (Web) Server Access Menu http . http disable|enable Enables or disables HTTP (Web) access to the browser-based interface.Set HTTP (Web) server port number snmp . set this to a different port (such as 8080).Enable/disable HTTP (Web) access wport .User Access Control Menu (passwords) https . read-only. The default is HTTP port 80. tnet Enables or disables Telnet access to the switch.Set SNMP access control tnet .Set Telnet server port number rlimit .Display current system access configuration Table 6-22 System Access Configuration Menu Options (/cfg/sys/access) Command Syntax and Usage mgmt Displays the Management Configuration Menu. see page 260. ICMP.Enable/disable Telnet access tnport . user Displays the User Access Control Menu. To view menu options. It is disabled by default. 315393-J. snmp disable|read-only|read-write Sets the snmp user access level to either disabled. This command is disabled by default. To view menu options.Management Network Definition Menu user . wport <TCP port number (1-65535)> Sets the switch port used for serving switch Web content.

2 Command Reference Table 6-22 System Access Configuration Menu Options (/cfg/sys/access) Command Syntax and Usage rlimit <arp|icmp|tcp|udp> <max rate. or UDP protocols. January 2005 . it will cause the Firewall Load Balancing health checks to fail and will create a “Network Down” state on the network. RIP. [Management Networks Menu] add . /cfg/sys/access/mgmt Management Networks Menu This menu is used to define IP address ranges which are allowed to access the switch for management purposes. cur Displays the current configuration. Specify which protocol you wish to limit. 0-65535 (pkts/sec)> Sets switch-wide rate limiting on traffic entering the switch over ARP. Specify an IP address and mask address in dotted-decimal notation.Display current mgmt network definitions Table 6-23 Management Network Menu Options (/cfg/sys/access/mgmt) Command Syntax and Usage add <mgmt network address> <mgmt network mask> Adds a defined network through which switch access is allowed through Telnet. or the Alteon OS browser-based interface. SNMP.Alteon OS 22. Then specify the maximum rate.0. ICMP.Add mgmt network definition rem . NOTE – The add and rem commands below replace the /cfg/sys/mnet and /cfg/ sys/mmask commands found in earlier releases of Alteon OS.Remove mgmt network definition cur . NOTE – If you configure the management network without including the switch interfaces. 260 Chapter 6: The Configuration Menu 315393-J. TCP. A range of IP addresses is produced when used with a network mask address. which the maximum number of packets per second that is allowed to enter the switch.

The user has no direct responsibility for switch management. cur Displays the current configuration. He or she can view all switch information and statistics and can enable/disable servers using the Server Load Balancing configuration menus. Table 6-24 User Access Control Menu Options (/cfg/sys/access/user) Command Syntax and Usage uid <User ID. usrpw Sets the user (user) password.0. but cannot make any configuration changes.2 Command Reference Table 6-23 Management Network Menu Options (/cfg/sys/access/mgmt) Command Syntax and Usage rem <mgmt network address> <mgmt network mask> Removes a defined network. To view menu options. which consists of a management network address and a management network mask address.Alteon OS 22. He or she can view switch status information and statistics. Access includes “user” functions. 1-10> Displays the User ID Menu. sopw Sets the SLB operator (slboper)password. 315393-J. see page 264. /cfg/sys/access/user User Access Control Menu uid usrpw sopw l4opw opw sapw l4apw admpw cur User ID Menu Set user password (user) Set SLB operator password (slboper) Set L4 operator password (l4oper) Set operator password (oper) Set Slb administrator password (slbadmin) Set L4 administrator password (l4admin) Set administrator password (admin) Display current user status NOTE – Passwords can be a maximum of 15 characters. January 2005 Chapter 6: The Configuration Menu 261 . The SLB operator manages Web servers and other Internet services and their loads.

He or she can view all switch information and statistics. but can configure changes only on the Server Load Balancing menus. He or she can view all switch information and statistics. and configuration commands on the Alteon Application Switch. He or she can view all switch information and statistics and can configure parameters on the Server Load Balancing menus. 262 Chapter 6: The Configuration Menu 315393-J. Administrator who configures and manages Web servers and other Internet services and their loads. including the ability to change both the user and administrator passwords. The operator password can have a maximum of 15 characters. sapw Sets the SLB administrator (slbadmin) password. l4apw Sets the Layer 4 administrator (l4admin) password. January 2005 . Note that the Filter Menu options are not accessible to the SLB administrator. Access includes “slbadmin” functions. The super user administrator has complete access to all menus. cur Displays the current user status. information. He or she can view all switch information and statistics and can reset ports or the entire switch.Alteon OS 22. opw Sets the operator (oper)password. Access includes “l4oper” functions.2 Command Reference Table 6-24 User Access Control Menu Options (/cfg/sys/access/user) Command Syntax and Usage l4opw Sets the Layer 4 operator (l4oper)password. The Layer 4 operator manages traffic on the lines leading to the shared Internet services. admpw Sets the administrator (admin) password. with the exception of not being able to configure filters. The operator manages all functions of the switch. The Layer 4 administrator configures and manages traffic on the lines leading to the shared Internet services.0. Access includes “slboper” functions. Access includes “oper” and “l4admin” functions. Access includes “l4oper” functions.

or the Web browser. 315393-J. January 2005 Chapter 6: The Configuration Menu 263 . user’s name) []: Mr Smith Email (for example. section) []: Alteon Common Name (for example. company) []: Nortel Networks Organizational Unit Name (for example.0.Alteon OS 22. port <TCP port number> Defines the HTTPS Web server port number.com You will be asked to confirm if you want to generate the certificate. to accept the certificate and save the certificate to Flash to be used when the switch is rebooted. The user can create a new certificate defining the information that they want to be used in the various fields. A default certificate is created when HTTPS is enabled for the first time.2 Command Reference /cfg/sys/access/https HTTPS Access Configuration Menu [https Menu] https port generate certSave cur Enable/Disable HTTPS Web access HTTPS WebServer port number Generate self-signed HTTPS server certificate save HTTPS certificate Display current SSL Web Access configuration Table 6-25 HTTPS Access Configuration Menu Options (/cfg/sys/access/https) Command Syntax and Usage https Enables or disables BBI access (Web access) using HTTPS. For example: Country Name (2 letter code) [ ]: CA State or Province Name (full name) []: Ontario Locality Name (for example. city) []: Ottawa Organization Name (for example. email address) []: info@nortelnetworks. cur Displays the current SSL Web Access configuration. It will take approximately 30 seconds to generate the certificate. generate Allows you to generate a certificate to connect to the SSL to be used during the key exchange. Then the switch will restart SSL agent. certSave Allows the client.

Using this command you can list the current status of the real server including the real server number. the operational state of the real server.Set user password .Delete user ID .Display current user configuration Table 6-26 User ID Configuration Menu Options (/cfg/sys/access/user/uid) Command Syntax and Usage cos <user|slboper|l4oper|oper|slbadmin|l4admin|admin> Sets the Class-of-Service to define the user’s authority level.2 Command Reference /cfg/sys/access/user/uid System User ID Configuration Menu This feature allows the users to operate the real servers assigned to them. SLB Operator. SLB Administrator.Remove real server .Add real server . January 2005 . Layer 4 Operator. dis Disables the user ID. name <8 char max> Defines the user name of maximum eight characters. Alteon OS defines these levels as: User.Enable user ID .0. ena Enables the user ID. [User ID 1 cos name pswd add rem ena dis del cur Menu] .Set user name . 1-1023> Assigns a real server access to this user.Set class of service . You can enable or disable the real servers and change the password for accessing these real servers.Disable user ID . 1-1023> Removes a real server access from this user. 264 Chapter 6: The Configuration Menu 315393-J. and Administrator. and the number of current sessions. the real server name. with User being the most restricted level. pswd <15 char max> Sets the user password of up to 15 characters maximum. rem <real server number. add <real server number. Operator.Alteon OS 22.

The ports are auto-sensing. cur Displays the current user ID configuration. SFP GBIC Ports The LC jack is used for connecting Gigabit Ethernet fiber optic segments. You may order the SFP modules from Nortel Networks.0.Alteon OS 22.2 Command Reference Table 6-26 User ID Configuration Menu Options (/cfg/sys/access/user/uid) Command Syntax and Usage del Deletes the user ID. The SFP modules are not shipped with the product. January 2005 Chapter 6: The Configuration Menu 265 . Port configuration is different on Alteon OS 2000 series and 3000 series. /cfg/port <port number> Port Configuration The Port Menu enables you to configure settings for individual switch ports. This command is enabled by default. auto-negotiating. 315393-J. and support half or full-duplex operation. Alteon OS 2000 Series The following table displays the number of Fast Ethernet ports and SFP GBIC ports with the numbering of the ports on Alteon OS 2000 series: Table 6-27 Port Configuration and Numbering on Alteon OS 2000 Series Model Alteon 2208 (1U) Alteon 2216 (1U) Alteon 2224 (1U) Alteon 2424 (1U) 10/100 Mbps Fast Ethernet 1000 Mbps SFP GBIC Port Port Numbers Numbers 1–8 1–16 1–24 1–24 9–10 17–18 25–26 25–28 Fast Ethernet Ports The RJ-45 jack is used for connecting 10/100 Mbps Ethernet segments to the port.

Set port name cont . gig If a port is configured to support Gigabit Ethernet.Set default port BW Contract nonip . this option displays the Gigabit Ethernet Physical Link Menu.2 Command Reference For more information on connectors.Set default port VLAN id name .Display current port configuration Table 6-28 Port Configuration Menu Options (/cfg/port) Command Syntax and Usage fast If a port is configured to support Fast Ethernet. pvid <VLAN number. see page 276. To view menu options. name <64 character string>|none Sets a name for the port. The commands on Alteon OS 2000 series and their description are as follows: [Port 1 Menu] fast . The default number is 1.Enable/Disable RMON for port tag . 1-256> Sets the Bandwidth Management contract for non-IP traffic for this port.Fast Phy Menu gig .0. this option displays the Fast Ethernet Physical Link Menu. To view menu options.Enable/disable allowing only IP related frames at ingress ena . please refer to the Hardware Installation Guide for Alteon OS.Set BW Contract for non-IP traffic egbw .Enable port dis .Alteon OS 22.Enable/disable VLAN tagging for port iponly .Gig Phy Menu pvid .Disable port cur . 266 Chapter 6: The Configuration Menu 315393-J. 1-4090> Sets the default VLAN number which will be used to forward frames which are not VLAN tagged. The assigned port name appears next to the port number on some information and statistics screens. The default is set to none. January 2005 . see page 276. nonip <BW Contract number.Set port egress bandwidth Limit rmon . cont <BWM Contract (1-256)> Sets the default Bandwidth Management Contract for this port.

The default is 0.Set auto negotiation cur .) cur Displays the current port parameters. you can configure the egress bandwidth limit of the port to match with the bandwidth link of the receiving router or the switch. ena Enables the port. iponly disable|enable Disables or enables allowing only IP-related frames.2 Command Reference Table 6-28 Port Configuration Menu Options (/cfg/port) Command Syntax and Usage egbw <0k-5000k|1m-1000m> Sets the egress bandwidth limit for the port to avoid overloading the receiving router or switch. It is disabled by default. /cfg/port <port number> fast|gig Port Link Configuration [Fast Link Menu] speed . tag disable|enable Disables or enables VLAN tagging for this port. rmon disable|enable Disables or enables RMON for this port. (To temporarily disable a port without changing its configuration attributes.Set flow control auto . 315393-J. Using this command. the egress bandwidth for an FE port will be 100m. It is disabled by default.Set link speed mode .Display current fast link configuration Use these menu options to set port parameters for the port link. For example.0. NOTE – You need Bandwidth Management license to use this command.Alteon OS 22. dis Disables the port.Set full or half duplex mode fctl . This means that the port’s speed will be taken as the egress bandwidth. It is disabled by default. refer to “Temporarily Disabling a Port” on page 277. January 2005 Chapter 6: The Configuration Menu 267 .

mode full|half|any Sets the operating mode. flow control.2 Command Reference NOTE – Since the speed and mode parameters cannot be set for Gigabit Ethernet ports. Table 6-29 Port Link Configuration Menu Options (/cfg/port/fast|gig) Command Syntax and Usage speed 10|100|any Sets the link speed. This command is available only in the Fast Link Menu. Not all options are valid on all ports. Using these configuration menus. Link menu options are described in Table 6-36 and appear on the fast and gig port configuration menus for the Alteon Application Switch. The choices include: Any for automatic detection (default) 10 Mbps 100 Mbps This menu appears only if a Fast Ethernet port is selected.Alteon OS 22. you can set port parameters such as speed.0. these options do not appear on the Gigabit Link Menu. This command is available only in the Fast Link Menu. cur Displays the current port parameters.The choices include: Any for auto negotiation (default) Full-duplex Half-duplex This menu appears only if a Fast Ethernet port is selected. 268 Chapter 6: The Configuration Menu 315393-J. and negotiation mode for the port link. January 2005 . fctl rx|tx|both|none Sets the flow control.The choices include: Receive flow control Transmit flow control Both receive and transmit flow control (default) No flow control auto on|off Enables or disables auto negotiation for the port.

The ports are autonegotiating and support half or full duplex operation. 7. These ports have two interfaces each: 1000 Mbps SFP GBIC and 10/100/1000Base-T Copper. See “Dual-Mode Ports” on page 274 for more details. However. if 1000 Mbps is selected.0.Alteon OS 22. January 2005 Chapter 6: The Configuration Menu 269 . 4. 7. 2. Four dual-mode ports (3. 8 Dual-Mode Port Numbers 3–6 1000 Mbps SFP GBIC Port Numbers 9–12 Port Configuration on Alteon OS 3408 The Alteon OS 3408 contains 12 ports. These ports are designed to operate at 1000 Mbps and full duplex mode only.2 Command Reference Alteon OS 3000 Series The following table displays the port configuration and numbering on Alteon OS 3408: Table 6-30 Port configuration on Alteon OS 3408 Model Alteon 3408 (1U) 10/100/1000Base-T Copper Port Numbers 1. You can set either interface as the preferred or backup link. When the 1000 Mbps SFP GBIC port is selected as the preferred link. When the 10/100/1000Base-T copper port is selected as the preferred link. full-duplex with autonegotiation turned on. 315393-J. and 6). and 8) with RJ-45 connectors. it is fixed at 1000 Mbps. autonegotiation must be turned on. Their description is as follows: Four 1000BaseT ports (1. it can be configured at any speed. Four Small Form Pluggable (SFP) GBIC Fiber ports (9–12). 5. NOTE – For more information on connectors. 2. refer to the Alteon OS Hardware Installation Guide Part Number 315393-E.

see page 271. tag disable|enable Disables or enables VLAN tagging for this port. rmon disable|enable Disables or enables RMON for this port. name <64 character string>|none Sets a name for the port. The default is set to None.) 270 Chapter 6: The Configuration Menu 315393-J.0. ena Enables the port. refer to “Temporarily Disabling a Port” on page 277. or 8>) Command Syntax and Usage gig If a port is configured to support Gigabit Ethernet. cont <BWM Contract (1-256)> Sets the default Bandwidth Management Contract for this port. The default number is 1. It is disabled by default. dis Disables the port. iponly disable|enable Disables or enables allowing only IP-related frames. 7. The assigned port name appears next to the port number on some information and statistics screens. or 8). It is disabled by default. 2.Alteon OS 22. 2. this option displays the Copper Gigabit Ethernet Physical Link Menu. It is disabled by default. you see the menu below: [Port 1 Menu] gig pvid name cont rmon tag iponly ena dis cur - Copper Gig Phy Menu Set default port VLAN id Set port name Set default port BW Contract Enable/Disable RMON for port Enable/disable VLAN tagging for port Enable/disable allowing only IP related frames Enable port Disable port Display current port configuration Table 6-31 Single-Mode Copper Port Configuration Menu Options (/cfg/port <1. pvid <VLAN number (1-4090)> Sets the default VLAN number which will be used to forward frames which are not VLAN tagged. (To temporarily disable a port without changing its configuration attributes. 7.2 Command Reference Single-Mode ports 10/100/1000Base-T Copper Ports When you select a single-mode copper port (1. January 2005 . To view menu options.

Set flow control auto .Set duplex mode fctl .The choices include: Receive flow control Transmit flow control Both receive and transmit flow control (default) No flow control Chapter 6: The Configuration Menu 271 315393-J. flow control. 7. 2. Link menu options are described in Table 6-36 and appear on the gig port configuration menus for the Alteon Application Switch. or 8>) Command Syntax and Usage cur Displays the current port parameters. This command is available only in the Fast Link Menu. 7. and negotiation mode for the port link.Alteon OS 22. Using these configuration menus. The choices include: Any for automatic detection (default) 10 Mbps 100 Mbps 1000 Mbps mode full|half|any Sets the operating mode. you can set port parameters such as speed.Display current ge copper link configuration Use these menu options to set port parameters for the port link.0.Set link speed mode . 2.2 Command Reference Table 6-31 Single-Mode Copper Port Configuration Menu Options (/cfg/port <1. The choices include: Any for auto negotiation (default) Full-duplex Half-duplex fctl rx|tx|both|none Sets the flow control. January 2005 . Table 6-32 Single-Mode Copper Port Gigabit Ethernet Link Configuration Menu Options (/cfg/port <1. /cfg/port <port number> gig Single-Mode Copper Port Gigabit Ethernet Link Configuration Menu [GE Copper Link Menu] speed . Not all options are valid on all ports.Set auto negotiate cur . or 8>/gig) Command Syntax and Usage speed 10|100|1000|any Sets the link speed.

see page 273. pvid <VLAN number (1-4090)> Sets the default VLAN number which will be used to forward frames which are not VLAN tagged. or 8>/gig) Command Syntax and Usage auto on|off Enables or disables autonegotiation for the port. 2. 7. The default is set to None. January 2005 . this option displays the SFP Gigabit Ethernet Physical Link Menu. cur Displays the current Gigabit Ethernet copper link port parameters. 272 Chapter 6: The Configuration Menu 315393-J. name <64 character string>|none Sets a name for the port.0.Alteon OS 22. The default number is 1. To view menu options. The assigned port name appears next to the port number on some information and statistics screens. you see a slightly different menu as below: [Port 9 Menu] gig pvid name cont egbw rmon tag iponly ena dis cur - SFP Gig Phy Menu Set default port VLAN id Set port name Set default port BW Contract Set port egress bandwidth Limit Enable/Disable RMON for port Enable/disable VLAN tagging for port Enable/disable allowing only IP related frames Enable port Disable port Display current port configuration Table 6-33 Single-Mode SFP Gigabit Ethernet Port Configuration Menu Options (/cfg/port <9–12>) Command Syntax and Usage gig If a port is configured to support Gigabit Ethernet. 1000 Mbps SFP GBIC Fiber SFP Ports When you select a single-mode SFP fiber port (9–12).2 Command Reference Table 6-32 Single-Mode Copper Port Gigabit Ethernet Link Configuration Menu Options (/cfg/port <1. cont <BWM Contract (1-256)> Sets the default Bandwidth Management Contract for this port.

2 Command Reference Table 6-33 Single-Mode SFP Gigabit Ethernet Port Configuration Menu Options (/cfg/port <9–12>) Command Syntax and Usage rmon disable|enable Disables or enables RMON for this port.0. you can set port parameters such as flow control. dis Disables the port. It is disabled by default.Alteon OS 22. iponly disable|enable Disables or enables allowing only IP-related frames. tag disable|enable Disables or enables VLAN tagging for this port.Set flow control . refer to “Temporarily Disabling a Port” on page 277.Display current SFP gig link configuration Use these menu options to set port parameters for the port link. (To temporarily disable a port without changing its configuration attributes. ena Enables the port. January 2005 Chapter 6: The Configuration Menu 273 .Set auto negotiate . It is disabled by default. Using these configuration menus. and negotiation mode for the port link. 315393-J. Link menu options are described in Table 6-36 and appear on the gig port configuration menus for the Alteon Application Switch.) cur Displays the current port parameters. /cfg/port <port number> gig Single-Mode SFP Gigabit Ethernet Port Link Configuration Menu [GE SFP Link fctl auto cur Menu] . It is disabled by default.

see page 277. January 2005 . The choices include: Receive flow control Transmit flow control Both receive and transmit flow control (default) No flow control auto on|off Enables or disables autonegotiation for the port. To view menu options. sfp Displays SFP Gigabit Physical Link Menu. you see the menu below: [Port 3 Menu] cop sfp pref back pvid name cont rmon tag iponly ena dis cur - Copper Gig Phy Menu SFP Gig Phy Menu Set preferred link Set backup link Set default port VLAN id Set port name Set default port BW Contract Enable/Disable RMON for port Enable/disable VLAN tagging for port Enable/disable allowing only IP related frames Enable port Disable port Display current port configuration Table 6-35 Dual-Mode Port Configuration Menu Options (/cfg/port <3–6>) Command Syntax and Usage cop Displays Copper Gigabit Physical Link Menu. see page 276.0. 274 Chapter 6: The Configuration Menu 315393-J. cur Displays the current SFP Gigabit Ethernet link port parameters.Alteon OS 22. Dual-Mode Ports When you select any one of the dual-mode ports (3–6).2 Command Reference Table 6-34 Single-Mode SFP Gigabit Ethernet Port Link Configuration Menu Options (/cfg/port <9-12>/gig) Command Syntax and Usage fctl rx|tx|both|none Sets the flow control. To view menu options.

the port will not switch automatically to the backup port if the preferred port goes down. If you choose none. rmon disable|enable Disables or enables RMON for this port. The default number is 1. pvid <VLAN number (1-4090)> Sets the default VLAN number which will be used to forward frames which are not VLAN tagged. name <64 character string>|none Sets a name for the port.) cur Displays the current port parameters. iponly disable|enable Disables or enables allowing only IP-related frames. ena Enables the port. 315393-J. The selected port will be used as the preferred port if both the ports are available. The assigned port name appears next to the port number on some information and statistics screens. It is disabled by default. cont <BWM Contract (1-256)> Sets the default Bandwidth Management Contract for this port. The default is set to None. You cannot set the preferred port as the backup port. It is disabled by default. refer to “Temporarily Disabling a Port” on page 277. (To temporarily disable a port without changing its configuration attributes. back copper|sfp|none Sets the preference for the backup link if the preferred port is not available.2 Command Reference Table 6-35 Dual-Mode Port Configuration Menu Options (/cfg/port <3–6>) Command Syntax and Usage pref copper|sfp Sets the port preference between copper or SFP mode. dis Disables the port. It is disabled by default. tag disable|enable Disables or enables VLAN tagging for this port. January 2005 Chapter 6: The Configuration Menu 275 .0.Alteon OS 22.

Set auto negotiate cur .Set flow control auto .0. cur Displays the current Gigabit Ethernet copper link port parameters. Not all options are valid on all ports. Using these configuration menus.Set link speed mode . The choices include: Any for autonegotiation (default) Full-duplex Half-duplex fctl rx|tx|both|none Sets the flow control.Set duplex mode fctl . Link menu options are described in Table 6-36 and appear on the cop port configuration menus for the Alteon Application Switch. Table 6-36 Dual-Mode Copper Port Link Configuration Menu Options (/cfg/port <3–6>/cop) Command Syntax and Usage speed 10|100|1000|any Sets the link speed. flow control. and negotiation mode for the port link. The choices include: Receive flow control Transmit flow control Both receive and transmit flow control (default) No flow control auto on|off Enables or disables auto negotiation for the port. you can set port parameters such as speed.2 Command Reference /cfg/port <port number (3–6)> cop Dual-Mode Copper Port Link Configuration [GE Copper Link Menu] speed . January 2005 . 276 Chapter 6: The Configuration Menu 315393-J.Display current ge copper link configuration Use these menu options to set port parameters for the port link.Alteon OS 22. The choices include: Any for automatic detection (default) 10 Mbps 100 Mbps 1000 Mbps mode full|half|any Sets the operating mode.

The port state will revert to its original configuration when the Alteon Application Switch is reset. Temporarily Disabling a Port To temporarily disable a port without changing its stored configuration attributes.Alteon OS 22. The choices include: Receive flow control Transmit flow control Both receive and transmit flow control (default) No flow control cur Displays the current SFP Gigabit link port configuration. January 2005 Chapter 6: The Configuration Menu 277 . 315393-J.Display current SFP gig link configuration Table 6-37 Dual-Mode SFP Gigabit Link Configuration Menu Options (/cfg/port <3-6>/sfp) Command Syntax and Usage fctl rx|tx|both|none Sets the flow control.0. enter the following command at any prompt: Main# /oper/port <port number>/dis Because this configuration sets a temporary state for the port. you do not need to use apply or save.Set flow control . See the “Operations Menu” on page 433 for other operations-level commands.2 Command Reference /cfg/port <port number (3–6)> sfp Dual-Mode SFP Gigabit Link Configuration Menu [GE SFP Link fctl cur Menu] .

enable. To view menu options.Alteon OS 22. cur Displays the current settings of the mirrored and monitoring ports.Rem "Mirrored" port and VLANs cur . January 2005 . When enabled. you can collect detailed information about your network performance and usage. The Port Mirroring Menu is used to configure. Table 6-38 Port Mirroring menu options (/cfg/pmirr) Command Syntax and Usage mirror disable|enable Enables or disables port mirroring monport <monitoring port (port to mirror to)> Displays port-mirroring menu options that help configure the port. and disable the monitored port.2 Command Reference /cfg/pmirr Port Mirroring Menu [Port Mirroring mirror monport cur Menu] Enable/Disable Mirroring Configure Monitor Port Display All Mirrored and Monitored Ports and VLANs Port mirroring is disabled by default. see page 278.0.Add "Mirrored" port and VLANs rem .Display current Port-based Port Mirroring configuration 278 Chapter 6: The Configuration Menu 315393-J. network packets being sent and/or received on a target port are duplicated and sent to a monitor port. By attaching a network analyzer to the monitor port. /cfg/pmirr/monport Port-Mirroring Menu [Port 1 Menu] add .

315393-J. Traffic classification can be based on user or application information. such as e-commerce transactions. rem <mirrored port (port to mirror from)> <vlan index or Carriage Return for all vlans> Removes the mirrored port. the frame is sent to the monitoring port. VLAN-based port mirroring allows the user to monitor traffic based on VLANs associated with a port. or both)> <vlan index or Carriage Return for all vlans> Adds the port to be mirrored. /cfg/bwm Bandwidth Management Configuration Bandwidth Management (BWM) enables Web site managers to allocate a portion of the available bandwidth for specific users or applications. By default. cur Displays the current settings of the monitoring port. Refer to your Application Guide for more information. BWM policies can be configured to set lower and upper bounds on the bandwidth allocation.2 Command Reference Table 6-39 Port-Based Port-Mirroring Menu Options (/cfg/pmirr/monport) Command Syntax and Usage add <mirrored port (port to mirror from)> <direction (in. It allows companies to guarantee that critical business traffic. If you do not specify a VLAN. NOTE – BWM is a software key-enabled feature that requires users to purchase a license and a key. BWM is turned off. receive higher priority versus non-critical traffic. It is necessary to specify the direction because: If the source port of the frame matches the mirrored port and the mirrored direction is ingress or both (ingress and egress). the frame is sent to the mirrored port. out. users need to enter the Bandwidth Management key using the /oper/swkey command. all traffic on that port will be mirrored. This command also allows you to enter the direction of the traffic.0. You can add specific VLAN(s) to a be monitored even if there are multiple VLANs associated with that port. If the destination port of the frame matches the mirrored port and the mirrored direction is egress or both. January 2005 Chapter 6: The Configuration Menu 279 . In order to enable BWM.Alteon OS 22.

To view menu options.0.Set SMTP server user name entries .Group menu user . By default. user <user name> Sets the SMTP user name to whom the history statistics will be mailed.Contract menu policy . For further details. The switch uses these contracts to limit individual traffic flows. To view menu options. The default is set to None. Table 6-40 Bandwidth Management Menu Options (/cfg/bwm) Command Syntax and Usage cont <BW contract number (1-256)> Displays the Bandwidth Management Contract Menu.Alteon OS 22. you must create one or more bandwidth management contracts. A bandwidth policy is often based on a rate structure whereby a Web host could charge a customer for bandwidth utilization.Display current Bandwidth Management configuration NOTE – Up to 256 bandwidth management contracts can be configured on Alteon OS.Policy menu group . To manage bandwidth on an Alteon Application Switch. this option is disabled.Globally turn Bandwidth Management processing ON off .0. see page 284.2 Command Reference [Bandwidth Management Menu] cont .2 Application Guide. Bandwidth policies are bandwidth limita- tions defined for any set of frames. The default is set to 0.Set the frequency of BWM email in minutes force . January 2005 .Set number of entries in the BWM IP user table frequen . see page 285. see page 281. policy <BW policy number (1-512)> Displays the Bandwidth Management Policy Menu. For further details.0.Globally turn Bandwidth Management processing OFF cur . frequen <1-1440 minutes. entries <64k|128k|256k|512k|1024k> Sets the number of entries in the Bandwidth Management IP user table.2 Application Guide. specifying the guaranteed bandwidth rates. see the Alteon OS 22. 0 for default behavior> Sets the frequency of Bandwidth Management email in minutes. group <BW Group number (1-32)> Displays the Bandwidth Management Group Menu. see the Alteon OS 22. 280 Chapter 6: The Configuration Menu 315393-J. To view menu options.Enable/disable enforce policies on .

the reordering of the packets does not occur.Delete BW Contract cur . This means that no bandwidth limit is applied on the queues. The packets will exit in the order they came in.Enable/disable user (IP address) limiting for this contract iptype .0.2 Command Reference Table 6-40 Bandwidth Management Menu Options (/cfg/bwm) Command Syntax and Usage force disable|enable Enables or disables the enforcement of bandwidth policy on the traffic.Set Contract Precedence history . When disabled.Display current BW Contract configuration Table 6-41 Bandwidth Management Policy Menu Options (/cfg/bwm/cont) Command Syntax and Usage timepol <BW Contract time policy number (1-2)> Displays Time Policy Menu.Enable/disable monitor-only mode for this Contract shaping .Set Contract Policy prec . on Globally enables Bandwidth Management on this switch. By default.Disable BW Contract del .Set Contract name policy . /cfg/bwm/cont <contract number> Bandwidth Management Contract Configuration [BW Contract 1 Menu] timepol . Chapter 6: The Configuration Menu 281 315393-J.Enable/disable overwriting IP TOS for this Contract mononly .Enable/disable traffic shaping for this contract iplimit .Enable BW Contract dis .Enable/disable Saving Contract stats history wtos .Set user (IP address) limiting type for this contract wtcpwin .Enable/disable overwriting TCP Window for this Contract ena . January 2005 . To view menu options.Time policy menu name . off Globally disables Bandwidth Management on this switch. name <15 character name> Sets the name for this Bandwidth Management contract.Alteon OS 22. cur Displays the current Bandwidth Management configuration. this option is enabled. see page 283.

Do not set the value to lower than 1500 bytes. In this context. history disable|enable Disables or enables saving statistics for this contract on the server. The statistics are generated but no shaping or limiting will apply to this contract. refer to the Application Guide. it is disabled. The default policy number is 64.Alteon OS 22. The default value is 1. whether the user (IP address) limiting is enforced by the source IP address (SIP) or the destination IP address (DIP). mononly disable|enable Enables or disables monitor-only mode for this Contract. By default. iplimit disable|enable Enables or disables user (IP address) limiting for this contract. This command is used for design and auditing purposes only. iptype <sip|dip> Defines the IP type for this contract. del Removes this contract from the switch. the user can modify the TCP window size to a lower value so that when the packet arrives carrying the bytes within that window size. wtos disable|enable Disables or enables overwriting the IP Type of Service (TOS) for this contract. This may help reduce the traffic congestion. ena Enables this Bandwidth Management contract. the receiver of that packet does not have to wait for acknowledgement. dis Disables this Bandwidth Management contract. it is enabled. each IP address is limited to the user limit configured in /cfg/bwm/policy on page 284.2 Command Reference Table 6-41 Bandwidth Management Policy Menu Options (/cfg/bwm/cont) Command Syntax and Usage policy <Bandwidth policy number (1-512)> Sets the policy number for this Bandwidth Management contract. 282 Chapter 6: The Configuration Menu 315393-J. January 2005 . cur Displays the current Bandwidth Management contract configuration. shaping means buffering a packet and keeping it ready to be sent. shaping disable|enable Disables or enables shaping of the traffic for this contract. prec <Bandwidth precedence value (1-255)> Sets the precedence value for this Bandwidth Management contract. For details. If enabled. wtcpwin disable|enable Enables or disables overwriting TCP Window for this Contract. By default.0. By overwriting the default window size.

January 2005 Chapter 6: The Configuration Menu 283 . If am or pm is not specified. 1-512> Defines the policy number for the contract. If am or pm is not specified. weekend (Saturday and Sunday) or everyday. The default is everyday. the switch will default to am for numbers lower than 12 and will default to pm for numbers 13 or higher.Delete Time Policy cur .Disable Time Policy delete .2 Command Reference /cfg/bwm/cont <contract number>/timepol <Contract time policy number> BWM Contract Time Policy Configuration Menu This feature enables the user to configure different policies based on the time of the day using the following menu and commands: [BW Contract 1 Time Policy 1 Menu] day . disable Disables the Time Policy command on the switch.Set Time Policy from hour to .0. the switch will default to am for numbers lower than 12 and will default to pm for numbers 13 or higher. weekdays (Monday to Friday).Display current Time Policy configuration Table 6-42 BWM Contract Time Policy Configuration Menu Options (/cfg/bwm/ timepol) Command Syntax and Usage day <mon|tue|wed|thu|fri|sat|sun|weekday|weekend|everyday> Defines the day(s) of the week.Set Time Policy day from .Set Time Policy to hour policy . policy <BW Policy number. to <1-12am/pm> Sets the end limit of time in hours. from <1-12am/pm> Defines the time from where you need to start the time in hours.Enable Time Policy disable . 315393-J. enable Enables the Time Policy command on the switch.Alteon OS 22.Set Time Policy enable .

This is the amount of bandwidth always available to this policy. January 2005 . resv <0k-5000k|1m-1000m> Sets the reserve limit for this policy. The default value is 500Kbytes. soft <0k-5000k|1m-1000m> Sets the soft bandwidth limit for this policy.0. cur Displays the current Time Policy configuration on the switch.2 Command Reference Table 6-42 BWM Contract Time Policy Configuration Menu Options (/cfg/bwm/ timepol) Command Syntax and Usage delete Deletes Time Policy. The default value is 2000 kbps. This is the highest amount of bandwidth available to this policy. 284 Chapter 6: The Configuration Menu 315393-J. userlim <0k-5000k|1m-1000m> Sets the bandwidth limit for each IP address in the contract traffic. /cfg/bwm/policy <policy number> Bandwidth Management Policy Configuration [Policy 1 Menu] hard soft resv userlim utos otos buffer del cur Set hard Limit Set soft Limit Set Reservation Limit Set per user (IP address) Limit Set underlimit (soft limit) TOS Set overlimit (soft limit) TOS Set Buffer Limit Delete BW Policy Display current Policy configuration Table 6-43 Bandwidth Management Policy Menu Options (/cfg/bwm/pol) Command Syntax and Usage hard <0k-5000k|1m-1000m> Sets the hard bandwidth limit for this policy.Alteon OS 22. The default value is 1000 kbps.

otos <BW Policy TOS (0-255)> Sets the new otos (over the limit TOS) value to overwrite the original TOS value if the traffic for this contract is over the soft limit. /cfg/bwm/group Bandwidth Management Group Configuration Menu [BW Group 1 Menu] add . cur Displays the current value of the bandwidth policy configuration.2 Command Reference Table 6-43 Bandwidth Management Policy Menu Options (/cfg/bwm/pol) Command Syntax and Usage utos <BW Policy TOS (0-255)> Sets the new utos (underlimit TOS) value to overwrite the original TOS value if the traffic for this contract is under the soft limit. January 2005 Chapter 6: The Configuration Menu 285 . del Deletes the bandwidth management policy.” the switch will not overwrite the TOS value. 1-256> Adds a contract to this group.Remove Contract from this group del . With this option set to the default value of “0.Display current BW Group configuration Table 6-44 Bandwidth Management Group Menu Options (/cfg/bwm/group) Command Syntax and Usage add <BW Contract number. rem <BW Contract number.Alteon OS 22.” the switch will not overwrite the TOS value.0.Delete BW Group cur . cur Displays all current Bandwidth Management Group configurations. buffer <Maximum buffer space (bytes) (8192-128000)> Sets the buffer limit for this policy. 1-256> Removes a contract from this group.Add Contract to this group rem . With this option set to the default value of “0. 315393-J. The default value is 8192 bytes. del Deletes this Bandwidth Management group.

Policy 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 Hard 25M 10M 2M 2M 2M 2M 2M 2M 2M 2M 2M 2M 2M 2M 2M 2M 2M 2M 2M 2M 2M 2M 2M 2M 2M 2M 2M 2M 2M 2M Soft 20M 8M 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M Resv oTOS uTOS Buffer 500K 150 100 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 500K 0 0 16320 286 Chapter 6: The Configuration Menu 315393-J.Alteon OS 22.0.2 Command Reference /cfg/bwm/cur Bandwidth Management Current Configuration Current Bandwidth Management setting: ON Policy Enforcement: enabled SMTP server user name: Contract Name Policy Prec Hist TOS State Shaping 1 cont_1 1 1 E E E E 2 cont_2 2 1 E D D D 256 Default -0 E D E D *Default contract gets all the BW that is available on a port after the active contracts reserved BW is taken. January 2005 .

ntmstg disable|enable Enables or disables Nortel Multiple Spanning Tree Group mode. the Cisco implementation of multiple STGs will be followed. To view menu options. When Nortel multiple STG mode is enabled.0. To view menu options. trunk <trunk group number> Displays Trunk Group Menu. To view menu options. The ntmstg enabled device will not work with the device configured for Cisco implementation of Spanning Tree BPDUs. see page 288. When Nortel multiple STG mode is disabled. January 2005 Chapter 6: The Configuration Menu 287 .2 Command Reference /cfg/l2 Layer 2 Configuration Menu [Layer 2 Menu] stg trunk lacp vlan ntmstg cur Spanning Tree Menu Trunk Group Menu Link Aggregation Control Protocol Menu VLAN Menu Enable/disable Nortel multiple STG mode Display current layer 2 parameters Table 6-45 Layer 2 Configuration Menu Options (/cfg/l2) Command Syntax and Usage stg <group number [1-16]> Displays Spanning Tree Group Menu. The factory default value of this command is Nortel multiple STG mode disabled. see page 297. see page 294. see page 292. vlan <VLAN number (1-4090)> Displays VLAN Menu.Alteon OS 22. cur Displays the current Layer 2 parameters. lacp Displays Link Aggregation Control Protocol (LACP) Menu. 315393-J. the Nortel implementation of multiple STGs will be followed. To view menu options. You need to reset the switch with the command /boot/reset for the Spanning Tree Group configuration to change to ntmstg enabled.

See your Application Guide for a detailed description of this feature and how to configure Spanning Tree Groups on the switch.Port parameter menu add . STP is used to prevent loops in the network topology. Spanning Tree Protocol (STP) configures the network so that a switch uses only the most efficient path.Display current bridge parameters 288 Chapter 6: The Configuration Menu 315393-J. When multiple paths exist.Globally turn Spanning Tree ON off . Multiple Spanning Trees can be enabled on tagged or untagged ports. Thus. Alteon OS supports the IEEE 802.1p Spanning Tree Protocol (STP). Alteon OS supports up to 16 instances of Spanning Trees or Spanning Tree groups.Default Spanning Tree and Member parameters cur . January 2005 .Alteon OS 22. [Spanning Tree Group 1 Menu] brg .Bridge parameter menu port .0.Remove all VLANs from Spanning Tree Group on . Spanning Tree can be enabled or disabled for each port.Globally turn Spanning Tree OFF default . This command is turned on by default. Spanning Tree configures the network so that a switch uses only the most efficient path. Spanning Tree Protocol (STP) detects and eliminates logical loops in a bridged or switched network. Spanning Tree automatically sets up another active path on the network to sustain network operations.2 Command Reference /cfg/l2/stg Spanning Tree Group Configuration When multiple paths exist on a network. If that path fails. STP forces redundant data paths into a standby (blocked) state. All other Spanning Tree groups (2-16) can have only one VLAN associated with it. The default Spanning Tree group (1) can have more than one VLAN.Add VLAN(s) to Spanning Tree Group remove .Remove VLAN(s) from Spanning Tree Group clear . Each VLAN can be placed in only one Spanning Tree group per switch except for the default Spanning Tree group (STG 1).

January 2005 Chapter 6: The Configuration Menu 289 .0. remove <VLAN numbers (1-4090)> Breaks the association between a VLAN and a spanning tree and requires an external VLAN ID as a parameter.2 Command Reference NOTE – When VRRP is used for active/active redundancy. To view menu options. on Globally enables Spanning Tree Protocol. port <port number> Displays the Spanning Tree Port Menu. cur Displays the current Spanning Tree Protocol parameters. see page 291. clear Removes all VLANs from a spanning tree.Alteon OS 22. Table 6-46 Spanning Tree Configuration Menu (/cfg/l2/stp) Command Syntax and Usage brg Displays the Bridge Spanning Tree Menu. 315393-J. STP must be enabled. see page 290. To view menu options. default Resets STG and Group member parameters to factory default. add <VLAN numbers (1-4090)> Associates a VLAN with a spanning tree and requires an external VLAN ID as a parameter. off Globally disables Spanning Tree Protocol.

