GA-ML Series CLIリファレンス2...

レイヤ２スイッチングハブ品番 PN260493N/PN260493H/PN260494/

PN260892N/PN260893/PN260893H/

PN260894/PN261293/PN261294/

PN261692/PN261693/PN262492/

PN262493/PN264892

CLI リファレンス

• お買い上げいただき、まことにありがとうございます。• 説明書をよくお読みのうえ、正しく安全にお使いください。• ご使用前に「安全上のご注意」（21～ 25ページ）を必ずお読みください。• いかなる場合でも、お客様で本体を分解した場合には、保証対象外となります。

2

本CLI リファレンスは、以下の機種を対象としております。

各機種の対応機能は、商品仕様書をご覧ください。

品名品番ファームウェアバージョン

GA-ML4TPoE+ PN260493N 2.0.1.00 以上

GA-MLi4TPoE+ PN260493H 2.0.1.00 以上

GA-ML4THPoE+ PN260494 2.0.1.00 以上

GA-ML8TCPoE+ PN260892N 2.0.1.00 以上

GA-ML8TPoE+ PN260893 2.0.1.00 以上

GA-MLi8TPoE+ PN260893H 2.0.1.00 以上

GA-ML8THPoE+ PN260894 2.0.1.00 以上

GA-ML12TPoE+ PN261293 2.0.1.00 以上

GA-ML12THPoE+ PN261294 2.0.1.00 以上

GA-ML16TCPoE+ PN261692 2.0.1.00 以上

GA-ML16TPoE+ PN261693 2.0.1.00 以上

GA-ML24TCPoE+ PN262492 2.0.1.00 以上

GA-ML24TPoE+ PN262493 2.0.1.00 以上

GA-ML48TCPoE+ PN264892 2.0.1.00 以上

目次

安全上のご注意 ........................................................................................ 191 はじめに ...............................................................................................25

1.1 まえがき ...................................................................................... 261.1.1 本書の対象読者 .......................................................................................... 261.1.2 表記規則 .................................................................................................... 261.1.3 コマンドの概要 .......................................................................................... 271.1.4 コマンドモード .......................................................................................... 271.1.5 ユーザアカウントの作成 .............................................................................. 311.1.6 インターフェース表記 ................................................................................. 321.1.7 エラーメッセージ ....................................................................................... 331.1.8 編集機能 .................................................................................................... 34

2 運用管理 ...............................................................................................352.1 基本的な CLIコマンド .................................................................... 36

2.1.1 help ......................................................................................................... 362.1.2 enable ...................................................................................................... 372.1.3 disable ..................................................................................................... 382.1.4 configure terminal .................................................................................... 392.1.5 login (EXEC) ............................................................................................. 402.1.6 login (Line) ............................................................................................... 412.1.7 logout ...................................................................................................... 432.1.8 end .......................................................................................................... 442.1.9 exit .......................................................................................................... 452.1.10 show history .......................................................................................... 462.1.11 show environment ................................................................................. 472.1.12 show unit ............................................................................................... 482.1.13 show cpu utilization ............................................................................... 492.1.14 show version .......................................................................................... 502.1.15 show memory utilization ........................................................................ 512.1.16 show privilege ........................................................................................ 52

2.2 アクセスマネジメント .................................................................... 542.2.1 access class .............................................................................................. 542.2.2 prompt .................................................................................................... 552.2.3 enable password ...................................................................................... 562.2.4 ip telnet server ......................................................................................... 582.2.5 ip telnet service-port ................................................................................. 592.2.6 line .......................................................................................................... 602.2.7 service user-account encryption ................................................................ 612.2.8 show terminal .......................................................................................... 622.2.9 show users ............................................................................................... 632.2.10 telnet ..................................................................................................... 642.2.11 terminal length ...................................................................................... 652.2.12 terminal speed ....................................................................................... 672.2.13 session timeout ...................................................................................... 682.2.14 username ............................................................................................... 69