Set bridge Max Age (6-40 secs) fwd . The forward delay parameter specifies the amount of time that a bridge port has to wait before it changes from the listening state to the learning state and from the learning state to the forwarding state. and the default is 2 seconds. hello <new bridge hello time (1-10 secs)> Configures the bridge hello time. 290 Chapter 6: The Configuration Menu 315393-J. January 2005 .2 Command Reference /cfg/l2/stg/brg Bridge Spanning Tree Configuration [Bridge Spanning Tree Menu] prior .0.Set bridge Forward Delay (4-30 secs) aging .Set bridge Hello Time [1-10 secs] mxage .The hello time specifies how often the root bridge transmits a configuration bridge protocol data unit (BPDU). STP bridge parameters include: Bridge priority Bridge hello time Bridge maximum age Forwarding delay Bridge aging time Table 6-47 Bridge Spanning Tree Menu Options (/cfg/l2/stp/brg) Command Syntax and Usage prior <new bridge priority (0-65535)> Configures the bridge priority. configure the bridge priority lower than all other switches and bridges on your network. The maximum age parameter specifies the maximum time the bridge waits without receiving a configuration bridge protocol data unit before it re configures the STP network. To make this switch the root bridge. fwd <new bridge Forward Delay (4-30 secs)> Configures the bridge forward delay parameter. The range is 0 to 65535. and the default is 15 seconds.Display current bridge parameters Spanning Tree bridge parameters affect the global STP operation of the switch. Any bridge that is not the root bridge uses the root bridge hello value. The range is 6 to 40 seconds.Set bridge Aging Time (1-65535 secs.Alteon OS 22. The range is 1 to 10 seconds. The range is 4 to 30 seconds.Set bridge Priority [0-65535] hello . The lower the value. The bridge priority parameter controls which bridge on the network is the STP root bridge. mxage <new bridge max age (6-40 secs)> Configures the bridge maximum age. 0 to disable) cur . and the default is 32768. and the default is 20 seconds. the higher the bridge priority.

The range is 1 to 65535 seconds. 0 to disable)> Configures the forwarding database aging time. the following formulas must be used: 2*(fwd-1) > mxage 2*(hello+1) < mxage /cfg/l2/stg <STG Group Index>/port <port #> Spanning Tree Port Configuration [Spanning Tree Port 1 Menu] prior .Alteon OS 22.Display current port Spanning Tree parameters Spanning Tree port parameters are used to modify STP operation on an individual port basis.0.Set port Path Cost (1-65535. When configuring STP bridge parameters. set this parameter to 0. The aging time specifies the amount of time the bridge waits without receiving a packet from a station before removing the station from the forwarding database. 0 for default) on . cur Displays the current bridge STP parameters. January 2005 Chapter 6: The Configuration Menu 291 . 315393-J.Set port Priority (0-255) cost .2 Command Reference Table 6-47 Bridge Spanning Tree Menu Options (/cfg/l2/stp/brg) Command Syntax and Usage aging <new bridge Aging Time (1-65535 secs.Turn port's Spanning Tree ON off .Turn port's Spanning Tree OFF cur . To disable aging. STP port parameters include: Port priority Port path cost STP is turned on by default for the port. and the default is 300 seconds.

/cfg/l2/trunk <trunk group number> Trunk Configuration Trunk groups can provide super-bandwidth and multi-link connections between Alteon Application Switches or other trunk capable devices. 0 for default)> Configures the port path cost. A value of 0 indicates that the default cost will be computed for an auto negotiated link speed. Generally speaking. on Enables STP on the port. January 2005 . and 1 for Gigabit ports. The default is 10 for 100Mbps ports. The port priority helps determine which bridge port becomes the designated port. 292 Chapter 6: The Configuration Menu 315393-J. Trunking from non-Alteon devices must comply with Cisco® EtherChannel® technology. the faster the port.2 Command Reference Table 6-48 Spanning Tree Port Menu (/cfg/l2/stp/port) Command Syntax and Usage prior <new port Priority (0-255)> Configures the port priority.0. Up to 12 trunk groups can be configured on the Alteon Application Switch. the port with the lowest port priority becomes the designated port for the segment.Alteon OS 22. combining their bandwidth to create a single. with the following restrictions: Any physical switch port can belong to no more than one trunk group. cost <new port Path Cost (1-65535. When trunk groups are configured. The port path cost is used to help determine the designated port for a segment. The range is 1 to 65535. A trunk group is a group of ports that act together. the lower the path cost. Up to eight ports/trunks can belong to the same trunk group. you can view the state of each port in the various trunk groups. and the default is 128. cur Displays the current STP port parameters. off Disables STP on the port. larger virtual link. The range is 0 to 255. Best performance is achieved when all ports in a trunk are configured for the same speed. In a network topology that has multiple bridge ports connected to a single segment.

rem <port number> Removes a physical port from the current trunk group. dis Turns the current trunk group off.0.Add port to trunk group rem . By default.Display current Trunk Group configuration Table 6-49 Trunk Configuration Menu Options (/cfg/l2/trunk) Command Syntax and Usage cont <BWM Contract (1-256)> Sets the default Bandwidth Management Contract for this trunk group.Enable trunk group dis .2 Command Reference By default. 315393-J.Disable trunk group del .Remove port from trunk group ena . cur Displays the current trunk group parameters. the contract number is 256 for AD3 and 1024 for AD4.Set BW contract for this trunk group add . del Removes the current trunk group configuration.Alteon OS 22. January 2005 Chapter 6: The Configuration Menu 293 . the trunk group is empty and disabled. add <port number> Adds a physical port to the current trunk group. [Trunk group 1 Menu] cont .Delete trunk group cur . ena Enables the current trunk group.

You can configure the trunk groups manually called the static trunks as well as you can configure dynamic trunk group using the IEEE 802.0. This port initiates negotiation with the partner system port by sending LACPDU (Link Aggregation Control Protocol Data Unit) packets. This port only responds to the negotiation requests sent from an LACP active port. traffic is reassigned dynamically to the remaining links of the LACP trunk group or is assigned to the standby LACP links. When the system initializes.3ad standard is Link Aggregation Control Protocol (LACP). Link aggregation is a method of grouping physical link segments of the same media type and speed in full duplex. January 2005 . It provides for the controlled addition and removal of physical links for the link aggregation.2 Command Reference /cfg/l2/lacp Link Aggregation Control Protocol Menu Alteon OS 22. If a link in a LACP trunk group fails.3ad-2000 for a detailed information about the standard.3ad standard (LACP).0.3ad standard called the LACP trunks. logical link segment. At the core of the 802. Each external port in the Alteon OS can have one of the following LACP modes.2 supports IEEE 802. off (default) The user can configure this port to a regular static trunk group. This protocol allows the user to group several physical ports into one logical port (LACP trunk group) with any switch that supports IEEE 802. all ports are in off mode by default.3ad standard allows two or more standard Ethernet links to form a single Layer 2 link using the Link Aggregation Control Protocol (LACP). The maximum number of configurable trunk groups are 40: 12 user configurable trunks and 28 LACP trunks depending upon the maximum number of ports in the switch. The 802.3ad standard on the Alteon OS.Alteon OS 22. passive The port is capable of forming an LACP trunk. 294 Chapter 6: The Configuration Menu 315393-J. active The port is capable of forming an LACP trunk. and treating them as if they were part of a single. NOTE – Refer to IEEE 802. LACP automatically determines which member links can be aggregated and then aggregates them. The maximum number of active physical ports in any trunk group is eight and the number of standby ports is also eight.

System priority is used when there are more than eight ports configured with the same adminkey. and an aggregator for LACP to start negotiation on these ports. NOTE – All ports are in LACP off mode by default. cur Displays the current LACP configuration. The default value is long. port <port number> Displays the LACP Port menu.LACP port Menu cur . You can choose between short (3 seconds) or long (90 seconds) timeout periods. You can form an active LACP trunk group with all the ports that have the same LAG ID. decides which eight ports should be combined to form a trunk group between two switches. Please refer to your Alteon OS Application Guide for a detailed information on this protocol.2 Command Reference Each LACP active or passive port needs an admin. The link can generate Link Aggregation ID (LAG ID) based on the operational key. All the aggregatable ports must have the same LAG ID. To view menu options. an operational key. The default value is 32768.Set LACP system priority timeout . The system priority. The rest of the ports stay in standby mode to substitute for any failed ports. You need to assign the same admin key to a group of ports to make them aggregatable. [LACP Menu] sysprio .0. timeout <short|long> Defines the timeout period before invalidating LACP data from a remote partner.Set LACP system timeout scale for timing out partner info port .Alteon OS 22. January 2005 Chapter 6: The Configuration Menu 295 .Display current LACP configuration Table 6-50 Link Aggregation Control Protocol Menu Options (/cfg/l2/lacp) Command Syntax and Usage sysprio <1-65535> Defines the priority value (1 through 65535) for the Alteon OS. see page 296. in conjunction with port priority. Lower numbers provide higher priority. 315393-J. Use the following commands to configure LACP on the Alteon OS.

you can turn LACP off for this port. All ports are in off mode by default.Alteon OS 22. but only respond to the negotiation requests from active ports. Only ports with the same admin key and oper key (operational state generated internally) can form an LACP trunk group. Passive ports do not initiate negotiation. cur Displays the current LACP configuration for this port. Lower numbers provide higher priority. active: Using this option.Set LACP port priority adminkey . you can turn LACP on and set this port to active. adminkey <1-255> Sets the admin key for this port. you can turn LACP on and set this port to passive mode.0. The default value is 128.Display current LACP port configuration Use the following commands to configure Link Aggregation Control Protocol (LACP) on a selected port.Set LACP port admin key cur . You can use this port to manually configure a static trunk. January 2005 .2 Command Reference /cfg/l2/lacp/port <port number> LACP Port Configuration Menu [LACP Port 1 Menu] mode . prio <1-65535> Sets the priority value for the selected port. 296 Chapter 6: The Configuration Menu 315393-J. passive: Using this option. Only active ports initiate negotiation with the partner system port by sending the LACPDU packets.Set LACP mode prio . Table 6-51 Link Aggregation Control Protocol Port Configuration Menu Options (/cfg/l2/lacp/port #) Command Syntax and Usage mode <off for no LACP or active or passive> off: Using this option.

The commands in this menu configure VLAN attributes.Alteon OS 22. [VLAN 1 Menu] name stg cont add rem def jumbo learn ena dis del cur - Set VLAN name Assign VLAN to a Spanning Tree Group Set BW contract Add port to VLAN Remove port from VLAN Define VLAN as list of ports Enable/disable Jumbo Frame support Enable/disable smac learning Enable VLAN Disable VLAN Delete VLAN Display current VLAN configuration Table 6-52 VLAN Configuration Menu Options (/cfg/l2/vlan) Command Syntax and Usage name Assigns a name to the VLAN or changes the existing name. and to enforce security policies among logical segments. which is enabled all the time. stg <Spanning Tree Group index (1-16)> Assigns a VLAN to a Spanning Tree Group. add <port number> Adds port(s) or trunk group(s) to the VLAN membership. change the status of the VLAN. (1-256)> Sets the Bandwidth Management contract for this VLAN. By default. and change the port membership of the VLAN. 315393-J.2 Command Reference /cfg/l2/vlan <VLAN number> VLAN Configuration VLANs are commonly used to split up groups of network users into manageable broadcast domains.0. see “Setup Part 3: VLANs” on page 34. to create logical segmentation of workgroups. delete the VLAN. The default VLAN name is the first one. For more information on configuring VLANs. January 2005 Chapter 6: The Configuration Menu 297 . the VLAN menu option is disabled except VLAN 1. rem <port number> Removes port(s) or trunk group(s) from this VLAN. The default contract number is 256 on AD3 and 1024 on AD4. cont <BW Contract number.

jumbo disable|enable Enables or disables jumbo frame support on this VLAN. del Deletes this VLAN. January 2005 . you cannot add a port to more than one VLAN unless the port has VLAN tagging turned on (see the tag command on page 270). By default.2 Command Reference Table 6-52 VLAN Configuration Menu Options (/cfg/l2/vlan) Command Syntax and Usage def <list of port numbers> Defines which ports are members of this VLAN. ena Enables this VLAN.Alteon OS 22. learn disable|enable Enables or disables source MAC address learning on this VLAN. it defines ports between 1-28 for VLAN 1.0. Any port which is removed from a VLAN and which is not a member of any other VLAN is automatically added to default VLAN #1. NOTE – All ports must belong to at least one VLAN. 298 Chapter 6: The Configuration Menu 315393-J. You need to reset the switch using /boot/reset command to enable jumbo frames on the switch. Also. Every port must be a member of at least one VLAN. cur Displays the current VLAN configuration. You cannot remove a port from VLAN #1 if the port has no membership in any other VLAN. dis Disables this VLAN without removing it from the configuration.

frwd Displays the IP Forwarding Menu. see page 306. arp Displays Address Resolution Protocol menu. see page 301. 315393-J. see page 304. To view menu options see page 309. To view menu options.0. see page 313. To view menu options. To view menu options see page 308. January 2005 Chapter 6: The Configuration Menu 299 . see page 304.Alteon OS 22. rip1 Displays the Routing Interface Protocol Menu. route Displays the IP Static Route Menu. gw <default gateway number (1-259)> Displays the IP Default Gateway Menu. To view menu options. rmap <route map number (1-32)> Displays the Route Map Menu. nwf <Network filter number (1-256)> Displays the Network Filter Configuration Menu. To view menu options.2 Command Reference /cfg/l3 Layer 3 Configuration Menu [Layer 3 Menu] if gw route arp frwd nwf rmap rip1 ospf bgp port dns bootp vrrp rtrid metrc cur Interface Menu Default Gateway Menu Static Route Menu ARP Menu Forwarding Menu Network Filters Menu Route Map Menu Routing Information Protocol Menu Open Shortest Path First (OSPF) Menu Border Gateway Protocol Menu IP Port Menu Domain Name System Menu Bootstrap Protocol Relay Menu Virtual Router Redundancy Protocol Menu Set router ID Set default gateway metric Display current IP configuration Table 6-53 Layer 3 Configuration Menu Options (/cfg/l3) Command Syntax and Usage if <interface number (1-256)> Displays the IP Interface Menu. To view menu options. To view menu options. see page 302.

For more information on gateway metrics.4. To view menu options. bgp Displays the Border Gateway Protocol Menu. To view menu options. To view menu options. see page 324. 192. 300 Chapter 6: The Configuration Menu 315393-J.17. rtrid <IP address (such as. cur Displays the current IP configuration. bootp Displays the Bootstrap Protocol Menu. dns Displays the IP Domain Name System Menu.101)> Defines the router ID. see page 315. To view menu options. January 2005 . To view menu options. port <port number> Displays the IP Port Menu.2 Command Reference Table 6-53 Layer 3 Configuration Menu Options (/cfg/l3) Command Syntax and Usage ospf Displays the OSPF Menu. metrc strict|roundrobin Sets the default gateway metric for strict or roundrobin. The default gateway metric is strict. see page 333. see page 347.0.Alteon OS 22. see page 330. see page 331. vrrp Displays Virtual Router Redundancy Protocol Menu. see page 332. To view menu options.

101)> Configures the IP address of the switch interface using dotted decimal notation. Each IP interface represents the Alteon Application Switch on an IP subnet on your network. mask <IP subnet mask (such as 255. ena Enables this IP interface.17.Alteon OS 22. relay disable|enable Enables or disables the BOOTP relay on this interface. The Interface option is disabled by default. cur Displays the current interface settings. It is enabled by default.255. January 2005 Chapter 6: The Configuration Menu 301 . Each interface can belong to one VLAN.0)> Configures the IP subnet address mask for the interface using dotted decimal notation. del Removes this IP interface.0. vlan <VLAN number (1-4090)> Configures the VLAN number for this interface. 315393-J.4. dis Disables this IP interface. though any VLAN can have multiple IP interfaces in it.2 Command Reference /cfg/l3/if <interface number> IP Interface Configuration [IP Interface addr mask vlan relay ena dis del cur 1 Menu] Set IP address Set subnet mask Set VLAN number Enable/disable BOOTP relay Enable IP interface Disable IP interface Delete IP interface Display current interface configuration The Alteon Application Switch can be configured with up to 256 IP interfaces.255. Table 6-54 IP Interface Menu Options (/cfg/l3/if) Command Syntax and Usage addr <IP address (such as 192.

retry <number of attempts (1-120)> Sets the number of failed health check attempts required before declaring this default gateway inoperative. Gateways five to 259 are used for load-balancing of VLAN-based gateways. intr <0-60 seconds> The switch pings the default gateway to verify that it’s up.Disable default gateway del .2 Command Reference /cfg/l3/gw <gateway number> Default IP Gateway Configuration [Default gateway 1 Menu] addr .Set VLAN number prio . January 2005 .Set interval between ping attempts retry . vlan <VLAN number (1-4090)> Sets the VLAN to be assigned to this default IP gateway.Enable/disable ARP only health checks ena . Gateways one to four are reserved for default gateway load balancing. The default is 2 seconds. This option is disabled by default. 192. The range is from 1 to 120 seconds.Set priority of default gateway route arp . Table 6-55 Default Gateway Options (/cfg/l3/gw) Command Syntax and Usage addr <default gateway address (such as.Alteon OS 22.Set IP address intr .4.17.Delete default gateway cur .Display current default gateway configuration NOTE – The switch can be configured with up to 255 gateways. The default is 8 attempts.44)> Configures the IP address of the default IP gateway using dotted decimal notation.Enable default gateway dis .Set number of failed attempts to declare gateway DOWN vlan . 302 Chapter 6: The Configuration Menu 315393-J. The intr option sets the time between health checks.0. The range is from 1 to 120 attempts.

BGP.2 Command Reference Table 6-55 Default Gateway Options (/cfg/l3/gw) Command Syntax and Usage prio <high|low> Allows you to change the priority of the default gateway route to either high or low. arp disable|enable Enables or disables Address Resolution Protocol (ARP) health checks. ena Enables the gateway for use. del Deletes the gateway from the configuration. dis Disables the gateway. If you set the priority to low. NOTE – By default learned default route has higher priority than the configured default gateway route.Alteon OS 22. This command is disabled by default. then the default gateway route will always be preferred over learned default routes (such as from OSPF. cur Displays the current gateway settings. then learned default routes will always be preferred over the default gateway route. or RIP protocols). Default Gateway Metrics For information about configuring which gateway is selected when multiple default gateways are enabled. If you set the priority to high. see page 347. relative to learned default routes. January 2005 Chapter 6: The Configuration Menu 303 .0. 315393-J.

Display current static routes Up to 128 static routes can be configured.2 Command Reference /cfg/l3/route IP Static Route Configuration [IP Static Route Menu] add . Table 6-56 IP Static Route Configuration Menu Options (cfg/l3/route) Command Syntax and Usage add <destination> <mask> <gateway> <interface number> Adds a static route. where any packet routed to this destination will be dropped.Remove static route cur . the route becomes a black hole route. destination subnet mask. In any IP communication.Add static route rem . January 2005 . ARP resolves a physical address from an IP address. [ARP Menu] static rearp cur . rem <destination> <mask> Removes a static route.0. /cfg/l3/arp ARP Configuration Menu Address Resolution Protocol (ARP) is the TCP/IP protocol that resides within the Internet layer. You will be prompted to enter a destination IP address..0.Alteon OS 22. ARP also maintains IP to physical address pairs in its cache memory. the ARP cache is consulted to see if the IP address of the computer or the router is present in the ARP cache. and gateway address. cur Displays the current IP static routes. Enter all addresses using dotted decimal notation.0. The destination address of the route to remove must be specified using dotted decimal notation.Display current ARP configuration 304 Chapter 6: The Configuration Menu 315393-J. Then the corresponding physical address is used to send a packet.Set re-ARP period in minutes .0.Static ARP Menu . ARP queries machines on the local network for their physical addresses. If a gateway address is 0.

2 Command Reference Table 6-57 ARP Configuration Menu Options (/cfg/l3/arp) Command Syntax and Usage static Displays Static ARP menu. /cfg/l3/arp/static ARP Static Configuration Menu Static ARP entries are permanent in the ARP cache and do not age out like the ARP entries that are learnt dynamically. To view options. Static ARP entries enable the switch to reach the hosts without sending an ARP broadcast request to the network. [Static ARP Menu] add . NOTE – Alteon OS 21.Add a permanent ARP entry del . 315393-J. cur Displays the current ARP configurations. del <IP address (such as. January 2005 Chapter 6: The Configuration Menu 305 .101)> Deletes a permanent ARP entry.Delete an ARP entry cur . cur Displays current static ARP configuration. see page 305.0.Display current static ARP configuration Table 6-58 ARP Static Configuration Menu Options (/cfg/l3/arp/static) Command Syntax and Usage add <IP address> <MAC address> <VLAN number> <port number> Adds a permanent ARP entry. You can set this duration between two and 120 minutes. Static ARPs can also be configured on some gateways as a protection against malicious ARP Cache corruption and possible DOS attacks.x and below allow the user to configure the ARP information but that information cannot be retained over a switch reboot. Static ARPs are also useful to communicate with devices that do not respond to ARP requests.Alteon OS 22.4.17. Alteon OS 20. 192.0 and above allows the static ARP configuration to be retained over reboots. rearp <2-120 minutes> Defines re-ARP period in minutes.

dirbr disable|enable Enables or disables forwarding directed broadcasts.2 Command Reference /cfg/l3/frwd IP Forwarding Configuration Menu [IP Forwarding Menu] local . Up to five local networks (lnets) can be configured.0.Enable or disable forwarding directed broadcasts on . off Disables IP forwarding (routing) on the Alteon Application Switch.Remove local network definition cur . To view menu options. see page 306. This command is disabled by default. on Enables IP forwarding (routing) on the Alteon Application Switch.Local network definition for route caching menu dirbr .Globally turn IP Forwarding OFF cur .Alteon OS 22. January 2005 . and to remove local networks. cur Displays the current IP forwarding settings.Display current IP Forwarding configuration Table 6-59 IP Forwarding Configuration Menu Options (/cfg/l3/frwd) Command Syntax and Usage local Displays the menu used to define local network for route caching. /cfg/l3/frwd/local Local Network Route Caching Definition This menu is used for adding local networks by setting the local network address and netmask for the route cache. Forwarding is turned off by default. [IP Local Networks Menu] add .Globally turn IP Forwarding ON off .Add local network definition rem .Display current local network definitions 306 Chapter 6: The Configuration Menu 315393-J.

cur Displays the current local network definitions.0. Defining IP Address Ranges for the Local Route Cache The Local Route Cache lets you use switch resources more efficiently.0 Mask 128.0.255.0.0.0. The /cfg/l3/frwd/local/add parameters define a range of addresses that will be cached on the Alteon Application Switch.255 128. you could configure the parameters as shown in the examples in the following table.32. This produces a range that includes all Internet addresses for route caching: 0.0 205. the local network address and mask are both set to 0.0.0 255.0.205. To determine if a route should be added to the memory cache.127.0.32. To limit the route cache to your local hosts. rem <local network address> <local network mask> Removes a definition for a local network.255.0.0 128. Addresses to be cached are subnets that are directly connected and for which there is an interface configured on the Alteon Application Switch.0.0 128. Table 6-60 Local Routing Cache Address Ranges Local Host Address Range 0. by reducing the size of the ARP table on the Alteon Application Switch.0 .255.0 .0.255.0 through 255.0. The default gateways must be within range.0 .0.255.0. see “Defining IP Address Ranges for the Local Route Cache” on page 307.255.255 205.255.Alteon OS 22. and the local network mask is the mask which is applied to produce the range.255.2 Command Reference Table 2 IP Local Networks Menu Options (/cfg/l3/frwd/local) Command Syntax and Usage add <local network address> <local network mask> Adds a definition for a local network.0. 315393-J. The local network address is used to define the base IP address in the range which will be cached. By default.0.255. January 2005 Chapter 6: The Configuration Menu 307 .0 NOTE – All addresses that fall outside the defined range are forwarded to the default gateway.0.255.0.0.0.32.255 Address 0.0. For details. the destination address is masked (bitwise and) with the local network mask and checked against the local network address.

Display current Network Filter configuration Table 6-61 IP Network Filter Menu Options (/cfg/l3/nwf) Command Syntax and Usage addr <IP address (such as.Alteon OS 22. mask <subnet mask (such as. For Border Gateway Protocol (BGP).IP Address mask . disable Disables the Network Filter configuration. The default address is 0.0.0. cur Displays the current the Network Filter configuration.255.2 Command Reference /cfg/l3/nwf Network Filter Configuration [IP Network Filter 1 Menu] addr .44)> Sets the starting IP address for this filter. The default value is 0.0.Delete Network Filter cur . 192.4.Disable Network Filter delete .17.0. assign the network filter to a route map.0)> Sets the IP subnet mask that is used with /cfg/l3/nwf/addr to define the range of IP addresses that will be accepted by the peer when the filter is enabled.Enable Network Filter disable . delete Deletes the Network Filter configuration. enable Enables the Network Filter configuration.255.IP Subnet mask enable .0. then assign the route map to the peer.0. 308 Chapter 6: The Configuration Menu 315393-J.0. January 2005 . 255.

January 2005 Chapter 6: The Configuration Menu 309 . see page 312.Alteon OS 22. metric <(value 0-4294967294)>|none Sets the metric of the matched route. For more information. see page 311. ap <AS number> [<AS number>] [<AS number>]|none Sets the AS path preference of the matched route.0. One to three path preferences can be configured. For more information. [IP Route Map alist aspath ap lp metric type prec weight enable disable delete cur 1 - Menu] Access List number AS Filter Menu Set as-path prepend of the matched route Set local-preference of the matched route Set metric of the matched route Set OSPF metric-type of the matched route Set the precedence of this route map Set weight of the matched route Enable route map Disable route map Delete route map Display current route map configuration Table 6-62 Routing Map Menu Options (/cfg/l3/rmap) Command Syntax and Usage alist <number (1-8)> Displays the Access List menu. NOTE – The map number (1-32) represents the routing map you wish to configure. lp <(value 0-4294967294)>|none Sets the local preference of the matched route. which affects both inbound and outbound directions.2 Command Reference /cfg/l3/rmap <route map number> Route Map Configuration Menu Route maps control and modify routing information. aspath <number (1-8)> Displays the Autonomous System (AS) Filter menu. 315393-J. The path with the higher preference is preferred.

enable Enables the route map. disable Disables the route map. The default is type 1. cur Displays the current route configuration. 310 Chapter 6: The Configuration Menu 315393-J.0.2 Command Reference Table 6-62 Routing Map Menu Options (/cfg/l3/rmap) (Continued) Command Syntax and Usage type <value (1|2)>|none Assigns the type of OSPF metric. Type 1—External routes are calculated using both internal and external metrics. Type 2 routes have more cost than Type 2. weight <value (0-65534)>|none Sets the weight of the route map. The smaller the value. prec <value (1-255)> Sets the precedence of the route map.Alteon OS 22. the higher the precedence. January 2005 . delete Deletes the route map. Default value is 10. none—Removes the OSPF metric. Type 2—External routes are calculated using only the external metrics.

action permit|deny or p|d Permits or denies action for the access list. enable Enables the access list. cur Displays the current Access List configuration. delete Deletes the access list.2 Command Reference /cfg/l3/rmap <route map number/alist <access list number> IP Access List Configuration Menu NOTE – The route map number (1-32) and the access list number (1-8) represent the IP access list you wish to configure.0. [IP Access List nwf metric action enable disable delete cur - 1 Menu] Network Filter number Metric Set Network Filter action Enable Access List Disable Access List Delete Access List Display current Access List configuration Table 6-63 IP Access List Menu Options (/cfg/l3/rmap/alist) Command Syntax and Usage nwf <network filter number (1-256)> Sets the network filter number. metric <(1-4294967294)>|none Sets the metric value in the AS-External (ASE) LSA. 315393-J.Alteon OS 22. See “/cfg/l3/nwf” on page 308 for details. January 2005 Chapter 6: The Configuration Menu 311 . disable Disables the access list.

AS number action . January 2005 .Display current AS Filter configuration Table 6-64 AS Filter Menu Options (/cfg/l3/rmap/aspath) Command Syntax and Usage as <AS number (1-65535)> Sets the Autonomous System filter’s path number. 312 Chapter 6: The Configuration Menu 315393-J.2 Command Reference /cfg/l3/rmap <route map number> aspath <autonomous system path> Autonomous System Filter Path NOTE – The rmap number (1-32) and the path number (1-8) represent the AS path you wish to configure. disable Disables the Autonomous System filter. delete Deletes the Autonomous System filter. [AS Filter 1 Menu] as .Delete AS Filter cur .0. action permit|deny or p|d Permits or denies Autonomous System filter action.Enable AS Filter disable . cur Displays the current Autonomous System filter configuration.Disable AS Filter delete .Alteon OS 22. enable Enables the Autonomous System filter.Set AS Filter action enable .

If information about a network is not received for 90 seconds. If information about a network is not received for 180 seconds (six update intervals). For RIP1.Globally turn RIP OFF cur .Set update period in seconds spply .2 Command Reference /cfg/l3/rip1 Routing Information Protocol Configuration The Routing Information Protocol (RIP) is an interior gateway protocol (IGP). RIP uses broadcast User Datagram protocol (UDP) data packets to exchange routing information.Alteon OS 22. This update contains known networks and the distances (hop count) associated with each one.Display current RIP configuration NOTE – Do not configure RIP1 parameters if your routing equipment uses RIP version 2.Enable/disable vip advertisement on . RIP sends routing information updates every 30 seconds. which means the network has become unreachable.Enable/disable poisoned reverse vip . 315393-J.Enable/disable supplying static routes poisn . version 1 (RIP1) parameters. The distance or hop count is used as the metric to determine the best path to a remote network or host where the hop count does not exceed 15 hops assuming a cost of one for each network. the natural mask is always applied by the router receiving the update. it is removed from the routing table.0.Globally turn RIP ON off . For RIP2. This option is turned off by default.Enable/disable supplying route updates lsten .Enable/disable listening to default routes statc . no mask information is exchanged. the metric associated with the network is raised to infinity (U) – the metric is set for 16. [Routing Information Protocol Menu] updat . The RIP1 Menu is used for configuring Routing Information Protocol.Enable/disable listening to route updates deflt . January 2005 Chapter 6: The Configuration Menu 313 . RIP is one of a class of algorithms known as distance vector algorithms. mask information is sent.

it will always be advertised except when it is included in another network route that is already being advertised.2 Command Reference Table 6-65 Routing Information Protocol Menu (/cfg/l3/rip1) Command Syntax and Usage updat <update period (1-120 seconds)> Sets the RIP update period in seconds. off Globally turns RIP OFF. the switch uses split horizon with poisoned reverse. the switch supplies static routes. spply disable|enable Enables or disables supplying route updates.Alteon OS 22. the route gets removed from the routing table. When disabled. the switch rejects RIP default routes. the VIP route does not get eliminated from the routing table. poisn disable|enable This command is disabled by default.0. deflt disable|enable When enabled. the switch learns routes from other routers. January 2005 . vip disable|enable Enables or disables the advertisement of virtual IP addresses as Host Routes. and the switch will continue to advertise the route. Note: If all real servers behind a VIP go down. statc disable|enable This command is disabled by default. This command is disabled by default. This command is disabled by default. lsten disable|enable When enabled. the switch supplies routes to other routers. on Globally turns RIP ON. If we disable all the real servers using operation command. cur Displays the current RIP configuration. When disabled. the switch uses only split horizon. When enabled. It is set at 30 seconds by default. This command is disabled by default. When enabled. and will not be advertised. the switch accepts RIP default routes from other routers. When enabled. 314 Chapter 6: The Configuration Menu 315393-J. but gives them lower priority than configured gateways. If a VIP route exists in a routing table.

Set the LSDB limit for external LSA default . Areas inject summary routing information into the backbone.Globally turn OSPF ON off . one area must be designated as area 0.OSPF Host Entry Menu redist . See page 321 to view menu options.OSPF MD5 Key Menu host . OSPF is designed for routing traffic within a single IP domain called an Autonomous System (AS). January 2005 Chapter 6: The Configuration Menu 315 . In any AS with multiple areas.OSPF Area (index) Menu range . The Alteon OS implementation conforms to the OSPF version 2 specifications detailed in Internet RFC 1583.Display current OSPF configuration Table 6-66 OSPF Configuration Menu Options (/cfg/l3/ospf) Command Syntax and Usage aindex <area index (0-2)> Displays the area index menu.Globally turn OSPF OFF cur . See page 319 to view menu options. range <range number (1-16)> Displays summary routes menu for up to 16 IP addresses. The AS can be divided into smaller logical units known as areas. See page 317 to view menu options.0.OSPF Virtual Links Menu md5key . For more information on how to configure OSPF on the switch.Export default route information on . which then distributes it to other areas as needed. [Open Shortest Path First Menu] aindex . if <interface number (1-256)> Displays the OSPF interface configuration menu.OSPF Summary Range Menu if .2 Command Reference /cfg/l3/ospf Open Shortest Path First Configuration Alteon OS supports the Open Shortest Path First (OSPF) routing protocol.OSPF Route Redistribute Menu lsdb . refer to your Alteon OS Application Guide. This area index does not represent the actual OSPF area number. The backbone acts as the central OSPF area. known as the backbone.Alteon OS 22. All other areas in the AS must be connected to the backbone. See page 318 to view menu options. 315393-J.OSPF Interface Menu virt . virt <virtual link (1-3)> Displays the Virtual Links menu used to configure OSPF for a Virtual Link.

Alteon OS 22. Host routes are used for advertising network device IP addresses to external networks to perform server load balancing within OSPF. off Disables OSPF on the Alteon Application Switch. Up to 128 host routes can be configured. It also makes Area Border Route (ABR) load sharing and ABR failover possible. lsdb <LSDB limit (0-2000. See page 322 to view menu options. cur Displays the current OSPF configuration settings. on Enables OSPF on the Alteon Application Switch.0. Use none for no default. default <metric (1-16777215)> <metric-type 1|2>|none Sets one default route among multiple choices in an area. 0 for no limit)> Sets the link state database limit. See host <host entry number (1-128)> Displays the menu for configuring OSPF for the host routes.2 Command Reference Table 6-66 OSPF Configuration Menu Options (/cfg/l3/ospf) Command Syntax and Usage md5key <key ID (1-255)> Assigns a string to MD5 authentication key. January 2005 . redist <fixed|static|rip|ebgp|ibgp> Displays Route Distribution Menu See page 323 to view menu options. 316 Chapter 6: The Configuration Menu 315393-J.

4.Disable area delete .Enable area disable . Stub area: is an area where external routing information is not distributed.Delete area cur .Alteon OS 22. NSSA: Not-So-Stubby Area (NSSA) is similar to stub area with additional capabilities. MD5: This parameter is used when MD5 cryptographic authentication is required.0. External routes from outside the Autonomous System (AS) can be advertised within the NSSA but are not distributed into other areas. 315393-J. For example. Password: Authenticates simple passwords so that only trusted routing devices can participate. the area type must be defined as transit. 192. Transit area: allows area summary information to be exchanged between routing devices.Set area type metric . metric <metric value (1-65535)> Configures a stub area to send a numeric metric value. All routes received via that stub area carry the configured metric to potentially influencing routing decisions.17.Set area ID type .Set time interval between two SPF calculations enable .Set stub area metric auth . Typically. when a virtual link has to be established with the backbone. auth none|password|md5 None: No authentication required. a stub area is connected to only one other area. Any area that is not a stub area or NSSA is considered to be transit area.Set authentication type spf . For example. Metric value assigns the priority for choosing the switch for default route. routes originating from within the NSSA can be propagated to adjacent transit and backbone areas.2 Command Reference /cfg/l3/ospf/aindex Area Index Configuration Menu [OSPF Area (index) 1 Menu] areaid . type transit|stub|nssa Defines the type of area. Metric type determines the method for influencing routing decisions for external routes. January 2005 Chapter 6: The Configuration Menu 317 .101)> Defines the IP address of the OSPF area number.Display current OSPF area configuration Table 6-67 Area Index Configuration Menu Options (/cfg/l3/ospf/aindex) Command Syntax and Usage areaid <IP address (such as.

101> Displays the IP address mask for the range.Enable/disable hide range . 318 Chapter 6: The Configuration Menu 315393-J. aindex <area index [0-2]> Displays the area index used by the Alteon Application Switch. disable Disables the OSPF area. cur Displays the current OSPF configuration. 192.Set IP address .4. /cfg/l3/ospf/range OSPF Summary Range Configuration Menu [OSPF Summary addr mask aindex hide enable disable delete cur Range 1 Menu] .4. enable Enables the OSPF area. 192.Alteon OS 22.Disable range .Enable range . January 2005 .17.2 Command Reference Table 6-67 Area Index Configuration Menu Options (/cfg/l3/ospf/aindex) Command Syntax and Usage spf <interval (0-255)> Sets time interval between two successive SPF (shortest path first) calculations of the shortest path tree using the Dijkstra’s algorithm.Display current OSPF summary range configuration Table 6-68 OSPF Summary Range Configuration Menu Options (/cfg/l3/ospf/range) Command Syntax and Usage addr <IP Address (such as.0. delete Deletes the OSPF area.Delete range .101)> Displays the base IP address for the range.17. mask <IP address (such as.Set area index .Set IP mask .

/cfg/l3/ospf/if OSPF Interface Configuration Menu [OSPF Interface aindex prio cost hello dead trans retra key mdkey enable disable delete cur 1 Menu] Set area index Set interface router priority Set interface cost Set hello interval in seconds Set dead interval in seconds Set transit delay in seconds Set retransmit interval in seconds Set authentication key Set MD5 key ID Enable interface Disable interface Delete interface Display current OSPF interface configuration 315393-J. disable Disables the OSPF summary range.2 Command Reference Table 6-68 OSPF Summary Range Configuration Menu Options (/cfg/l3/ospf/range) Command Syntax and Usage hide disable|enable Hides the OSPF summary range. enable Enables the OSPF summary range. cur Displays the current OSPF summary range. delete Deletes the OSPF summary range. January 2005 Chapter 6: The Configuration Menu 319 .0.Alteon OS 22.

enable Enables OSPF interface. 320 Chapter 6: The Configuration Menu 315393-J. disable Disables OSPF interface. trans <value (0-3600)> Displays the transit delay in seconds. mdkey <key ID (1-255)>|none Assigns an MD5 key to the interface. Usually the cost is inversely proportional to the bandwidth of the interface. dead <value (1-65535)> Displays the health parameters of a hello packet. January 2005 . A priority value of 0 specifies that the interface cannot be used as Designated Router (DR) or Backup Designated Router (BDR).0. retra <value (0-3600)> Displays the retransmit interval in seconds.) cost <cost value (1-65535)> Displays cost set for the selected path—preferred or backup.2 Command Reference Table 6-69 OSPF Interface Configuration Menu Options (/cfg/l3/ospf/if) Command Syntax and Usage aindex <area index (0-2)> Displays the OSPF area index. hello <value (1-65535)> Displays the interval in seconds between the hello packets for the interfaces. key <key>|none Sets the authentication key to clear the password. which is set for an interval of seconds before declaring a silent router to be down. (A priority value of 127 is the highest and 1 is the lowest. delete Deletes OSPF interface.Alteon OS 22. Low cost indicates high bandwidth. cur Displays the current settings for OSPF interface. prio <priority value (0-255)> Displays the assigned priority value to the Alteon Application Switch’s OSPF interfaces.

Set authentication key . hello <value (1-65535)> Displays the authentication parameters of a hello packet.0.Set transit delay in seconds . key <key>|none Displays the password (up to eight characters) for each virtual link. Default is 0. which is set to be in an interval of seconds. Default is one seconds.Disable interface .Enable interface .0.Alteon OS 22. January 2005 Chapter 6: The Configuration Menu 321 . Default is 40 seconds.2 Command Reference /cfg/l3/ospf/virt OSPF Virtual Link Configuration Menu [OSPF Virtual aindex hello dead trans retra nbr key mdkey enable disable delete cur Link 1 Menu] . Default is none. trans <value (1-3600)> Displays the delay in transit in seconds.0.Set MD5 key ID .Set hello interval in seconds . dead <value (1-65535)> Displays the health parameters of a hello packet.Set dead interval in seconds .0. retra <value (1-3600)> Displays the retransmit interval in seconds.Display current OSPF interface configuration Table 6-70 OSPF Virtual Link Configuration Menu Options (/cfg/l3/ospf/virt) Command Syntax and Usage aindex <area index (0-2)> Displays the OSPF area index.Set router ID of virtual neighbor . which is set to be in an interval of seconds. Default is five seconds. 315393-J.Set area index .Set retransmit interval in seconds . nbr <nbr router ID (IP address)> Displays the router ID of the virtual neighbor.Delete interface . Default is none. mdkey <key ID (1-255)>|none Sets MD5 key ID for each virtual link.

Disable host entry delete .Set host entry IP address aindex .17. delete Deletes OSPF virtual link. disable Disables OSPF virtual link. January 2005 . /cfg/l3/ospf/host OSPF Host Entry Configuration Menu [OSPF Host Entry 1 Menu] addr .2 Command Reference Table 6-70 OSPF Virtual Link Configuration Menu Options (/cfg/l3/ospf/virt) Command Syntax and Usage enable Enables OSPF virtual link.Set area index cost .Display current OSPF host entry configuration Table 6-71 OSPF Host Entry Configuration Menu Options (/cfg/l3/ospf/host) Command Syntax and Usage addr <IP address (such as.Delete host entry cur . 192. disable Disables OSPF host entry. cur Displays the current OSPF virtual link settings. cost <cost value [1-65535]> Displays the cost value of the host.Set cost of this host entry enable . enable Enables OSPF host entry.101)> Displays the base IP address for the host entry.Enable host entry disable . aindex <area index [0-2]> Displays the area index of the host.Alteon OS 22.0. 322 Chapter 6: The Configuration Menu 315393-J.4.