1

2.2.15 password ............................................................................................... 702.2.16 clear line ................................................................................................ 722.2.17 do .......................................................................................................... 72

2.3 SSH（Secure Shell） ..................................................................... 752.3.1 crypto key generate ................................................................................. 752.3.2 crypto key zeroize .................................................................................... 762.3.3 ip ssh timeout .......................................................................................... 772.3.4 ip ssh server ............................................................................................. 782.3.5 ip ssh service-port ..................................................................................... 792.3.6 show crypto key mypubkey ...................................................................... 802.3.7 show ip ssh .............................................................................................. 812.3.8 show ssh .................................................................................................. 822.3.9 ssh user authentication-method ............................................................... 83

2.4 IPユーティリティ ......................................................................... 862.4.1 ping ......................................................................................................... 862.4.2 ping access-class ...................................................................................... 872.4.3 traceroute ................................................................................................ 88

2.5 ファイルシステム .......................................................................... 922.5.1 cd ............................................................................................................ 922.5.2 delete ...................................................................................................... 932.5.3 dir ............................................................................................................ 942.5.4 mkdir ....................................................................................................... 952.5.5 rename .................................................................................................... 962.5.6 rmdir ........................................................................................................ 972.5.7 show storage media-info .......................................................................... 98

2.6 システムログコマンド .................................................................. 1002.6.1 clear logging .......................................................................................... 1002.6.2 logging on ............................................................................................. 1012.6.3 logging buffered .................................................................................... 1022.6.4 logging console ...................................................................................... 1042.6.5 logging discriminator ............................................................................. 1052.6.6 logging server ........................................................................................ 1062.6.7 logging smtp .......................................................................................... 1092.6.8 logging source-interface ......................................................................... 1102.6.9 show logging ......................................................................................... 1112.6.10 show attack-logging ............................................................................. 1132.6.11 clear attack-logging .............................................................................. 114

2.7 システムファイル管理 .................................................................. 1152.7.1 boot config ............................................................................................ 1152.7.2 boot image ............................................................................................ 1162.7.3 clear running-config ............................................................................... 1172.7.4 reset system ........................................................................................... 1182.7.5 copy ....................................................................................................... 1192.7.6 show boot ............................................................................................. 1232.7.7 show running-config .............................................................................. 1242.7.8 show startup-config ............................................................................... 125

2

2.8 時刻と SNTP（Simple Network Time Protocol） ........................... 1272.8.1 clock set ................................................................................................. 1272.8.2 clock summer-time ................................................................................. 1282.8.3 clock timezone ....................................................................................... 1302.8.4 show clock ............................................................................................. 1312.8.5 show sntp .............................................................................................. 1322.8.6 sntp server ............................................................................................. 1332.8.7 sntp enable ............................................................................................ 1342.8.8 sntp interval ........................................................................................... 135

2.9 タイムレンジ .............................................................................. 1372.9.1 periodic .................................................................................................. 1372.9.2 show time-range .................................................................................... 1382.9.3 time-range ............................................................................................. 139

2.10 ファンスピード設定 ................................................................... 1412.10.1 fanspeed .............................................................................................. 141

2.11 再起動 ..................................................................................... 1432.11.1 reboot .................................................................................................. 143

2.12 ケーブル診断 ............................................................................ 1442.12.1 test cable-diagnostics ........................................................................... 1442.12.2 show cable-diagnostics ......................................................................... 1452.12.3 clear cable-diagnostics .......................................................................... 146

2.13 DDM（Digital Diagnostics Monitoring） ................................... 1482.13.1 show interfaces transceiver .................................................................. 1482.13.2 snmp-server enable traps transceiver-monitoring .................................. 1502.13.3 transceiver-monitoring action shutdown ............................................... 1512.13.4 transceiver-monitoring bias-current ...................................................... 1522.13.5 transceiver-monitoring enable .............................................................. 1532.13.6 transceiver-monitoring rx-power ........................................................... 1542.13.7 transceiver-monitoring temperature ..................................................... 1562.13.8 transceiver-monitoring tx-power ........................................................... 1572.13.9 transceiver-monitoring voltage ............................................................. 159

2.14 OAM (Operations， Administration， Maintenance) .................. 1612.14.1 ethernet oam ....................................................................................... 1612.14.2 ethernet oam remote-loopback ............................................................ 1622.14.3 ethernet oam remote-loopback interface ............................................. 1632.14.4 ethernet oam link-monitor supported ................................................... 1642.14.5 ethernet oam link-monitor frame ......................................................... 1652.14.6 ethernet oam link-monitor frame-period ............................................... 1662.14.7 ethernet oam link-monitor recv-crc ....................................................... 1682.14.8 ethernet oam action ............................................................................. 1692.14.9 show ethernet oam configuration ........................................................ 1702.14.10 show ethernet oam discovery ............................................................. 1712.14.11 sshow ethernet oam statistics ............................................................ 173

3

2.15 CFM (Connectivity Fault Management) ................................... 175

2.15.1 cfm enable ........................................................................................... 1752.15.2 cfm domain ......................................................................................... 1762.15.3 level ..................................................................................................... 1762.15.4 service .................................................................................................. 1772.15.5 continuity-check ................................................................................... 1782.15.6 cfm mep mepid .................................................................................... 1792.15.7 show cfm ............................................................................................. 1802.15.8 show cfm domain ................................................................................ 1812.15.9 show cfm service .................................................................................. 1822.15.10 show cfm mip .................................................................................... 1832.15.11 show cfm mep local ........................................................................... 1842.15.12 show cfm mep remote ....................................................................... 185

2.16 デバッグ .................................................................................. 1872.16.1 debug show tech-support .................................................................... 187

3 インターフェース .................................................................................1893.1 インターフェース設定 .................................................................. 190

3.1.1 clear counters ........................................................................................ 1903.1.2 description ............................................................................................. 1913.1.3 interface ................................................................................................ 1923.1.4 interface range ...................................................................................... 1943.1.5 show counters ....................................................................................... 1953.1.6 show interfaces ...................................................................................... 2013.1.7 show interfaces counters ....................................................................... 2033.1.8 show interfaces status ............................................................................ 2053.1.9 show interfaces utilization ...................................................................... 2073.1.10 show interfaces fiber_module .............................................................. 2083.1.11 show interfaces auto-negotiation ......................................................... 2093.1.12 show interfaces description .................................................................. 2113.1.13 shutdown ............................................................................................ 212

3.2 スイッチポート ........................................................................... 2143.2.1 duplex .................................................................................................... 2143.2.2 flowcontrol ............................................................................................ 2153.2.3 media-type ............................................................................................. 2163.2.4 mdix ...................................................................................................... 2173.2.5 speed ..................................................................................................... 218

3.3 ジャンボフレーム ........................................................................ 2213.3.1 max-rcv-frame-size ................................................................................. 221

3.4 インターフェース省電力機能 ......................................................... 2233.4.1 line power-saving ................................................................................... 2233.4.2 line eee .................................................................................................. 2243.4.3 show line configuration .......................................................................... 225

3.5 Error Disable ............................................................................. 227

4

3.5.1 errdisable recovery ................................................................................. 2273.5.2 show errdisable recovery ........................................................................ 228

3.6 ポートセキュリティ ..................................................................... 2303.6.1 clear port-security ................................................................................... 2303.6.2 show port-security .................................................................................. 2313.6.3 snmp-server enable traps port-security .................................................... 2323.6.4 switchport port-security .......................................................................... 2333.6.5 switchport port-security aging ................................................................ 2363.6.6 port-security limit ................................................................................... 238