NULL at end.0.. To add specific route maps. 315393-J. /cfg/l3/ospf/redist <fixed|static|rip|ebgp|ibgp> OSPF Route Redistribution Configuration Menu. This option adds a route map to the route redistribution list. To remove all 32 route maps.To add all the 32 route maps. rem (<route map (1-32)> <route map (1-32)>) .Remove rmap from route redistribution list export . [OSPF Redistribute Fixed Menu] add . To remove specific route maps.Add rmap into route redistribution list rem . enter routing map numbers one per line. |all Removes the route map from the route redistribution list.Alteon OS 22. The routes of the redistribution protocol matched by the route maps in the route redistribution list will be redistributed. Removes routing maps from the rmap list. cur Displays the current route map settings.. January 2005 Chapter 6: The Configuration Menu 323 . To remove a previous configuration and stop exporting the routes of the protocol. NULL at the end. cur Displays the current OSPF host entries.Display current route-maps added Table 6-72 OSPF Route Redistribution Menu Options (/cfg/l3/ospf/redist) Command Syntax and Usage add (<route map (1-32)> <route map (1-32)>)|all Adds selected routing maps to the rmap list. enter all. export <metric (1-16777215)><metric type (1|2)> |none Exports the routes of this protocol as external OSPF AS-external LSAs in which the metric and metric type are specified.Export all routes of this protocol cur . enter none. enter all.2 Command Reference Table 6-71 OSPF Host Entry Configuration Menu Options (/cfg/l3/ospf/host) Command Syntax and Usage delete Deletes OSPF host entry. enter routing map numbers one per line.

cur Displays the current MD5 key configuration.2 Command Reference /cfg/l3/ospf/md5key OSPF MD5 Key Configuration Menu [OSPF MD5 Key key delete cur 1 Menu] Set authentication key Delete key Display current MD5 key configuration Table 6-73 OSPF MD5 Key Configuration Menu Options (/cfg/l3/ospf/md5key) Command Syntax and Usage key <key. The BGP Menu enables you to configure the switch to receive routes and to advertise static routes. When run within an autonomous system. it is called internal BGP (iBGP). rather than simply setting a default route from your border router(s) to your upstream provider(s). it is called external BGP (eBGP). BGP is defined in RFC 1771. fixed routes and virtual server IP addresses with other internal and external routers. /cfg/l3/bgp Border Gateway Protocol Configuration Border Gateway Protocol (BGP) is an Internet protocol that enables routers on a network to share routing information with each other and advertise information about the segments of the IP address space they can access within their network with routers on external networks. You can configure BGP either within an autonomous system or between different autonomous systems. BGP is turned off by default. up to 16 chars> Sets the authentication key up to 16 characters for this OSPF packet.Alteon OS 22. When run between different autonomous systems. January 2005 . delete Deletes the authentication key for this OSPF packet. 324 Chapter 6: The Configuration Menu 315393-J.0. BGP allows you to decide what is the “best” route for a packet to take from your network to a destination on another network.

An autonomous system is assigned a globally unique number called an Autonomous System Number (ASN). There is one fixed route per IP interface. Each border router. aggr <aggregate number (1-16)> Displays the Aggregation Menu. 315393-J. either a single network or a group of networks that is controlled by a common network administrator on behalf of an administrative entity (such as a university. or use the local preference if you are using iBGP. on Globally turns BGP on. Table 6-74 Border Gateway Protocol Menu (/cfg/l3/bgp) Command Syntax and Usage peer <peer number (1-16)> Displays the menu used to configure each BGP peer. or a business division). An autonomous system (AS) is the unit of router policy. use the route with the shortest AS path as the preferred route if you are using eBGP. as <autonomous system number (1-65535)> Sets Autonomous System Number for this autonomous system.0. An autonomous system shares routing information with other autonomous systems using the Border Gateway Protocol (BGP). pref <preference (0-4294967294)> Sets the local preference. see page 326. see page 329. a business enterprise. exchanges routing information with routers on other external networks. The path with the higher value is preferred. To view menu options. When multiple peers advertise the same route. To view menu options. within an autonomous system.2 Command Reference [Border Gateway peer aggr as pref on off cur - Protocol Menu] Peer menu Aggregation menu Set Autonomous System (AS) number Set Local Preference Globally turn BGP ON Globally turn BGP OFF Display current BGP configuration NOTE – Fixed routes are subnet routes.Alteon OS 22. January 2005 Chapter 6: The Configuration Menu 325 .

Add rmap into in-rmap list addo . Table 6-75 BGP Peer Configuration Options (/cfg/l3/bgp/peer) Command Syntax and Usage redist Displays BGP Redistribution Menu. January 2005 .2 Command Reference Table 6-74 Border Gateway Protocol Menu (/cfg/l3/bgp) Command Syntax and Usage off Globally turns BGP off. /cfg/l3/bgp/peer <peer number> BGP Peer Configuration Menu [BGP Peer 1 Menu] redist .0. cur Displays the current BGP configuration.Enable peer disable . which are border routers that exchange routing information with routers on internal and external networks.0.4.Remove rmap from in-rmap list remo . addr <IP address (such as.Delete peer cur .Display current peer configuration This menu is used to configure BGP peers. 192.Set remote autonomous system number hold .Set keep alive time advert .0.Set connect retry interval orig .Disable peer delete .Set min time between advertisements retry .Redistribution menu addr .Set min time between route originations ttl .101)> Defines the IP address for the specified peer (border router).Alteon OS 22.0.Set hold time alive .17.Set time-to-live of IP datagrams addi .Remove rmap from out-rmap list enable .Add rmap into out-rmap list remi .Set remote IP address ras . The peer option is disabled by default. To view the menu options. see page 328. 326 Chapter 6: The Configuration Menu 315393-J. using dotted decimal notation. The default address is 0.

It is set at 0 by default. 315393-J. orig <min orig time (1-65535)> Sets the minimum time between route originations in seconds. 1-21845)> Sets the keep-alive time for the specified peer in seconds. retry <connect retry interval (1-65535)> Sets connection retry interval in seconds. ena Enables this peer configuration. January 2005 Chapter 6: The Configuration Menu 327 . addo <route map ID (1-32)> Adds route map into out-route map list. It is set at 90 seconds by default. alive <keepalive time (0. in seconds. dis Disables this peer configuration. would cause the packet to be discarded. The default number is set at 1. remi <route map ID (1-32)> Removes route map from in-route map list. 3-65535)> Sets the period of time. remo <route map ID (1-32)> Removes route map from out-route map list. advert <min adv time (1-65535)> Sets time in seconds between advertisements. It is also used to support multi-hops. that will elapse before the peer session is torn down because the switch hasn’t received a “keep alive” message from the peer. This value is used to restrict the number of “hops” the advertisement makes. when exhausted. hold <hold time (0. This command specifies the number of router hops that the IP packet can make.Alteon OS 22.0. addi <route map ID (1-32)> Adds route map into in-route map list. TTL specifies a certain time span in seconds that. ttl <number of router hops (1-255)> Time-to-live (TTL) is a value in an IP packet that tells a network router whether or not the packet has been in the network too long and should be discarded. which allow BGP peers to talk across a routed network. The TTL is determined by the number of router hops the packet is allowed before it must be discarded.2 Command Reference Table 6-75 BGP Peer Configuration Options (/cfg/l3/bgp/peer) Command Syntax and Usage ras <AS number (0-65535)> Sets the remote autonomous system number for the specified peer.

originate. None: No routes are configured Import: Import these routes. default none|import|originate|redistribute Sets default route action. redistribute. If the routes are learned from default gateway configuration. Similarly. you have to enable that protocol in this redistribute submenu. cur Displays the current BGP peer configuration.2 Command Reference Table 6-75 BGP Peer Configuration Options (/cfg/l3/bgp/peer) Command Syntax and Usage del Deletes this peer configuration.0. /cfg/l3/bgp/peer/redist BGP Redistribution Configuration Menu [Redistribution metric default rip ospf fixed static vip cur Menu] Set default-metric of advertised routes Set default route action Enable/disable advertising RIP routes Enable/disable advertising OSPF routes Enable/disable advertising fixed routes Enable/disable advertising static routes Enable/disable advertising VIP routes Display current redistribution configuration Table 6-76 BGP Redistribution Configuration Menu Options (/cfg/l3/bgp/peer/redist) Command Syntax and Usage metric <metric (1-4294967294)>|none Sets default metric of advertised routes. Defaults routes can be configured as import. if the routes are learned from a certain routing protocol. 328 Chapter 6: The Configuration Menu 315393-J. you have to enable static routes since the routes from default gateway are static routes. January 2005 . Originate: The switch sends a default route to peers even though it does not have any default routes in its routing table. or none.Alteon OS 22. Redistribute: Default routes are either configured through default gateway or learned through other protocols and redistributed to peer.

vip disable|enable Enables or disables advertising VIP routes.2 Command Reference Table 6-76 BGP Redistribution Configuration Menu Options (/cfg/l3/bgp/peer/redist) Command Syntax and Usage rip disable|enable Enables or disables advertising RIP routes ospf disable|enable Enables or disables advertising OSPF routes.17.Set aggregation IP address mask . cur Displays the current redistribution configuration.0.101> Adds the IP address to the selected aggregate.Alteon OS 22.Display current aggregation configuration This menu allows you to configure aggregate routing to condense the number of routes between internal and external peer routers.4. [BGP Aggr 1 Menu] addr .Disable aggregation delete .Set aggregation network mask enable . Table 6-77 BGP Aggregate Menu Options (/cfg/l3/ip/bgp/aggr) Command Syntax and Usage addr <IP address. 315393-J. static disable|enable Enables or disables advertising static routes. January 2005 Chapter 6: The Configuration Menu 329 . such as 192. /cfg/l3/bgp/aggr <aggregate number> BGP Aggregate Routing Configuration Menu NOTE – The aggregate number (1-16) represents the aggregation route you wish to configure.Delete aggregation current .Enable aggregation disable . fixed disable|enable Enables or disables advertising fixed routes.

0.0> Sets the IP mask for the selected aggregate. enable Enables the selected aggregate. off Disables IP forwarding for the current port.2 Command Reference Table 6-77 BGP Aggregate Menu Options (/cfg/l3/ip/bgp/aggr) (Continued) Command Syntax and Usage mask <IP subnet mask.Display current port configuration The Layer 3 Port Menu allows you to turn IP forwarding on or off on a port-by-port basis. the port forwarding option is turned on. /cfg/l3/port <port number> IP Forwarding Port Configuration Menu [IP Forwarding Port 1 Menu] on . cur Displays the current IP forwarding settings.255. January 2005 . such as 255.Turn Forwarding OFF cur . delete Deletes the selected aggregate. Table 6-78 IP Forwarding Port Configuration Menu Options (/cfg/l3/port) Command Syntax and Usage on Enables IP forwarding for the current port. By default. disable Disables the selected aggregate. current Displays the current aggregate configuration.Turn Forwarding ON off .Alteon OS 22. 330 Chapter 6: The Configuration Menu 315393-J.255.

Set IP address of secondary DNS server dname .101)> You will be prompted to set the IP address for your secondary DNS server. traceroute. 315393-J. For example: mycompany. Table 6-79 Domain Name System Menu Options (/cfg/l3/dns) Command Syntax and Usage prima <IP address (such as.Set IP address of primary DNS server secon .Display current DNS configuration The Domain Name System (DNS) Menu is used for defining the primary and secondary DNS servers on your local network.17. dname <dotted DNS notation>|none Sets the default domain name used by the switch. and tftp commands.4. If the primary DNS server fails.4. and for setting the default domain name served by the switch services.2 Command Reference /cfg/l3/dns Domain Name System Configuration Menu [Domain Name System Menu] prima .Alteon OS 22. 192.17. secon <IP address (such as. DNS parameters must be configured prior to using hostname parameters with the ping. 192. the configured secondary will be used instead. Use dotted decimal notation.0.101)> You will be prompted to set the IP address for your primary DNS server. January 2005 Chapter 6: The Configuration Menu 331 .Set default domain name cur . Enter the IP address using dotted decimal notation.com cur Displays the current Domain Name System settings.

Table 6-80 Bootstrap Protocol Relay Configuration Menu Options (/cfg/l3/bootp) Command Syntax and Usage addr <IP address (such as.4. January 2005 .Globally turn BOOTP relay OFF cur .4. 192.Set IP address of BOOTP server addr2 .101)> Sets the IP address of the BOOTP server.Globally turn BOOTP relay ON off . 192.0. The BOOTP configuration enables the switch to forward a client request for an IP address to two DHCP/BOOTP servers with IP addresses that have been configured on the Alteon Application Switch. addr2 <IP address (such as.2 Command Reference /cfg/l3/bootp Bootstrap Protocol Relay Configuration Menu [Bootstrap Protocol Relay Menu] addr .101)> Sets the IP address of the second BOOTP server.Display current BOOTP relay configuration The Bootstrap Protocol (BOOTP) Relay Menu is used to allow hosts to obtain their configurations from a Dynamic Host Configuration Protocol (DHCP) server.17.17. BOOTP relay menu is turned off by default. 332 Chapter 6: The Configuration Menu 315393-J.Set IP address of second BOOTP server on .Alteon OS 22. cur Displays the current BOOTP relay configuration. on Globally turns on BOOTP relay. off Globally turns off BOOTP relay.

If the master fails. see page 345. group Displays the VRRP virtual router group menu. see the “High Availability” chapter in your Alteon OS 22. January 2005 Chapter 6: The Configuration Menu 333 . This is accomplished by configuring the same virtual router IP address and ID number on each participating VRRP-capable routing device. see page 338. one of the backup virtual routers will assume routing authority and take control of the virtual router IP address.0. One of the virtual routers is then elected as the master. based on a number of priority criteria.2 Application Guide. if <interface number (1-256)> Displays the VRRP Virtual Router Interface Menu. Table 6-81 Virtual Router Redundancy Protocol Options (/cfg/l3/vrrp) Command Syntax and Usage vr <virtual router number (1-1024)> Displays the VRRP Virtual Router Menu.2 Command Reference /cfg/l3/vrrp VRRP Configuration Menu [Virtual Router vr vrgroup group if track hotstan on off holdoff cur Redundancy Protocol Menu] VRRP Virtual Router Menu VRRP Virtual Router Vrgroup Menu VRRP Virtual Router Group Menu VRRP Interface Menu VRRP Priority Tracking Menu Enable/disable hot-standby processing Globally turn VRRP ON Globally turn VRRP OFF Globally VRRP hold off time Display current VRRP configuration Virtual Router Redundancy Protocol (VRRP) support on Alteon Application Switch provides redundancy between routers in a LAN. Alteon OS has extended VRRP to include virtual servers as well. For more information on VRRP. To view menu options. vrgroup <virtual router vrgroup number (1-16)> Displays VR Group Menu. This menu is used for configuring up to 1024 virtual routers on this switch.0. see page 334. To view menu options. and assumes control of the shared virtual router IP address. see page 341. By default. 315393-J. To view menu options. To view menu options. allowing for full active/active redundancy between its Layer 4 switches.Alteon OS 22. used to combine all virtual routers together as one logical entity. VRRP is disabled. Group options must be configured when using two or more Alteon switches in a hotstandby failover configuration where only one switch is active at any given time.

This menu is used for weighting the criteria used when modifying priority levels in the master router election process. holdoff <0-255 seconds> Globally suspends VRRP operation for the specified interval.Delete virtual router .Alteon OS 22.Set renter priority . on Globally enables VRRP on this switch. January 2005 .Priority Tracking Menu . hotstan disable|enable Enables or disables hot standby processing.Set interface number . a virtual router will be configured to share the same virtual router ID and IP address. see page 346. By default.Set advertisement interval .Enable or disable preemption .Disable virtual router . /cfg/l3/vrrp/vr <router number> Virtual Router Configuration Menu [VRRP Virtual track vrid addr if prio adver preem share ena dis del cur Router 1 Menu] . cur Displays the current VRRP parameters. To view menu options. off Globally disables VRRP on this switch. this option is disabled. 334 Chapter 6: The Configuration Menu 315393-J.Enable virtual router . in which two or more switches provide redundancy for each other.Set virtual router ID . On each VRRP-capable routing device participating in redundancy for this virtual router.0.Enable or disable sharing .2 Command Reference Table 6-81 Virtual Router Redundancy Protocol Options (/cfg/l3/vrrp) Command Syntax and Usage track Displays the VRRP Tracking Menu.Display current VRRP virtual router configuration This menu is used for configuring up to 256 virtual routers for this switch.Set IP address . A virtual router is defined by its virtual router ID and an IP address.

This preemption occurs even if the preem option below is disabled. The default value is 1. The default address is 0. the priority for this virtual router will automatically be set to 255 (highest). The vrid for standard virtual routers (where the virtual router IP address is not the same as any virtual server) can be any integer between 1 and 255.4. Table 6-82 VRRP Virtual Router Options (/cfg/l3/vrrp/vr) Command Syntax and Usage track Displays the VRRP Priority Tracking Menu for this virtual router.0. If the IP interface has the same IP address as the addr option above. This can be any integer between 1 and 255 seconds.Alteon OS 22. To view menu options. This can be any integer between 1 and 254.0. January 2005 Chapter 6: The Configuration Menu 335 .0. if <interface number (1-256)> Selects a switch IP interface (between 1 and 256). 192. adver <seconds (1-255)> Defines the time interval between VRRP master advertisements. The vrid of virtual server routers where the virtual router IP address is the same as the virtual server can be between 1 and 1024. this base priority value can be modified according to a number of performance and operational criteria. the routing device with the highest virtual router priority number wins. prio <priority (1-254)> Defines the election priority bias for this virtual server. Tracking is Alteon’s proprietary extension to VRRP. addr <IP address (such as. see page 336.101)> Defines the IP address for this virtual router using dotted decimal notation. even if it must preempt another virtual router which has assumed master routing authority. If this virtual router’s IP address (addr) is the same as the one used by the IP interface. this switch is considered the “owner” of the defined virtual router. To create a pool of VRRP-enabled routing devices which can provide redundancy to each other. The default value is 1. During the master router election process.17. If there is a tie. All vrid values must be unique within the VLAN to which the virtual router’s IP interface belongs. vrid <virtual router ID (1-1024)> Defines the virtual router ID. the device with the highest IP interface address wins. An owner has a special priority of 255 (highest) and will always assume the role of master router.0. When priority tracking is used (/cfg/l3/vrrp/track or /cfg/l3/vrrp/vr #/track). 315393-J. each participating VRRP device must be configured with the same virtual router: one that shares the same vrid and addr combination. The default value is 1. This is used in conjunction with addr (below) to define a virtual router on this switch.2 Command Reference Virtual routers are disabled by default. used for modifying the standard priority system used for electing the master router. This is used in conjunction with the vrid (above) to configure the same virtual router on each participating VRRP device. Tracking is not needed if sharing (share) is enabled. The default value is 100.

this virtual router will always preempt any other master if this switch is the owner (the IP interface address and virtual router addr are the same). 336 Chapter 6: The Configuration Menu 315393-J. this option is enabled. By default. By default. When enabled.Enable/disable tracking master virtual routers . del Deletes this virtual router from the switch configuration.Enable/disable tracking VLAN switch ports . Note that even when preem is disabled.Enable/disable tracking other interfaces . ena Enables this virtual router.2 Command Reference Table 6-82 VRRP Virtual Router Options (/cfg/l3/vrrp/vr) Command Syntax and Usage preem disable|enable Enables or disables master preemption. the priority level for the virtual router is increased by an amount defined through the VRRP Tracking Menu (see page 346).Display current VRRP virtual router configuration This menu is used for modifying the priority system used when electing the master router from a pool of virtual routers. dis Disables this virtual router.Enable/disable tracking HSRP . When enabled. cur Displays the current configuration information for this virtual router.Enable/disable tracking L4 real servers . share disable|enable Enables or disables virtual router sharing. this virtual router will preempt the lower priority master and assume control. if this virtual router is in backup mode but has a higher priority than the current master.Enable/disable tracking HSRP by VLAN . even when in backup mode. this switch will process any traffic addressed to this virtual router. January 2005 . this option is enabled. Various tracking criteria can be used to bias the election results.0.Enable/disable tracking L4 switch ports . an Alteon proprietary extension to VRRP. Each time one of the tracking criteria is met.Alteon OS 22. /cfg/l3/vrrp/vr <router number>/track Virtual Router Priority Tracking Configuration [VRRP Virtual vrs ifs ports l4pts reals hsrp hsrv cur Router 1 Priority Tracking Menu] .

the priority for this virtual router will be increased for each physical switch port which has active Layer 4 processing on this switch. 315393-J. January 2005 Chapter 6: The Configuration Menu 337 . the priority for this virtual router will be increased for each active port on the same VLAN. This command is disabled by default. ifs disable|enable When enabled. and hsrp) apply to “virtual server routers. increasing routing and load balancing efficiency.Alteon OS 22. This helps elect the switch with the largest server pool as the master. This command is disabled by default. ports disable|enable When enabled. this virtual router can assume master routing authority when its priority level rises above that of the current master. This is useful for making sure that traffic for any particular client/server pairing are handled by the same switch. l4pts disable|enable When enabled for virtual server routers. the priority for this virtual router will be increased for each virtual router in master mode on this switch. This command is disabled by default. the priority for this virtual router will be increased for each IP interface active on this switch. increasing Layer 4 efficiency. Some tracking criteria (vrs.” which perform Layer 4 Server Load Balancing functions.0. This helps elect the main Layer 4 switch as the master. ifs. This helps elect the virtual routers with the most available ports as the master.” Other tracking criteria (l4pts. An IP interface is considered active when there is at least one active port on the same VLAN. This helps elect the virtual routers with the most available routes as the master. This command is disabled by default. the priority for this virtual router will be increased for each healthy real server behind the virtual server IP address of the same IP address as the virtual router on this switch. continuously updating virtual router priority levels when enabled.2 Command Reference Criteria are tracked dynamically. A port is considered “active” if it has a link and is forwarding traffic. Table 6-83 VRRP Priority Tracking Menu Options (/cfg/l3/vrrp/vr/track) Command Syntax and Usage vrs disable|enable When enabled. This command is disabled by default. If the virtual router preemption option (see preem in Table 6-82 on page 335) is enabled. A virtual server router is defined as any virtual router whose IP address (addr) is the same as any configured virtual server IP address. otherwise called “virtual interface routers. and ports below) apply to standard virtual routers. reals. reals disable|enable When enabled for virtual server routers.

hsrv disable|enable Hot Standby Router on VLAN (HSRV) is used to work in VLAN-tagged environments.Priority Tracking Menu name . Enabling HSRP helps elect the switch closest to the master HSRP router as the master. Enable this switch option to increment only that vrrp instance that is on the same VLAN as the tagged hsrp master flagged packet.Delete virtual router group cur . If failover occurs on a customer link. January 2005 . optimizing routing efficiency. you can group VIRs and VSRs to serve the high availability of a specific customer.Set priority for virtual router group ena .Remove virtual router from group prio .2 Command Reference Table 6-83 VRRP Priority Tracking Menu Options (/cfg/l3/vrrp/vr/track) Command Syntax and Usage hsrp disable|enable <priority (1-254)> Hot Standby Router Protocol (HSRP) is used with some types of routers for establishing router failover.Display current VRRP virtual router group configuration 338 Chapter 6: The Configuration Menu 315393-J. cur Displays the current configuration for priority tracking for this virtual router. enable this switch option to increase the priority of this virtual router for each Layer 4 client-only port that receives HSRP advertisements. The VIRs and VSRs configured for the other customers on the master switch are not affected. When Web hosting is shared between two or more customers on a single VRRP switch. Up to 16 virtual router groups can be configured on the switch. [VRRP Virtual Router Vrgroup 1 Menu] track .0.Alteon OS 22. /cfg/l3/vrrp/vrgroup Virtual Router Group Menu This feature allows the failover of individual groups of VIRs and VSRs.Add virtual router to group rem .Enable virtual router group dis . This command is disabled by default. This command is disabled by default.Set virtual router group name add . In networks where HSRP is used. the group of VIRs and VSRs associated with that customer alone will fail over to the backup switch.Disable virtual router group del .

If there is a tie. del Deletes the virtual router group. dis Disables the virtual router group. If this virtual router’s IP address (addr) is the same as the one used by the IP interface. To view menu options. cur Displays the current VRRP virtual router group configuration. the routing device with the highest virtual router priority number wins. the device with the highest IP interface address wins. This can be any integer between 1 and 254. add <virtual router number (1-1024)> Adds a virtual router to the group.2 Command Reference Table 6-84 Virtual Router Group Menu Options (/cfg/l3/vrrp/vrgroup) Command Syntax and Usage track Displays VRRP priority tracking menu for this virtual router group. this base priority value can be modified according to a number of performance and operational criteria. January 2005 Chapter 6: The Configuration Menu 339 . name Defines virtual router group name up to eight characters. rem <virtual router number (1-1024)> Removes a virtual router from the group. When priority tracking is used (/cfg/l3/vrrp/vrgroup #/track). During the master router election process. Each virtual router group can have up to 64 virtual routers. see page 340. Tracking is Alteon’s proprietary extension to VRRP.0.Alteon OS 22. prio <1-254> Defines the election priority bias for this virtual router group. 315393-J. the priority for this virtual router will automatically be set to 255 (highest). The default value is 100. ena Enables the virtual router group. used for modifying the standard priority system used for electing the master router.

This command is disabled by default. [VRRP Vrgroup ifs ports l4pts reals hsrp hsrv cur 1 Priority Tracking Menu] Enable/disable tracking interfaces Enable/disable tracking VLAN switch ports Enable/disable tracking L4 switch ports Enable/disable tracking L4 real servers Enable/disable tracking HSRP Enable/disable tracking HSRP by VLAN Display current VRRP vrgroup tracking configuration Table 6-85 Virtual Router Group Priority Tracking Menu Options (/cfg/l3/vrrp/vrgroup/track) Command Syntax and Usage ifs disable|enable When enabled. This helps elect the switch with the largest server pool as the master. Criteria are tracked dynamically. l4pts disable|enable When enabled for virtual server routers. This command is disabled by default. ports disable|enable When enabled. This command is disabled by default. Various tracking criteria can be used to bias the election results. An IP interface is considered active when there is at least one active port on the same VLAN. the priority will be increased for each physical switch port which has active Layer 4 processing on this virtual router group. the priority will be increased for each active port on the VLAN on this virtual router group. This command is disabled by default. 340 Chapter 6: The Configuration Menu 315393-J. This helps elect the virtual routers with the most available ports as the master.0.Alteon OS 22.2 Command Reference /cfg/l3/vrrp/vrgroup <vrgroup number>/ track Virtual Router Group Priority Tracking Configuration Menu This menu is used for modifying the priority system used when electing the master router from a pool of virtual routers. the priority will be increased for each IP interface active on this virtual router group. Each time one of the tracking criteria is met. the priority will be increased for each healthy real server behind the virtual server IP address of the same IP address as the virtual router on this virtual router group. reals disable|enable When enabled for virtual server routers. This helps elect the virtual routers with the most available routes as the master. This helps elect the main Layer 4 switch as the master. A port is considered “active” if it has a link and is forwarding traffic. the priority level for the virtual router is increased by an amount defined through the VRRP Tracking Menu (see page 346). increasing Layer 4 efficiency. continuously updating virtual router priority levels when enabled. January 2005 .

Set renter priority . In networks where HSRP is used. optimizing routing efficiency.Disable virtual router .0. This command is disabled by default. 315393-J.Enable or disable sharing . cur Displays the current configuration for priority tracking for this virtual router group.Delete virtual router .Display current VRRP virtual router configuration The Virtual Router Group menu is used for associating all virtual routers into a single logical virtual router. A virtual router is defined by its virtual router ID and an IP address.Enable virtual router . which forces all virtual routers on the Alteon Application Switch to either be master or backup as a group.Enable or disable preemption . /cfg/l3/vrrp/group Virtual Router Group Configuration [VRRP Virtual track vrid if prio adver preem share ena dis del cur Router Group Menu] .Set interface number . On each VRRP-capable routing device participating in redundancy for this virtual router. January 2005 Chapter 6: The Configuration Menu 341 . a virtual router will be configured to share the same virtual router ID and IP address.Set virtual router ID .Set advertisement interval .Alteon OS 22. Enabling HSRP helps elect the switch closest to the master HSRP router as the master. Enable this switch option to increment only that vrrp instance on the virtual router group that is on the same VLAN as the tagged hsrp master flagged packet.2 Command Reference Table 6-85 Virtual Router Group Priority Tracking Menu Options (/cfg/l3/vrrp/vrgroup/track) Command Syntax and Usage hsrp disable|enable Hot Standby Router Protocol (HSRP) is used with some types of routers for establishing router failover. enable this switch option to increase the priority of this virtual router group for each Layer 4 client-only port that receives HSRP advertisements. This command is disabled by default. hsrv disable|enable Hot Standby Router on VLAN (HSRV) is used to work in VLAN-tagged environments.Priority Tracking Menu .

If this virtual router’s IP address (addr) is the same as the one used by the IP interface. see page 346. Table 6-86 VRRP Virtual Router Group Options (/cfg/l3/vrrp/group) Command Syntax and Usage track Displays the VRRP Priority Tracking Menu for the virtual router group. To view menu options. prio <priority (1-254)> Defines the election priority bias for this virtual router group. The default value is 100. even when in backup mode. By default. 342 Chapter 6: The Configuration Menu 315393-J.2 Command Reference NOTE – This option is required to be configured only when using at least two Alteon Application Switches in a hot-standby failover configuration. vrid <virtual router ID (1-255)> Defines the virtual router ID for this group. if <interface number (1-256)> Selects a switch IP interface (between 1 and 256).Alteon OS 22. the routing device with the highest virtual router priority number wins. this base priority value can be modified according to a number of performance and operational criteria. this option is enabled. where only one switch is active at any time. preem disable|enable Enables or disables master preemption. share disable|enable Enables or disables virtual router sharing. this switch will process any traffic addressed to this virtual router. This can be any integer between 1 and 255 seconds. If there is a tie. used for modifying the standard priority system used for electing the master router. This can be any integer between 1 and 254. the priority for this virtual router will automatically be set to 255 (highest). this virtual router will always preempt any other master if this switch is the owner (the IP interface address and virtual router addr are the same). if the virtual router group is in backup mode but has a higher priority than the current master. Tracking is not needed if sharing (share) is enabled. Alteon’s proprietary extension to VRRP. Tracking is Alteon’s proprietary extension to VRRP. Note that even when preem is disabled. The default is 1. When enabled. January 2005 . the device with the highest IP interface address wins. this option is enabled. By default. The default switch IP interface number is 1. this virtual router will preempt the lower priority master and assume control. When enabled. During the master router election process. When priority tracking is used (/cfg/l3/vrrp/track or /cfg/l3/vrrp/vr #/track).0. adver <seconds (1-255)> Defines the time interval between VRRP master advertisements.

January 2005 Chapter 6: The Configuration Menu 343 . del Deletes the virtual router group from the switch configuration. dis Disables the virtual router group.Alteon OS 22. cur Displays the current configuration information for the virtual router group.2 Command Reference Table 6-86 VRRP Virtual Router Group Options (/cfg/l3/vrrp/group) Command Syntax and Usage ena Enables the virtual router group. The tracking setting for the other individual virtual routers will be ignored. then the tracking option will be available only under group option. /cfg/l3/vrrp/group/track Virtual Router Group Priority Tracking Configuration [Virtual Router vrs ifs ports l4pts reals hsrp hsrv cur Group Priority Tracking Menu] Enable/disable tracking master virtual routers Enable/disable tracking other interfaces Enable/disable tracking VLAN switch ports Enable/disable tracking L4 switch ports Enable/disable tracking L4 real servers Enable/disable tracking HSRP Enable/disable tracking HSRP by VLAN Display current VRRP Group Tracking configuration NOTE – If Virtual Router Group Tracking is enabled. 315393-J.0.

Enable this switch option to increment only that vrrp instance that is on the same VLAN as the tagged hsrp master flagged packet. January 2005 . In networks where HSRP is used. the priority for this virtual router will be increased for each other IP interface active on this switch. A port is considered “active” if it has a link and is forwarding traffic. This helps elect the virtual routers with the most available ports as the master. ports disable|enable When enabled.2 Command Reference Table 6-87 Virtual Router Group Priority Tracking Options (/cfg/l3/vr/group/track) Command Syntax and Usage vrs disable|enable When enabled. increasing Layer 4 efficiency. This command is disabled by default. HSRP is used with some types of routers for establishing router failover. This command is disabled by default. optimizing routing efficiency. 344 Chapter 6: The Configuration Menu 315393-J. hsrv disable|enable Hot Standby Router on VLAN (HSRV) is used to work in VLAN-tagged environments. An IP interface is considered active when there is at least one active port on the same VLAN. This helps elect the main Layer 4 switch as the master. l4pts disable|enable When enabled for virtual server routers. reals disable|enable When enabled for virtual server routers. This helps elect the virtual routers with the most available routes as the master. the priority for this virtual router will be increased for each physical switch port which has active Layer 4 processing on this switch. This command is disabled by default.0. This helps elect the switch with the largest server pool as the master. This command is disabled by default. This command is disabled by default. the priority for this virtual router will be increased for each virtual router in master mode on this switch. This helps elect the switch closest to the master HSRP router as the master. enable this switch option to increase the priority of this virtual router for each Layer 4 client-only port that receives HSRP advertisements. the priority for this virtual router will be increased for each active port on the same VLAN. cur Displays the current configuration for priority tracking for this virtual router. ifs disable|enable When enabled. This command is disabled by default. This is useful for making sure that traffic for any particular client/server pairing are handled by the same switch. increasing routing and load balancing efficiency.Alteon OS 22. hsrp disable|enable Enables Hot Standby Router Protocol (HSRP) for this virtual router group. the priority for this virtual router will be increased for each healthy real server. This command is disabled by default.

del Clears the authentication configuration parameters for this IP interface.Alteon OS 22. Table 6-88 VRRP Interface Menu Options (/cfg/l3/vrrp/if) Command Syntax and Usage auth none|password Defines the type of authentication that will be used: none (no authentication). January 2005 Chapter 6: The Configuration Menu 345 .0. This password will be added to each VRRP packet transmitted by this interface when password authentication is chosen (see auth above). [VRRP Interface auth passw del cur - 1 Menu] Set authentication types Set plain-text password Delete interface Display current VRRP interface configuration This menu is used for configuring VRRP authentication parameters for the IP interfaces used with the virtual routers. passw <password> Defines a plain text password up to eight characters long. The IP interface itself is not deleted.2 Command Reference /cfg/l3/vrrp/if <interface number> VRRP Interface Configuration NOTE – The interface-number (1 to 256) represents the IP interface on which authentication parameters must be configured. cur Displays the current configuration for this IP interface’s authentication parameters. 315393-J. or password (password authentication).

Set priority increment for VLAN switch port tracking l4pts . The default value is 2. ifs <0-254> Defines the priority increment value (1 through 254) for active IP interfaces detected on this switch. reals <0-254> Defines the priority increment value (1 through 254) for healthy real servers behind the virtual server router.Set priority increment for L4 real server tracking hsrp .Set priority increment for virtual router tracking ifs . Table 6-89 VRRP Tracking Options (/cfg/l3/vrrp/track) Command Syntax and Usage vrs <0-254> Defines the priority increment value (1 through 254) for virtual routers in master mode detected on this switch. The default value is 2.Set priority increment for HSRP tracking hsrv . hsrp <0-254> Defines the priority increment value (1 through 254) for switch ports with Layer 4 client-only processing that receive HSRP broadcasts. Each time one of the tracking criteria is met (see “VRRP Virtual Router Priority Tracking Menu” on page 336).Alteon OS 22.2 Command Reference /cfg/l3/vrrp/track VRRP Tracking Configuration [VRRP Tracking Menu] vrs . The default value is 2. the priority level for the virtual router is increased by an amount defined through this menu.Set priority increment for HSRP by VLAN tracking cur . 346 Chapter 6: The Configuration Menu 315393-J.Set priority increment for IP interface tracking ports . January 2005 . The default value is 2.Display current VRRP Priority Tracking configuration This menu is used for setting weights for the various criteria used to modify priority levels during the master router election process. ports <0-254> Defines the priority increment value (1 through 254) for active ports on the virtual router’s VLAN.Set priority increment for L4 switch port tracking reals . l4pts <0-254> Defines the priority increment value (1 through 254) for physical switch ports with active Layer 4 processing.0. The default value is 10. The default value is 2.

Table 6-90 Default Gateway Metrics (/cfg/l3/metrc) Option strict Description The gateway number determines its level of preference. The default value is 10. January 2005 Chapter 6: The Configuration Menu 347 .Alteon OS 22.2 Command Reference Table 6-89 VRRP Tracking Options (/cfg/l3/vrrp/track) Command Syntax and Usage hsrv <0-254> Defines the priority increment value (1 through 254) for vrrp instances that are on the same VLAN. The switch sends each new gateway request to the next healthy. a metric can be set to determine which primary gateway is selected. cur Displays the current configuration of priority tracking increment values. at which point the next in line will take over as the default IP gateway. roundrobin 315393-J. These priority tracking options only define increment values. There are two metrics.0. All gateway requests to the same destination IP address are resolved to the same gateway. /cfg/l3/metrc <metric name> Default Gateway Metrics If multiple default gateways are configured and enabled. Gateway #1 acts as the preferred default IP gateway until it fails or is disabled. which are described in the table “Default Gateway Metrics (/cfg/l3/metrc)” on page 347. This provides basic gateway load balancing. These options do not affect the VRRP master router election process until options under the VRRP Virtual Router Priority Tracking Menu (see page 336) are enabled. enabled gateway in line.

pdepth <# of packets. see page 349. 1-255|none> Defines the search window for pattern matching beginning from the start of the packet stream. see page 350. udpblast Displays UDP Blast Menu. fragment <allow|deny> Sets the handling of out-of-order IP fragment packets during filtering. When set to deny. To view menu options. To view menu options. cur Displays the current security configuration.2 Command Reference /cfg/security Security Configuration Menu [Security Menu] ipacl pgroup port udpblast seclog fragment pdepth cur IP Address ACL Menu Pattern Match Group Menu Port Security Menu UDP Blast Menu Set rate threshold for security logging Set out of order IP fragments handling in filtering Set packet depth for pattern matching Display current Security configuration Table 6-91 Security Configuration Menu Options (/cfg/security) Command Syntax and Usage ipacl Displays IP address Access Control Menu. the switch will drop these packets. the switch will let through all the out-of-order fragments in filtering. port <port number> Displays Port Security Menu. The default is allow.Alteon OS 22.0. 348 Chapter 6: The Configuration Menu 315393-J. When set to allow. seclog <rate threshold (in packets)> Defines the rate threshold for security logging by the number of packets per second. The window is in units of packets. pgroup <pattern group ID (1-128)> Displays Pattern Match Group Menu. To view options. see page 352. January 2005 . Any packets above the current threshold will be logged. see page 351. To view menu options.

defined by the IP address/mask pair. the client source IP address is checked against this pool of addresses. If a match is found. 315393-J. January 2005 Chapter 6: The Configuration Menu 349 . then the client traffic is blocked.Remove IP Address/Mask for access control cur . defined by the IP address/mask pair index.Alteon OS 22. When traffic ingresses the switch. cur Displays current IP addresses ranges in Access Control List. [IP ACL Menu] add .2 Command Reference /cfg/security/ipacl IP Address Access Control List Configuration Menu Alteon OS can be configured with IP access control lists (ACLs) composed of ranges of client IP addresses that are to be denied access to the switch.Display All IP address/mask for access control Table 6-92 IP Address ACL Menu Options (/cfg/sec/ipacl) Command Syntax and Usage add <IP address> <IP mask> Adds range of source IP addresses to be denied.0.Add IP Address/Mask for access control rem . rem <IP address/mask pair index> Removes range of source IP addresses to be denied.

[Pattern Match Group 1 Menu] name .Remove SLB string from group del . and then apply the group to a filter. To view existing strings and their ID numbers. the switch will match any of the strings or patterns within that group before denying and dropping the packet.Display current configuration Table 6-93 Pattern Matching Group Menu Options (/cfg/sec/pgroup) Command Syntax and Usage name <31 character name>|none Specifies a descriptive name for this pattern group. use the /cfg/slb/layer7/slb/add command described on page 411. By applying the patterns and groups to a deny filter. del Deletes the pattern group. also on page 411. 350 Chapter 6: The Configuration Menu 315393-J. name the pattern group. Note: You can only add the binary or ASCII strings to a pattern matching group. Up to five patterns can be combined into a single pattern group. Up to five patterns can be combined into a single pattern group.Add SLB string to group rem . the packet content can be detected and thus denied access to the network. rem <SLB string ID> Removes an SLB string from this pattern group.Alteon OS 22.2 Command Reference /cfg/security/pgroup <pattern group number> Pattern Matching Menu When a virus or other attack contains multiple patterns or strings.Set pattern group name add . it is useful to combine them into one group and give the group a name that is easy to remember. When a pattern group is applied to a deny filter. add <string ID> Adds a pre-configured SLB string to this pattern group by the string ID number. To configure SLB strings. group them into a pattern group. Configure the binary or ASCII pattern strings. The filtering commands in Alteon OS Advanced Denial of Service Pack allow the administrator to define groups of patterns. cur Displays the current configuration of this pattern group.0.Delete pattern group cur . January 2005 . use the /cfg/slb/layer7/slb/cur command.