3.7 PoE（Power over Ethernet） ....................................................... 2403.7.1 peth shutdown ...................................................................................... 2403.7.2 peth limit ............................................................................................... 2413.7.3 peth priority ........................................................................................... 2413.7.4 peth usage-threshold ............................................................................. 2423.7.5 peth disconnection-method .................................................................... 2433.7.6 snmp-server enable traps poe ................................................................. 2443.7.7 show peth-port ...................................................................................... 2453.7.8 show peth-conf ...................................................................................... 246

3.8 PoEスケジューラ ........................................................................ 2483.8.1 peth schedule enable (Global status) ...................................................... 2483.8.2 peth schedule enable (Schedule status) .................................................. 2493.8.3 peth schedule monthly ........................................................................... 2503.8.4 peth schedule weekly ............................................................................. 2513.8.5 peth schedule daily ................................................................................ 2523.8.6 peth schedule datelist year ..................................................................... 2533.8.7 peth schedule datelist add ...................................................................... 2543.8.8 peth schedule datelist delete .................................................................. 2553.8.9 peth schedule datelist ............................................................................ 2563.8.10 peth schedule portlist ........................................................................... 2573.8.11 show peth schedule ............................................................................. 2583.8.12 show peth schedule portlist .................................................................. 2593.8.13 show peth schedule datelist ................................................................. 2603.8.14 show peth schedule configuration-by-port ............................................ 2613.8.15 show peth schedule information .......................................................... 262

3.9 PoE オートリブート .................................................................... 2643.9.1 peth auto-reboot enable ........................................................................ 2643.9.2 peth auto-reboot ping address ............................................................... 2653.9.3 peth auto-reboot ping interval ................................................................ 2653.9.4 peth auto-reboot ping timeout ............................................................... 2663.9.5 peth auto-reboot ping retry .................................................................... 2673.9.6 peth auto-reboot lldp ............................................................................. 2683.9.7 peth auto-reboot lldp timeout ................................................................ 2693.9.8 peth auto-reboot lldp retry ..................................................................... 2703.9.9 peth auto-reboot traffic .......................................................................... 2713.9.10 peth auto-reboot traffic average .......................................................... 2723.9.11 peth auto-reboot traffic interval ........................................................... 2733.9.12 peth auto-reboot traffic retry ................................................................ 2743.9.13 peth auto-reboot notify ........................................................................ 275

5

3.9.14 peth auto-reboot off-interval ................................................................ 2763.9.15 peth auto-reboot repeat ....................................................................... 2773.9.16 peth auto-reboot repeat-interval ........................................................... 2783.9.17 peth auto-reboot judge-condition ......................................................... 2793.9.18 show peth auto-reboot ........................................................................ 2803.9.19 show peth auto-reboot ping ................................................................. 2813.9.20 show peth auto-reboot lldp .................................................................. 2823.9.21 show peth auto-reboot traffic .............................................................. 283

4 レイヤ 2スイッチング ..........................................................................2854.1 FDB（Filter Database） ............................................................... 286

4.1.1 clear mac-address-table .......................................................................... 2864.1.2 mac-address-table aging-time ................................................................. 2874.1.3 mac-address-table aging destination-hit .................................................. 2884.1.4 mac-address-table learning ..................................................................... 2894.1.5 mac-address-table notification change .................................................... 2914.1.6 mac-address-table static ......................................................................... 2924.1.7 multicast filtering-mode ......................................................................... 2944.1.8 show mac-address-table ......................................................................... 2954.1.9 show mac-address-table aging-time ........................................................ 2974.1.10 show mac-address-table learning .......................................................... 2984.1.11 show mac-address-table notification change ........................................ 2994.1.12 show multicast filtering-mode .............................................................. 3024.1.13 snmp-server enable traps mac-notification change ................................ 3034.1.14 snmp trap mac-notification change ...................................................... 303

4.2 Link Aggregation Control Protocol（LACP） ............................... 3054.2.1 channel-group ........................................................................................ 3054.2.2 lacp port-priority .................................................................................... 3074.2.3 lacp timeout ........................................................................................... 3084.2.4 lacp system-priority ................................................................................ 3094.2.5 port-channel load-balance ...................................................................... 3104.2.6 show channel-group .............................................................................. 311

4.3 VLAN（Virtual LAN） .................................................................. 3144.3.1 acceptable-frame ................................................................................... 3144.3.2 ingress-checking ..................................................................................... 3154.3.3 mac-vlan ................................................................................................ 3164.3.4 protocol-vlan profile ............................................................................... 3174.3.5 protocol-vlan profile (Interface) .............................................................. 3194.3.6 subnet-vlan ............................................................................................ 3204.3.7 show protocol-vlan profile ...................................................................... 3214.3.8 show vlan .............................................................................................. 3234.3.9 switchport access vlan ............................................................................ 3254.3.10 switchport hybrid allowed vlan ............................................................. 3274.3.11 switchport hybrid native vlan ................................................................ 3284.3.12 switchport mode .................................................................................. 3294.3.13 switchport trunk allowed vlan .............................................................. 3304.3.14 switchport trunk native vlan ................................................................. 3324.3.15 vlan ...................................................................................................... 3344.3.16 vlan precedence ................................................................................... 335

6

4.3.17 name ................................................................................................... 336

4.4 インターネットマンション ............................................................ 3384.4.1 internet-mansion .................................................................................... 3384.4.2 show vlan .............................................................................................. 339

4.5 ポートグルーピング ..................................................................... 3414.5.1 port-group ............................................................................................. 3414.5.2 show port-group .................................................................................... 342

4.6 プライベート VLAN ..................................................................... 3444.6.1 private-vlan ............................................................................................ 3444.6.2 private-vlan association .......................................................................... 3454.6.3 private-vlan synchronize ......................................................................... 3464.6.4 switchport mode private-vlan ................................................................. 3474.6.5 switchport private-vlan host-association .................................................. 3494.6.6 switchport private-vlan mapping ............................................................ 3504.6.7 show vlan private-vlan ............................................................................ 351

4.7 Asymmetric VLAN .................................................................... 353

4.7.1 asymmetric-vlan ..................................................................................... 353

4.8 音声 VLAN ................................................................................. 3544.8.1 voice vlan ............................................................................................... 3544.8.2 voice vlan aging ..................................................................................... 3554.8.3 voice vlan enable .................................................................................... 3564.8.4 voice vlan mac-address ........................................................................... 3574.8.5 voice vlan mode ..................................................................................... 3594.8.6 voice vlan qos ........................................................................................ 3604.8.7 show voice vlan ...................................................................................... 361

4.9 GVRP（GARP VLAN Registration Protocol） ............................... 3644.9.1 clear gvrp statistics ................................................................................. 3644.9.2 gvrp global ............................................................................................. 3654.9.3 gvrp enable ............................................................................................ 3664.9.4 gvrp advertise ........................................................................................ 3674.9.5 gvrp vlan create ..................................................................................... 3684.9.6 gvrp forbidden ....................................................................................... 3694.9.7 gvrp timer .............................................................................................. 3704.9.8 show gvrp configuration ........................................................................ 3714.9.9 show gvrp statistics ................................................................................ 373

4.10 NLB（Network Load Balancing） .............................................. 3754.10.1 nlb unicast-fdb ..................................................................................... 3754.10.2 nlb multicast-fdb .................................................................................. 3764.10.3 show nlb fdb ........................................................................................ 378

4.11 L2PT（Layer 2 Protocol Tunnel） .............................................. 3804.11.1 clear l2protocol-tunnel counters ........................................................... 3804.11.2 l2protocol-tunnel ................................................................................. 381

7

4.11.3 l2protocol-tunnel cos ............................................................................ 3824.11.4 l2protocol-tunnel drop-threshold .......................................................... 3834.11.5 l2protocol-tunnel global drop-threshold ................................................ 3854.11.6 l2protocol-tunnel shutdown-threshold .................................................. 3864.11.7 l2protocol-tunnel mac-address ............................................................. 3874.11.8 show l2protocol-tunnel ........................................................................ 389