Enabling this command will allow detection of the following DoS attacks: Smurf: ICMP ping request to a broadcast destination IP (x. Xmascan: TCP sequence number is zero and the FIN.2 Command Reference /cfg/security/port <port number> Port Security Configuration Menu Alteon OS can protect switch ports against a variety of Denial of Service (DOS) attacks including Port Smurf. January 2005 Chapter 6: The Configuration Menu 351 .0.x.Alteon OS 22. and ScanSynFin. Enable DOS protection on ports connected to any network that could be the source of an attack. PortZero: TCP/UDP Packets whose source or destination port is zero. Xmascan. URG and PSH bits are set.255). ScanSynFin: SYN and FIN bits are set in the packet. ipacl disable|enable Enables or disables IP access control List denial on this port. Nullscan: TCP sequence number is zero and all control bits are zeros. cur Displays the current security configuration on this port. Fraggle. Blat: TCP packets with SIP!=DIP and SPORT=DPORT. Nullscan.x. Fraggle: UDP packet sent to a broadcast destination IP (x.x. 315393-J. LandAttack: Packets with source IP equal to destination IP. [Port 1 Menu] dos ipacl udpblast cur - Enable/disable DOS attack detection Enable/disable IP ACL processing Enable/disable UDP Blast processing Display current port configuration Table 6-94 Port Security Menu Options (/cfg/security/port) Command Syntax and Usage dos disable|enable Enables or disables Denial of Service (DOS) protection on this port. udpblast disable|enable Enables or disables UDP blast protection on this port. PortZero.255).x. LandAttack.

The maximum port range is 5000. When the maximum number of packets/second is reached. UDP traffic will be dropped. the last number that can be used is 5300. 352 Chapter 6: The Configuration Menu 315393-J. cur Displays all UDP blast protection ports. UDP traffic is shut down on those ports. Alteon OS can be configured to restrict the amount of traffic allowed on any UDP port.0.2 Command Reference /cfg/security/udpblast UDP Blast Protection Configuration Menu Malicious attacks over UDP protocol ports are becoming a common way to bring down real servers.Alteon OS 22. [UDP Blast Protection Menu] add . Alteon OS supports up to 5000 UDP port numbers.Default packet rate for UDP blast protection cur . using any integer from 1 to 65535.Display all UDP blast protection Ports Table 6-95 UDP Blast Protection Menu Options (/cfg/sec/udpblast) Command Syntax and Usage add <UDP port number or range (first-last)> [packet rate] Adds UDP port or range for UDP blast protection. January 2005 . If the first port number is 300. default <packet rate> Defines the default packet rate for UDP blast protection. as well as the maximum packet rate per second. You can specify a series of UDP port ranges and the allowed packet limit for that range. While you can configure multiple port ranges.Add UDP port/range for UDP blast protection rem . rem <UDP port number or range (first-last)> Removes UDP port or range for UDP blast protection. the sum of ranges cannot exceed the maximum of 5000 ports. If the number of packets on this port range exceeds the maximum packet rate per second.Remove UDP port/range for UDP blast protection default . thus ensuring that backend servers are not flooded with data and disabled.

Spanning Tree. edited. at the Configuration# prompt. which can be used to configure other switches through a Telnet connection. and IP interfaces. enter: Configuration# dump The configuration is displayed with parameters that have been changed from the default values. see Chapter 2. “First-Time Configuration. For a complete description of how to use setup. paste the configuration commands from the script file at the command line prompt of the switch. To start the dump program. The screen display can be captured. January 2005 Chapter 6: The Configuration Menu 353 .0. BOOTP.Alteon OS 22.2 Command Reference /cfg/setup Setup The setup program steps you through configuring the system date and time. When using Telnet to configure a new switch. port speed/mode. enter: Configuration# setup /cfg/dump Dump The dump program writes the current switch configuration to the terminal screen. as described on page 354.” To start the setup program. 315393-J. IP. VLAN parameters. The active configuration can also be saved or loaded via TFTP. and placed in a script file. at the Configuration# prompt.

The configuration loaded using gtcfg is not activated until the apply command is used.2 Command Reference /cfg/ptcfg <TFTP server> <filename> Saving the Active Switch Configuration When the ptcfg command is used. and not locked by any application). the apply action will be performed automatically. To start the switch configuration download. /cfg/gtcfg <TFTP server> <filename> Restoring the Active Switch Configuration When the gtcfg command is used. To start the switch configuration upload. and filename is the name of the target script configuration file. enter: Configuration# ptcfg <TFTP server> <filename> [-m | -mgmt | -d | -data] where server is the TFTP server IP address or hostname. the switch’s active configuration commands (as displayed using /cfg/dump) will be uploaded to the specified script configuration file on the TFTP server. and filename is the name of the target script configuration file. NOTE – The output file is formatted with line-breaks but no carriage returns—the file cannot be viewed with editors that require carriage returns (such as Microsoft Notepad). 354 Chapter 6: The Configuration Menu 315393-J. at the Configuration# prompt. If the apply command is found in the configuration script file loaded using this command. NOTE – If the TFTP server is running SunOS or the Solaris operating system. at the Configuration# prompt. the active configuration will be replaced with the commands found in the specified configuration file.0. The contents of the specified file will be replaced with the current configuration data. January 2005 . The file can contain a full switch configuration or a partial switch configuration. enter: Configuration# gtcfg <TFTP server> <filename> [-m | -mgmt | -d | -data] where server is the TFTP server IP address or hostname. the specified ptcfg file must exist prior to executing the ptcfg command and must be writable (set with proper permission.Alteon OS 22.

Placing this kind of strain on a server can decrease the performance of the entire network as user requests are rejected by the server and then resubmitted by the user stations. With this software feature. each server usually specializes in providing one or two unique services. In an average network that employs multiple servers without server load balancing. it can become overutilized. the switch is aware of the services provided by each server and can direct user session traffic to an appropriate server. Refer to your Alteon OS Application Guide for detailed information on this feature. January 2005 355 .CHAPTER 7 The SLB Configuration Menu Server Load Balancing (SLB) allows you to configure the Alteon Application Switch to balance user session traffic among a pool of available servers that provide shared services. This chapter discusses how to use the Command Line Interface (CLI) for configuring Server Load Balancing (SLB) on the Alteon Application Switch. If one of these servers provides access to applications or data that is in high demand. 315393-J. based on a variety of load-balancing algorithms.

January 2005 . gslb Displays the menu for configuring Global Server Load Balancing.0. see page 401.2 Command Reference /cfg/slb SLB Configuration [Layer 4 Menu] real group virt filt port gslb layer7 wap sync adv linklb advhc pip peerpip on off cur Real Server Menu Real Server Group Menu Virtual Server Menu Filtering Menu Layer 4 Port Menu Global SLB Menu Layer 7 Resource Definition Menu WAP Menu Config Synch Menu Layer 4 Advanced Menu Inbound Linklb Menu Layer 4 Advanced Health Check Menu Proxy IP Address Menu Peer Proxy IP Address Menu Globally turn Layer 4 processing ON Globally turn Layer 4 processing OFF Display current Layer 4 configuration Table 7-1 Server Load Balancing Configuration Menu Options (/cfg/slb) Command Syntax and Usage real <real server number (1-1023)> Displays the menu for configuring real servers. see page 364.Alteon OS 22. see page 399. To view menu options. 356 Chapter 7: The SLB Configuration Menu 315393-J. group <real server group number (1-1024)> Displays the menu for placing real servers into real server groups. To view menu options. To view menu options. To view menu options. see page 372. see page 383. virt <virtual server number (1-1024)> Displays the menu for defining virtual servers. To view menu options. filt <filter ID (1-2048)> Displays the menu for Filtering and Application Redirection. see page 358. port <port number> Displays the menu for setting physical switch port states for Layer 4 activity. To view menu options.

To view menu options. client address information in Layer 4 requests is replaced with this proxy IP address. without performing server processing on the packets of the other switch. using Layer 2. off Globally disables Layer 4 services. see page 413. 315393-J. see page 421. peerpip Displays Peer Proxy IP address Menu. This happens because the peer switches are aware of each other’s proxy IP addresses. To view menu options. linklb Displays Inbound Link Load Balancing Menu.Alteon OS 22. To view menu options. Enabling Layer 4 services is not necessary for using filters only to allow. January 2005 Chapter 7: The SLB Configuration Menu 357 . sync Displays the Synch Peer Switch Menu. pip This menu is used to set the switch proxy IP address using dotted decimal notation. To view menu options. but the software processes will no longer be active in the switch cur Displays the current Server Load Balancing configuration. When this command is enabled. the switch is able to forward traffic from the other switch. or NAT traffic. see page 430. advhc Displays Layer 4 Advanced Health Check Menu.0. deny. This option can be performed only after the optional Layer 4 software is enabled (see “Activating Optional Software on page 441). wap Displays WAP Menu. adv Displays the Layer 4 Advanced Menu. on Globally turns on Layer 4 software services for Server Load Balancing and Application Redirection.2 Command Reference Table 7-1 Server Load Balancing Configuration Menu Options (/cfg/slb) Command Syntax and Usage layer7 Displays Layer 7 Resource Definition Menu. This prevents the dropping of a packet or being sent to the backup switch in the absence of the proxy IP address of the peer switch. To view menu options. All configuration information will remain in place (if applied or saved). see page 408. When the pip is defined. To view menu options. see page 431. see page 412. To view menu options. see page 419.To view options. see page 415.

Delete real server cur . /cfg/slb/real <server number> Real Server SLB Configuration [Real server 1 Menu] layer7 .Display current real server configuration 358 Chapter 7: The SLB Configuration Menu 315393-J.Set weight for real server avail .Set Global SLB availability for real server maxcon .Set minutes inactive connection remains open backup .0. or perform Network Address Translation (NAT) on traffic do not require Layer 4 software to be activated.IDS Command Menu rip .Enable/disable Global SLB remote site operation proxy .Set real server name weight .Alteon OS 22.2 Command Reference Filtering and Layer 4 (Server Load Balancing) Filters configured to allow. Layer 4 processing must be turned on before redirection filters will work.Set number of successful attempts to declare server UP addport .Set backup real server inter .Enable real server dis . require Layer 4 software services. Application Redirection filters. however.Enable/disable source MAC address substitution ena .Add real port to server remport . deny.Enable/disable client proxy operation fasthc .Layer 7 Command Menu ids . These filters are not affected by the Server Load Balancing on and off commands in this menu.Disable real server del .Set interval between health checks retry .Set maximum number of connections tmout .Remove real port from server remote .Set number of failed attempts to declare server DOWN restr .Set IP addr of real server name .Enable/disable fast health check operation submac . January 2005 .

each real server is given a weight setting of 1. When this command is used. name <string. To view menu options.Alteon OS 22. and the administrator will be warned if the server does not respond.0. Weights are not applied when using the hash or minmisses metrics (see “Server Load Balancing Metrics” on page 370). By default. client requests will be sent to the backup/overflow server or backup/overflow server group. weight <real server weight (1-48)> Sets the weighting value (1 to 48) that this real server will be given in the load balancing algorithms. This option sets a threshold as an artificial barrier. maxcon <maximum connections (0-200000)> Sets the maximum number of connections that this server should simultaneously support. By default. To view menu options. If no backup servers/server group are configured. such that new connections will not be issued to this server if the maxcon limit is reached.000. New connections will be issued again to this server once the number of current connections has decreased below the maxcon setting. If all servers in a real server group for a virtual server reach their maxcon limit at the same time. This will enable the network administrator to quickly identify the server by a natural language keyword value. The required parameters are: Real server IP address Real server enabled (disabled by default) Table 7-2 Real Server Configuration Menu Options (/cfg/slb/real) Command Syntax and Usage layer7 Displays the Layer 7 Menu. ids Displays Intrusion Detection Server/system menu. client requests will be dropped by the virtual server. avail <server weight (1-48)> Displays the currently available real server for Global server load balancing and allows the user to change to another real server for Global server load balancing. the address entered is PINGed to determine if the server is up. January 2005 Chapter 7: The SLB Configuration Menu 359 . 315393-J. the number of maximum connections is set at 20. maximum 31 characters>|none Defines a 15-character alias for each real server. rip <real server IP address> Sets the IP address of the real server in dotted decimal format.2 Command Reference This menu is used for configuring information about real servers that participate in a server pool for Server Load Balancing or Application Redirection. Higher weighting values force the server to receive more connections than the other servers configured in the same real server group. A setting of 10 would assign the server roughly 10 times the number of connections as a server with a weight of 1. see page 363. see page 362.

the backup comes online to provide additional processing power until the original server becomes desaturated. Using the tmout option.0. In certain circumstances. and the session table entry is then removed. The inter option lets you choose the time between health checks. TCP/UDP connections will remain registered in the switch's binding table. you can set the number of minutes to wait before removing orphan table entries. The range is from 1 to 60 seconds. the switch will activate the backup real server until the original becomes operative again. if the real server becomes inoperative. The data is transferred until the client ends the session. If the real server reaches its maxcon (maximum connections) limit. Every client-to-server session being load balanced is recorded in the switch's Session Table. these orphaned entries must be aged out of the binding table. The default interval is 2 seconds. Then. the switch verifies that real servers and their corresponding services are operational by opening a TCP connection to each service. such as when a client application is abnormally terminated by the client's system. using the defined service ports configured as part of each virtual service. This option is also used with the Persistent option (see /cfg/slb/virt/pbind). this option sets how long an idle client is allowed to remain associated with a particular server. Settings must be specified in even numbered increments between 2 and 32768 minutes. The backup server is also used in overflow situations. use this option to assign a backup real server number. For UDP services. January 2005 . backup <real server number (1-1023)>|none Sets the real server used as the backup/overflow server for this real server. Determining the health of each real server is a necessary function for Layer 4 switching. The range is from 1 to 63 attempts. The default is 4 attempts restr <number of consecutive health checks (1-63)> Sets the number of successful health check attempts required before declaring a UDP service operational. When a client makes a request. In order to prevent table overflow. retry <number of consecutive health checks (1-63)> Sets the number of failed health check attempts required before declaring this real server inoperative. When persistent is activated. The default setting is 10. The default is 8 attempts 360 Chapter 7: The SLB Configuration Menu 315393-J.Alteon OS 22. For TCP services. An interval of “0” disables health checking for the server.2 Command Reference Table 7-2 Real Server Configuration Menu Options (/cfg/slb/real) Command Syntax and Usage tmout <even number of minutes (2-32768)> Sets the number of minutes an inactive session remains open (in even numbered increments). To prevent loss of service if a particular real server fails. the switch pings servers to determine their status. The same backup/overflow server may be assigned to more than one real server at the same time inter <number of seconds between health checks (0-60)> Sets the interval between real server health verification attempts. The range is from 1 to 63 attempts. the session is recorded in the table.

submac disable|enable Enables or disables source MAC address substitution. this option is disabled. when the apply and save commands are used. By default. 315393-J. proxy disable|enable Enables or disables proxy IP address translation. See /oper/slb/ena on page 436 for an operations-level command. this option is disabled. disables this real server until it is explicitly re-enabled. When enabled. See /oper/slb/dis on page 436 for an operations-level command that permits graceful server shutdown. the real server goes down operationally as soon as the physical port connected to the real server goes down. the real server can process virtual server requests associated with its real server group. This command is enabled by default. NOTE – This option does not perform a graceful server shutdown. a client request from any application can be proxied using a load-balancing Proxy IP address (PIP). the real server will go down only after the configured health check interval. enables this real server for operation until explicitly disabled.2 Command Reference Table 7-2 Real Server Configuration Menu Options (/cfg/slb/real) Command Syntax and Usage addport <real server port (2–65534)> Add multiple service ports to the server. This option should be enabled when the real IP address supplied above represents a remote server (real or virtual) that this switch will access as part of its Global Server Load Balancing network. By default. ena You must perform this command to enable this real server for Layer 4 service. A disabled server will no longer process virtual server requests as part of the real server group to which it is assigned. This removes the real server from operation within its real server groups. This option. With this option enabled (default). This option. January 2005 Chapter 7: The SLB Configuration Menu 361 . fasthc disable|enable Enables or disables Fast Health Check operation.0. remport <real server port (2–65534)> Remove multiple service ports from the server. remote disable|enable Enables or disables remote site operation for this server. This option does not perform a graceful server shutdown. When disabled. Use this command with caution. as it will delete any configuration options that have been set for this real server. when the apply and save commands are used. When enabled. dis Disables this real server from Layer 4 service.Alteon OS 22. del Deletes this real server from the Layer 4 switching software configuration.

cookser disable|enable Enables or disables the real server to handle client requests that don’t contain a cookie. LDAP servers are of two types: read servers and write servers.Add SLB string for content load balance remlb .Display current real server configuration This menu is used for entering commands and strings for Layer 7 processing.2 Command Reference Table 7-2 Real Server Configuration Menu Options (/cfg/slb/real) Command Syntax and Usage cur Displays the current configuration information for this real server. 362 Chapter 7: The SLB Configuration Menu 315393-J. and embeds the IP address of the real server that will handle the subsequent requests from the client.Remove SLB string for content load balance cookser . January 2005 . exclude disable|enable Enables or disables exclusionary string matching.Enable/disable LDAP Write server cur . this option is disabled. /cfg/slb/real <server number>/layer7 Real Server Layer 7 Configuration [Real Server 1 Layer 7 Commands Menu] addlb . The write server can conduct both read and write operations. This server gets the client request.Enable/disable cookie assignment server exclude . ldapwr disable|enable Enables or disables LDAP write server. This option is used if you want to designate a specific server to assign cookies only. You need to use the write servers when you want to modify the directory on the server. remlb <URL path ID [1-1024]> Removes the predefined URL loadbalance string ID from the real server. this option is disabled.Alteon OS 22.Enable/disable exclusionary string matching ldapwr . By default.0. assigns the cookie. By default. You need to use read servers when you only want to browse the directory. Table 7-3 Layer 7 Commands Menu Options (/cfg/slb/real/layer7) Command Syntax and Usage addlb <URL path ID [1-1024]> Adds the predefined URL loadbalance string ID to the real server.

This OID overrides the OID for SNMP health checks. /cfg/slb/real <real server number>/ids Real server IDS Configuration Menu Intrusion Detection System (IDS) is a type of security management system for computers and networks. comm <SNMP health check community string to override group community string> Overrides community string for SNMP health checks. oid <SNMP health check object identifier to override group OID> Specifies the object identifier (OID). An Intrusion Detection System gathers and analyzes information from various areas within a computer or a network to identify possible security breaches. idsport <port number> Defines port for Intrusion Detection Server.Display current real server configuration Table 7-4 IDS Configuration Menu options (/cfg/slb/real/ids) Command Syntax and Usage idsvlan <vlan number (1-4090> Defines VLAN ID for Intrusion Detection Server.2 Command Reference Table 7-3 Layer 7 Commands Menu Options (/cfg/slb/real/layer7) Command Syntax and Usage cur Displays the current real server configuration.0. Refer to your Application Guide for more information.Alteon OS 22. which include both intrusions (attacks from outside the organization) and misuse (attacks from within the organization). Note: IDS can only be configured on real servers between one to maximum number of ports on the switch. January 2005 Chapter 7: The SLB Configuration Menu 363 .Override community string for SNMP HC cur . 315393-J.Set Port for ID Server oid .Override OID for SNMP HC comm . cur Displays the current real server configuration.Set Vlan ID for ID Server idsport . [Real Server 1 IDS Menu] idsvlan .

364 Chapter 7: The SLB Configuration Menu 315393-J.0.Set an advance group health check formula mhash . Table 7-5 Real Server Group Configuration Menu Options (/cfg/slb/group) Command Syntax and Usage metric leastconns|roundrobin|minmisses|hash|response|bandwidth|phash Sets the load balancing metric used for determining which real server in the group will be the target of the next client request. See “Server Load Balancing Metrics” on page 370 for more information.Set backup real server or group name .Set minmisses hash parameter viphlth .Set real server failure threshold idsrprt .Enable/disable VIP health checking in DSR mode ids . Each real server can belong to more than one group.Set health check content health .Disable real server in this group add . Each group must consist of at least one real server.Alteon OS 22.Enable/disable the access to this group for operator ena .2 Command Reference /cfg/slb/group <real server group number> Real Server Group SLB Configuration [Real server group 1 Menu] metric . The default setting is leastconns.Delete real server group cur .Remove real server del .Display current group configuration This menu is used for combining real servers into real server groups.Set real server group name realthr .Enable/disable Intrusion Detection Group Flood oper . January 2005 .Set metric used to select next rport in server content .Enable real server in this group dis .Add real server rem . Each real server group should consist of all the real servers which provide a specific service for load balancing.Set metric used to select next server in group rmetric .Enable/disable Intrusion Detection idsfld . Real server groups are used both for Server Load Balancing and Application Redirection.Set Intrusion Detection Port advhlth .Set health check type backup . rmetric Sets the load balancing metric used for determining which port in the real server will be the target of the next client request.

httphead . The default is tcp. The content depends on the type of health check specified in the health option (see below). use this option to assign a backup real server/real server group number.use HEAD method Sets the type of health checking performed. January 2005 Chapter 7: The SLB Configuration Menu 365 . the backup server/server group comes online to provide additional processing power until one of the original servers becomes desaturated. See “SLB Health Check Types” on page 367. realthr <real servers (1-15. Then. a SYSLOG ALERT message is sent to the configured SYSLOG servers stating that the real server threshold has been reached for the concerned server load balancing group.use GET method. This will enable the network administrator to quickly identify the server group by a natural language keyword value. 315393-J.Alteon OS 22. The backup server/server group is also used in overflow situations.0. To prevent loss of service if the entire real server group fails. health link|arp|icmp|tcp|http|httphead|dns|pop3|smtp|nntp|ftp|imap| sslh|radius-auth|radius-acc|script<n>|udpdns|wsp|wtp|wtls|ldap| snmp<n>|tftp|rtsp|sip http . which also means the option is disabled idsrprt <real server port (2-65534)>|any Sets real server port for the Intrusion Detection Server. name <maximum 31 characters>|none Defines a 15-character alias for each Real Server Group. if the real server group becomes inoperative.2 Command Reference Table 7-5 Real Server Group Configuration Menu Options (/cfg/slb/group) Command Syntax and Usage content <filename>|//<host>/<filename>|none This option defines the specific content which is examined during health checks. the switch will activate the backup real server /server group until one of the original real servers becomes operative again. If all the servers in the real server group reach their maxcon (maximum connections) limit. backup r<real server number (1-256)>|g<group number>|none Sets the real server or real server group used as the backup/overflow server/server group for this real server group. The same backup/overflow server/server group may be assigned to more than one real server group at the same time. 0 for disabled)> Specifies a minimum number of real servers available. the number reaches this minimum limit. If any time. The default threshold is 0.

it works only when the service has DSR (Direct Server Return) feature enabled. January 2005 . 1-1023> Disables a real server in this group gracefully or on a per group basis.Alteon OS 22. ena <real server number. viphlth disable|enable Enables or disables VIP health checking in a service. This command supports two boolean operators.). However. 366 Chapter 7: The SLB Configuration Menu 315393-J. 128>|none Defines an advanced health check formula expression for the real servers. Using parenthesis with the boolean operators.2 Command Reference Table 7-5 Real Server Group Configuration Menu Options (/cfg/slb/group) Command Syntax and Usage advhlth <(1&2|3.You can also select all 32-bits of the source IP address to hash to the real server. the switch uses RIP to perform all health checks. idsfld disable|enable Enables or disables the Intrusion Detection flood.0. This command also supports a string expression which is up to 128 characters long. AND or OR that are used to manipulate TRUE or FLALSE values. ids disable|enable Enables or disables Intrusion Detection Server (IDS) load balancing for the designated real server group.. This command allows you to create a boolean expression to health check the real server group based on the state of the virtual services. This feature can only be configured on real server groups between 1-63. oper disable|enable Enables or disables the real server group operation. if a real server is a member of more than one group. add <real server number (1-1023)> Adds a real server to this real server group. This feature is enabled by default. or you can also set the formula expression as none. rem <real server number (1-1023)> Remove a real server from this real server group. You will be prompted for the ID number for the real server to remove from this group. 1-1023> Enables a real server in this group gracefully or on a per group basis. You will be prompted to enter the number of the real server to add to this group. you can create a boolean expression to state the health of the server group. dis <real server number. whether DSR is enabled or disabled. By default the minmiss algorithm uses the upper 24-bits of the source IP address to calculate the real server that the traffic should be sent to when the minmiss metric is selected. When viphlth is disabled. For example. mhash 24|32 <number of sip bits used for minmisses hash> Defines the minmisses hash parameter for this real server as either 24 or 32 bits. you can configure this real server to accept requests from all the groups or any number of groups that this real server is member of.

icmp For Layer 3 health checking. the virtual server will become inoperative. arp Sends an ARP request for Layer 2 health checking. dns For Domain Name Service. the health check will revert back to TCP on the port that is being load balanced. This removes the group from operation under all virtual servers it is assigned to. you can specify the type of health check for the group of real servers. Refer to your Application Guide for their detailed description. check that the domain name specified in content can be resolved by the server. Note: If the content is not specified. Use this command with caution: if you remove the only group that is assigned to a virtual server. January 2005 Chapter 7: The SLB Configuration Menu 367 . SLB Health Check Types Using the health command. You can use this command to test the validity and access to the hypertext links or to look for any recent modification to the URL.0 GET occurs.0. tcp Opens and closes a TCP/IP connection to the server for TCP service. cur Displays the current configuration parameters for this real server group. httphead Allows the switch to declare if the server is up or not just by locating the URL header and not wait until all the URL contents are received. The health check options are described in the following table. pings the server.2 Command Reference Table 7-5 Real Server Group Configuration Menu Options (/cfg/slb/group) Command Syntax and Usage del Deletes this real server group from the Layer 4 software configuration. Otherwise. use HTTP 1. http For HTTP service. an HTTP/1. 315393-J.Alteon OS 22. Table 7-6 SLB Health Check Types (/cfg/slb/group/health) Option and Description link Checks status of port for each server for IDSLB group only.1 GETS when a HOST: header is required to check that the URL content is specified in content command.

To perform application health checking to a RADIUS server. check that the newsgroup name specified in content is accessible on the server. script <n> Enables the use of script-based health checks in send/expect format to check for application and content availability. udpdns Allows the user to perform health checking using UDP DNS queries. ftp For FTP services. imap For user mail service. radius-auth.Alteon OS 22. check that the filename specified in content is accessible on the server through anonymous login. During the handshake. nntp For newsgroup services. The secrt value is a field of up to 32 alphanumeric characters that is used by the switch to encrypt a password during the RSA Message Digest Algorithm (MD5) and by the RADIUS server to decrypt the password during verification. the user and server exchange security certificates.0. check that the user:password account specified in content exists on the server. smtp For mail-server services. wsp Enables connectionless WSP content health checks for WAP gateways. and establish a session ID for each session. the network administrator must also configure the /cfg/slb/ secrt parameter.2 Command Reference Table 7-6 SLB Health Check Types (/cfg/slb/group/health) Option and Description pop3 For user mail service. <n> denotes the health script number (1-8). negotiate an encryption and compression method. check that the user:password value specified in content exists on the Alteon Application Switch and the server. 368 Chapter 7: The SLB Configuration Menu 315393-J. The content under /cfg/ slb/adv/waphc (see page 421) must also be configured. January 2005 . check that the user:password value specified in content exists on the serve sslh Enables the switch to query the health of the SSL servers by sending an SSL client “Hello” packet and then verify the contents of the server’s “Hello” response. radius-acc For RADIUS remote access server authentication. check that the user specified in content is accessible on the server.

315393-J. The health check fails if the switch receives an error packet from the real server. If there is no content configured the switch will issue an RTSP OPTIONS method.Alteon OS 22. The switch administrator can choose LDAP version 2 or 3 as both the versions are compatible with Alteon OS 22. You can perform the SIP (Session Initiation Protocol) health check by using SIP PING request. ldap Sets the health check type to LDAP. If the server is up. You must enable UDP to perform SIP load balancing. This health check consists of three LDAP messages over one TCP connection: a bind request. The health check is successful if the server responds to the RRQ. January 2005 Chapter 7: The SLB Configuration Menu 369 . At regular intervals.0. The LDAP health checks enable the switch to determine if the LDAP server is alive.2 Command Reference Table 7-6 SLB Health Check Types (/cfg/slb/group/health) Option and Description wtp Enables connection-oriented WTP + WSP content health checks for WAP gateways. If content is supplied the switch will issue the RTSP DESCRIBE method. sip Sets the health check type to sip. The switch must send an unbind request so that the server does not hold resources indefinitely.2. the switch transmits TFTP read requests (RRQ) to all servers in the group. it will send the bind result message and the switch will mark the server as alive. The switch sends an anonymous bind request to the server. tftp Sets the health check type to TFTP. <n> denotes the health script number (1-5). a bind result.0. The RTSP health check can operate with or without content. the health check will fail. The content under /cfg/slb/adv/waphc (see page 421) must also be configured wtls Provides Wireless Transport Layer Security (WTLS) Hello-based health check for encrypted and connection-oriented WTLS traffic on port 9203. and an unbind request. If the response to either method is RTSP/200 then the health check passes. snmp <n> Enables the use of SNMP-based health checks. rtsp Sets the health check type to RTSP. If this is not the response. This protocol enables the user to request a file from the server.

the issuing process starts over with the first real server. new connections are issued to each server in turn: the first real server in this group gets the first connection. Minmisses can also be used for Server Load Balancing. If the Load Balancing statistics indicate that one server is processing significantly more requests over time than other servers. with the fastest servers typically getting the most connections over time. hash Like minmisses. This is useful for applications where client information must be retained on the server between sessions. For Application Redirection. Server load with this metric becomes most evenly balanced as the number of active clients increases. the number of connections currently open on each real server is measured in real time. The hash metric should be used if the statistical load balancing achieved using minmisses is not as optimal as desired. helping to maximize successful cache hits.0. due to their ability to accept. you can set a number of metrics for selecting which real server in a group gets the next client request. For Server Load Balancing. These metrics are described in the following table: Table 7-7 Real Server Group Metrics (/cfg/slb/group/metric) Option and Description minmisses Minimum misses. all requests from a specific client will be sent to the same server. When all the real servers in this group have received at least one connection. The server with the fewest current connections is considered to be the best choice for the next client connection request. leastconns Least connections. January 2005 . This is particularly useful for maximizing successful cache hits. This metric is optimized for Application Redirection. process. followed by the third real server. Although the hash metric can provide more even load balancing at any given instance. the second real server gets the next connection. and so on. This is particularly useful in caching applications. With this option. When specified for a real server group performing Server Load Balancing. all requests for a specific IP destination address will be sent to the same server. all requests for a specific IP destination address will be sent to the same server. This is useful for applications where client information must be retained between sessions. consider using the hash metric. 370 Chapter 7: The SLB Configuration Menu 315393-J. With this option.2 Command Reference Server Load Balancing Metrics Using the metric command. and shut down connections faster than slower servers. the hash metric uses IP address information in the client request to select a server.Alteon OS 22. it is not as effective as minmisses when servers leave and reenter service. all requests from a specific client will be sent to the same server. Best statistical load balancing is achieved when the IP address destinations of load balanced frames are spread across a broad range of IP subnets. This option is the most self-regulating. roundrobin Round robin. When minmisses is specified for a real server group performing Application Redirection.

January 2005 Chapter 7: The SLB Configuration Menu 371 . With phash enabled. bandwidth Bandwidth Metric. the smaller is the weight assigned to that server. when real servers are configured with weights (see the weight option on page 359). If the first hash hits a dead server. The weights are adjusted so they are inversely proportional to a moving average of response time. the first hash will always be the same even if a real server is down. the real server weights are adjusted so they are inversely proportional to the number of octets that the real server processes during a given interval. hash. a higher proportion of connections are given to servers with higher weights.0. the switch monitors and records the amount of time that each real server takes to reply to a health check. With this option. With this option. This can improve load balancing among servers of different performance levels. phash The phash metric utilizes the best features of the hash and minmiss metrics. This results in a request always being sent to a server that is up. The response time is used to adjust the real server weights. With the phash metric. NOTE – Under the leastconns.Alteon OS 22. The higher the bandwidth used. it will rehash for that request based on the actual number of servers that are up. 315393-J. roundrobin. Weights are not applied when using the minmisses metrics. and phash metrics.2 Command Reference Table 7-7 Real Server Group Metrics (/cfg/slb/group/metric) Option and Description response Real server response time. the switch supports an even load distribution (hash) and stable server assignment (minmiss) even when a server in the group goes down.

see the sport command on page 385. To view services menu options. Configuring a virtual server requires the following parameters: Creating a virtual server IP address Adding TCP/UDP port and real server group Enabling the virtual server (disabled by default) Table 7-8 Virtual Server Configuration Menu Options (/cfg/slb/virt) Command Syntax and Usage service <virtual port or name> Displays the Virtual Services Menu. vip <virtual server IP address> Sets the IP address of the virtual server using dotted-decimal notation. January 2005 . The virtual server created within the switch will respond to ARPs and PINGs from network ports as if it was a normal server. The virtual port name can be a well-known port name.0. ftp. see page 375.Alteon OS 22. To get more information about well-known ports. and so on. such as http.2 Command Reference /cfg/slb/virt <virtual server number> Virtual Server SLB Configuration [Virtual Server service vip dname cont weight avail addrule remrule layr3 ena dis del cur 1 Menu] Virtual Service Menu Set IP addr of virtual server Set domain name of virtual server Set BW Contract Set Global SLB weight for virtual server Set Global SLB availability for virtual server Add Global SLB rule to domain Remove Global SLB rule from domain Enable/disable layer 3 only balancing Enable virtual server Disable virtual server Delete virtual server Display current virtual configuration This menu is used for configuring the virtual servers which will be the target for client requests for Server Load Balancing. 372 Chapter 7: The SLB Configuration Menu 315393-J. the service number. The allowable port range is from 13 to 65534. Client requests directed to the virtual server’s IP address will be balanced among the real servers available to it through real server group assignments.

2 Command Reference Table 7-8 Virtual Server Configuration Menu Options (/cfg/slb/virt) Command Syntax and Usage dname <34 character domain name>|none Sets the domain name for this virtual server.0. The response time of this site is divided by this weight before the best site is assigned to a client. Each rule has metric preference list. see hname below. However. To clear the dname. and also in applications where TCP fragments are generated.com. The default number of contracts is set at 256 for Alteon OS. Rule allows the server selected for GSLB to use different metric preference based on time of the day. It associates all the connections from the same client with the same real server while any connection exists between them. the more connections that will be directed to the local site. ftp. It does not include the hostname portion (www. the BW contract can be changed for a selected virtual server with /cfg/slb/virt <number>/service <number>/cont. When the layr3 option is enabled (disabled by default). layr3 disable|enable Normally. The server selected for GSLB selects the first rule that matches the domain and starts with the first metric in the preference list of the rule. the switch uses only the client IP address as the session identifier. cont <BWM contract (1-256)> Enter a new Bandwidth Management Contract for this virtual service. To define the hostname. addrule <rule. all services under this virtual server are assigned this BW contract. 1-64> Removes Global SLB rule from domain.org. www2. and so forth).gov.Alteon OS 22. weight Sets the Global server weight for the virtual server. January 2005 Chapter 7: The SLB Configuration Menu 373 . specify the name as none. and the Internet group code (. the client IP address is used with the client Layer 4 port number to produce a session identifier. Each domain has one or more rules. . By default. avail Sets the Global SLB availability for the virtual server. An example would be foocorp. If the real server to which the client is assigned becomes unavailable. The maximum number of characters that can be used in a domain name is 34. 1-64> Adds Global SLB rule to domain.edu.com. remrule <rule. The domain name typically includes the name of the company or organization. Remote site response times are divided by the real server weight before selection occurs. The default is rule 1. All the frames that match this virtual server services are assigned this BW contract if the previously assigned contract for the frame has lower or equal precedence of the virtual server contract. The default is 1. The higher the weight value. the Layer 4 software will allow the client to connect to a different server. and so forth). This option is necessary for some server applications where state information about the client system is divided across different simultaneous connections. . 315393-J. .

January 2005 . del This command removes this virtual server from operation within the switch and deletes it from the Layer 4 switching software configuration.2 Command Reference Table 7-8 Virtual Server Configuration Menu Options (/cfg/slb/virt) Command Syntax and Usage ena Enables this virtual server. cur Displays the current configuration of the specified virtual server. 374 Chapter 7: The SLB Configuration Menu 315393-J. dis This option disables the virtual server so that it no longer services client requests. This option activates the virtual server within the switch so that it can service client requests sent to its defined IP address. Use this command with caution.0. as it will delete the options that have been set for this virtual server.Alteon OS 22.

Delete virtual service cur .Enable/disable only substituting MAC addresses dnsslb .Alteon OS 22. NOTE – Select virtual service port 554 to configure RTSP traffic.Enable/disable SIP load balancing xforward .Enable/disable X-Forwarded-For for proxy mode epip .Set multi response count thash .Set real port hname .Enable/disable direct access mode sip .Enable/disable UDP balancing frag .0. January 2005 Chapter 7: The SLB Configuration Menu 375 .Set persistent binding type rcount .2 Command Reference /cfg/slb/virt <server number>/service <virtual port or name> Virtual Server Service Configuration This menu is used for configuring services assigned to a virtual server.Set HTTP SLB processing cont .Display current virtual service configuration 315393-J. [Virtual Server 1 http Service Menu] group . The following example shows a menu for http (port 80) services.Enable/disable DNS query load balancing http .Set hostname httpslb .Enable/disable pip selection based on egress port/vlan del .Enable/disable delayed binding udp .Enable/disable remapping UDP server fragments nonat .Set real server group number rport .Set BW cont of an SLB string specific to this service pbind .Set BW contract for this virtual service urlcont .Set hash parameter dbind .Enable/disable HTTP redirects for Global SLB direct . See page 380 to view the menu options for configuring virtual services on port 554 for RTSP.

it will carry the value entered for the Virtual Server IP (vip) contract.2 Command Reference Table 7-9 Virtual Server Service Configuration Options (/cfg/slb/virt/service) Command Syntax and Usage group <real server group number (1-1024)> Sets a real server group for this service. If a dname of “foocorp. This is used in conjunction with dname (above) to create a full host/domain name for individual services.0. use the command: # hname none httpslb urlslb|host|cookie|browser|urlhash|headerhash|others Load balances on the following applications: urlslb: Enable or disable URL SLB host: Enable or disable for virtual hosting cookie: Enable or disable cookie-based SLB for cookie-based preferential load balancing. 376 Chapter 7: The SLB Configuration Menu 315393-J. starting point of the cookie value. The default is set at 1.com” would be the full host/ domain name for the service. enable/disable checking for cookie in URI browser: Enable or disable SLB. To clear the hostname for a service.Alteon OS 22. You will be prompted for the following: Cookie name. number of bytes to be extracted. If rport is configured to be different than the virtual port defined in /cfg/slb/virt <number>/service <virtual port>. The format for this command is: # hname <hostname> For example. based on browser type urlhash: Enable or disable URL hashing based on URI headerhash: Hashes on any HTTP header value. “www. the switch will map the virtual port to this real port. rport <real server port (0-65534)> Defines the real server TCP or UDP port assigned to this service. You will be prompted to enter the number (1 to 256) of the real server group to add to this service. January 2005 . to add a hostname for Web services.com” was defined (above).foocorp. By default. The default number of contracts is set at 256 for Alteon OS. For example: httpslb <application> httpslb <application> and|or <application> cont <BWM Contract (0-256). others: Requires inputs for a particular header field You may choose to combine or select applications to load balance using the commands and and/or or. 0 for VIP default> Sets a Bandwidth Management contract for this virtual service. Note: If you enter 0 for the service contract. this is the same as the virtual port (service virtual port). hname <hostname>|none Sets the hostname for a service added. you could specify www as the hostname.

SSL provides authentication. all subsequent SSL sessions which present the same session ID will be directed to the same real server. The default is set at 1024. different services from the same client may not map to the same server. with clientip command enabled. An alternative approach may be to use the real server group metrics minmisses or hash (see Server Load Balancing Metrics).0. or until the maximum count is reached. The disable option allows you to disable presistent binding. see “Cookie-Based Persistence” on page 381. The cookie option uses a cookie defined in the HTTP header or placed in the URI for hashing. Web site search results.0. The sslid option is for Secure Sockets Layer (SSL). they will be connected to the most appropriate real server based on the load balancing metric. HTTP and HTTPs traffic from the same client will map to the same server irrespective of the load balancing metric used. January 2005 Chapter 7: The SLB Configuration Menu 377 . and security.2 Application Guide. The Alteon Application Switch will examine each server response until the cookie is found. By enabling the sslid option. The connection timeout value (set in the Real Server Menu) is used to control how long these inactive but persistent connections remain associated with their real servers. 315393-J. This may be necessary for some server applications where state information about the client system is retained on the server over a series of sequential connections.2. see the Persistence chapter in the Alteon OS 20. if it has previously been enabled for a particular application. or multi-page Web forms.Alteon OS 22. Only use this command when a string is shared by multiple virtual services and each service requires a separate bandwidth. non-repudiation. which is a set of protocols built on top of TCP/IP that allow an application server and user to communicate over an encrypted HTTP session. since the services are related. In Alteon OS 22. rcount <response count number (1–16)> Sets the maximum response counter for cookie-based persistence. The session ID is a value comprising 32 random bytes chosen by the SSL server that gets stored in a session hash table. Whereas. pbind clientip|cookie<p|r|i>|sslid|disable Enables or disables persistent bindings for a real server (disabled by default). For more information on cookie option. The default number is 1. When the client resumes activity after their connection has been aged out. such as with SSL (Secure Socket Layer.2 Command Reference Table 7-9 Virtual Server Service Configuration Options (/cfg/slb/virt/service) Command Syntax and Usage urlcont <URL path ID> <BW contract> Sets the Bandwidth Management contract of a string specific to this virtual service. and associates all connections from the same client with the same real server until the client becomes inactive and the connection is aged out of the binding table. For detailed information on Cookie-Based Persistence. The clientip option uses the client IP address as an identifier. HTTPS).