4.12 ループ検知・遮断 ...................................................................... 3924.12.1 line loopback enable (Global) ............................................................... 3924.12.2 line loopback (Interface) ....................................................................... 3934.12.3 line loopback mode .............................................................................. 3944.12.4 line loopback recovery .......................................................................... 3954.12.5 show line loopback configuration ......................................................... 3964.12.6 show line loopback history ................................................................... 3974.12.7 clear line loopback history .................................................................... 3984.12.8 snmp-server enable traps line loopback ................................................ 399

5 トラフィック制御 .................................................................................4015.1 ACL（Access Control List） ......................................................... 402

5.1.1 access-list resequence ............................................................................ 4025.1.2 acl-hardware-counter ............................................................................. 4045.1.3 action .................................................................................................... 4055.1.4 clear acl-hardware-counter ..................................................................... 4075.1.5 expert access-group ............................................................................... 4085.1.6 expert access-list .................................................................................... 4095.1.7 ip access-group ...................................................................................... 4105.1.8 ip access-list ........................................................................................... 4115.1.9 ipv6 access-group ................................................................................... 4135.1.10 ipv6 access-list ...................................................................................... 4145.1.11 mac access-group ................................................................................. 4155.1.12 mac access-list ...................................................................................... 4175.1.13 match ip address .................................................................................. 4185.1.14 match ipv6 address .............................................................................. 4195.1.15 match mac address .............................................................................. 4205.1.16 permit | deny (expert access-list) ......................................................... 4215.1.17 permit | deny (ip access-list) ................................................................ 4265.1.18 permit | deny (ipv6 access-list) ............................................................. 4315.1.19 permit | deny (mac access-list) ............................................................. 4365.1.20 show access-group ............................................................................... 4385.1.21 show access-list .................................................................................... 4395.1.22 show vlan access-map .......................................................................... 4415.1.23 show vlan filter .................................................................................... 4425.1.24 vlan access-map ................................................................................... 4435.1.25 vlan filter .............................................................................................. 444

5.2 QoS（Quality of Service） ........................................................... 4465.2.1 class ....................................................................................................... 4475.2.2 class-map ............................................................................................... 4485.2.3 match .................................................................................................... 4495.2.4 mls qos aggregate-policer ...................................................................... 4525.2.5 mls qos cos ............................................................................................ 454

8

5.2.6 mls qos dscp-mutation ........................................................................... 4565.2.7 mls qos map cos-color ............................................................................ 4575.2.8 mls qos map dscp-color .......................................................................... 4585.2.9 mls qos map dscp-cos ............................................................................. 4595.2.10 mls qos map dscp-mutation .................................................................. 4605.2.11 mls qos scheduler ................................................................................. 4625.2.12 mls qos trust ........................................................................................ 4635.2.13 police ................................................................................................... 4655.2.14 police aggregate .................................................................................. 4675.2.15 police cir .............................................................................................. 4695.2.16 policy-map ........................................................................................... 4715.2.17 priority-queue cos-map ......................................................................... 4735.2.18 queue rate-limit .................................................................................... 4745.2.19 rate-limit {input | output} ................................................................... 4765.2.20 service-policy ........................................................................................ 4775.2.21 set ....................................................................................................... 4795.2.22 show class-map .................................................................................... 4815.2.23 show mls qos aggregate-policer ........................................................... 4825.2.24 show mls qos interface ......................................................................... 4835.2.25 show mls qos map dscp-mutation ........................................................ 4865.2.26 show mls qos queueing ........................................................................ 4875.2.27 show policy-map .................................................................................. 4895.2.28 wdrr-queue bandwidth ........................................................................ 4915.2.29 wrr-queue bandwidth .......................................................................... 492