Tunable hash feature allows the user to select different parameters for computing the hash value used by the hash. see the cache command in Table 7-14 on page 390. For more information. direct disable|enable Enables or disables Direct Access Mode (DAM) on the selected virtual service.2 Command Reference Table 7-9 Virtual Server Service Configuration Options (/cfg/slb/virt/service) Command Syntax and Usage thash sip|sip+sport Defines hash parameter. Note: If applying a filter to the same virtual server IP address on which UDP load balancing is enabled. or both source IP address and source port. 378 Chapter 7: The SLB Configuration Menu 315393-J. January 2005 . DNS uses UDP and TCP. Enabling this command protects the server from Denial of Service (DoS) attacks. This command takes precedence over the command to globally enable or disable Direct Access Mode on the switch. dnsslb disable|enable Enables or disables DNS-based Layer 7 content load balancing. Since no session is created. Disabling HTTP Redirection causes GSLB to use proxy IP address for HTTP. This option is enabled by default. This option does not substitute IP addresses. no session table entry is created. frag disable|enable Enables or disables remapping server fragments for virtual port. nonat disable|enable Enables or disables substituting only the MAC address of the real server (disabled by default). the switch will use default hash parameter. so that frames returning from server to the client do not have to pass through the switch.Alteon OS 22. disable caching on that filter for optimal performance. You can configure this option if the service(s) to be load balanced include UDP and TCP. If the user does not select any. In those environments. For example. udp disable|enable|stateless Enables or disables UDP load balancing for a virtual port (disabled by default). When stateless is enabled. you have to bind to a new server every time. This option is disabled by default. dbind disable|enable Enables or disables Layer 4 Delayed Binding for TCP service and ports. the source IP address. http disable|enable Enables or disables HTTP Redirection for Global server load balancing on a per VIP basis. phash.0. For example. you must activate UDP balancing for the particular virtual servers that clients will communicate with using UDP. This option is used for Direct Server Return (DSR) in an one-armed load balancing setup. which is sip. and minmisses SLB metrics.

as it will delete the options that have been set for this virtual service. X-Forward-For is a special header that stores and identifies the client IP information. By default. xforward disable|enable Enables or disables inserting the X-Forward-For header into the client HTTP request to preserve the client IP information. Use this command with caution.2 Command Reference Table 7-9 Virtual Server Service Configuration Options (/cfg/slb/virt/service) Command Syntax and Usage sip disable|enable Enables or disables Session Initiation Protocol (SIP) server load balancing on the Alteon OS. the SP selects the proxy IP address based on ingress port or VLAN. SIP is a UDP-based application-level control protocol for creating. you can configure SIP service on the service port 5060 for a virtual server. epip disable|enable Enables or disables proxy IP selection based on egress port or VLAN. Nortel Networks’ MCS is a SIP enabled application Server. When SIP is enabled. modifying and terminating sessions with one or more participants (documented in RFC3261). You can use only minmiss as the load balancing metric since the load balancing is performed based on the Call-ID.0. cur Displays the current configuration of services on the specified virtual server. del This command removes this virtual service from operation within the switch and deletes it from the Layer 4 switching software configuration. The SIP processing occurs at application level in order to parse out messages coming from client side as well as the server side. You need to turn Direct Access Mode (DAM) on to perform SIP load balancing. This feature is applicable only on HTTP protocol.Alteon OS 22. January 2005 Chapter 7: The SLB Configuration Menu 379 . Using the epip command. you can load balance Nortel’s MCS (Multimedia Communication Server) proxy servers. Using SIP on your switch. you can scan and hash calls based on a SIP Call-ID header to an MCS server. When enabled. 315393-J. you can configure the SP to select proxy IP address based on the egress port or VLAN.

either hash or patternMatch. and minmisses SLB metrics. which is sip. use the command: # hname none rtspslb hash|patternMatch|dis This Layer 7 load balancing option sets the type of rtspslb.Alteon OS 22. RTSP will parse the URL and will hash the URL to select a server to load balance.com” would be the full host/ domain name for the service. dis: If set at disable. hash: If you use hash.foocorp. Tunable hash feature allows the user to select different parameters for computing the hash value used by the hash. patternMatch: If you select this option. The format for this command is: # hname <hostname> For example. the switch will match the string or pattern within the URL to select a server based on the string configured on the real server.0. January 2005 . the destination IP address. 380 Chapter 7: The SLB Configuration Menu 315393-J. to add a hostname for Web services. If the user does not select any. To clear the hostname for a service.2 Command Reference /cfg/slb/virt <server number>/service 554 Virtual Server RTSP Configuration This menu displays virtual services configured on service port 554 for RTSP traffic. hname <hostname>|none Sets the hostname for a service added. thash sip|sip+sport Defines hash parameter. or both source IP address and source port. This is used in conjunction with dname (above) to create a full host/domain name for individual services. RTSP will use Layer 4 metrics to select a server to load balance. you could specify www as the hostname. The default is hash. thereby enabling the service. phash. If a dname of “foocorp. For example. “www.com” was defined (above). the switch will use default hash parameter. the source IP address. [Virtual Server group hname rtspslb thash del cur 1 rtsp Service Menu] Set real server group number Set hostname Set RTSP URL load balancing type Set hash parameter Delete virtual service Display current virtual service configuration Table 7-10 Virtual Server Service Configuration Menu Options (/cfg/slb/virt 1/service 554) Command Syntax and Usage group <real server group number (1-1024)> Sets real server group number.

2 Command Reference Table 7-10 Virtual Server Service Configuration Menu Options (/cfg/slb/virt 1/service 554) Command Syntax and Usage del Deletes this virtual service.0. January 2005 Chapter 7: The SLB Configuration Menu 381 .Alteon OS 22. and has the following command syntax and usage: pbind cookie <mode> <name> <offset> <length> <URI> Each parameter is explained in the following table. 315393-J. cur Displays the current virtual service configuration. Cookie-Based Persistence The cookie option is used to establish cookie-based persistence.

0. Look for cookie in the URI. Enter the starting point of the cookie value (1-64) Enter number of bytes to extract (1-64).. and not the network administrator. generates the cookie value on behalf of the server. If you want to look for cookie name or value in the URI. The switch uses this cookie to bind to the appropriate server. In this mode. Insert cookie mode expiration parameters are as follows: Enter insert-cookie expiration as either: . The switch intercepts this persistence cookie and rewrites the value to include server-specific information before sending it to the client. enter d to disable this option. a duration <days[:hours[:minutes]]> (e. enter e to enable this option. r: Rewrite mode.. The following three modes are available: p: Passive mode. and the switch inserts an Alteon persistence cookie into the data packet. In active cookie mode (or cookie rewrite mode). or none <return> <name> <offset> <length> <URI> Enter the name of the cookie. 45:30:90) . For cookie rewrite. the server responds with the data. the extracting length must be 8 or 16.Alteon OS 22. To look for cookie in the HTTP header. a date <MM/dd/yy[@hh:mm]> (e. i: Insert mode. 382 Chapter 7: The SLB Configuration Menu 315393-J. the network administrator configures the Web server to embed a cookie in the server response that the switch looks for in subsequent requests from the same client..2 Application Guide.. the switch.. January 2005 .g.g.. 12/31/01@23:59) .0. For more information on Cookie-Based Persistence.2 Command Reference Table 7-11 Command Syntax and Usage for pbind cookie Options (/cfg/slb/virt/service/pbind cookie) Option <mode> Description Specify the mode for cookie-based persistence. When a client sends a request without a cookie. see the Alteon OS 22.

Set filter name smac . There are several options available in the Filter Advanced Menu (/cfg/slb/filt/adv.Set destination TCP/UDP port or range action . page 388) that can be used to provide more information through syslog. Each filter can be configured to allow.0. This command is disabled by default.Enable filter dis .Enable/disable filter inversion ena . The types of information include: IP protocol TCP/UDP ports TCP flags ICMP message type 315393-J.Alteon OS 22.Disable filter del .Display current filter configuration The switch supports up to 2048 traffic filters.Set source MAC address dmac .Set destination IP address dmask . January 2005 Chapter 7: The SLB Configuration Menu 383 .Set real server port for redirection nat .Set IP protocol sport . and each physical switch port can be configured to use any combination of filters.Set source TCP/UDP port or range dport .Set action group .Set real server group for redirection rport .Set source IP address smask .Set source IP mask dip .Set destination MAC address sip .2 Command Reference /cfg/slb/filt <filter number> SLB Filter Configuration [Filter 1 Menu] adv .Set destination IP mask proto .Set which addresses are network address translated vlan .Set vlan id invert .Delete filter cur . deny. redirect or perform Network Address Translation on traffic according to a variety of address and protocol specifications.Filter Advanced Menu name .

00:60:cf:40:56:00)> Sets the source MAC address. smac any|<MAC address (such as. Specify an IP address in dotted decimal notation. 255.0)> This IP address mask is used with the dip to select traffic which this filter will affect. deny. masks. To view menu options. The default is any. The default is any if the source MAC address is any. name <31 character name>|none Allows the user to assign a name to a filter. For more information. The default is any.255. or any. For more information. 00:60:cf:40:56:00)> Sets the destination MAC address.255. see page 388. smask <IP subnet mask (such as.0.Alteon OS 22. dmac any|<MAC address (such as. nat) Enable the filter Add the filter to a switch port Enable filtering on the Alteon Application Switch port Table 7-12 Filter Configuration Menu Options (/cfg/slb/filt) Command Syntax and Usage adv Displays the Filter Advanced Menu. 384 Chapter 7: The SLB Configuration Menu 315393-J.0> This IP address mask is used with the sip to select traffic which this filter will affect. January 2005 . traffic with this destination IP address will be affected by this filter. dip any|<IP address> If defined.255. 255. A range of IP addresses is produced when used with the smask below.255. A range of IP addresses is produced when used with the dmask below. dmask <IP subnet mask (such as. redirect. or any.2 Command Reference The following parameters are required for filtering: Set the address. The default is any if the destination MAC address is any. see “Defining IP Address Ranges for Filters” on page 387. traffic with this source IP address will be affected by this filter. See details below for more information on producing address ranges. Specify an IP address in dotted decimal notation. see “Defining IP Address Ranges for Filters” on page 387. and/or protocol that will be affected by the filter Set the filter action (allow. sip any|<IP address> If defined.

The default is any. traffic from the specified protocol is affected by this filter. just as with sport above. Listed below are some of the well-known protocols. The default is set at any. Number 1 2 6 17 89 112 Name icmp igmp tcp udp ospf vrrp sport any|<name>|<port>|<port>-<port> If defined. Specify the protocol number. January 2005 Chapter 7: The SLB Configuration Menu 385 . name. Specify the port number. name. or “any”. or “any”. or “any”.2 Command Reference Table 7-12 Filter Configuration Menu Options (/cfg/slb/filt) Command Syntax and Usage proto any|<number>|<name> If defined. name. traffic with the specified real server TCP or UDP destination port will be affected by this filter. 315393-J. Listed below are some of the well-known ports: Number 20 21 22 23 25 37 42 43 53 69 70 79 80 109 110 Name ftp-data ftp ssh telnet smtp time name whois domain tftp gopher finger http pop2 pop3 dport any|<name>|<port>|<port>-<port> If defined. traffic with the specified TCP or UDP source port will be affected by this filter. Specify the port number. range. range.Alteon OS 22.0. The default is any.

nat source|dest When nat is set as the filter action (see above). If source is specified. January 2005 . The goto action causes filter processing to jump to a designated filter. if transparent proxies are used for Network Address Translation (NAT) on the Alteon Application Switch (see the pip option in Table 7-22 on page 399).slb/filt/adv/goto command. This can be used to map the source or destination IP address and port information of a private network scheme to/from the advertised network IP address and ports.2 Command Reference Table 7-12 Filter Configuration Menu Options (/cfg/slb/filt) Command Syntax and Usage action allow|deny|redir|nat|goto Specifies the action this filter takes: allow deny redir Allow the frame to pass (by default). the frame’s source IP address (sip) and port number (sport) are replaced with the dip and dport values. this command specifies whether Network Address Translation (NAT) is performed on the source or the destination information. This can be used for building basic security profiles. Define a real server group (1 to 16) to which redirected traffic will be sent.Alteon OS 22. use the /cfg. this must be configured whenever TCP protocol traffic is redirected. Allows the user to specify a target filter ID that the filter search should jump to when a match occurs. In addition. Discard frames that fit this filter’s profile. effectively skipping over a block of filter IDs. group <real server group number (1-1024)> This option applies only when redir is specified at the filter action. the frame’s destination IP address (dip) and port number (dport) are replaced with the sip and sport values. If dest is specified.0. Redirect frames that fit this filter’s profile. rport must be configured for all Application Redirection filters. The default is group 1 rport <real server port (0-65535)> This option applies only when redir is specified at the filter action. Perform generic Network Address Translation (NAT). Destination (dest) is set as the default filter. To specify the new filter to goto. such as for web cache redirection. For valid Layer 4 health checks. nat goto 386 Chapter 7: The SLB Configuration Menu 315393-J. Layer 4 processing must be activated (see the /cfg/slb/on command on page 356). Also. This defines the real server TCP or UDP port to which redirected traffic will be sent. Filter searching action will then continue from the designated filter ID. This is used in conjunction with the nat option (mentioned in this table) and can also be combined with proxies. The default is set at 0.

2 Command Reference Table 7-12 Filter Configuration Menu Options (/cfg/slb/filt) Command Syntax and Usage vlan any|<VLAN ID (1 .Alteon OS 22. You have to manually add the filter to the port. del Deletes this filter. the destination IP address is masked (bitwise AND) with the dmask and then compared to the dip. If the conditions for the filter are not met.4090)> Sets the ID of the VLAN that is to be filtered. 315393-J. If the conditions of the filter are met. But by applying this filter to a VLAN. perform the assigned action. ena Enables this filter. The default is any. and the smask (source) or dmask (destination) is the mask which is applied to produce the range. the filter does not get applied to all the member ports of this VLAN. When a range of IP addresses is needed. This option is disabled by default. A VLAN has a set of member ports. cur Displays the current configuration of the filter. to determine if a client request’s destination IP address should be redirected to the cache servers attached to a particular switch. Defining IP Address Ranges for Filters You can specify a range of IP address for filtering both the source and/or destination IP address for traffic. the sip (source) or dip (destination) defines the base IP address in the desired range. This option allows you to match the VLAN ID of the switch against the VLAN ID of the incoming packet. January 2005 Chapter 7: The SLB Configuration Menu 387 . invert disable|enable Inverts the filter logic. which means the switch will match any VLAN ID of the incoming packet This command allows filters to be configured on per VLAN basis. dis Disables this filter. and applies a filter to a VLAN that already has been configured. don’t act. For example.0.

0 /cfg/slb/filt <filter number>/adv Advanced Filter Configuration [Filter 1 Advanced Menu] 8021p .Set hash parameter for Filter goto .0.Set ICMP message type cont .0.Display current advanced filter configuration 388 Chapter 7: The SLB Configuration Menu 315393-J.255 128.Set BW contract revcont .2 Command Reference As another example.Set BW contract for the reverse session tmout .0.Enable/disable delayed binding for redirection pbind .Enable/disable caching sessions that match filter log .Set NAT or L7 lookup session timeout idsgrp .0.0 .0.0. you could define the following parameters: Table 7-13 Filtering IP Address Ranges Filter #1 #2 Internet Address Range dip dmask 128.802.Layer 7 Advanced Menu security . To do this.255.TCP Advanced Menu ip .Set client proxy IP address cache . you could configure the switch with two filters so that each would handle traffic filtering for one half of the Internet.IP Advanced Menu layer7 .Enable/disable pip selection based on egress port/vlan cur .0 128.Enable/disable firewall redirect hash method linklb .255.0.0.Alteon OS 22.Enable/disable WAN link load balancing dbind .0 0.Enable/disable logging fwlb .Enable/disable client proxy epip .0 255.Security Menu icmp .0.127.0.255 0.0. January 2005 .1p Advanced Menu tcp .Enable/disable creating session for reverse side traffic proxyip .255.Set hash parameter for intrusion detection SLB thash .Set IDS server group for intrusion detection SLB idshash .0.Set GOTO filter ID reverse .Enable/disable persistent binding for redirection proxy .0 128.255.0.

To view menu options.2 Command Reference Table 7-14 Advanced Filter Menu (/cfg/slb/filt/adv) Command Syntax and Usage 8021p Displays 8021p Advanced Menu. tmout <even number of minutes (4-32768)> Sets the session timeout in an even number of minutes. see page 397 icmp any|<number>|<type. 1-1024>|none Sets the IDS server group for intrusion detection server load balancing. see page 391.0. January 2005 Chapter 7: The SLB Configuration Menu 389 . When filtering is used for IDSLB. This command helps you assign a different Bandwidth management contract from the one configured on the ingress filter. each filter added to an IDSLB-enabled port can be assigned a unique IDS real server group. "icmp list" for list> Sets the ICMP message type. idsgrp <real server group number. To view menu options. The default is set at 4 minutes. The default is set at any. To view menu options. To view menu options. idshash sip|dip|both Sets the hash metric parameter for Intrusion Detection System Server Load Balancing: source IP (sip). see the Alteon OS 22. 1-256> Sets the Bandwidth Management contract for the reverse traffic session.0. IEEE 802.Alteon OS 22. Using this command you can preserve 802. layer7 Displays Layer7 advanced menu.2 Application Guide. revcont <BW Contract. For a detailed description of filtering and ICMP. By default. see page 392. or both. destination IP (dip). security Displays the filter Security Menu. see Table 7-18 on page 394. To view menu options.1p is the specification for prioritizing the net- work traffic at the Layer 2 level in your switch. the contract number is set at 256. ip Sets IP advanced menu. see page 395. tcp Displays the TCP Flags advanced menu. cont <BWM Contract (1-256)> Sets the Bandwidth Management Contract. For a list of ICMP message types. 315393-J. see page 393.1p bits in all the frames that pass through the switch.

In order to use this feature. The Default is auto. proxyip <IP address> Defines client proxy IP address. goto <filter ID> Allows the user to specify a target filter ID that the filter search should jump to when a match occurs. By default. the switch uses the proxy IP address configured under /cfg/slb/pip command. log disable|enable Enables or disables generating of syslog messages when a filter is hit. This command allows for the creation of a session entry for reverse traffic to avoid inspecting traffic in both directions. Filter searching will then continue from the designated filter ID. If the dport is 80 or 21. The option both allows you to perform tunable hash on both source IP address and the destination IP address at the same time. The option dip allows you to perform tunable hash on destination IP address for this filter. a hashing algorithm is used to ensure that inbound packets and outbound packets for a pair of IPSA/IPDA traverse through the same firewall. The switch uses the configured proxy IP address to replace the client's IP address. the action on this filter must be set to goto. January 2005 . this option is disabled. If the user does not configure the proxy IP address in the filter.Alteon OS 22. linklb disable|enable Enables or disables WAN Link Load Balancing. so that the switch can bypass checking for subsequent frames that match the same criteria. Cache is enabled by default. fwlb disable|enable To ensure that the stateful inspection behavior of firewalls is maintained. this option is disabled. A cache-enabled filter creates a session entry in the switch. reverse disable|enable Enables or disables the creation of a session for traffic coming from the reverse side. Exercise caution while applying cacheenabled and cache-disabled filters to the same switch port. 390 Chapter 7: The SLB Configuration Menu 315393-J.0. This option is disabled by default.2 Command Reference Table 7-14 Advanced Filter Menu (/cfg/slb/filt/adv) Command Syntax and Usage thash auto|sip|dip|both|sip+sport Allows you to choose hash parameter to use for filter redirection. enabling this option changes the hash of the filter from a WCR hash to a FWLB hash. By default. The option sip+sport allows you to perform tunable hash on both source IP address and source port at the same time. Note: Cache should be disabled if applying a filter to virtual server IP address while performing UDP load balancing (see “udp disable|enable|stateless” on page 378). Use this command to specify the new filter to go to. The sip option allows you to perform tunable hash on source IP address for this filter. cache disable|enable Enables or disables caching sessions that match the filter.

The 802. /cfg/slb/filt <filter number>/adv/8021p 802. any proxy defined for the switch port using the pip command (see page 399) is not performed for traffic meeting the filter criteria.1p bits specify the priority that you should give to the packets while forwarding them. January 2005 Chapter 7: The SLB Configuration Menu 391 . The value is the priority bits information in the packet structure. pbind disable|enable Enables or disables persistent binding for redirection on this filter.Enable/disable 802. This is useful when certain traffic must retain original IP address information. The packets with a higher (non-zero) priority bits are given forwarding preference over packets with numerically lower priority bits value.Set 802. the SP selects the proxy IP address based on ingress port or VLAN.0. If disabled. [802. This option applies only when redir or nat is specified as the filter action.1p bits in the packet's VLAN header.1p value matching cur . Enable or disable proxy IP address translation for traffic matching the filter criteria. 315393-J. cur Displays the current advanced filter configuration. By default. Using the epip command. or when other forms of translation (such as Application Redirection or NAT) are preferred. By default.1p value.Alteon OS 22.1p value match .Display current 802.1p Advanced Menu] value . you can configure the SP to select proxy IP address based on the egress port or VLAN.1p configuration Table 7-15 8021p Advanced Menu Options (/cfg/slb/filt/adv/8021p) Command Syntax and Usage value <0-7> Defines 802.2 Command Reference Table 7-14 Advanced Filter Menu (/cfg/slb/filt/adv) Command Syntax and Usage dbind disable|enable Enables or disables delayed binding for redirection on this filter.1p Advanced Menu This feature provides the Alteon OS the capability to filter IP packets based on the 802. epip disable|enable Enables or disables proxy IP selection based on egress port or VLAN. this is enabled. proxy disable|enable Enables or disables client proxy.

syn disable|enable Enables or disables TCP SYN (synchronize) flag matching. rst disable|enable Enables or disables TCP RST (reset) flag matching. 392 Chapter 7: The SLB Configuration Menu 315393-J. ack disable|enable Enables or disables TCP ACK (acknowledgement) flag matching.Enable/disable TCP ACK or RST matching . By default. Table 7-16 Advanced Filter TCP Menu (/cfg/slb/filt/adv/tcp) Command Syntax and Usage urg disable|enable Enables or disables TCP URG (urgent) flag matching. When the Management Processor needs to reuse the packet to send to the destination.Display current TCP configuration These commands can be used to configure packet filtering for specific TCP flags.1p configuration.2 Command Reference Table 7-15 8021p Advanced Menu Options (/cfg/slb/filt/adv/8021p) Command Syntax and Usage match disable|enable Enables or disables matching of 802.Enable/disable TCP RST matching .Enable/disable TCP SYN matching . By default. this option is disabled. By default. psh disable|enable Enables or disables TCP PSH (push) flag matching. /cfg/slb/filt <filter number>/adv/tcp Advanced Filter TCP Configuration [TCP Advanced urg ack psh rst syn fin ackrst cur Menu] .Enable/disable TCP FIN matching .0. January 2005 . this option is disabled. this option is disabled.1p value. this option is disabled.Enable/disable TCP ACK matching . this option is disabled. the switch matches the original priority bits information with the priority bits information after the frame processing is complete.Enable/disable TCP PSH matching . cur Displays current 802.Alteon OS 22. By default. By default.Enable/disable TCP URG matching .

Alteon OS 22. ackrst disable|enable Enables or disables TCP acknowledgement or reset flag matching. January 2005 Chapter 7: The SLB Configuration Menu 393 .Set IP Type of Service tmask . 64-65535>|any Defines the limit of IP packet’s length. refer to RFC 1340 and 1349. By default.Set IP maximum packet length option . cur Displays the current Access Control List TCP filter configuration. option disable|enable Enables or disables IP option matching.2 Command Reference Table 7-16 Advanced Filter TCP Menu (/cfg/slb/filt/adv/tcp) Command Syntax and Usage fin disable|enable Enables or disables TCP FIN (finish) flag matching.Set new IP TOS length . tmask <0-255> Sets IP type of service mask.0. this option is disabled. 315393-J.Enable/disable IP option matching cur .Display current IP configuration Table 7-17 IP Advanced Menu Options (/cfg/slb/filt #/adv/ip) Command Syntax and Usage tos <0-255> Sets IP type of service (ToS) and the value of the type of service. For more information on ToS. Any packet exceeding the maximum length will not match the filter. /cfg/slb/filt <filter number> /adv/ip IP Advanced Menu [IP Advanced Menu] tos . length <IP packet length (in bytes).Set IP TOS mask newtos . By default. newtos <0-255> Sets new IP type of service. this option is disabled.

You can list all ICMP message types with the /cfg/slb/filt/adv/icmp list command.2 Command Reference Table 7-17 IP Advanced Menu Options (/cfg/slb/filt #/adv/ip) Command Syntax and Usage cur Displays the current advanced IP settings for the selected filter. ICMP Message Types The following ICMP message types are used with the /cfg/slb/filt/adv/icmp command. January 2005 .0.Alteon OS 22. Table 7-18 ICMP Message Types Type # Message Type 0 3 4 5 8 9 10 11 12 13 14 15 16 17 18 echorep destun quench redir echoreq rtradv rtrsol timex param timereq timerep inforeq inforep maskreq maskrep Description ICMP echo reply ICMP destination unreachable ICMP source quench ICMP redirect ICMP echo request ICMP router advertisement ICMP router solicitation ICMP time exceeded ICMP parameter problem ICMP timestamp request ICMP timestamp reply ICMP information request ICMP information reply ICMP address mask request ICMP address mask reply 394 Chapter 7: The SLB Configuration Menu 315393-J.

Set BW cont of an URL path specific to this filter addrd .Enable/disable Layer 7 content lookup parseall . The string is defined under: /cfg/slb/ layer7/slb/add. Strings are defined under: /cfg/slb/layer7/slb/add.Enable/disable layer 7 lookup (parsing) of all packets cur . January 2005 Chapter 7: The SLB Configuration Menu 395 . addstr <string id (1-1024)> Adds the string ID to this filter for L7 filtering.Alteon OS 22.Remove HTTP redirection mapping addstr .2 Command Reference /cfg/slb/filt <filter number> /adv/layer7 Layer 7 Advanced Filter Configuration Menu [Layer 7 Advanced Menu] urlcont . addrd [1>2] Adds an HTTP redirection mapping. Radius snooping allows the Alteon OS to examine RADIUS accounting packets for client information. Only use this command when a string is shared by multiple filters and each filter requires a separate bandwidth. For more details.Enable/disable WAP RADIUS Snooping rdswap . remstr <string id (1-1024)> Removes the string ID for Layer 7 filtering.Display current layer 7 configuration Table 7-19 Layer 7 Advanced Filter Menu Options (/cfg/slb/filt/adv/layer7) Command Syntax and Usage urlcont <URL path ID> <BW contract> Sets the URL path BW contract for this filter. please refer to your Application Guide.Remove string for layer 7 filtering rdsnp .Add HTTP redirection mapping remrd . This information is needed to add to or delete static session entries in the switch’s session table so that it can perform the required persistency for load balancing.Enable/disable active FTP NAT l7lkup . rdsnp disable|enable Enables or disables WAP RADIUS snooping on this filter.0.Add string for layer 7 filtering remstr . remrd <string id to redirect from (1-512)> <string id to redirect to (2-512)> Removes an HTTP redirection mapping that was added using the addrd command described above. The string is defined under: /cfg/slb/layer7/ slb/add. then send back an HTTP redirection message back to the client that contains information in the second string ID.Enable/disable RADIUS/WAP Persistence ftpa . 315393-J. This command tells the filter that if it matches on the first string id.

ftpa disable|enable Enables or disables active FTP Client Network Address Translation (NAT). the switch will look into the data part of the frame and replace the client 's private IP address with a proxy IP (PIP) address. subsequent packets can be ignored. layer 7 lookup is turned off for the remaining packets in the session. cur Displays the current advanced Layer 7 configuration of the filter including the Radius/Wap persistence settings. please refer to your Application Guide. However. redir). l7lkup disable|enable Enables or disables layer 7 lookup on this filter. For more details. some sessions may contain only one packet containing the layer 7 content. The switch forwards this reply to the RAS. and normally all data packets in a session are examined by the filter. By default.Alteon OS 22. Once this packet is found. This feature allows for RADIUS and WAP persistence by binding both (RADIUS accounting and WAP) sessions to the same server. The application switch snoops on the RADIUS accounting start packet for the “framed IP address” attribute. When parseall is disabled. the filter performs a lookup on layer 7 content such as HTTP strings or headers. deny. This command is enabled by default. that is PIP:PPORT. When a client in active FTP mode sends a PORT command to a remote FTP server. this feature enables content-intelligent redirection or content-intelligent deny filtering. After the RAS receives the Radius accept packet. This command replaces the urlp and l7deny commands found in earlier releases of Alteon OS. January 2005 . A WAP client is first authenticated by the RADIUS server on UDP port 1812.2 Command Reference Table 7-19 Layer 7 Advanced Filter Menu Options (/cfg/slb/filt/adv/layer7) Command Syntax and Usage rdswap enable|disable Enables or disables WAP RADIUS persistence on this filter. parseall disable|enable Enables or disables parsing of all packets in a session where layer 7 lookup is being performed. it sends a RADIUS accounting start packet on UDP port 1813 to the bound server. The server replies with a Radius Accept or Reject frame.0. this option is disabled. When enabled. The “framed IP address” attribute is used to rebind the RADIUS accounting session to a new server. When combined with a filter action (for example. 396 Chapter 7: The SLB Configuration Menu 315393-J. The real server port (RPORT) will be replaced with a proxy port (PPORT).

Alteon OS 22. January 2005 Chapter 7: The SLB Configuration Menu 397 . subsequent packets can be ignored. matchall disable|enable Enables or disables matching of all configured patterns before the filter can perform the deny action. addgrp <pattern match group id> Adds a pattern group to this filter. Once this packet is found. The protocol-based rate limiting limits the traffic coming from specific clients based on the IP address of the client. This feature enables the switch to detect and block UDP or ICMP-based DOS attacks that slow down or decapitate the servers. and normally all data packets in a session are examined by the filter. This command is enabled by default. some sessions may contain only one packet containing the layer 7 content. pmatch disable|enable Enables or disables pattern matching on this filter. Pattern groups are added using the /cfg/security/ pgroup/add command. pattern matching is turned off for the remaining packets in the session. However. and ICMP protocols. To view menu options see page 398. When parseall is disabled.0. parseall disable|enable Enables or disables pattern string lookup (parsing) of all packets in a session where pattern matching is being performed. the switch allows rate limiting to be enabled on TCP. 315393-J. Currently. UDP. remgrp <pattern match group id> Removes a pattern group from this filter. cur Displays the current configuration.2 Command Reference /cfg/slb/filt <filter number> /adv/security SLB Filter Advanced Security Menu [Security Menu] ratelim addgrp remgrp pmatch matchall parseall cur Rate Limiting Menu Add pattern match group for layer 7 filtering Remove pattern match group for layer 7 filtering Enable/disable pattern matching Enable/disable match-all criteria for layer 7 filtering Enable/disable layer 7 lookup (parsing) of all packets Display current Security configuration Table 7-20 Layer 7 Advanced Filter Menu Options (/cfg/slb/filt/adv/security) Command Syntax and Usage ratelim Displays the Rate Limiting Menu.

UDP. or ICMP rate limiting. cur Displays the current rate limiting configuration. A time window is a configured period of time (in seconds) during which packets are allowed to be received. UDP. January 2005 . The client is held down for a specified number of minutes. dis Disables TCP. UDP. 2-65535> Defines hold down duration for rate limiting. 1-65535> Defines time window for rate limiting. The time window can be configured per filter and not globally on all the filters. or ICMP rate limiting Display current rate limiting configuration Table 7-21 Rate Limiting Advanced Menu Options (/cfg/slb/filt/adv/security/ ratelim) Command Syntax and Usage maxconn <# of connections in units of 10 (0-255)> Defines maximum connections for rate limiting. 398 Chapter 7: The SLB Configuration Menu 315393-J. UDP. When blocking occurs. holddur <minutes. timewin <seconds.2 Command Reference /cfg/slb/filt <filter number> /adv/security/ ratelim Advanced Security Rate Limiting Configuration Menu [Rate Limiting maxconn timewin holddur ena dis cur Menu] Set maximum connections for rate limiting Set time window for rate limiting Set hold down duration for rate limiting Enable TCP.Alteon OS 22. The hold-down duration can be configured per filter and not globally on all the filters. Rate limiting is applied to the protocol configured on the filter.0. or ICMP rate limiting Disable TCP. any new TCP connection requests or UDP/ICMP packets from the client are blocked. after which new TCP connection requests or packets from the client are allowed once again to pass through. When the number of new connections or packets exceeds the configured limit. ena Enables the protocol for rate limiting. The supported protocols are: TCP. and ICMP. the client is said to be held down.

server disable|enable Ports configured to provide real server responses to client requests require real servers to be connected to the Layer 4 switch. it may take some time before the port session information is updated so that the filter changes take effect.Enable/disable use of PIP for ingress traffic filt . directly or through a hub.Add filter to port rem . or another switch.Enable/disable intrusion detection server load balancing cur . the switch port re-maps real server IP addresses and Layer 4 port values to virtual server IP addresses and Layer 4 ports. NOTE – When changing the filters on a given port.Remove filter from port idslb . 315393-J. re-mapping virtual server IP addresses and port values to real server IP addresses and ports.Display current port configuration Alteon OS switch software allows you to enable or disable processing independently for each type of Layer 4 traffic (client and server) on a per port basis. expanding your topology options.Enable/disable server processing rts . Table 7-22 Port Configuration Menu Options (/cfg/slb/port) Command Syntax and Usage client disable|enable For Server Load Balancing. Ports configured to process client request traffic bind servers to clients and provide address translation from the virtual server IP address to the real server IP address.Enable/disable RTS processing hotstan .0. To make port filter changes take effect immediately. router. When server processing is enabled.Alteon OS 22. clear the session binding table for the port (see the clear command in Table 8-3 on page 436). Maximizing the number of these ports on the Layer 4 switch will improve the switch’s potential for effective Server Load Balancing.Enable/disable inter-switch processing proxy . Traffic not associated with virtual servers is switched normally. This option is disabled by default. January 2005 Chapter 7: The SLB Configuration Menu 399 .2 Command Reference /cfg/slb/port <port number> Port SLB Configuration [SLB port 1 Menu] client .Enable/disable hot-standby processing intersw . the port can be enabled or disabled to process client Layer 4 traffic.Enable/disable filtering add .Enable/disable client processing server . Traffic not associated with virtual servers is switched normally. This option is disabled by default.

hotstan disable|enable Enables or disables hot-standby processing. client address information in Layer 4 requests is replaced with this proxy IP address. rather than around it. This option is disabled by default.2 Command Reference Table 7-22 Port Configuration Menu Options (/cfg/slb/port) rts disable|enable Enables or disables Return to Sender (RTS) load balancing on this port. This option is used for firewall load balancing or VPN load balancing applications. each filter’s rport parameter must also be defined (see rport on page 384). When pip is used with Application Redirection filters. This option is disabled by default. cur Displays the current system parameters. In the case of client processing. In Server Load Balancing applications.2 Application Guide. For example. rem <filter ID (1 to 2048)|block of IDs (first-last)> Removes a filter or a block of filters from use on this port.This option is disabled by default.0. In Alteon OS 22. Enter filter ID (1 to 2048) or a contiguous block of filter IDs. as is possible in complex routing environments. Proxies are also useful for Application Redirection and Network Address Translation (NAT).Alteon OS 22. 1-100. This option is enabled for ports connected to a peer switch and is disabled by default. For more information on using rts. Use this option and the intersw option in conjunction with VRRP hot-standby failover. For example. Enabling the filter sets up the Real Server to look into the VPN session table. IDSLB is done at the end of filter processing or at the end of client processing where filtering is not enabled. proxy disable|enable Enables or disables a proxy for traffic that ingresses this port. IDSLB is enabled on a port and a real server group is designated for IDSLB.2. When the PIP is defined. January 2005 . 400 Chapter 7: The SLB Configuration Menu 315393-J. Enable rts on all client-side ports to ensure that traffic ingresses and egresses through the same port. intersw disable|enable Enables or disables inter-switch processing. Enter filter ID (1 to 2048) or a contiguous block of filter IDs. idslb disable|enable Enables or disables Intrusion Detection System Server Load Balancing on this port. see the “Firewall Load Balancing” and “VPN Load Balancing” chapters in the Alteon OS 22. This option is disabled by default. this forces response traffic to return through the switch. add <filter ID (1 to 2048)|block of IDs (first-last)> Adds a filter or a block of filters for use on this port. This option is disabled by default. filt disable|enable Enables or disables filtering on this port.0.0. 1-100.

Set TCP port number for DSSPv2 remote site updates sinter .Set CPU utilization capacity threshold (DSSPv2) mincon .2 Command Reference /cfg/slb/gslb Global SLB Configuration Global Server Load Balancing (GSLB) at any given site performs periodic SLB health checks to determine the health and response time of the remote real server corresponding to the virtual server at the remote site. network <network (1-128)> Displays Network Preference Menu. For more information. GSLB sends the health and response time together with the local session and CPU utilization information that are collectively known as remote site updates. please refer to your Application Guide.Enable/disable encrypting remote site updates on .Enable/disable no remote real SLB encrypt . To view menu options.Globally turn Global SLB ON off . January 2005 Chapter 7: The SLB Configuration Menu 401 . rule <rule (1-128)> Displays the Rule Menu. To view menu options.Enable/disable HTTP redirect based GSLB usern . see page 403. [Global SLB Menu] site .Display current Global SLB configuration Table 7-23 Global SLB Menu Options (/cfg/slb/gslb) Command Syntax and Usage site <remote site (1-64)> Displays the menu for a remote site.Network Preference Menu rule .Rule Menu version .Set sessions utilization capacity threshold (DSSPv2) cpucap . DSSP is a proprietary protocol that resides above TCP.Set DSSP version 1 or 2 to send out remote site updates port . The switch performs this periodically on every remote site using Distributed Site State Protocol (DSSP). GSLB uses the health and response time to select the server in the GSLB selection engine. In addition.Set interval in seconds for remote site updates sesscap .0.Enable/disable virtual service hostname matching http . see page 406.Set sessions available capacity threshold dns . see page 405. 315393-J.Enable/disable authoritative DNS direct based GSLB hostlk .Alteon OS 22. To view menu options.Enable/disable HTTP redirect to remote real server name norem .Remote Site Menu network .Globally turn Global SLB OFF cur .

The range is between 10 and 7200 seconds. hostlk disable|enable Enables or disables lookups based on host or domain name in a GSLB configuration. 0-65535> Defines the capacity threshold for the sessions available on the real server for GSLB. cpucap <CPU utilization capacity threshold (1-100)> Sets the threshold for the CPU utilization capacity. dns disable|enable Enables or disables DNS direct-based GSLB. The default configuration is 90%. This option is disabled by default. If usern is enabled.0.2 Command Reference Table 7-23 Global SLB Menu Options (/cfg/slb/gslb) Command Syntax and Usage version <DSSP version 1 or 2> Defines the version of Distributed Site State Protocol (DSSP) that is used to send out the remote site updates. When a site redirects a client to another site using an HTTP redirect. the hostname specified in the Virtual Service configuration. January 2005 . When enabled (default).Alteon OS 22. The default configuration is 90%. sesscap <Session utilization capacity threshold (1-100)> Sets the threshold for session utilization capacity. http disable|enable Enables or disables HTTP redirects to peer sites by this switch. will be used to resolve the IP address for the domain. the client is redirected to the new site's IP address. 10-7200> Sets the time interval in seconds for remote site updates. the client will be redirected to the domain name specified by the remote real server name plus virtual server domain name: <remote real server name> <virtual server domain name> 402 Chapter 7: The SLB Configuration Menu 315393-J. in addition to the domain name. the switch will not perform HTTP Redirects. mincon <available sessions threshold. but will instead drop requests for new connections and cause the client’s browser to eventually issue a new DNS request. This option is enabled by default. sinter <remote site updates interval in seconds. usern disable|enable Enables or disables an HTTP redirect to a real server name. The default TCP port is 80. If disabled. When disabled. this switch will redirect client requests to peer sites if its own real servers fail or have reached their maximum connection limits. When enabled. port <TCP port number> Sets the TCP port number for remote site updates for Global server load balancing. only the domain name will be used to match.

For HTTP protocols. you need to disable the http parameter in the same menu. If disabled. Each virtual server has a number of virtual services. Each virtual service has a host name. Each virtual service has a group of real servers. Each domain has one or more sites. January 2005 Chapter 7: The SLB Configuration Menu 403 . 315393-J.2 Command Reference Table 7-23 Global SLB Menu Options (/cfg/slb/gslb) Command Syntax and Usage norem This command enables or disables no-remote real server load balancing. if you want to do no-remote-real-server load balancing. off Turns GSLB off for this switch. Each site has a virtual server for the domain. but will not hand off requests to this switch. /cfg/slb/gslb/site <site number> GSLB Remote Site Configuration The switch initiates a global server selection to direct client traffic to the best server for a given domain. This option can be performed only once the optional GSLB software is activated (refer to “Activating Optional Software” on page 441). encrypt This command enables or disables encrypting of DSSP updates. Each virtual server has a domain name. GSLB is turned off. This option allows the GSLB feature to work with older versions of Web OS that do not encrypt DSSP messages on Activates Global Server Load Balancing (GSLB) for this switch. cur Displays the current Global SLB configuration. The combination of a virtual server and a virtual service is called a domain.0. the switch will not encrypt the DSSP messages going out of the switch. Any active remote sites will still perform GSLB services with each other. the switch will not do remote real server load balancing for non-http protocols. By default.Alteon OS 22. If enabled.

Set primary switch IP address of remote site secon . The local virtual server has a number of local virtual services Each local virtual service has a group of local or remote real servers. Use dotted decimal notation. name <31 character name>|none Sets the name of the remote site. 404 Chapter 7: The SLB Configuration Menu 315393-J. the Alteon OS Web-based interface also uses port 80. January 2005 . secon <server IP address> If the remote site is configured with a redundant switch.Enable/disable remote site updates ena . If your local firewall does not permit this traffic. If enabled (default). update disable|enable Enables or disables remote site updates. The default is set at none. the switch will not send state updates. Global Server Load Balancing uses service port 80 on the IP interface for DSSP updates. The remote real servers are the virtual servers at the remote sites. Note: When update is enabled. If both are enabled.Delete remote site cur .Display current remote site configuration Up to 64 remote sites can be configured. configure the Alteon OS Browser-Based Interface (BBI) to use a different service port (see the /cfg/sys/access/wport option on page 259). enter the IP address of the IP interface for the remote secondary switch here. If the remote site primary switch fails.Alteon OS 22. By default.Enable remote site dis . disable the updates. If disabled.0.Set remote site name update .Disable remote site del . there is a local virtual server but no remote virtual server. the local switch will address the remote site secondary switch instead. ena Enables this remote site for use with Global Server Load Balancing.Set secondary switch IP address of remote site name . this switch will send regular Distributed Site State Protocol (DSSP) updates to its remote peers using HTTP port 80. Both services cannot use the same port.2 Command Reference At a local site for a domain. [Remote site 1 Menu] prima . Table 7-24 GSLB Remote Site Menu Options (/cfg/slb/gslb/site) Command Syntax and Usage prima <server IP address> Defines the IP interface IP address of the primary switch at the remote site used for Global Server Load Balancing.

Add remote real server to network remreal . The switch will no longer use this remote site for Global Server Load Balancing.Set source IP address mask .Alteon OS 22.Enable network dis .0)> This IP address mask is used with the source IP (SIP) address to find a correct virtual server IP address to respond to a DNS request. A range of IP addresses is produced when used with the mask option. The preferred network contains a subset of the servers for the domain.Remove virtual server from network addreal .Set source IP and network netmask addvirt . [Network 1 Menu] sip . mask <IP subnet mask (such as. 315393-J. January 2005 Chapter 7: The SLB Configuration Menu 405 .Display current network configuration Table 7-25 GSLB Network Menu Options (/cfg/slb/gslb/network) Command Syntax and Usage sip <IP address> Defines the source (client) IP address. 255. Up to 128 network preference numbers can be set. /cfg/slb/gslb/network <network number> GSLB Network Preference Configuration Menu Network preference selects a server based on the preferred network of the source IP address for a given domain.Delete network cur . cur Displays the current remote site configuration. Specify an IP address in dotted decimal notation.Remove remote real server from network ena .0. del Removes this remote site from operation and deletes its configuration.255.2 Command Reference Table 7-24 GSLB Remote Site Menu Options (/cfg/slb/gslb/site) Command Syntax and Usage dis Disables this remote site.Add virtual server to network remvirt .255.Disable network del .

cur Displays the current Internet network entry configuration.0.2 Command Reference Table 7-25 GSLB Network Menu Options (/cfg/slb/gslb/network) Command Syntax and Usage addvirt <virtual server number (1-1024)> Adds a virtual server to the network.Alteon OS 22. ena Enables the network. remvirt <virtual server number (1-1024)> Removes a virtual server from the network. dis Disables the network. The GSLB selection selects the first rule that matches the domain and starts with the first metric in the metric preference list of the rule. /cfg/slb/gslb/rule GSLB Rule Configuration Menu Rules allow the GSLB selection to use different metric preferences based on time-of-day. [Rule 1 Menu] metric start end ttl rr dname ena dis del cur - Metric Menu Set start time for rule Set end time for rule Set Time To Live in seconds of DNS resource records Set DNS resource records in DNS response Set network preference domain name for rule Enable rule Disable rule Delete rule Display current rule configuration 406 Chapter 7: The SLB Configuration Menu 315393-J. remreal <real server number (1-1023)> Removes a real server from the network. You can configure one or more rules on each domain. addreal <real server number (1-1023)> Adds a real server to the network. January 2005 . Each rule has a metric preference list. del Deletes the network entry. No virtual server is added by default.

January 2005 Chapter 7: The SLB Configuration Menu 407 . see page 408. with default at 60) that the DNS response from the switch (indicating site of best service) will remain in the cache of DNS servers.0. start <hour (0-23)> <minutes (0-59)> Defines the start time for the rule. but will generate more DNS traffic. dis Disables the rule. cur Displays the current rule configuration. ttl <time to live in seconds (0-65535)> Specifies the duration (from 0 to 65535 seconds. The default is zero. The default is zero. ena Enables the rule. To view menu options.2 Command Reference Table 7-26 GSLB Rule Configuration Menu Options (/cfg/slb/gslb/rule) Command Syntax and Usage metric <metric (1-16)> Displays Metric Preference Menu. The maximum length for the domain name can be 34 characters. The default is 2 records. Default is none. rr <rr (1-10)> Sets the DNS resource records that how many DNS resource records will be returned in the DNS response. Higher numbers may reduce the amount of DNS traffic. A lower value may increase the ability of the GSLB system to adjust to sudden changes in traffic load. dname <34 character (wildcard "*" allowed) domain name> | none Defines the domain name for the rule for network preference. 315393-J.Alteon OS 22. You can use wildcard “*” while creating the domain name. but may slow GSLB’s response to sudden traffic changes. end <hour (0-23)> <minutes (0-59)> Defines the end time for the rule. del Deletes the rule.

January 2005 .2 Command Reference /cfg/slb/gslb/rule/metric Global SLB Rule Metric Menu [Rule 1 Metric 1 Menu] gmetric .Set metric to use to select next server addnet .Set timeout for incomplete delayed binding connections cur .Add network to gmetric=network remnet .Remove network from gmetric=network cur . 408 Chapter 7: The SLB Configuration Menu 315393-J.Web Cache Redirection Menu slb . /cfg/slb/layer7 Layer 7 SLB Resource Definition Menu [Layer 7 Resource Definition Menu] redir . To view menu options. This command applies only if you select network as the metric. remnet Allows you to delete a network that was added to the selected metric. cur Displays the current configuration of the metric.Alteon OS 22. The default is none. addnet Allows you to add a network to the selected metric.Server Load Balancing Menu dbindtm .Display current Layer 7 configuration Table 7-28 Layer 7 Resource Definition Menu Options (/cfg/slb/layer7) Command Syntax and Usage redir Displays the Web Cache Redirection Menu.0. see page 409.Display current metric configuration Table 7-27 Global SLB Rule Metric Menu Options (/cfg/slb/gslb/rule/metric) Command Syntax and Usage gmetric leastconns|roundrobin|response|geographical|network|random|availability|qos|minmisses|hash|local|always|remote|none Defines the metric to select the next real server for GSLB.

dbindtm <10-60 seconds> Sets the timeout for incomplete delayed binding connections.0. see page 411. This option is disabled by default. If this command is enabled. If this command is enabled.Enable/disable server loadbalance based on HTTP header cur .2 Command Reference Table 7-28 Layer 7 Resource Definition Menu Options (/cfg/slb/layer7) Command Syntax and Usage slb Displays the Server Load Balancing Menu. 315393-J. /cfg/slb/layer7/redir Web Cache Redirection Configuration [Web Cache Redirection Menu] urlal .Display current WCR configuration Table 7-29 Web Cache Redirection Menu Options (/cfg/slb/layer7/redir) Command Syntax and Usage urlal disable|enable Enables or disables auto-ALLOW for non-GETs to origin servers.Alteon OS 22. the switch will redirect all requests that contain Cookie: in the HTTP header to the origin server. the switch will compare the URI against the expression table to determine whether it should redirect all requests that contain Cookie: in the HTTP header to a cache server or origin server. If this command is disabled.Enable/disable URL hashing based on URI header . This option is enabled by default.Enable/disable auto-ALLOW for Cookie to origin servers nocache . January 2005 Chapter 7: The SLB Configuration Menu 409 .Enable/disable auto-ALLOW for non-GETs to origin servers cookie . the switch will compare the URI against the expression table to determine whether all non-GET requests should be redirected to a cache server or origin server. cookie disable|enable Enables or disables auto-ALLOW for cookie to origin servers. the switch will redirect all non-GET requests to the origin server. cur Displays the current Layer 7 configuration. If this command is disabled. To view menu options.Enable/disable no-cache control header to origin servers hash .

cur Displays the current URL expression table. you can set the length of URI that will be used to hash into the cache server by specifying a number from 1-255. If hashing is enabled. This option is disabled by default. If this command is disabled. This option is disabled by default.0 header to a cache server or origin server. the switch will redirect all requests that contain Cache-Control: nocache in HTTP/1.Alteon OS 22. the switch will compare the URI against the expression table to determine whether it should redirect requests that contain Cache-Control: no-cache in HTTP/ 1.2 Command Reference Table 7-29 Web Cache Redirection Menu Options (/cfg/slb/layer7/redir) Command Syntax and Usage nocache disable|enable Enables or disables no-cache control header to origin servers.1 header. If this command is enabled.0.0 header to the origin server. the switch will only use the host header field to calculate the hash key. This option is enabled by default.1 header. or Pragma: no-cache in HTTP/1. January 2005 . or Pragma: no-cache in HTTP/1. hash disable|enable <number (1-255)> Enables or disables URL hashing based on the URI. 410 Chapter 7: The SLB Configuration Menu 315393-J. If hashing is disabled. header disable|enable host|useragent|others Enables or disables server load balancing based on HTTP header.

rename <SLB string ID> <SLB string> Renames the SLB string for load balancing. The software supports both HTTP 1.” addstr <l7lkup|pattern> Allows the user to define a string that can be used for server load balancing or filtering by selecting either a Layer 7 look up string or a pattern match. January 2005 Chapter 7: The SLB Configuration Menu 411 . you will have the option to choose between ascii or binary strings on a specific offset of the IP frame.Add HTTP method type remmeth .0 and HTTP 1.Add SLB string for load balance remstr .2 Command Reference /cfg/slb/layer7/slb Server Load Balance Resource Configuration Menu [Server Loadbalance Resource Menu] message .Set HTTP error message addstr . All other methods are optional.0.Alteon OS 22. A method is case-sensitive.Enable/disable case sensitive for string matching cont . addmeth <Method.Remove SLB string for load balance rename .Set BW contract for the SLB string cur . These strings will only be used for filtering string pattern matching. 1-32> Allows you to add HTTP request methods of maximum 32 characters to your switch software. If you choose l7lkup string. 315393-J. If you choose pattern string. you can define a string for server load balancing or a string for Layer 7 lookup.Display current configuration Table 7-30 Server Load Balance Resource Menu Options (/cfg/slb/layer7/slb) Command Syntax and Usage message <64 byte error message> Sets the message that will be displayed when an error occurs. The default message is “No available server to handle this request.1 to perform HTTP request methods.0.Rename SLB string for load balance addmeth .Remove HTTP method type case . You can see a list of supported default methods by using the command cur in this menu. remstr <SLB string ID> Removes this SLB string from the real server. The methods GET and HEAD must be supported by all general-purpose servers. Alteon OS 22.2 supports 22 request methods by default. HTTP allows an open-ended set of methods to be used to indicate the purpose of a request.

Enable/disable WAP TPCP external notification debug . If you disable case sensitive.Alteon OS 22. Using this command you can do either case sensitive or case insensitive string comparison. debug <wap debug level (0-10)> Sets the debug level for tracing the WAP related messages. /cfg/slb/wap WAP Configuration [WAP Options Menu] tpcp .WAP debug level cur .2 Command Reference Table 7-30 Server Load Balance Resource Menu Options (/cfg/slb/layer7/slb) Command Syntax and Usage remmeth <Method ID> Allows you to remove HTTP methods from your switch software. all load balancing strings and all the request strings arriving on the switch will have to be converted to lower case before doing any string comparison. cur Displays the currently configured SLB strings and their associated string IDs (index numbers) and the supported HTTP request methods.Display current WAP configuration Table 7-31 WAP Configuration Menu Options (/cfg/slb/wap) Command Syntax and Usage tpcp disable|enable Enables or disables the TPCP external notification for Add/Delete session requests. The default is set at 0. cur Displays the current WAP configuration 412 Chapter 7: The SLB Configuration Menu 315393-J. This option is disabled by default.0. case disable|enable Enables or disables case sensitivity for string matching. cont <SLB string ID [1-1024]> <BW contract number [1-256]> Sets the Bandwidth Management contract for a specified string for the SLB string ID. January 2005 .

Enable/disable syncing VRRP priorities pips . and VRRP configuration updates using /oper/slb/ synch. This option is enabled by default. This option is disabled by default. filt disable|enable Enables or disables synchronizing filter configuration. This option is disabled by default.Enable/disable syncing port configuration prios . To view menu options. peerpips disable|enable Enables or disables synchronizing the peer proxy IP addresses. This option is enabled by default.Enable/disable syncing BWM configuration state . see page 414.Display current Layer 4 sync configuration To synchronize the configuration between two switches.Synch Peer Switch Menu filt .Enable/disable syncing peer proxy IP addresses bwm . a peer must be configured and enabled on each switch. Table 7-32 Synchronization Menu Options (/cfg/slb/sync) Command Syntax and Usage peer <peer switch number (1-2)> Displays the Sync Peer Switch Menu. Peer proxy IP addresses are used in VRRP Active/Active configuration.Enable/disable syncing filter configuration ports . January 2005 Chapter 7: The SLB Configuration Menu 413 . Peers are sent SLB. ports disable|enable Enables or disables synchronizing Layer 4 port configuration. pips disable|enable Enables or disables synchronizing proxy IP addresses. Switches being synchronized must use the same administrator password. prios disable|enable Enables or disables syncing VRRP priorities. This option is disabled by default.2 Command Reference /cfg/slb/sync Synchronize Peer Switch Configuration [Config Synchronization Menu] peer . FILT.0. 315393-J.Set stateful failover update period cur .Enable/disable syncing persistent session state update .Enable/disable syncing proxy IP addresses peerpips . This option is enabled by default.Alteon OS 22.

The default is 0. The active switch sends update packets of new persistent binding entries.Delete peer switch cur .Disable peer switch del .Set peer switch IP address ena . By default.0. This option is disabled by default.0 ena Enables the peer for this switch. a peer must be configured and enabled on each switch.0. Switches being synchronized must use the same administrator password. Table 7-33 Peer Switch Configuration Menu Options (/cfg/slb/sync/peer) Command Syntax and Usage addr <IP address> Sets the peer switch IP address. this option is disabled. cur Displays the current Layer 4 synchronization configuration.Alteon OS 22.0. January 2005 . dis Disables the peer for this switch. 414 Chapter 7: The SLB Configuration Menu 315393-J. update <seconds. The default value is 30 seconds. /cfg/slb/sync/peer <peer switch number> Peer Switch Configuration [Peer Switch 1 Menu] addr . state disable|enable Enables or disables stateful failover for synchronizing the persistent session state. if any. 1–60> Sets the stateful failover update interval.Enable peer switch dis . This option is enabled by default.Display current peer switch configuration To synchronize the configuration between two switches. to the backup switch at the specified update interval.2 Command Reference Table 7-32 Synchronization Menu Options (/cfg/slb/sync) Command Syntax and Usage bwm disable|enable Enables or disables synchronizing Bandwidth Management configuration between Master and backup switches.

Session table slow-age (2 min) period bit shift cur . 315393-J.Enable/disable Source MAC address substitution direct .Set management network mmask .Enable/disable Direct Access Mode grace .Enable/disable graceful real server failure matrix .2 Command Reference Table 7-33 Peer Switch Configuration Menu Options (/cfg/slb/sync/peer) Command Syntax and Usage del Deletes the peer for this switch cur Displays the current peer switch configuration.Alteon OS 22. see page 421.SYN Attack Detection Menu smtport .Session table fast-age (1 sec) period bit shift slowage . January 2005 Chapter 7: The SLB Configuration Menu 415 .Enable/disable Virtual Matrix Architecture tpcp . /cfg/slb/adv Advanced Layer 4 Configuration [Layer 4 Advanced Menu] synatk .Set SLB session attack alert allowable limit submac .Enable/disable Transparent Proxy Cache Protocol vstat . To view menu options.Set management subnet mask pmask .Set SLB session attack inspection interval allowlim .Enable/disable Virtual Service Statistics rtsvlan .Enable/disable Ingress Port For Session Table Binding fastage .Display current Layer 4 advanced configuration Table 7-34 Layer 4 Advanced Menu Options (/cfg/slb/adv) Command Syntax and Usage synatk Displays SYN Attack Detection Menu.Set virtual and real IP address mask mnet .Set persistent mask intrval .Enable/disable using VLAN info for real server lookup portbind .Service Mapping Table Real Port Menu imask .0.

0)> Sets persistent mask. allowlim <allowable limit (1-2097104)> This command allows you to specify the maximum number of sessions the switch can receive at any given period of time.255. this service port’s client request will not be processed by the server processor. intrval <time window for collecting sessions (0-3600)> This command allows you to configure the time interval (from one second to one hour) to specify how frequently you want to check the SLB sessions (attacks) the switch received. January 2005 .255. mmask <IP subnet mask (such as 255. direct disable|enable Enable/disables Direct Access Mode to real servers/services. If the number of sessions exceeds this limit.255.0. this option is disabled. Specify an IP address in dotted decimal notation. The default is 255.0)> This IP address mask is used with the mnet to select management traffic which is allowed direct access to real servers.255. But if you enable this command. Typically. the switch will generate a syslog and an SNMP trap to alert the administrator that the switch is under SLB attack.255.255. the switch will substitute the source MAC address (for the packets going to the server) with the MAC address of the switch.255. imask <IP subnet mask (such as 255. A range of IP addresses is produced when used with the mmask option.255. submac disable|enable Enables or disables Source MAC address substitution.0)> Configures the real and virtual server IP address mask using dotted decimal notation.255. pmask <IP subnet mask (such as 255. management traffic with this source IP address will be allowed direct (non-Layer 4) access to the real servers. Using this command you can add or remove a number of real server service port(s) that will process client traffic by-passing the server. By default.255.255.255. This option also allows any virtual server to load balance any real server.255. You can set this limit by using the next command in this menu: allowlim. In other words. To view menu options. the source MAC is not modified for the packets going to the servers in an SLB environment.255. mnet <IP address> If defined. 416 Chapter 7: The SLB Configuration Menu 315393-J.255.2 Command Reference Table 7-34 Layer 4 Advanced Menu Options (/cfg/slb/adv) Command Syntax and Usage smtport Displays Service Mapping Table (SMT) Real Server Port Menu. The default is 255. At the configured interval of time the switch will check if the number of sessions is within the configured limits. The default is 255.Alteon OS 22. see page 418.

This command is used for security reasons—the UDP port can be closed. this option is disabled. The default interval is two seconds.0. By default. which causes the time to double per increment). The default interval is two minutes. (Value is set in bits rather than seconds. vstat disable|enable Enables or disables reporting of virtual service statistics.0. a session can remain in the session table for a few minutes. cur Displays the current Layer 4 advanced configuration. The slowage scan is used to remove idle or non-TCP sessions from the session at the specified intervals. If a large value of slowage is used.2 Application Guide). If a large value of fastage is used. 315393-J. this option is disabled. fastage <shift the fast-age (1sec) period 0-7 bits> Controls how frequently a fastage scan is performed. Allows existing sessions to remain bound to a server after the server has been placed in the service failed state (for more information. see “Service Failure” in the Alteon OS 22. January 2005 Chapter 7: The SLB Configuration Menu 417 . a session can remain in the session table for months. The fastage scan is used to remove TCP sessions that have been closed with a FIN and sessions that have been identified by the slowage scan as idle for the maximum allowed period. Each incremental increase of the value doubles the length of the interval. rtsvlan disable|enable Enables or disables the use of VLAN for Return to Sender information on the real server. By default.2 Command Reference Table 7-34 Layer 4 Advanced Menu Options (/cfg/slb/adv) Command Syntax and Usage grace disable|enable Enables or disables graceful real server failure. Each incremental increase of the value doubles the length of the interval. slowage <shift the slow-age (2min) period 0-14 bits> Controls how frequently a slowage scan is performed. this option is enabled.Alteon OS 22. The default is 0. By default. The default is 0. portbind disable|enable Enables or disables the inclusion of the ingress port number in the session table look up. tpcp disable|enable Enables or disables the TPCP (Transparent Proxy Cache Protocol). matrix disable|enable Enables or disables the use of Virtual Matrix Architecture on the Alteon Application Switch.

Set SYN attack detection interval thrshld . cur Displays the current SYN attack detection configuration.Set SYN attack alarm threshold cur . 418 Chapter 7: The SLB Configuration Menu 315393-J.0. remove <real server port (2-65534)> This command allows you to remove a service port from the real server that is configured to process client traffic by-passing the server processor.Display real port configuration Table 7-36 Advanced SMT Real Server Port Menu Options (/cfg/slb/adv/smtport) Command Syntax and Usage add <real server port (2-65534)> This command allows you to add a service port to the real server that is configured to process client traffic by-passing the server processor. thrshld <SYN attack alarm threshold (new half-open sessions/second) (1-100000)> Sets the threshold of SYN attack alarm.Display current SYN attack detection configuration Table 7-35 SYN Attack Detection Menu Options (/cfg/slb/adv/synatk) Command Syntax and Usage intrval <SYN attack check interval in seconds (2-3600)> Sets the interval of SYN attack inspection. January 2005 .Add real port remove . /cfg/slb/adv/smtport Advanced SMT Real Server Port Configuration Menu [SMT Real Port Menu] add .2 Command Reference /cfg/slb/adv/synatk SYN Attack Detection Configuration Menu [SYN Attack Detection Menu] intrval . cur Displays real port configuration.Alteon OS 22.Remove real port cur .

Alteon OS 22. ttl <time to live in seconds (0-65535)> Sets the time-to-live for DNS resource records. January 2005 Chapter 7: The SLB Configuration Menu 419 . ena Enables inbound link load balancing. see page 420. dis Disables inbound link load balancing.2 Command Reference /cfg/slb/linklb Inbound Link Load Balancing configuration Menu [Inbound Linklb group ttl drecord ena dis cur Menu] Set real server group Set Time to Live of DNS resource records Domain Record Menu Enable Inbound Linklb Disable Inbound Linklb Display current Inbound Linklb configuration Table 7-37 Inbound Link Load Balancing Configuration Menu Options (/cfg/slb/ linklb) Command Syntax and Usage group <real server group number (1-256)> Sets the real server ISP group number. drecord <domain record number (1-64)> Displays domain record menu.0. To view menu options. cur Displays current inbound link load configuration. 315393-J.

420 Chapter 7: The SLB Configuration Menu 315393-J. cur Displays the current domain records. dis Disables the domain records.Alteon OS 22. del Deletes the domain records.Set Domain Name entry .0.Delete Domain Record cur . entry <linklb entry number (1-8)> Displays the link load balancer’s mapping menu for the virtual and real servers.Virt Real Mapping Menu ena . ena Enables the domain records. Default is none.Disable Domain Record del . See page 390 to view menu options.2 Command Reference /cfg/slb/linklb/drecord Inbound Link Load Balancing Domain Record Menu [Domain Record Menu] domain .Display current Domain Record configuration Table 7-38 Inbound Link Load Balancing Domain Record Menu Options (/cfg/slb/ linklb/drecord) Command Syntax and Usage domain <34 character domain name>|none Allows you to configure the domain name.Enable Domain Record dis . January 2005 .

Set Virtual Server Number real . January 2005 Chapter 7: The SLB Configuration Menu 421 .LDAP version secret . cur Displays the current real and virtual server mappings for drecords entries. /cfg/slb/advhc Advanced Health Check Configuration Menu [Layer 4 Advanced Health Check Menu] script .SNMP Health Check Menu waphc .2 Command Reference /cfg/slb/linklb/drecord/entry Inbound Link Load Balancing Mapping Menu [Virt Real Mapping 1 Menu] virt . 1-1024> Defines the virtual server number for mapping.Set Real Server Number ena .WAP Health Check Menu aphttp .Display current Entry configuration Table 7-39 Command Syntax & Usage virt <virtual server number.Enable Entry dis .Set interval of response and bandwidth metric updates cur .Alteon OS 22.Scriptable Health Check Menu snmphc .Delete Entry cur .Enable/disable Allow HTTP Health Check on any port ldapver . dis Disables the entry for drecords.Set RADIUS secret minter . del Deletes the entry for drecords.Disable Entry del . real Defines the real server number for mapping. ena Enables the entry for drecords.Display current Layer 4 advanced health check configuration 315393-J.0.

aphttp disable|enable Enables or disables HTTP health checks on any port. see page 423. January 2005 . By default. you can use HTTP health checks only for HTTP service. cur Displays the current Layer 4 advanced health check configuration.0. The default is none. To view menu options.Alteon OS 22. like HTTPs. see page 426. To view menu options.2 Command Reference Table 7-40 Advanced Health Check Menu Options (/cfg/slb/advhc) Command Syntax and Usage script <health script number (1-16)> Displays the Scriptable Health Check Menu. Enabling it will allow you to use it on any port. the network administrator must configure two parameters in the switch: the /cfg/slb/secret value and the cntnt parameter with a username:password value. this option is disabled. 422 Chapter 7: The SLB Configuration Menu 315393-J. The default is 2. The secret value is a field of up to 32 alphanumeric characters that is used by the switch to encrypt a password during the RSA Message Digest Algorithm (MD5) and by the RADIUS server to decrypt the password during verification. The default is set at 10. ldapver <LDAP version> Sets the LDAP version to 2 or 3. secret <1-32 character secret> To perform application health checking to a RADIUS server. snmphc <SNMP health check number (1-5)> Displays the SNMP Health Check Menu. minter <number of seconds between updates (1-256)> This command sets the interval of response and bandwidth metric updates. waphc Displays the WAP Health Check Menu. see page 425. When disabled. To view menu options.

” The total number of characters cannot exceed 6144 bytes.Add binary expect command to end of script nexpect .Add wait command to end of script close .Add additional expect binary string to end of script offset .2 allows a maximum of 256 bytes to be entered. bsend <hex string> Sends a binary request string in hexadecimal format for the request packet through an open TCP or UDP port to the server. 315393-J.Add depth command to end of script wait .Delete script cur . Using one or more nsend commands allows you to generate a binary content of more than 256 bytes in length.0.Add additional send binary string to end of script expect .Add open command to end of script send . and the port number.Add expect command to end of script bexpect . The ASCII and binary-based scripts control how a group of real servers are healthchecked. The Health Script menu provides commands that can be used to define the health “script. [Health Script 1 Menu] open . So both TCP and UDP services can be health-checked.Remove last command from script del .Alteon OS 22. January 2005 Chapter 7: The SLB Configuration Menu 423 .Display current script configuration Table 7-41 Scriptable Health Check Menu Options (/cfg/slb/adv/script) Command Syntax and Usage open <real port or name (such as: http)> <tcp|udp> Opens a TCP connection or specifies a UDP port for the health check. nsend <additional hex string (UDP)> Allows you to append additional content to the packet generated by the bsend command.Add binary send command to end of script nsend . With these health checks. Up to 32 scripts can be configured.0. The Alteon OS 22. hex string (UDP)> Sends an ASCII request string through an open TCP or UDP port to the server.Add offset command to end of script depth . the users can define their own health checks of varied complexity. You need to specify the protocol (TCP or UDP).Add send command to end of script bsend .2 Command Reference / c f g / s l b / a d v h c / s c r i p t <health script number> Scriptable Health Checks Configuration Scriptable health checks provide a robust and extensible way to health check a group of real servers. send <text string (TCP).Add close command to end of script (TCP only) rem .

If the expected response is received within the wait window. 424 Chapter 7: The SLB Configuration Menu 315393-J. wait <wait window in milliseconds (1-65535)> Allows the user to configure a wait window for the expected response. depth <depth. offset <offset. 1-1464> Allows you to specify the offset from the beginning of the UDP data area to start matching the content specified in the expect command. January 2005 . If you need to specify offset. the server does not pass the expect step and the health check fails. bexpect <hex string> Allows you to configure binary content request string (in hexadecimal format) that you can search in each server response packet for successful health check on an open TCP port. The wait window starts when the request is sent from the switch.Alteon OS 22. you must do it after executing the bexpect command. or beginning from offset if offset was specified. The wait command should follow the offset and depth commands in the script. otherwise the health check fails. 1-1464> Allows you to specify the depth (the window) in bytes beginning from the start of the UDP data area.2 Command Reference Table 7-41 Scriptable Health Check Menu Options (/cfg/slb/adv/script) Command Syntax and Usage expect <text string (TCP). close Closes TCP connection. If you do not see this string in any response packet before the health check interval or the configured wait window expires. the health check passes. rem Removes the last entered line from the script. nexpect <additional hex string (UDP)> Allows you to append additional content to the original content of the response packet specified by the bexpect command. hex string (UDP)> Allows you to configure an ASCII request string that you can search in each server response packet for successful health check on an open TCP port. del Deletes the current script.0. to search for the bexpect content. The wait window is set in the units of milli-seconds. cur Lists the current script configuration.

When the invert option is enabled.2.0. maximum 32 characters> Enter the community string used in the SNMP get request packet.1. weight disable|enable When enabled. comm <community string.11. rcvcnt <expected content an integer value or a string> Enter the content the switch expects to receive from the SNMP agent on the real server.Community string used in the SNMP request packet rcvcnt . del Deletes the current SNMP health check.Display current SNMP health check configuration Table 7-42 SNMP Health Check Menu Options (/cfg/slb/adv/snmphc) Command Syntax and Usage oid <object identifier. the health check fails if the response packet contains the value specified in the receive content (rcvnt) field.6. 315393-J.1. cur Displays the current SNMP Health Check configuration. the real server weights are dynamically adjusted based on SNMP health check response.1.1. January 2005 Chapter 7: The SLB Configuration Menu 425 .Expected value in the SNMP response packet invert .1.4.OID to be sent in the SNMP request packet comm .2.7. invert disable|enable Enables or disables the inversion of the expected value.Enable/disable readjusting of weights based on response del .1.Delete SNMP health check cur . such as.5.3. an OID is of the form 1. The format of the OID depends on the MIB file.2 Command Reference /cfg/slb/advhc/snmphc SNMP Health Check Configuration [SNMP Health Check 1 Menu] oid .Enable/disable inversion of expected value weight . 1.6.3.Alteon OS 22. for example. The default community string is public.1872.0 max 30 sub-identifiers> Specify the Object Identifier (OID) to be sent in the SNMP GET request packet.

wspport <wsp port number to health check (0-65534)> Enter the port number on which WSP health checks will be performed.WTLS port number to health check couple . Alteon OS provides a content-based health check mechanism where customized WSP packets are sent to the WAP gateways.Alteon OS 22. Alteon OS allows you to configure three WAP gateway health check types for all four WAP services (WSP. The default port number is 9201.WTP+WSP Health Check Content Menu wspport . Connectionless WSP runs on UDP/IP protocol. ports 9200 and 9202 and connectionoriented (WTP) traffic runs on ports 9201 and 9203. [WAP Health Check Menu] wspcnt . wtpcnt Displays WTP and WSP Health Check Content Menu. deployed on WAP gateways/ servers.Enable/disable coupling with RADIUS Accounting Service cur . WTLS+WSP. refer to the Application Guide. and the switch verifies the expected response. January 2005 .WSP Health Check Content Menu wtpcnt . 426 Chapter 7: The SLB Configuration Menu 315393-J.0.WSP port number to health check wtpport .Display current WAP health check configuration Table 7-43 WAP Health Check Menu Options (/cfg/slb/adv/waphc) Command Syntax and Usage wspcnt Displays WSP Health Check Content Menu.WTP port number to health check wtlswsp . in a manner similar to scriptable health checks. see page 429. WTP+WSP. wtpport <wtp port number to health check (0-65534)> Defines the WTP port number to health check. The default port number is 9200. see page 428. WSP content health checks can be configured in two modes: connectionless and connectionoriented.2 Command Reference /cfg/slb/advhc/waphc WAP Health Check Configuration Wireless Session Protocol (WSP) is used within the Wireless Application Protocol (WAP) suite to manage sessions between wireless devices and WAP content servers or WAP gateways. To view menu options. WTLS+WTP+WSP).WTLS+WSP port number to health check wtlsprt . To view menu options. For further details. Application switches can be used to load balance the gateways in both modes of operation.

2 Command Reference Table 7-43 WAP Health Check Menu Options (/cfg/slb/adv/waphc) Command Syntax and Usage wtlswsp <wtls+wsp port number to health check (0-65534)> Defines the WTLS (Wireless Transport Layer Security) and WSP port number to health check. January 2005 Chapter 7: The SLB Configuration Menu 427 . WTLS+WSP. If the health check to any one of the four WAP services or Radius Accounting Service fails.Alteon OS 22. 315393-J.0. WTP+WSP. then all of the four WAP services and Radius Accounting Service are disabled. The connection-oriented WTLS traffic uses default port 9203. wtlsprt <port number (0-65534)> Enter the port number on which WTLS health checks will be performed. couple disable|enable Enables or disables coupling together of all the four WAP services (WSP. The connectionless encrypted WTLS traffic uses default port 9202. cur Displays the current WAP Health Check configuration. WTLS+WTP+WSP) with Radius Accounting Service.

Alteon OS 22.2 Command Reference /cfg/slb/advhc/waphc/wspcnt WSP Content Health Check [WSP Health Check Content Menu] offset .Content to be sent to the WAP gateway rcvcnt . sndcnt <send content as hexadecimal string> Enter a hexadecimal string that represents a connectionless WSP request to a WSP gateway. This string will be delivered to the WSP gateway.Offset in received WSP packet sndcnt . 428 Chapter 7: The SLB Configuration Menu 315393-J. An offset value of 0 (default) sets the switch to start comparisons from the beginning of the content of the received packet. January 2005 .Content to be received from the WAP gateway cur .0. rcvcnt <receive content as hexadecimal string> Enter a hexadecimal string that represents the content that the switch expects to receive from the WSP gateway.Display current WSP health check content configuration Table 7-44 WSP Content Health Check Options (/cfg/slb/advhc/waphc/wspcnt) Command Syntax and Usage offset <Offset in the received WSP packet (0-512)> Enter the offset value content of the received WSP packages. cur Displays the current WAP Health Check configuration.

Offset in received WSP PDU connect . connect <connect content as hexstring> Enter the content for the first switch-generated WSP session packet.Display current WTP+WSP health WAP gateway gateway the WAP gateway check content configuration Table 7-45 WTP and WSP Content Health Check Menu Options (/cfg/slb/advhc/ waphc/wtpcnt) Command Syntax and Usage offset <offset in the received WSP PDU> Enter the offset value content of the received WSP packets.Alteon OS 22. This string will be delivered to the WSP gateway. at which the comparison begins to match with the expected receive content.REPLY PDU to be received from cur . January 2005 Chapter 7: The SLB Configuration Menu 429 .CONNECT PDU to be sent to the sndcnt .2 Command Reference /cfg/slb/advhc/waphc/wtpcnt WTP and WSP Content Health Check Menu This menu is used for configuring the health check for connection-oriented unencrypted WAP traffic. An offset value of 0 (default) sets the switch to start comparisons from the beginning of WSP PDU of the received packet. rcvcnt <receive content as a hexadecimal string> Enter a hexadecimal string that represents the content that the switch expects to receive from the WSP gateway. 315393-J. The offset value is the number of bytes from the beginning of the WSP PDU. [WTP+WSP Health Check Content Menu] offset . cur Displays current WTP+WSP health check content configuration.GET PDU to be sent to the WAP rcvcnt . This command allows you to customize the headers in the connect message.0. sndcnt <send content as hexadecimal string> Enter a hexadecimal string that represents a WSP request to a WSP gateway.

Set base type of Proxy IP address add .0. You can configure multiple proxy IP addresses based on either port or VLAN.Remove port or VLAN from Proxy IP address cur . [Proxy IP Address Menu] type . whether it is port-based or VLAN-based.Alteon OS 22. 430 Chapter 7: The SLB Configuration Menu 315393-J. You can configure up to 32 proxy IP addresses on per port or per VLAN basis. This command also allows you to remove all ports or VLANs assigned to any proxy IP address.2 Command Reference /cfg/slb/pip Proxy IP Address Configuration Menu You need to enable proxy IP address processing on the port to use this command. rem <<PIP ID> <port#|vlan#>|<port#-port#|vlan#-vlan#>> Allows you to remove a port or a VLAN from a proxy IP address.Display current Proxy IP address configuration Table 7-46 Proxy IP Address Configuration Menu Options (/cfg/slb/pip) Command Syntax and Usage type <port|vlan> Defines the base type of the proxy IP address. January 2005 .Add port or VLAN to Proxy IP address rem . add <IP address> <port number|vlan number>|<port number-port number|vlan number-vlan number> Allows you to add either a port or a VLAN to a proxy IP address. cur Displays the current Proxy IP address configuration.

the switch is able to forward traffic from the other switch.Alteon OS 22. using Layer 2. 315393-J. January 2005 Chapter 7: The SLB Configuration Menu 431 . [Peer Proxy IP Address Menu] add . cur Displays the current proxy address configuration of the peer.Display current peer Proxy IP address configuration Table 7-47 Peer Proxy IP Address Menu Options (/cfg/slb/peerpip) Command Syntax and Usage add <IP address> Allows you to add a proxy IP address to the server load balancing peer. This prevents the dropping of a packet or being sent to the backup switch in the absence of the proxy IP address of the peer switch. This happens because the peer switches are aware of each other’s proxy IP addresses.Rem peer Proxy IP address cur . rem <IP address> Allows you to remove a proxy IP address from the server load balancing peer. without performing server processing on the packets of the other switch.Add peer Proxy IP address rem .2 Command Reference /cfg/slb/peerpip SLB Peer Proxy IP Address Menu When this command is enabled.0.

January 2005 .Alteon OS 22.2 Command Reference 432 Chapter 7: The SLB Configuration Menu 315393-J.0.

but do not alter permanent switch configurations. the port returns to its normally configured operation.Enter software feature to be removed passwd . January 2005 433 . Port Mirroring menu options are accessible only to the Alteon AD4 and Alteon 184 WebSwitches.Operational Server Load Balancing Menu vrrp .Clear syslog messages ntpreq .Change current user password clrlog .Send NTP request The commands of the Operations Menu enable you to alter switch operational characteristics without affecting switch configuration.Operational Port Menu slb . you can use the Operations Menu to immediately disable a port (without the need to apply or save the change).Enter key to enable software feature rmkey .Operational IP Menu swkey .Operational Virtual Router Redundancy Menu bwm .Operational Bandwidth Management Menu ip . 315393-J. For example.CHAPTER 8 The Operations Menu The Operations Menu is generally used for commands that affect switch performance immediately. /oper Operations Menu [Operations Menu] port . with the understanding that when the switch is reset.

see page 436. January 2005 . To view menu options.Alteon OS 22. bwm Operational Bandwidth Management Menu. the Operational Border Gateway Protocol Menu. For details. slb Displays the Operational Layer 4 Menu. see page 442. To view menu options. which has one sub-menu/option. To view menu options. see page 435. see page 441. see page 439. rmkey <software feature to be removed (GSL|BWM|Security)> Defines software feature to be removed. see page 439.0. swkey <16-hexadecimal digit key to enable software feature> Sets key to enable software feature. For details. passwd <15 char max> Allows the user to change the password.2 Command Reference Table 8-1 Operations Menu Options (/oper) Command Syntax and Usage port <port number> Displays the Operational Port Menu. vrrp Displays the Operational Virtual Router Redundancy Menu. ip Displays the IP Operations Menu. see page 439. To view menu options. You need to enter the current password in use for validation. clrlog Clears all syslog messages. 434 Chapter 8: The Operations Menu 315393-J. ntpreq Allows the user to send requests to the NTP server. To view menu options.

Enable port dis . ena Temporarily enables the port. The port will be returned to its configured operation mode when the switch is reset.Current port state Operations-level port options are used for temporarily disabling or enabling a port. cur Displays the current settings for the port.Enable/Disable RMON for port ena . The port will be returned to its configured operation mode when the switch is reset.Alteon OS 22. Table 8-2 Operations-Level Port Menu Options (/oper/port) Command Syntax and Usage rmon disable|enable Temporarily enables/disables Remote Monitoring on the port. January 2005 Chapter 8: The Operations Menu 435 . 315393-J.2 Command Reference /oper/port <port number> Operations-Level Port Options [Operations Port 1 Menu] rmon . and for changing Remote Monitoring (RMON) status on a port.Disable port cur .0. dis Temporarily disables the port. The port will be returned to its configured operation mode when the switch is reset.

436 Chapter 8: The Operations Menu 315393-J. port. peers must be configured on the Alteon Application Switch and the administrator password on the switch must be identical. ena <real server number (1-1023)> Temporarily enables a real server.Global SLB Operations Menu sync . January 2005 .Current layer 4 operational state When the optional Layer 4 software is enabled. To view menu options.Alteon OS 22. To view menu options. To take effect. the operations-level Server Load Balancing options are used for temporarily disabling or enabling real servers and synchronizing the configuration between the active/active switches. Bandwidth Management configuration.2 Command Reference /oper/slb Operations-Level SLB Options [Server Load Balancing Operations Menu] group .0. see page 437. see page 438. sync Synchronizes the SLB.Synchronize SLB. The real server will be returned to its configured operation mode when the switch is reset.Disable real server clear . gslb Displays Global SLB Operations Menu. and VR priorities on a peer switch (a switch that owns the IP address).Clear session table cur .Real Server Group Menu gslb . VRRP and other configurations on peers ena . VRRP. Table 8-3 Server Load Balancing Operations Menu Options (/oper/slb) Command Syntax and Usage group <real server group number (1-1024)> Displays the Real Server Group Menu. filter.Enable real server dis .

2 Command Reference Table 8-3 Server Load Balancing Operations Menu Options (/oper/slb) Command Syntax and Usage dis <real server number. NOTE – This command disrupts current SLB and Application Redirection sessions. clear Clears all session tables and allows port filter changes to take effect immediately. /oper/slb/group Real Server Group Operations [Real server group 1 Menu] ena .Disable real server in this group cur .Current server group operational state Table 8-4 Real Server Group Operations Options (oper/slb/group) Command Syntax and Usage ena <real server number (1-1023)> Enables real server in this group. see “Disabling and Enabling Real Servers” in the Alteon OS 22. cur Displays current operational state of the server group. dis <real server number (1-1023)> Disables real server in this group. NOTE – This command provides for orderly server shutdown to allow maintenance on a server. For more information.Alteon OS 22.2 Application Guide. 1-1023> [P . cur Displays the current SLB operational state.0 sessions] p|n The disable command is used to temporarily disable real servers as follows: Using the p (persistent) option—immediately suspends assignment of connections to the specified real server (except for persistent http 1.0 sessions) by removing the real server from operation within its real server group and virtual server Using the n (none) option—immediately suspends assignment of connections to the specified real server by removing the real server from operation within its real server group and virtual server The real server will be returned to its configured state after a switch reset. January 2005 Chapter 8: The Operations Menu 437 .0.allow persistent http 1.Enable real server in this group dis .0. 315393-J.

Query Global SLB selection Table 8-5 Global SLB Operations Menu Options (/oper/slb/gslb) Command Syntax and Usage query Allows you to query the Global site selection. January 2005 . 438 Chapter 8: The Operations Menu 315393-J.2 Command Reference /oper/slb/gslb Global SLB Operations Menu [Global SLB Operations Menu] query .0.Alteon OS 22.

0. There are no other virtual routers available to take master control. [VRRP Operations Menu] back .2 Command Reference /oper/vrrp Operations-Level VRRP Options. After the new election. 315393-J. the current master gives up control and initiates a new election by temporarily advertising its own priority level as 0 (lowest).Set virtual router to backup Table 8-6 Virtual Router Redundancy Operations Menu Options (/oper/vrrp) Command Syntax and Usage back <virtual router number (1-256)> Forces the specified master virtual router on this switch into backup mode.Alteon OS 22.Send BW History to SMTP server Table 8-7 Bandwidth Operations Menu Options (/oper/bwm/sndhist) Command Syntax and Usage sndhist Sends the bandwidth history to a system administrator specified under /cfg/bwm/user (see page 279). When this command is executed. January 2005 Chapter 8: The Operations Menu 439 . This is generally used for passing master control back to a preferred switch once the preferred switch has been returned to service after a failure. the virtual router forced into backup mode by this command will resume master control in the following cases: This switch owns the virtual router (the IP addresses of the virtual router and its IP interface are the same) This switch’s virtual router has a higher priority and preemption is enabled. /oper/bwm Operations-Level Bandwidth Management Options [Bandwidth Management Operations Menu] sndhist .

440 Chapter 8: The Operations Menu 315393-J. To view the menu options see page 440. /oper/ip/bgp Operations-Level BGP Options [Border Gateway start stop cur Protocol Operations Menu] Start peer session Stop peer session Current BGP operational state Table 8-9 IP Operations Menu Options (/oper/ip) Command Syntax and Usage start <peer number (1-16)> Starts the peer session. stop <peer number (1-16)> Stops the peer session. January 2005 .2 Command Reference /oper/ip Operations-Level IP Options [IP Operations Menu] bgp .0.Alteon OS 22. cur Displays the current BGP operational state.Operational Border Gateway Protocol Menu Table 8-8 IP Operations Menu Options (/oper/ip) Command Syntax and Usage bgp Displays the Border Gateway Protocol Operations Menu.

Alteon OS 22. You will receive a Licence Certificate for each software license purchased. Currently the following software packages are available for purchase and installation: Security Pack Bandwidth Management Global Server Load Balancing To obtain a software key.0.2 Command Reference /oper/swkey Activating Optional Software The swkey option is used for activating any optional software you have purchased for your switch. perform the following actions: 1. One software license is needed for each switch where the optional software is to be used. you must obtain a software license from your Nortel Networks representative or authorized reseller. Connect to the switch’s command line interface and log in as the administrator (see Chapter 1. enter: Operations# swkey 315393-J. At the Main# prompt. Once you have your License Password. NOTE – Each License Password will work only on the specific switch which has the MAC address you provided when registering your Licence Certificate. you must register each License Certificate with Nortel Networks and provide the MAC address of the Alteon OS switch that will run the optional software. January 2005 Chapter 8: The Operations Menu 441 . enter: Main# oper 3. Before you can activate optional software. 2. At the Operations# prompt. Nortel Networks will then provide a License Password. “The Command Line Interface”).

2 Command Reference 4. enter the following at the Operations Menu: Operations# rmkey When prompted. enter the code for software to be removed. January 2005 . For example: Enter Software Feature to be removed:[GSLB]||BWM|Security: GSLB 442 Chapter 8: The Operations Menu 315393-J. Software feature enabled. /oper/rmkey Removing Optional Software The rmkey option is used for deactivating any optional software. For example: Enter Software Key: <16 hexadecimal-digit key to enable software feature (such as. 123456789ABCDEF)> If the correct code is entered. enter your 16-digit software key code. Deactivated software is still present in switch memory and can be reactivated at any later time.Alteon OS 22. When prompted.0. you will see the following message: Valid software key entered. To deactivate optional software.

Scheduled Switch Reset Menu .Upload selected software image via TFTP . you must be logged in to the switch as the administrator. The Boot Options Menu provides options for: Selecting a switch software image to be used when the switch is next reset Selecting a configuration block to be used when the switch is next reset Downloading or uploading a new software image to the switch via TFTP /boot Boot Menu [Boot Options sched image conf gtimg ptimg reset cur Menu] . January 2005 443 . 315393-J.Reset switch [WARNING: Restarts Spanning Tree] .Select config block to use on next boot .Select software image to use on next boot .CHAPTER 9 The Boot Options Menu To use the Boot Options Menu.Download new software image via TFTP .Display current boot options Each of these options is discussed in greater detail in the following sections.

and check the time of the currently set reboot schedule with the help of the following sub-menu: /boot/sched Scheduled Reboot Menu [Boot Schedule Menu] set . 444 Chapter 9: The Boot Options Menu 315393-J. This feature is particularly helpful if the user needs to perform switch upgrades during off-peak hours. Upgrading the software image on your switch requires the following: Loading the new image onto a TFTP server on your network Downloading the new image from the TFTP server to your switch Selecting the new software image to be loaded into switch memory the next time the switch is reset Downloading New Software to Your Switch The switch can store up to two different software images. cancel a previously scheduled reboot. This lets you test the new software and reload the original active image (stored in image1). you must specify where it should be placed: either into image1. For example. January 2005 . When you download new software. as well as boot software.0. called image1 and image2. As new versions of the image are released.Cancel pending switch reset cur .Display current switch reset schedule Updating the Switch Software Image The switch software image is the executable code running on the Alteon Application Switch.Set switch reset time cancel . you can upgrade the software running on your switch. called boot. and comes pre-installed on the device.2 Command Reference Scheduled Reboot of the Switch This feature allows the switch administrator to schedule a reboot to occur at a particular time in future. or boot. if your active image is currently loaded into image1. if needed. A version of the image ships with the switch. image2. You can set the reboot time.Alteon OS 22. you would probably load the new image software into image2.

Enter the name of the switch software to be replaced: Enter name of switch software image to be replaced ["image1"/"image2"/"boot"]: <image> 3. When the above requirements are met. Enter the hostname or IP address of the TFTP server. At the Boot Options# prompt. However. 1.2 Command Reference To download a new software to your switch. This sets the default option for the gtimg and ptimg commands. Enter name of file on TFTP server: <filename> The exact form of the name will vary by TFTP server. the file location is normally relative to the TFTP directory (usually /tftpboot). note that you can override this setting with the option provided to these operational commands.Alteon OS 22. as described below. use the following procedure to download the new software to your switch. you will need the following: The image or boot software loaded on a TFTP server on your network The hostname or IP address of the TFTP server The name of the new software image or boot file Setup the TFTP option (/cfg/sys/mgmt/tftp) for the TFTP connection. See “Domain Name System Configuration Menu” on page 331). 5. You should next select a software image to run. The system prompts you to confirm your request. Enter hostname or IP address of TFTP server: <server name or IP address> 4. However. NOTE – The DNS parameters must be configured if specifying hostnames. Enter the name of the new software file on the server. 315393-J. enter: Boot Options# gtimg 2.0. January 2005 Chapter 9: The Boot Options Menu 445 .

2 Command Reference Selecting a Software Image to Run You can select which software image (image1 or image2) you want to run in switch memory for the next reboot. Enter the name or the IP address of the TFTP server: Enter hostname or IP address of TFTP server: <server name or IP address> 4. enter: Boot Options# image 2. Specify new image to use on next reset ["image1"/"image2"]: Uploading a Software Image from Your Switch You can upload a software image from the switch to a TFTP server. Enter the desired image: Enter name of switch software image to be uploaded ["image1"|"image2"|"boot"]: <image> <hostname or server-IP-addr> <server-file- name> 3. Enter the name of the image you want the switch to use upon the next boot. 1. enter: Boot Options# ptimg 2. The system prompts you for information. 1. At the Boot Options# prompt.Alteon OS 22. The system informs you of which image is currently set to be loaded at the next reset.0. At the Boot Options# prompt. January 2005 . and prompts you to enter a new choice: Currently set to use switch software "image1" on next reset. Enter the name of the file into which the image will be uploaded on the TFTP server: Enter name of file on TFTP server: <filename> 446 Chapter 9: The Boot Options Menu 315393-J.

you must save the changes so that they are retained beyond the next time the switch is reset. To have the file uploaded. Confirm upload operation [y/n]: y Selecting a Configuration Block When you make configuration changes to the Alteon Application Switch. When you perform the save command. Enter the name of the configuration block you want the switch to use: The system informs you of which configuration block is currently set to be loaded at the next reset. and prompts you to enter a new choice: Currently set to use active configuration block on next reset.2 Command Reference 5. This can be useful when a custom-configured Alteon Application Switch is moved to a network environment where it will be re configured for a different purpose. your new configuration changes are placed in the active configuration block.Alteon OS 22.1. At the Boot Options# prompt. enter: Boot Options# conf 2. The system then requests confirmation of what you have entered. image2 currently contains Software Version 20.0. Under certain circumstances.0. it may be desirable to reset the switch configuration to the default.7 Upload will transfer image2 (1889411 bytes) to file "test" on TFTP server 192. There is also a factory configuration block. Use the following procedure to set which configuration block you want the switch to load the next time it is reset: 1.1. enter Y.1. January 2005 Chapter 9: The Boot Options Menu 447 . The previous configuration is copied into the backup configuration block. Specify new block to use ["active"/"backup"/"factory"]: 315393-J.2. This holds the default configuration set by the factory when your Alteon Application Switch was manufactured.

0. 448 Chapter 9: The Boot Options Menu 315393-J. NOTE – Resetting the switch causes the Spanning Tree Protocol to restart.2 Command Reference Resetting the Switch You can reset the switch to make your software image file and configuration block changes occur. at the Boot Options# prompt. To reset the switch. January 2005 . enter: >> Boot Options# reset You are prompted to confirm your request.Alteon OS 22. depending on the topology of your network. This process can be lengthy.

Forwarding Database Manipulation Menu arp . you must be logged in to the switch as the administrator. It also includes a debugging menu to help with troubleshooting.tftp put FLASH dump to tftp server cldmp .System Maintenance Menu fdb . [Maintenance Menu] sys .Tech support dump Dump information contains internal switch state data that is written to flash memory on the Alteon Application Switch after any one of the following occurs: The switch administrator forces a switch panic.Debugging Menu uudmp .Dump state information to FLASH and reboot tsdmp . The switch reset key combination is <Shift><Ctrl><->.Clear FLASH dump lsdmp . causes the switch to dump state information to flash memory. January 2005 449 .CHAPTER 10 The Maintenance Menu The Maintenance Menu is used to manage dump information and forward database information.List FLASH dump panic .ARP Cache Manipulation Menu route . 315393-J.Uuencode FLASH dump ptdmp . /maint Maintenance Menu NOTE – To use the Maintenance Menu. found in the Maintenance Menu. The panic option. The switch administrator enters the switch reset key combination on a device that is attached to the console port. and then causes the switch to reboot.IP Route Manipulation Menu debug .

arp Displays the ARP Cache Manipulation Menu. The purpose of the watchdog timer is to reboot the switch if the switch software freezes. see page 451. see page 454. statistics. For details. and send it to Nortel Networks Tech Support for debugging purposes. To view menu options. 450 Chapter 10: The Maintenance Menu 315393-J. The switch detects a hardware or software problem that requires a reboot. route Displays the IP Route Manipulation Menu.0. lsdmp Displays list flash dump. see page 457. debug Displays the Debugging Menu. To view menu options. Table 10-1 Maintenance Menu Options (/maint) Command Syntax and Usage sys Displays the System Maintenance Menu. see page 456. To view menu options.You can log the tsdump output into a file. panic Dumps MP information to FLASH and reboots. For details. cldmp Clears dump information from flash memory.Alteon OS 22. uudmp Displays dump information in uuencoded format. see page 455. tsdmp Dumps all Alteon Application Switch information. For details. For details. To view menu options. fdb Displays the Forwarding Database Manipulation Menu. January 2005 . To view menu options. ptdmp hostname filename [-mgmt| -data] Saves the system dump information via TFTP. see page 451.2 Command Reference The watchdog timer forces a switch reset. and configuration. see page 457. see page 452. see page 456.

Show FDB entries referenced by a single port dump .Alteon OS 22.2 Command Reference /maint/sys System Maintenance Options This menu is reserved for use by Nortel Networks Customer Support group.Show FDB entries for a single port trunk .Delete an FDB entry clear . [System Maintenance Menu] flags .Show a single FDB entry by MAC address port .0. /maint/fdb Forwarding Database Options [FDB Manipulation Menu] find . 315393-J.Show all FDB entries del .Show FDB entries for a single VLAN refpt . January 2005 Chapter 10: The Maintenance Menu 451 .Clear entire FDB The Forwarding Database Manipulation Menu can be used to view information and to delete a MAC address from the forwarding database or clear the entire forwarding database. This is helpful in identifying problems associated with MAC address learning and packet forwarding decisions.Show FDB entries on a single trunk vlan . The options are used to perform system debugging.Set NVRAM flag word Table 10-2 System Maintenance Menu Options (/maint/sys) Command Syntax and Usage flags <new NVRAM flags word as 0xXXXXXXXX> This command sets the flags that are used for debugging purposes by Tech support group.

Show ARP entries referenced by a single SP dump . /maint/arp ARP Cache Options [Address Resolution Protocol Menu] find .Show ARP entries on a single port vlan . Use “0” for unknown port number.Clear ARP cache addr . January 2005 . vlan <VLAN number (1-4090)> Displays all FDB entries on a single VLAN. Enter the MAC address using the xx:xx:xx:xx:xx:xx format (such as 08:00:20:12:34:56) or xxxxxxxxxxxx format (such as 080020123456). trunk <trunk number (1-12)> Displays all FDB entries for the specified trunk group. dump Displays all entries in the Forwarding Database.Show ARP entries on a single VLAN refpt . You are prompted to enter the MAC address of the device.0.Show a single ARP entry by IP address port . 0 for unknown>> Displays all FDB entries for a particular port. For details. see page 79.Show all ARP entries clear . refpt <SP number (1-4)> Displays all FDB entries reference by a single port. port <port number.2 Command Reference Table 10-3 FDB Manipulation Menu Options (/maint/fdb) Command Syntax and Usage find <MAC address> [<VLAN>] Displays a single database entry by its MAC address. del <MAC address> [<VLAN number>] Removes a single FDB entry. clear Clears the entire Forwarding Database from switch memory.Show ARP address list 452 Chapter 10: The Maintenance Menu 315393-J.Alteon OS 22.

17. vlan <VLAN number (1-4090)> Shows ARP entries on a single VLAN.81 00:e0:81:24:ef:3c 1 1 empty 47.0. you can also refer to “ARP Information” on page 93. /maint/arp/port <port number> ARP Entries on a Single Port IP address Flags MAC address VLAN Port Referenced SPs --------------. port <port number> Displays ARP entries on a single port. 315393-J. refpt <SP number (1-4)> Shows all ARP entries referenced by a single port. addr Shows the list of IP addresses which the switch will respond to for ARP requests. January 2005 Chapter 10: The Maintenance Menu 453 .----. clear Clears the entire ARP list from switch memory.169 00:04:75:db:1c:1a 1 1 empty NOTE – To display all ARP entries currently held in the switch.2 Command Reference Table 10-4 Address Resolution Protocol Menu Options (/maint/arp) Command Syntax and Usage find <IP address (such as.80.----------------.80.4.1 00:e0:16:7c:28:82 1 1 empty 47.17.101)> Shows a single ARP entry by IP address. refpt.--------------47.Alteon OS 22. vlan. or a portion according to one of the options listed on the menu above (find. dump). dump Shows all ARP entries.16.80. 192.----. See page 453 for a sample output.---.16. port.

Alteon OS 22.0.2 Command Reference

/maint/route IP Route Manipulation
[IP Routing Menu] find - Show a single route by destination IP address gw - Show routes to a single gateway type - Show routes of a single type tag - Show routes of a single tag if - Show routes on a single interface dump - Show all routes clear - Clear route table

Table 10-5 IP Route Manipulation Menu Options (/maint/route)
Command Syntax and Usage find <IP address (such as, 192.4.17.101)> Shows a single route by destination IP address. gw <default gateway address (such as, 192.4.17.44)> Shows routes to a default gateway. type indirect|direct|local|broadcast|martian|multicast Shows routes of a single type. For a description of IP routing types, see Table 4-19 on page 92 tag fixed|static|addr|rip|ospf|bgp|broadcast|martian|vip Shows routes of a single tag. For a description of IP routing tags, see Table 4-20 on page 93 if <interface number (1-256)> Shows routes on a single interface. dump Shows all routes. clear Clears the route table from switch memory.

NOTE – To display all routes, you can also refer to “IP Routing Information” on page 92.

454

Chapter 10: The Maintenance Menu

315393-J, January 2005

Alteon OS 22.0.2 Command Reference

/maint/debug Debugging Options
[Miscellaneous Debug Menu] tbuf - Show MP trace buffer sptb - Show SP trace buffer spall - Show All SPs trace buffers clrcfg - Clear all flash configs vmasp - Show designated SP for IP address

The Miscellaneous Debug Menu displays trace buffer information about events that can be helpful in understanding switch operation. You can view the following information using the debug menu: Events traced by the Management Processor (MP) Events traced by the Switch Processor (SP) Events traced to a buffer area when a reset occurs If the switch resets for any reason, the MP trace buffer and SP trace buffers are saved into the snap trace buffer area. The output from these commands can be interpreted by the Nortel Networks Customer Support division. Table 10-6 Miscellaneous Debug Menu Options (/maint/debug)
Command Syntax and Usage tbuf Displays the Management Processor trace buffer. Header information similar to the following is shown: MP trace buffer at 13:28:15 Fri May 25, 2001; mask: 0x2ffdf748 The buffer information is displayed after the header. sptb <port number (1-4)> Displays the Switch Processor trace buffer. Header information similar to the following is shown: SP 1 trace buffer at 10:56:35 Tue Jul 30, 2002; mask: 0x00800008 The buffer information is displayed after the header. spall Displays the Switch Processor trace buffer. Header information similar to the following is shown: SP 1 trace buffer at 10:56:35 Tue Jul 30, 2002; mask: 0x00800008. The buffer information is displayed after the header. Displays all SP trace buffers. clrcfg Deletes all flash configuration blocks. vmasp <IP address> Displays the assigned SP (Switch Processor) for this IP address.

315393-J, January 2005

Chapter 10: The Maintenance Menu

455

Alteon OS 22.0.2 Command Reference

/maint/uudmp Uuencode Flash Dump
Using this command, dump information is presented in uuencoded format. This format makes it easy to capture the dump information as a file or a string of characters. You can then contact Nortel Networks Customer Support for help analyzing the information. If you want to capture dump information to a file, set your communication software on your workstation to capture session data prior to issuing the uudmp command. This will ensure that you do not lose any information. Once entered, the uudmp command will cause approximately 23,300 lines of data to be displayed on your screen and copied into the file. Using the uudmp command, dump information can be read multiple times. The command does not cause the information to be updated or cleared from flash memory. NOTE – Dump information is not cleared automatically. In order for any subsequent dump information to be written to flash memory, you must manually clear the dump region. For more information on clearing the dump region, see page 457. To access dump information, at the Maintenance# prompt, enter:
Maintenance# uudmp

The dump information is displayed on your screen and, if you have configured your communication software to do so, captured to a file. If the dump region is empty, the following appears:
No FLASH dump available.

/maint/ptdmp <server> <filename> TFTP System Dump Put
Use this command to put (save) the system dump to a TFTP server. NOTE – If the TFTP server is running SunOS or the Solaris operating system, the specified ptdmp file must exist prior to executing the ptdmp command, and must be writable (set with proper permission, and not locked by any application). The contents of the specified file will be replaced with the current dump data. To save dump information via TFTP, at the Maintenance# prompt, enter:
Maintenance# ptdmp <server> <filename> [-mgmt| -data]

Where server is the TFTP server IP address or hostname, and filename is the target dump file.
456 Chapter 10: The Maintenance Menu

315393-J, January 2005

Alteon OS 22.0.2 Command Reference

/maint/cldmp Clearing Dump Information
To clear dump information from flash memory, at the Maintenance# prompt, enter:
Maintenance# cldmp

The switch clears the dump region of flash memory and displays the following message:
FLASH dump region cleared.

If the flash dump region is already clear, the switch displays the following message:
FLASH dump region is already clear.

/maint/panic Panic Command
The panic command causes the switch to immediately dump state information to flash memory and automatically reboot. To select panic, at the Maintenance# prompt, enter:
>> Maintenance# panic A FLASH dump already exists. Confirm replacing existing dump and reboot [y/n]:

Enter y to confirm the command:
Confirm dump and reboot [y/n]: y

The following messages are displayed:
Loading Image:.......... Alteon Application Switch 2424 Rebooted because of Software PANIC. Booting complete 19:15:23 Thu Jan 9, 2003: Version 20.2.7 from FLASH image1, active config block. Jan 9 19:15:32 NOTICE system: link up on port 25 Enter password:

315393-J, January 2005

Chapter 10: The Maintenance Menu

457

Alteon OS 22.0.2 Command Reference

Unscheduled System Dumps
If there is an unscheduled system dump to flash memory, the following message is displayed when you log on to the switch:
Note: A system dump exists in FLASH. The dump was saved at 19:15:23 Thu Jan 9, 2003. Use /maint/uudmp to extract the dump for analysis and /maint/cldmp to clear the FLASH region. The region must be cleared before another dump can be saved.

458

Chapter 10: The Maintenance Menu

315393-J, January 2005

APPENDIX A

Alteon OS Syslog Messages
The following syntax is used when outputting syslog messages: <Time stamp><Log Label>Web OS<Thread ID>:<Message> where <Timestamp> The time of the message event is displayed in month day hour:minute:second format. For example: Aug 19 14:20:30 <Log Label> The following types of log messages are recorded: LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR, LOG_WARNING, LOG_NOTICE, LOG_INFO, and LOG_DEBUG <Thread ID> This is the software thread that reports the log message. The following thread IDs are recorded: stp, ip, slb, console, telnet, vrrp, system, web server, ssh, and bgp <Message>: The log message Following is a list of potential syslog messages. To keep this list as short as possible, only <Thread ID> and <Message> are shown. The messages are sorted by <Log Label>. Where the <Thread ID> is listed as mgmt, one of the following may be shown: console, telnet, web server, or ssh.

LOG_WARNING
FILTER “filter <filter number> fired on port <port number>, <source IP address> -> <destination IP address>, [<ICMP type>], [<IP protocol>], [<layer-4 ports>], [<TCP f1ags>]”
ntp: ntp cannot contact primary NTP server <ip_address> cannot contact secondary NTP server <ip_address>

315393-J, January 2005

459

Alteon OS 22.0.2 Command Reference

LOG_ALERT
stp: IP vrrp: vrrp: vrrp: vrrp: slb: slb: gslb: gslb: gslb: gslb: slb: slb: slb: slb: bgp: bgp: vrrp: vrrp: dps: dps: syn_atk tcplim own BPDU received from port <port_id> cannot contact default gateway <ip_address> received errored advertisement from <ip_address> received incorrect password from <ip_address> received incorrect addresses from <ip_address> received incorrect advertisement interval <seconds> from <ip_address> cannot contact real server <ip_address> real server <ip_address> has reached maximum connections received update from <ip_address> for unknown remote server <ip_address> received update from <ip_address> for unknown virtual service received update for unknown remote server <ip_address> from <ip_address> received update for unknown service <ip_address:service> cannot contact real service <ip_address:real_port> real server failure threshold (<threshold>) has been reach for group <group_id> real server <ip_address> disabled through configuration Virtual Service Pool full. gSvcPool=MAX_SERVICES notification (<reason>) received from <BGP peer ip_address> session with <BGP peer ip_address> failed (<reason>) Synchronization from non-configured peer <ip_address> Synchronization from non-configured peer <ip_address> was blocked hold down triggered: <ip_address> for <min> minutes manual hold down: <ip_address> SYN attack detected: <count> new half-open sessions per second hold down triggered: <ip_address> for <min> minutes

460

Appendix A: Alteon OS Syslog Messages

315393-J, January 2005

Alteon OS 22.0.2 Command Reference

LOG_CRIT
SYSTEM: temperature at sensor <sensor_id> exceeded threshold SYSTEM: internal power supply failed SYSTEM: redundant power supply failed SYSTEM: fan failure detected SSH can't allocate memory in load_MP_INT

LOG_ERR
mgmt: mgmt: mgmt: ntp: isd: stp: stp: mgmt: mgmt: mgmt: cli: cli: cli: cli: cli: cli: cli: cli: cli: PANIC at <file>:<line> in thread <thread id> VERIFY at <file>:<line> in thread <thread id> ASSERT at <file>:<line> in thread <thread id> unable to listen to NTP port unable to listen to BOOTP_SERVER_PORT port Error: Error writing STG config to FLASH Error: Error writing config to FLASH Apply not done Save not done “<““apply””|““save””> is issued by another user. Try later” Error: Error writing %s config to FLASH New Path Cost for Port <port_id> is invalid PVID <vlan_id> for port <port_id> is not created RADIUS secret must be 1-32 characters long Please configure primary RADIUS server address STP changes can't be applied since STP is OFF Switch reset is required to turn STP on/off Trunk group <trunk_id> contains ports with different PVIDs Trunk group <trunk_id> has more than <max_trunk_ports> ports

315393-J, January 2005

Appendix A: Alteon OS Syslog Messages

461

Alteon OS 22.0.2 Command Reference

LOG_ERR (Continued)
cli: cli: cli: Trunk group <trunk_id> contains no ports but is enabled Not all ports in trunk group <trunk_id> are in VLAN <vlan_id> Trunk groups <trunk_id> and <trunk_id> can not share the same port

port_mirr: Port Mirroring changes are not applied cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: Broadcast address for IP interface <interface_id> is invalid IP Interfaces <interface_id> and <interface_id> are on the same subnet Multiple static routes have same destination Virtual router <vr_id> must have sharing disabled when hotstandby is enabled Virtual router group must be enabled when hotstandby is enabled At least one virtual router must be enabled when group is enabled Virtual router group must have sharing disabled when hotstandby is enabled Virtual router group must have preemption enabled when hotstandby is enabled Virtual router <vr_id> must have an IP address Virtual router <vr_id> cannot have same VRID and VLAN as <vlan_id> Virtual router <vr_id> cannot have same IP address as <ip_address> Virtual router <vr_id> corresponding virtual server <server_id> is not enabled Hot-standby must be enabled when a virtual router has a PIP address Virtual router <vr_id> IP interface should be <interface_id> Enabled real server <server_id> has no IP address Real server <server_id> has same IP address as IP interface <interface_id> Real server <server_id> has same IP address as switch Real server <server_id> (Backup for <server_id>) is not enabled Real server <server_id> has same IP address as virtual server <server_id> Real server <server_id> has same IP address as real server <server_id> Real server group <group_id> cannot backup itself Real server <server_id> cannot be added to same group Enabled virtual server <server_id> has no IP address

462

Appendix A: Alteon OS Syslog Messages

315393-J, January 2005

0.2 Command Reference LOG_ERR (Continued) cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: Virtual server <server_id> has same IP address as IP interface <interface_id> Virtual server <server_id> has same IP address as switch Virtual servers <server_id> and <server_id> with same IP address must support same layr3 configuration Real server <server_id> cannot be backup server for both real server <server_id> and group <group_id> Virtual server <server_id> has same IP address and vport as virtual server <server_id> RS <server_id> can't exist for VS <server_id> vport <virtual_port> Switch port <port_id> has same proxy IP address as port <port_id> Switch port <port_id> has same IP address as IP interface <interface_id> A hot-standby port cannot also be an inter-switch port There must be at least one inter-switch port if any hot-standby port exist “With VMA. ports 1-8 must all have a PIP if any one does” Client bindings are not supported with proxy IP addresses DAM must be turned on or a PIP must be enabled for port <port_id> in order for virtual server to support FTP parsing Real server <server_id> and group %u cannot both have backups configured Virtual server <server_id> : port mapping but layer3 bindings Extracting length has to set to 8 or 16 for cookie rewrite mode DAM must be turned on or a PIP must be enabled for port <port_id> in order for virtural server <server_id> to support URL parsing Port filtering must be disabled on port <port_id> in order to support cookie based persistence for virtual server <server_id> Virtual server <server_id>: port mapping but Direct Access Mode Virtual server %lu: support nonat IP but not layer 3 bindings Virtual servers: all that support IP must use same group Virtual servers <server_id> and <server_id> that include the same real server <server_id> cannot map the same real port or balance UDP Virtual server <server_id>: UDP service <virtual_port> with out-of-range port number 315393-J. January 2005 Appendix A: Alteon OS Syslog Messages 463 .Alteon OS 22.

January 2005 . <host_name>. Web server must be moved from TCP port 80” Remote site <site_id> does not have a primary IP address Primary and secondary remote site <site_id> switches must differ Remote sites <site_id> and <site_id> must use different addresses Remote site <site_id> and real server <server_id> must use different addresses Remote site <site_id> and virtual server <server_id> must use different addresses Only <MAX_SLB_SITES> remote servers are allowed per group Only <MAX_SLB_SERVICES> remote services are supported Enabled external lookup IP address has no IP address domain name must be configured 464 Appendix A: Alteon OS Syslog Messages 315393-J.0.Alteon OS 22.<domain_name>” Direct access mode is not supported with default gateway load balancing SLB Radius secret must be 16 characters long Dynamic NAT filter <filter_id> must be cached NAT filter <filter_id> must have same smask and dmask NAT filter <filter_id> cannot have port ranges NAT filter <filter_id> must be cached NAT filter <filter_id> dest range includes VIP <server_id> NAT filter <filter_id> dest range includes RIP <server_id> Redirection filter <filter_id> must be cached Filter with L4 ports configured <port_id> must have IP protocol configured “For Global SLB.2 Command Reference LOG_ERR (Continued) cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: Switch cannot support more than <MAX_VIRT_SERVICES> virtual services Switch cannot support more than <MAX_SMT> real services Trunk group (<trunk_id>) ports must have same L4 config Trunk group (<trunk_id>) ports must all have a PIP DAM must be turned on or a PIP must be enabled for ports <port_id> in order to do URL based redirection “Two services have same hostname.

Alteon OS 22.0.2 Command Reference LOG_ERR (Continued) cli: cli: cli: cli: cli: cli: cli: cli: cli: cli: mgmt: mgmt: mgmt: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: Network <static_network_id> has no VIP address duplicate default entry BGP peer <bgp_peer_id> must have an IP address BGP peers <bgp_peer_id> and <bgp_peer_id> have same address BGP peer <bgp_peer_id> have same address as IP interface <ip_interface_id> BGP peer <bgp_peer_id> IP interface <ip_interface_id> is not enabled Filter with ICMP types configured (<icmp_type>) must have IP protocol configure to ICMP “Two services have same hostname. January 2005 Appendix A: Alteon OS Syslog Messages 465 .<domain_name>” Loadbalance string must be added to real server <server_id> in order to enable exclusionary string matching intrval input value must be in the range [0-24] unapplied changes reverted unsaved changes reverted Attempting to redirect a previously redirected output Attempting to redirect a previously redirected output cfg_sync_tx_putsn: ABORTED Synchronization TX Error Synchronization TX connection RESET Synchronization TX connection TIMEOUT Synchronization TX connection UNREACEABLE Synchronization TX connection UNKNOWN CLOSE Synchronization RX connection RESET Synchronization RX connection TIMEOUT Synchronization RX connection UNREACEABLE Synchronization RX connection UNKNOWN CLOSE Synchronization connection RCLOSE by peer Synchronization connection RCLOSE before RX 315393-J. <host_name>.

Resuming Console thread “<""apply""|""save""> is issued by another user. January 2005 . Try later” new configuration did not validate (rc = ) new configuration did not apply (rc = ) new configuration did not save (rc = ) Sync config apply error Restoring Current Config Sync rx tcp open error Sync Version/Password Failed-No Version/Password Line Sync Version Failed .peer:%s config:%s Sync Password Failed-Bad Password Sync receive already in progress … cannot start Sync receive Sync transmit in progress … cannot start Sync receive 466 Appendix A: Alteon OS Syslog Messages 315393-J.2 Command Reference LOG_ERR (Continued) vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: Synchronization connection early RCLOSE in RX Synchronization connection Wait-For-Close Timeout Synchronization connection Transmit Timeout Synchronization Receive Timeout Synchronization Receive UNKNOWN Timeout Sync transmit in progress … cannot start Sync Sync receive in progress … cannot start Sync Sync already in progress … cannot start Sync Config Sync route find error Config Sync tcp_open error Config Synchronization Timeout .0.Alteon OS 22.

January 2005 Appendix A: Alteon OS Syslog Messages 467 .0.2 Command Reference LOG_NOTICE system: system: system: system: system: system: mgmt: mgmt: mgmt: mgmt: mgmt: mgmt: mgmt: mgmt: mgmt: mgmt: mgmt: mgmt: mgmt: mgmt: mgmt: ssh: ssh: mgmt: mgmt: mgmt: mgmt: internal power supply ok redundant power supply present and ok temperature ok fan ok rebooted <last_reset_information> rebooted <last_reset_information> administrator logged in boot config block changed boot image changed switch reset from CLI syslog host changed to <ip_address> syslog host changed to this host second syslog host changed to <ip_address> second syslog host changed to this host Next boot will use active config block user password changed SLB operator password changed L4 operator password changed operator password changed SLB administrator password changed L4 administrator password changed administrator password changed scp <login_level> login “scp <login_level> <""connection closed""|""idle timeout""|""logout"">” RADIUS server timeouts Failed login attempt via TELNET from host %s PASSWORD FIX-UP MODE IN USE <login_level> login on Console 315393-J.Alteon OS 22.

2 Command Reference LOG_NOTICE (Continued) mgmt: mgmt: “<login_level> <""idle timeout""|""logout""> from Console” PANIC command from CLI port_mirr: “port mirroring is <""enabled""|""disabled"">” vlan: mgmt: mgmt: IP IP vrrp: vrrp: slb: slb: slb: slb: slb: slb: slb: slb: slb: slb: bgp: Default VLAN can not be deleted <login_level> login from host <ip_address> “<login_level> <""connection closed""|""idle timeout""|""logout""> from” “default gateway <ip_address> <""enabled""|""disabled"">” default gateway <ip_address> operational virtual router <ip_address> is now master virtual router <ip_address> is now backup “backup server <ip_address> <""enabled""|""diabled""> for real server <server_id>” “backup server <ip_address> <""enabled""|""disabled""> for real server group <group_id>” “backup group server <ip_address> <""enabled""|""disabled""> for real server group group_id>” “overflow server <ip_address> <""enabled""|""disabled""> for real server <server_id>” “overflow server <ip_address> <""enabled""|""disabled""> for real server group <group_id>” “overflow group server <ip_address> <""enabled""|""disabled""> for real server group <group_id>” real server <ip_address> operational real service <ip_address:real_port> operational No services are available for Virtual Server <virtual_server> Services are available for Virtual Server <virtual_server> session established with <BGP_peer_ip_address> 468 Appendix A: Alteon OS Syslog Messages 315393-J.0.Alteon OS 22. January 2005 .

0. file <file_name> <software_version>" serial EEPROM downloaded from host <ip_address> file <file_name> scp <login_level> login "scp <login_level> <""connection closed""|""idle timeout""|""logout"">" <login_level> login on Console "<login_level> <""idle timeout""|""logout""> from Console" <login_level> login from host <ip_address> "<login_level> <""connection closed""|""idle timeout""|""logout""> from Telnet/SSH." server key autogen starts server key autogen completes server key autogen timer timeouts new synch configuration applied new synch configuration saved Synchronizing from <host_name> Synchronizing to <host_name> Config Synchronization Transmit Successful Config Synchronization Receive Successful new configuration VALIDATED 315393-J. January 2005 Appendix A: Alteon OS Syslog Messages 469 .Alteon OS 22.2 Command Reference LOG_INFO SYSTEM: mgmt: mgmt: mgmt: mgmt: mgmt: mgmt: ssh: ssh: mgmt: mgmt: mgmt: mgmt: ssh: ssh: ssh: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: vrrp: bootp response from <ip_address> new configuration applied new configuration saved unsaved changes reverted Could not revert unsaved changes "<image1|image2> downloaded from host <ip_address>.

0. January 2005 .Alteon OS 22.2 Command Reference 470 Appendix A: Alteon OS Syslog Messages 315393-J.

Detailed SNMP MIBs and trap definitions of the Alteon OS SNMP agent can be found in the following enterprise MIB documents: altroot.APPENDIX B Alteon OS SNMP Agent The Alteon OS SNMP agent supports SNMP Version 1. January 2005 .mib aosTrap.mib -. Interface. ICMP. UDP. IP.mib aosNetwork. Address Translation. and Version 3. Version 3 supports two authentication protocols: MD5 and SHA.mib aosSwitch. Up to 16 IP addresses can be configured in targetAddr table. Event Groups) RFC 1850 for OSPF 471 315393-J. Alteon MIBs are registered as Vendor 1872. Alarm.mib aosBwm.mib -.SynOptics Registration MIB s5tcs112. Version 2.Textual Convention MIB s5emt104.EtherLike MIB RFC 1493 .Ethernet Multi segment Autotopology MIB SNMPv1|v2|v3 traps can be sent to the hosts configured in targetAddr table. SNMP Groups) RFC 1573 .mib aosPhysical. TCP.mib -.MIB II (System.RMON MIB (Statistics. History.MIB II Extension (IFX table) RFC 1643 . the following SynOptics MIBS are also supported: synro193.Bridge MIB RFC 1757 .mib -.SynOptics Root MIB s5roo117.mib In addition. Alteon OS SNMP agent supports the following standard MIBs: RFC 1213 .mib aosLayer7.mib aosLayer4.

0.3ad MIB for LACP The following SNMPv3 MIBs are supported: RFC 2571 .USM MIB RFC 2575 . Signifies that the default gateway is down. Signifies that the default gateway is up and in service Signifies that the default gateway is alive but not in service Signifies that the real server is up and operational Signifies that the real server is down and out of service Signifies that the real server has reached maximum connections 472 Appendix B: Alteon OS SNMP Agent 315393-J.Community MIB Alteon OS SNMP agent supports the following generic traps as defined in RFC 1215: ColdStart WarmStart LinkDown LinkUp AuthenticationFailure The SNMP agent also supports two Spanning Tree traps as defined in RFC 1493: NewRoot TopologyChange The following are the enterprise SNMP traps supported in Alteon OS: Table 10-7 Alteon OS-Supported Enterprise SNMP Traps Trap Name Description altSwDefGwUp altSwDefGwDown altSwDefGwInService altSwDefGwNotInService altSwSlbRealServerUp altSwSlbRealServerDown altSwSlbRealServerMaxConnReached Signifies that the default gateway is alive.SNMP Frame work RFC 2572 .Alteon OS 22.MPD MIB RFC 2573 . January 2005 .VACM MIB RFC 2576 .2 Command Reference RFC 1657 for BGP IEEE 802.Target MIB RFC 2574 .

altSwVrrpAuthFailure altSwLoginFailure altSwSlbSynAttack altSwTcpHoldDown An altSwSlbSynAttack trap signifies that a SYN attack has been detected. An altSwLoginFailure trap signifies that someone failed to enter a valid username/password combination. January 2005 Appendix B: Alteon OS SNMP Agent 473 . A vrrpAuthFailure trap signifies that a packet has been received from a router whose authentication key or authentication type conflicts with this router's authentication key or authentication type. An altSwTcpHoldDown trap signifies that new TCP connection requests from a particular client will be blocked for a pre-determined amount of time since the rate of new TCP connections from that client has reached a pre-determined threshold. An altSwTempExceedThreshold trap signifies that the switch temperature has exceeded maximum safety limits. The newBackup trap indicates that the sending agent has transitioned to 'Backup' state.Alteon OS 22.0. altSwTempExceedThreshold 315393-J.2 Command Reference Table 10-7 Alteon OS-Supported Enterprise SNMP Traps Trap Name Description altSwSlbBkupRealServerAct altSwSlbBkupRealServerDeact altSwSlbBkupRealServerActOverflow altSwSlbBkupRealServerDeactOverflow altSwfltFilterFired altSwSlbRealServerServiceUp altSwSlbRealServerServiceDown altSwVrrpNewMaster altSwVrrpNewBackup Signifies that the backup real server is activated due to availablity of the primary real server Signifies that the backup real server is deactivated due to the primary real server is available Signifies that the backup real server is deactivated due to the primary real server is overflowed Signifies that the backup real server is deactivated due to the primary real server is out from overflow situation Signifies that the packet received on a switch port matches the filter rule Signifies that the service port of the real server is up and operational Signifies that the service port of the real server is down and out of service The newMaster trap indicates that the sending agent has transitioned to 'Master' state. Implementation of this trap is optional.

altSwSlbSessAttack altSwFanFailure 474 Appendix B: Alteon OS SNMP Agent 315393-J. January 2005 .Alteon OS 22. An altSwFanFailure trap signifies that a fan failure has occured.0.2 Command Reference Table 10-7 Alteon OS-Supported Enterprise SNMP Traps Trap Name Description An altSwSlbSessAttack trap signifies that an SLB attack has been detected.

2. Start hyper terminal (part of Microsoft Windows) and set the following parameters: Parameter Baud Rate Data Bits Parity Stop Bits Flow Control Value 9600 8 None 1 None 3.APPENDIX C Performing a Serial Download You can perform a serial download of the new Alteon Application Switch software if you are upgrading Alteon OS directly from any image. connect the Console port of an Alteon Application Switch to the serial port of your PC that supports XModem/1K XModem. January 2005 475 . To download a serial image use 1K Xmodem at 115200 315393-J.PPCBoot 2. 2. Using the serial cable. Hold the <Shift> key down and hit D repeatedly until the following message appears: Alteon Application Switch . 1. This procedure requires the following: A computer running terminal emulation software A standard serial cable with a male DB9 connector (see your switch hardware installation guide for specifics) A binary switch firmware image (not the tftp file used for TFTP download) Use the following procedure to perform a serial upgrade. Power on the switch. 4.

. CAUTION—Do not power off the switch until you see the message: “Change your baud rate to 9600 bps and power cycle switch”. When the Console Port is successfully communicating with the PC. The switch will boot with the new software load.0_Serial. NOTE – Although slower. 6. Power off the switch.0. you will see: CCCC. 9.0. Press <Enter> on the key board of the PC that is connected to the console port of the switch.Alteon OS 22. Make sure that the new binary firmware file is available on the computer.2. ################################################################# Change your baudrate to 9600 bps and power cycle the switch ! 476 Appendix C: Performing a Serial Download 315393-J. Do *NOT* power cycle the switch Updating flash. You should see the following sample log on your screen: Alteon Application Switch . To download a serial image use 1K Xmodem at 115200 CCCCCCCCCCCCCCCCCCCCCCCCCCCCC Total bytes transferred: 0x4ff400 Extracting images. 8.2 Command Reference 5. wait for a few seconds and power the switch on... protocol: 1K XMODEM It will take about 15 minutes for the transfer to complete. January 2005 .. otherwise. "21.. the switch will be inoperable. Select <Transfer-Send File> and choose the following: file: For example.. This file can be downloaded from the CD that is shipped with the switch.img" (Or the file previously downloaded to the computer) 7. Reconfigure your terminal emulation software with the following parameters (only after you see the message displayed in step 4): Parameter Baud Rate Data Bits Parity Stop Bits Flow Control Value 115200 8 None 1 None NOTE – You can perform serial downloads at 57600 baud rate by pressing Shift f or at 115200 baud rate by pressing Shift d.0.PPCBoot 2. XMODEM will work too if you choose not to use 1K MODEM.

ICMP. network address translation can be said to have taken place. because it translates the destination IP address from the Virtual Server IP address. UDP.) A group of real servers that are associated with a Virtual Server IP address. No NAT is when neither source nor destination IP addresses are translated. or a filter. Can be any value represented by a 8-bit value in the IP header adherent to the IP specification (for example. The destination port (application socket: for example. the value given to a Virtual Router to determine its ranking with its peer(s). The protocol of a frame. Default is 100. OSPF. A higher number will win out for master designation.Glossary DIP (Destination IP Address) Dport (Destination Port) NAT (Network Address Translation) The destination IP address of a frame. In VRRP. Virtual server-based load balancing uses half NAT by design. TCP. Minimum value is 1 and maximum value is 254. half NAT is when the destination IP or source IP address is changed from one address to another. preemption will cause a Virtual Router that has a lower priority to go into backup should a peer Virtual Router start advertising with a higher priority. Full NAT is when both addresses are changed from one address to another. and so on. http-80/https-443/DNS-53) Any time an IP address is changed from one source IP or destination IP address to another address. January 2005 477 . to that of one of the real servers. In general. In VRRP. Preemption Priority Proto (Protocol) Real Server Group 315393-J.

VIP (Virtual Server IP Address) VIR (Virtual Interface Router) 478 Glossary 315393-J. Instead.Alteon OS 22. Real Server IP Address. or transparent Web cache. Protocol. An IP addresses that the switch load balances to when requests are made to a Virtual Server IP address (VIP). This filter intercepts traffic based on certain IP header criteria and load balances it. The source IP address of a frame. requests are transparently intercepted and “redirected” to a server group. client or server designation (increments priority by 2 for each reals: healthy real servers (increments by 2 for each healthy real server) hsrp: HSRP announcements heard on a client designated port (increments by 10 for each) An IP address that the switch owns and uses to load balance particular service requests (like HTTP) to other servers. a filter is configured in the switch. Therefore. SPort/Range or DPort/Range. or NAT (translation of either the source IP or destination IP address). The action on a filter can be Allow. You can track the following: Vrs: Virtual Routers in Master Mode (increments priority by 2 for each) Ifs: Active IP interfaces on the Alteon Application Switch (increments priority by 2 for each) Ports: Active ports on the same VLAN (increments priority by 2 for each) l4pts: Active Layer 4 Ports. Redirect to a Server Group. spam filter. HTTP-80/HTTPS-443/DNS-53). Tracking can be very valuable in an active/active configuration. Deny. a method to increase the priority of a virtual router and thus master designation (with preemption enabled). In redirection-based load balancing. the destination IP address is not translated to that of one of the real servers. DIP/Range (via netmask). Filters can be configured to filter on the SIP/Range (via netmask). In VRRP. redirection-based load balancing is designed to load balance devices that normally operate transparently in your network—such as a firewall. RIP (Real Server) SIP (Source IP Address) SPort (Source Port) Tracking The source port (application socket: for example. With this type of load balancing. “Transparently” means that requests are not specifically destined for a Virtual Server IP address that the switch owns.0. January 2005 . A VRRP address that is an IP interface address shared between two or more virtual routers.2 Command Reference Redirection or Filter-Based Load Balancing A type of load balancing that operates differently from virtual server-based load balancing.

and forwards the frame to the server for which it is now destined. Frames come to the switch destined for the VIP. In VRRP. then the VRRP broadcasts will only be sent out on the VLAN of which the associated IP interface is a member. This process of replacing the destination IP (VIP) with one of the real server addresses is called half NAT.0. A VRRP address that is a shared Virtual Server IP address. and advertisements. The reason for both of these protocols is so devices have a next hop or default gateway that is always available. since the packet would have the DIP of the VIP and not that of the server (RIP). which is owned by the switch. January 2005 Glossary 479 . as well as IP interfaces. If the frames were not half NAT'ed to the address of one of the RIPs. one switch is considered the master and the other the backup. a value between 1 and 255 that is used by each virtual router to create its MAC address and identify its peer for which it is sharing this VRRP address. The backup switch is always listening for the broadcasts. With VRRP. The server would then drop the frame. All IP interfaces on the Alteon Application Switch must be in a VLAN. For a more detailed description. updates the relevant checksums. Should the master stop advertising. If they didn’t. then the VRID number needs to be identical on both switches so each virtual router on each switch knows whom to share with.0. The switch then replaces the VIP and with one of the real server IP addresses (RIP's). The VRRP MAC address as defined in the RFC is 00-00-5E-00-01-{VRID}. VSR is Alteon WebSystems’ proprietary extension to the VRRP specification. the two switches would fight for ownership of the Virtual Server IP address. This is one of the IP interfaces that the switch is assigned.18.Alteon OS 22. and the ARP tables in the devices around them would have two ARP entries with the same IP address but different MAC addresses. by the switch.0. If there is more than one VLAN defined on the Alteon Application Switch. Requests destined for a Virtual Server IP address (VIP). are load balanced to a real server contained in the group associated with the VIP. The switch announces this change in ownership to the devices around it by way of a Gratuitous ARP. the backup will take over ownership of the VRRP IP and MAC addresses as defined by the specification. forcing the packet up to Layer 3. Network address translation is done back and forth. These advertisements are sent via a broadcast message to an address such as 224. Two or more devices sharing an IP interface are either advertising or listening for advertisements. One virtual router is associated with an IP interface. Virtual Server Load Balancing VRID (Virtual Router Identifier) VRRP (Virtual Router Redundancy Protocol) VSR (Virtual Server Router) 315393-J.2 Command Reference Virtual Router A shared address between two devices utilizing VRRP. If you have a VRRP address that two switches are sharing. Classic load balancing. The switches must be able to share Virtual Server IP addresses. a server would receive the frame that was destined for it's MAC address. as defined in RFC 2338. The master is always advertising via the broadcasts. If the backup switch didn't do the Gratuitous ARP the Layer 2 devices attached to the switch would not know that the MAC address had moved in the network. refer to RFC 2338. A protocol that acts very similarly to Cisco's proprietary HSRP address sharing protocol. as requests come and go.

January 2005 .2 Command Reference 480 Glossary 315393-J.Alteon OS 22.0.

. 453 administrator account ................................................. 312 Numerics 1K XModem ....... 32 link..................................................................... 365 / command ........................... 32 auto-negotiation ......... 354 ptcfg .......................................... 93 Address Resolution Protocol (ARP) address list ... 274...... 314 aging STP bridge option ......................................................... 24.................................................................. 229 applying configuration changes ....................................... 386 filter states...... 344 active switch configuration gtcfg ................................................ 447 backup server activations (SLB statistics) ............................... 447 active FTP SLB parsing statistics ............................. 441 active configuration block ...... 269 A abbreviating commands (CLI) ................................................................ 86 application redirection ..................................... 364 apply (global command) ............................. 17 admpw (system option) .......................................................................... 230................... 344 active port VLAN ........ 33 autonomous system filter action ...................................................................................... 358 within real server groups ............................................................... 354 active switch.............................. 312 as ....................................................................... 475 3000 series...... 49 [ ].......................................... 27 B backup SLB real server group option . 262 advertisement of virtual IP addresses ............................................................................................Index Symbols (MD5) ...................... saving and loading configuration .............. 229 ASCII terminal ............ 400 addr ARP entries.............................. 173.................................................................... 312 aspath ..... 291 STP information .. 272..... 386 activating optional software ............... 195 bandwidth management configuration ................................................................... 52 access control system ............................................. 312 autonomous system filter path action ..................... 344 active Layer 4 processing .................................. 276 setup.................. 365 backup configuration block . 32 enable/disable on port .... 33 port speed................................... January 2005 ................................................................................................................................................................... 259 action (SLB filtering option) ........................ 359........................................................................ 281 481 315393-J................................................... 188 active IP interface ............................................................... 453 IP route tag ................ 20 autoconfiguration duplex mode .................................... 354 restoring . 282 bandwidth management contract configuration . 268...... 422 (SLB real server group option) content ........................ 354 add SLB port option ................................... 234........................ 32................................................................. 279 contracts .......... 280 bandwidth management contract precedence value ..... 32.......................................... 111 filters ........... 230...........................

........................................326 redistribution configuration ...................Alteon OS 22......................................327 peer .....................................284 over the limit TOS .... 19 to 25..................................440 BPDU.......................285 reserve limit ..........................284 buffer limit ...............................86 boot options menu ....327 binary ...........................19 BGP configuration.232 bootstrap protocol .................................86 Bridge Protocol Data Unit (BPDU) ...................439 bandwidth management policy configuration ...........................93 keep-alive time ................................................................... 199 switch processor contract statistics .....................284 soft bandwidth limit ................................285 bandwidth management statistics . 200 history statistics ........... 49 shortcuts ..................... 454 clearing SLB statistics ................................................................ 457 FDB entry ................. 47 commands abbreviations ........................................................... 52 stacking .........................................93 configuration...............332 Border Gateway Protocol .................................................... 199 C capture dump information to a file. 399 command (help) .........................................................325 peer configuration ......... 203 port .......................443 BOOTP ........................................................................................................ See Bridge Protocol Data Unit............................................................................... border router ....................... for STP ........................................................................232 baud rate console connection ............475 binary firmware image ......................................................................................290 broadcast IP route tag .................. 93 IP route type ................................475.......................................................................198 banner (system option)...... 456 Cisco Ether Channel .............328 remote autonomous system ........................86 STP transmission frequency ...........................................377 BLOCKING (port state)................................................................................... bridge parameter menu......... 453 dump information ............................................................172........ 199 switch processor rate contract statistics .............................. 476 BBI ................................. 52 conventions used in this manual ..............................................284 underlimit TOS ............................................................... 27......................290 Bridge Spanning-Tree parameters ........285 hard bandwidth limit ................................ 292 clear ARP entries ...........289 bridge priority . 297 broadcast IP address ............................ 36 Browser-Based Interface ......................0............30 system option ............................................................................................. 49 Command-Line Interface (CLI) .........................327 IP address........................ 452 routing table ..............................324 iBGP........................................................326 IP route tag .............................................. 17 global commands .................................324 Border Gateway Protocol (BGP) operations-level options ............................................................................. 52 tab completion ..................................476 binding failure ........................... 52 482 Index 315393-J..............................327 router hops. 19 BWM contract rate statistics.. 201 contract statistics...................................................................................................................................................................................2 Command Reference Bandwidth Management options operations-level options ........324 eBGP ................ 92 broadcast domains ..........................................................324 in route ..................................................21 setup (enable/disable) .................................. 196 client traffic processing ...........................................................20 serial download .......................................................... January 2005 .................................. 194 binding table .........

....... 304 Layer 4 administrator password ..................................................................................... 86 STP port option.................... 240..................... 302 dump command ............................................................................. 211 cur (system option) ..... 475............... 195 dump configuration command .................. 447 backup...... 333 configuration block active .. 449 state information ........ 274...... 229 dip (destination IP address for filtering) .................. 276 Gigabit Ethernet .... 173........... 353 setup command . 387 DNS statistics ........ 268................ 268... 447 selection ...................................................... 20 via Telnet.................... load balancing for ................................ 24 delete FDB entry .................................... 452 deny (filtering) ..................... 273............... 377 console port communication settings ................ 227 configuring routing information protocol ................. 232 daylight savings time .... 271.................... 266... 209.......................................... 292 route cache.......................................................... 365 contracts....................................................... 302 default gateway IP address ...................................... 278 port trunking .........0......................... 266 flow control ... 275 VLAN IP interface ......... 229 VLAN default (PVID) ....................................................................................................................................... 271........................................ 243 debugging . 268... 270............................................................................... No Server Available (dropped frames) ... 353 effect on Spanning-Tree Protocol ................................. 240 user password ..... 313 connecting via console . 347 round robin................ 353 maintenance ............................................ 211 CPU utilization ................. for health checks.................................... 172....................... 306 save changes ...... 272........................... January 2005 Index 483 .. 21 connection timeout (Real Server Menu option) ........................................................................................... 262 apply changes .... 387 direct (IP route type) ........ 353 switch IP address .................................. 30 system option . 95 diff (global) command. 449 default gateway information ................................... 447 configuration menu ..................................................................... 270....... 275 VRRP .......... 25 Distributed Site State Protocol (DSSP) setting update interval ....... 194 D date setup................ 160 Domain Name System (DNS) health checks . 276 port link speed ............. for health checks ........................................................... 368 downloading software . 20 serial download settings ................................................................ 267...................................................... 270......................... 271.................................................... 306 DISABLED (port state) ................................................................ 266...................................................... 444 dropped frames (No Server Available) counter ........................... 173.........................2 Command Reference configuration administrator password . .. 270 cost STP information .......................................................................... 195 designated port............................. 301 TACACS+ ............. 92 directed broadcasts.... 347 default password ............. 302 metrics ................................................. viewing changes .............................. 261 view changes...... 262 operating mode .............. 272 IP static route ................................ 280 copper ports ..... 20 connecting ........................ 476 content SLB real server group option .... 276 port mirroring ........................................................... 243 current bindings .. 86 disconnect idle timeout ............ 90 interval..................... bandwidth management .............................................................. 195 CPU statistics ....................................................................................Alteon OS 22................................. 229 default gateway interval............... 402 dmask destination mask for filtering . 292 counters.. 447 factory ............. 229 setup ................ 229 Fast Ethernet ....................... 301 VLAN tagging ............................................................. 457 315393-J........................................................................................................................................................................................................... 209..............

............................. 272 global commands................................... 347 Hot Standby Router Protocol (HSRP) priority increment value for L4 client ports .........181 filtered (denied) frames ........... 180 gtcfg (TFTP load command) ...... 386 retry....... 417 Greenwich . 342 HP-OpenView .............................................................78 Forwarding Database Menu.......................................................266 Fast Ethernet.............187 filter statistics ............................... 271..... 32 hash metric ................................... 266............ January 2005 ..............93 flag field. 27.............................................................145 fiber optic ports .......................451 forwarding state (FWD) ......... 338 VRRP priority increment value ............. 423 SNMP ................ 119 setup . 338.......54...............................86 H half-duplex .......................................................................................25................... 272 Gigabit Ethernet configuration ...........................290 FwdDel (forward delay). 270......................... bridge port ..... 344 VRRP priority increment value ........... 370 health check types......................................................... 367 layer information .............................449 delete entry ...........................368 FTP SLB maintenance statistics................................................ 276 setup .......................................Alteon EMS ........452 Forwarding Database Information Menu ............................ 177 global SLB statistics ............................................. 302 script .454 G gig (Port Menu option) .... 19 hprompt system option .................................................173.................................... 87 FTP server health checks ................................................. 346 use with VRRP ............................ 270.........................................................475 EtherChannel as used with port trunking .............95 flow control ............................................................... 119 configuring ..................39 emulation software ............................................. 266........38 first-time configuration ........................0............................................................268.......................... 174 grace graceful real server failure ...79..................................... SLB ........................ 367 health checks................................447 factory default configuration ...................54.............................. 110 parameters for most protocols .................. 266.........................Alteon OS 22....... 302 IDSLB.2 Command Reference duplex mode ..387 Final Steps.........................292 F factory configuration block ..........189 full-duplex ... 368 redirection (rport) .................................32................................................................... 33 forwarding configuration IP forwarding configuration ..................... 344 hot-standby failover ........................ 272 Gigabit Ethernet Physical Link .........189 FTP SLB statistics dump ................. 425 WAP ..................................................................... See Hot Standby Router Protocol.............32 dynamic routes ................................ 86 help .....................................32 fwd (STP bridge option) . 28 Fast Ethernet Physical Link .................................................................................................................................................... 195 filters IP address ranges ...............................................417 FDB statistics ........................................................................................ 49 global SLB maintenance statistics ........ 354 E EMS.......... 346 Hot Standby Router VLAN (HSRV) use with VRRP .272 File Transfer Protocol ................. 69................................... 27 to 43 fixed IP route tag . configuring ports for ............. 86.......... 25...................266 fastage ......................... 314 Hot Standby Router on VLAN (HSRV) use with VLAN-tagged environment .... 232 HSRP............... 270............................. retries ................................. 49 host routes .................................................................306 forwarding database (FDB) ........................................................ 242 group .... 360 default gateway interval...........32 link status ........................... number of failed health checks ..................................................... 484 Index 315393-J............. 426 hello STP information ................................................................................................................................................... 369.................. 274....... 242 Greenwich Mean Time (GMT) .........................

.............................. 54.......... 297 I ICMP statistics ..... 368 redirects (Global SLB option) .. 268.................................................. 92 local network for route caching ............ 344 configuring address ......................... 306 local networks for route caching ...................................................... selecting ............ 271.............................................. 154 interface statistics .................................................. 307 Telnet .................. 446 IMAP server health checks ....... 90........... 24 Layer 4 processing active........................... See IP subnets........ 69......... 195 indirect (IP route type) ........................................ 161 idle timeout overview............................. 93 priority increment value (ifs) for VRRP .......................................................................................................................... 35 IP forwarding .............. 308 IP port configuration ............... 302 filter ranges ......... 173.............................. 69............................................. 422 LEARNING (port state) . 262 Layer 4 administrator account............................. 85........................... 368 imask (IP address mask) ....................... 367.............. 54 command ................. 35 tag parameters ............................... 104 IP interface .. 422 IP interfaces . 276 link status........ 93 IP Static Route Menu ........................................................................0.............................. 92 Information Trunk Group Information..................................... 119 duplex mode . 259 http ............................................................ 119 Link Status Information .................. 172............. 35............................................................................................. 163 IP address ...... 21 configuring default gateway .................Alteon OS 22......................................... 330 IP Route Manipulation Menu ............... 441 license password ................................................................................................................................................................................................................................................................................ 184 layer 7 SLB string statistics .......... 315393-J............................................ 306 local route cache IP address ranges for...................................... 441 link speed................. 330 directed broadcasts ................ 35 ARP information ... 304 IP statistics ............................................................... 301 active ... See Hot Standby Router Protocol.......................................................... 35 local route cache ranges ......................................................2 Command Reference HSRV...1d Spanning-Tree Protocol .............................................................................................................................................. 90 IP Information Menu . 155 IP subnet mask ..................... 90 lnet (routing option) ............. 90 local (IP route type) .......................................................... 94 BOOTP ........ 402 system option ........ 183 layer7 redirection statistics ......... 87 Information Menu ............ 416 IP configuration via setup ................... 35 IP subnets VLANs .......................................... 119 port speed............................................................. January 2005 Index 485 ..................... 346 IP network filter configuration .................................................................... 307 log syslog messages ............... configuring ............................... 90 IP route tag . 444 software................ 53 Interface change stats . 86 least connections (SLB Real Server metric) ....................................................... 25 IDSLB health checks ..................................................... 233 logical segment.......... 182 LDAP version ....................................... 54.......... 370 licence certificate ........ 301 L l4apw (L4 administrator system option) ........ 259 HTTP health checks on any port (aphttp) ........................................................................................... 416 incorrect VIPs (statistic) ....... 21 IP address mask for SLB ............................ 387 IP interface .......................................... 454 IP routing ......................... 246 LISTENING (port state) ................ HTTP application health checks .... 301 configuring VLANs ............................................ 367 IEEE standards 802................................ 344 layer 7 SLB maintenance statistics ....................................................................................................................................................... 288 image downloading ............. 86 lmask (routing option) ........... 306 IP forwarding information ..... 119 linkt (SNMP option) ....... 194 incorrect Vports (dropped frames counter) .............................................. 92 information ..........................

.................. 78......................................................172............................... 325 general ....................................................0.....................................................173..............92 multi-links between switches using port trunking...............................................55 manual style conventions .......................19 non TCP/IP frames ...206 MP. 151 hello.............386 network management ...........................................................153 Network Address Translation (NAT) filter action ....... See Management Processor........ 195............................. 441.............317 MD5 key ...86 mcon (maximum connections) ..................... 442 OSPF area types ........................................ 292 mxage (STP bridge option) ................................................. 451 notice ...................... 242 switch location ......... 317 authentication key .......47 Command-Line Interface (CLI) .................................320 media access control.......... 322 dead.................. 436 operations-level VRRP options ...............................301 MaxAge (STP information) ............................................... 440 operations-level BWM options ........................55............................................................................................416 mnet management traffic IP address for SLB .... 315 ospf area index ................................21 Main Menu .......................... authentication parameter of a hello packet ................................. 315 cost of the selected path ...................................................................... 321 export ..................... 49 operating mode................................................ January 2005 .92 mask IP interface subnet address .................... See MAC address.................................... 127 activating .................................... health parameter of a hello packet .. 54.....................................................................449 Management Processor (MP).............................................................................................................................. SLB .........................................87..........367..364 metrics..... multicast IP route type ....................416 monitor port................... 370 Miscellaneous Debug Menu . 315..... 320 configuration ..................................................................... declaring a silent router to be down ............................... 441 removing ........................... 435 operations-level SLB options ..... 320 dead......................... 271......... 440 Operations-Level Port Options ...................455 mmask IP address mask for SLB ...... 276 operations menu .........................278 mp packet .................... metric SLB real server group option............................................ 439 operations-level IP options ..... 98....................48 Maintenance Menu ........................... 323 fixed routes .......Alteon OS 22.....................455 display MAC address ..........2 Command Reference M MAC (media access control) address.370 minimum misses (SLB real server metric) .93 IP route type (filtered out) .......... 433 operations-level BGP options .................... N nbr change statistics................................................................................. 151 global ............. 320 cost value of the host ......17 martian IP route tag (filtered) ................................................................................290 O octet counters .........................................316 MD5 cryptographic authentication .......................................... 194 486 Index 315393-J......................................... 243 NTP time zone ..... 94.......25 summary ..................................................... configuring .................. 179 online help ........... 439 optional software . 365 MD5 authentication key .. 268.................. 232 NTP synchronization ................

................................................... 336....................................................... 32 port states UNK (unknown) ........ 316 Not-So-Stubby Area ...................... 188 Password user access control .......................... 150 overflow server activations ....................... 265 port flow control.......... 54........................................................................................................................... 119 port speed ...... 318 stub area ................... 292 ports configuration .......... 322 host routes ................................................... 86 RJ-45......................... 315 interface configuration ....... 119 auto-sense ................... 342 priority (STP port option) ...................................................... 111 STP port priority ........... 318 transit area ..................... 92 Passive FTP SLB Parsing Statistics ...... 323 spf............... 120 IP status ............................................................................... 32 setup......................... 457 switch (and Maintenance Menu option) ............................................................. 31 disabling (temporarily).................. 198 port configuration ...... 69............................ 377 ping ................ January 2005 ....... 278 Port number ....................................................... 321 virtual neighbor............................. 88 priority.... 239 proxies IP address translation . 173................................ 54..... 100 OSPF Information .....................Alteon OS 22........................................ 430 poisoned reverse........ 321 OSPF Database Information ....................... 292 port trunking configuration ................... 360 321 persistent bindings real server .. 90 membership of the VLAN .......................... shortest path first ................................................. 101 OSPF general ................................. 272 port mirroring configuration ..................... 266.................................. 98 OSPF Information Route Codes ........ 449 parameters tag ......... 24 VRRP authentication ...................0..................................................................................................................................................................... 317 transit delay ......... 317 virtual link ................................ 120 preemption assuming VRRP master routing authority ...................................................... 292 VLAN ID.... 277 information ............................................................................. 93 type.......................... 79 port trunking description ................ 78................................................ 50..................... 316 route redistribution configuration .... 337 virtual router ........... Port Menu configuration options ................................. 368 port bandwidth management switch processor statistics switch port contract statistics menu............ 315 redistribution menu .......................................................................... 317 priority value of the switch interface.............................. 314 POP3 server health checks......................... See flow control..... 23 315393-J................................................... 317 summary range configuration .................. 265 SLB state information .................................. 316 interface ............................................................. 320 type......... 102 OSPF statistics .............2 Command Reference host entry configuration . 261 password administrator account ........................... 99 OSPF General Information .... 319 link state database ..................................................................................................................... 24 L4 administrator account .............. 24 user account ......................... 342 priority virtual router .............................. 270..................................................................................................................................... 316 MD5 authentication key....... 270 configuring Fast Ethernet ............................... as used with split horizon .......................................................................... 345 passwords ............... 315 virtual link configuration ............. router ID .................................................................................... 359 PIP ............................................................................................................................... 195 overflow servers ........................................................................................... 361 Index 487 199 P panic command ... 292 prisrv primary radius server .... 24 default ...................... 320 range number ............................................................. 266 configuring Gigabit Ethernet (gig) ............

........ 32...........................361 removing optional software ...... 33........................ 230 save command.111 proxy IP address (PIP) configuration .... January 2005 ....................442 reset key combination ................................................................................364 statistics .................................................................... 20 serial download ................430 ptcfg (TFTP save command) ............ 327 routing information protocol configuration .................................................................. 423 secret radius server .................. 457 receive flow control 32..... 33 Rx/Tx statistics.... 313 Routing Information Protocol (RIP) ...346 SLB state information .......435 remote site servers ...............................386 reference ports ..........79 referenced port ..................................180 real server groups combining servers into ...54....................................................... 370 route cache configuration .......................................................368 read community string (SNMP option) ....50 round robin as used in gateway load balancing ........... 239 secsrv secondary radius server ...................................................... 297 segmentation...........................179 real server global SLB statistics ................................................................ 423 scriptable health checks configuration .......358 real servers backup .................. 157 router hops ................ 314 poisoned reverse ...........Alteon OS 22.................................. 363 operations-level options ........... See Routing Information Protocol............ serial cable .......................................302 rip IP route tag .........................239 retry health checks for default gateway .......................................................................354 PVID (port VLAN ID)........................... 271.........................................................................175 real server group options add ........ 376 RTSP SLB statistics ................... 190 rx flow control ........... 347 roundrobin SLB Real Server metric ...180 real server SLB configuration .......................0....................................................................95 remote monitoring on the port (rmon) .......................................... 120 pwd ............50 R RADIUS server authentication ...........................................245 real server statistics .... 359 488 Index 315393-J.......................110 reboot ............................................................. 306 route statistics ......................................365 priority increment value (reals) for VRRP ............................................ 447 script health checks ........................................ segments......449 restarting switch setup ..................93 RIP...... 238 security VLANs..449................ 436 real server weights ........................................................................................................................... 93 options ............................................ 367...................... 274...........29 retries radius server ........................................................................................364 real server group statistics ........442 S save (global command) ......................... 152 Q quiet (screen display option) ........ See IP subnets.. 277 redir (SLB filtering option) ............. 314 split horizon ........................ 229 noback option ............................................................................................................366 real server group SLB configuration.......... 239 Secure Shell ........................................... 475 Server Load Balancing IDS ......... See IP subnets..... 314 version 1 parameters.........................................................2 Command Reference proxy IP address (PIP) ............................ rmkey ........................................................................................................... 276......................................................................................................................... 268...................................................... 313 rport SLB virtual server option ....................

....................................................... server port mapping ....................................................................... 368 ldap ........................................ real server IP address .................................................................. 30 system time ........................................................................................... 361 tmout (time out) .................................. 455 SNMP ........ 110 SLB layer7 statistics ........................................ 270 SIP (source IP address for filtering) ................. 353 setup facility .................................... 367 SNMP ...................................................................................................................................................................................................................................... 31 starting ... 367 ftp .......................... 425 SNMP health checks ................................................. 367 udpdns .......... 32 IP configuration ........................... 245 set and get access ....... 187.............. 34 SFD statistics mp specific ........... 32 restarting ................................................................................................................ 19....... 368 http........................................................................... 368 script . 29 Spanning-Tree Protocol .................... 364 SLB real server option backup .... 245 SNMP Agent ............................................ 368 smtp ................. 194 315393-J................................................... 387 smtp ......................... 34 VLAN port numbers ...................................................... 367 icmp ...................................... 359 restr (restore) SLB real server UDP option ..................................... 369 SLB real server group option application health checking .................................... January 2005 Index 489 ........................... 360 RIP............................................................... 130 health checks ......................................... 425 HP-OpenView ............ 373 setup configuration ............... 400 server traffic processing ........................... 360 intr (interval) ........................................... 34 VLAN tagging ..... 232 SMTP server health checks ....................... alias for each real server ... 367 dns ........ 387 SLB filtering option action ....................................................... 359 slowage ..................................................... 399 health check ........ 369 sslh..... 25............................................................................................ 353 setup command........................ 19 menu options ........................... 32...................................................................... 33 VLANs .......................................................................................................................................... 33 port speed ......................... 471 SNMP health check configuration .................. 356 Server Load Balancing Maintenance Statistics Menu ................................................................................................................ 360 retry .............. 30 duplex mode ................................ 218 186.................................................................................... 359 submac ............ 368 wtls ......................................................... 27 BOOTP ...................................................................................... 368 snap traces buffer . 35 IP subnet mask . 360 session identifier ...................... 367 health check types ....................................................................... 370 port options .............................. 368 wsp ........... 368 tcp ................................................... 365 metric .............................................................. 28 stopping...................... 209 SFP GBIC ports ............................................................................... 30 VLAN name .........2 Command Reference server load balancing client traffic processing........... 386 SLB Information .................................................................................................. configuration .......................................................................................................... 417 smask source mask for filtering ..................... 35 port auto-negotiation mode ............................................ 32.................................................................................................. 360 maxcon (maximum connections) ........................................................... 29 system date ............ 272 shortcuts (CLI) . 111 server traffic processing ............................................................................... 52 single-mode ports .............. 31 port flow control .................................. 367 metrics ................. 399 server load balancing configuration options ................ 369 SNMP statistics ...................................... 359 name......................................................Alteon OS 22.. 367 imap ..........0........................................ 369 radius ......................................... 399 Session Binding Table ........................... 182 SLB real server group health checks arp........................... 33 port configuration .. 360 weights ........................................................................................ 365 health checking ......

..............................Alteon OS 22.............................314 SSL ..........35 subnets ...........288 Spanning-Tree Protocol .................. January 2005 ............................................................86...............................................................................0....86 port cost option .418 490 Index sync ..........441 software image ...28 state (STP information) .290 bridge priority ............................. 52 tacacs ............... 243 date . 259 l4apw (Layer 4 administrator password) ............................................................................................................................ 354 315393-J............................... 259 tnport ............31 switch reset effect .................... 354 TFTP server .................................................441 SYN attack detection configuration ............................................................ 290 setup (on/off) ......................301 switch resetting ...........39 software image file and version ....................180 management processor ....... 368 source and destination ports....................................................................................................................................................... 232 HTTP access .............292 root bridge .......... 353 telnet radius server ..................304 static routes Routing Information Protocol (RIP) .................. 451 system options admpw (administrator password) ...............................................87............ 20 text conventions .......................................................................................................................301 subnet mask .....................................29 subnet address maskconfiguration IP subnet address .................... 232 time................ 385 TCP statistics ............................................................................................................................................................................................. 240 TACACS+ ........................... 233 system contact (SNMP option) ..................................455 display trace buffer ............ 17 TFTP .......55 license ............................................................................................................................................. 21 configuring switches using ...................................................................448 Switch Processor (SP)........................................... 245 date and time ......................... 53......... 21 BOOTP ............... 261 system parameters... 259 System Maintenance Menu ................................314 statis route add .........................129 stopping switch setup. 208 Telnet ........377 secure socket layer statistics .................................................... 240....................................................... 240.............................................................................................................2 Command Reference SNMP Support optional setup for SNMP support .....304 statistics group ................. 262 login banner ..............377 static IP route tag .... 55 location (SNMP option) .....186 stacking commands (CLI) ........................................................... 245 system access control configuration............................................................................................................ 232 tnet.291 bridge parameters ....................................................... 262 BOOTP ..............................................................................................................................................................................................52 starting switch setup .....................................................................444 SP specific statistics ......448 split horizon.................. 413.........................................................................................................................292 port priority option...............86 state information. 259 usrpw (user password) .................... 39 terminal emulation .............................. 229 bridge aging option ...... 165....... 240 Telnet support optional setup for Telnet support .... current ................. 373 health checking using ......................................................210 spanning tree configuration............................................. client system..... 436 synchronization VRRP switch................... 360 health checks ........................................................................................205 Statistics Menu ................................................................ 240 TCP fragments ........................35 IP interface ........................... 243 T tab completion (CLI) ............................................ 436 syslog system host log configuration ........... 232 hprompt .....................93 static route rem .....................455 swkey ..................................................................................................................................................... 232 cur (current system parameters) .......... 445 PUT and GET commands ...........................................

........................................................................................... 335 priority tracking options ...................................................................................................... 50 Tracking VRRP .......................................................................................................... 367 SLB state information ..................... 401 tx flow control........................... when used for NAT ...................... 444 URL for health checks ......................................................... 30 system option .............................. 341 virtual router group priority tracking ..................................... global SLB menu option) .. 167 unknown (UNK) port state ..... 343 Virtual Router Redundancy Protocol (VRRP) authentication parameters for IP interfaces .................. 25 timers kickoff.......... 335............ 455 traceroute.................................... 345 priority election for the virtual router ....... 334 master mode .. 239 timeouts idle connection ..................................................... 194 server status using ........................... 338 master preemption (preem) ........................ 93 virtual IP address (VIP) .... 346 virtual server global SLB statistics .. 32............................................................................................................... 172........... 337 Virtual Router Redundancy Protocol configuration333 virtual router sharing ........................... DNS response (global SLB menu option) V verbose ......... 273. 33 407 tnet system option .............................. 336............................................ 111 statistics ..................................................... manual ............... 79 Unscheduled System Dump ........ 33........ 297 VLAN tagging port configuration...................................................................................................................................... 154 time-to-live......... 181 virtual servers ........................................ 346 HSRV.......... 261 Uuencode Flash Dump .. 342 virtual routers HSRP failover .......... 340 incrementing VRRP instance ............. 344 HSRP priority increment value ........ authentication ............................................................................... 439 password.......... 344 HSRV priority increment value ........................... 347 increasing priority level of .......................... 342 operations-level options ..... 342 virtual router group configuration .............................. 360 source and destination ports .. 267........................................................... 87 ttl (time to live.............. 274....................................................................................................... 385 UDP statistics ............................... 111 virtual port state............................. 232 timeout radius server ................................ switch software .. 458 upgrade............................................. 259 tnport system option ................................... 456 315393-J. 342 master preemption (prio) ............ 17 tzone ............ 268........... 50 vip advertisement of virtual IP addresses as Host Routes .................................................................................. 345 group options (prio) ..................................2 Command Reference time setup . 271..... 277 transparent proxies... 317 type parameters ................ 339 transmit flow control32..... 181 VLAN active port .... 275 port restrictions ................................................................................................................................... 24 usrpw (system option) ....... 276.............................Alteon OS 22.................... 386 Trunk Group Information ....................... 208 UDP datagrams ............... 342 tracking criteria .. 92 typographic conventions..... 455 Switch Processor .................... 417 trace buffer .... 314 IP route tag .... 338........ 111 virtual router description ..... January 2005 Index 491 ......................... 337 virtual router group VRRP priority tracking ........................ 175 virtual server SLB statistics .............................. 298 setup..... 344 configuration ................................. SLB information about ........................................ 344 priority.................. 336 priority increment values (vrs) for VRRP .............. 326.................0............................ 242 U UCB statistics .................................................................................... 111 user account ...................................................................... 270.................... 33 type of area ospf... 259 TPCP (Transparent Proxy Cache Protocol) ................................................

................................................... 270....0..............35 ARP entry information .................................................................426 WAP health check wspport ............. 88 port numbers ...............................................................................................................................336 VRRP Information .....................78.105 VRRP master advertisements time interval .................................................2 Command Reference VLANs ............................335.36 multiple spanning trees .. 54....................................................................245 wspport WAP health check .425.. 342 VRRP interface configuration ............... 298 VLAN Number .425.........................342 VRRP statistics .........................................297 information .78..........34 port membership..........................................................................................................................................................426 WAP SLB statistics ...................346 write community string (SNMP option) .... 88 name setup........ setup .....................................................33......345 master advertisements ............... 426 wtlsprt .......34 security ........88 VRID (virtual router ID) ...........................................................335 tracking ..288 tagging .....................288 name ........................................ 427 WAP health check configuration ....................................................94 broadcast domains ............................................................. 120.........................425..19 weights for SLB real servers ................Alteon OS 22...266........................ January 2005 .............. 339 tracking configuration .............450 web-based management interface.................................... 427 492 Index 315393-J........ 426 wtlsprt WAP health check ....34 Spanning-Tree Protocol ............................................159 X XModem ............................. 475 275 W WAP health checks .....................88 interface ....346 virtual router sharing ..........................................192 watchdog timer ................................................. 272...........................................425.............................................................335.............................297 setting default number (PVID) ..............................371 setting virtual router priority values ..

Sign up to vote on this title
UsefulNot useful