5.3 ストーム制御 .............................................................................. 4945.3.1 snmp-server enable traps storm-control .................................................. 4945.3.2 storm-control ......................................................................................... 4955.3.3 storm-control polling .............................................................................. 4975.3.4 show storm-control ................................................................................ 498

5.4 NetBIOSフィルタ ...................................................................... 5015.4.1 deny netbios .......................................................................................... 5015.4.2 deny extensive-netbios ........................................................................... 502

5.5 Egress buffer制御 ..................................................................... 5035.5.1 egress buffer threshold .......................................................................... 5035.5.2 show egress buffer threshold ................................................................. 504

6 ネットワーク監視機能 ...........................................................................5056.1 SPAN ........................................................................................ 506

6.1.1 monitor session destination interface ..................................................... 5066.1.2 monitor session destination remote vlan ................................................ 5076.1.3 monitor session source interface ............................................................ 5096.1.4 monitor session source acl ...................................................................... 5106.1.5 monitor session source remote vlan ........................................................ 5126.1.6 remote-span ........................................................................................... 5136.1.7 no monitor session ................................................................................. 5146.1.8 show monitor session ............................................................................. 515

6.2 RMON（Remote Network MONitoring） .................................... 517

9

6.2.1 rmon collection stats .............................................................................. 5176.2.2 rmon collection history ........................................................................... 5186.2.3 rmon alarm ............................................................................................ 5196.2.4 rmon event ............................................................................................ 5216.2.5 show rmon alarm ................................................................................... 5226.2.6 show rmon events .................................................................................. 5236.2.7 show rmon history ................................................................................. 5246.2.8 show rmon statistics ............................................................................... 525

6.3 sFlow ........................................................................................ 527

6.3.1 sflow collector ........................................................................................ 5276.3.2 sflow sampler rate ................................................................................. 5286.3.3 sflow sampler poller-interval ................................................................... 5296.3.4 show sflow information ......................................................................... 530

7 IP設定 ...............................................................................................5327.1 基本的な IPv4設定 ...................................................................... 533

7.1.1 ip address .............................................................................................. 5337.1.2 ip route .................................................................................................. 5347.1.3 arp ......................................................................................................... 5357.1.4 arp timeout ............................................................................................ 5367.1.5 clear arp-cache ....................................................................................... 5377.1.6 show ip interface ................................................................................... 5387.1.7 show ip route ......................................................................................... 5407.1.8 show ip route summary .......................................................................... 5417.1.9 show arp ................................................................................................ 5417.1.10 show arp timeout ................................................................................. 543

7.2 基本的な IPv6設定 ...................................................................... 5457.2.1 clear ipv6 neighbors ............................................................................... 5457.2.2 ipv6 address ........................................................................................... 5467.2.3 ipv6 route .............................................................................................. 5477.2.4 ipv6 address eui-64 ................................................................................ 5487.2.5 ipv6 address dhcp .................................................................................. 5507.2.6 ipv6 enable ............................................................................................ 5517.2.7 ipv6 nd ns-interval .................................................................................. 5527.2.8 ipv6 neighbor ......................................................................................... 5537.2.9 show ipv6 general-prefix ........................................................................ 5547.2.10 show ipv6 interface .............................................................................. 5557.2.11 show ipv6 neighbors ............................................................................ 5567.2.12 show ipv6 route ................................................................................... 5587.2.13 show ipv6 route summary .................................................................... 559

7.3 Gratuitous ARP ......................................................................... 562

7.3.1 ip arp gratuitous .................................................................................... 5627.3.2 ip gratuitous-arps ................................................................................... 5637.3.3 arp gratuitous-send interval .................................................................... 5647.3.4 snmp-server enable traps gratuitous-arp ................................................. 565

7.4 Dynamic ARP Inspection ........................................................... 567

10

7.4.1 arp access-list ......................................................................................... 5677.4.2 clear ip arp inspection log ....................................................................... 5687.4.3 clear ip arp inspection statistics .............................................................. 5697.4.4 ip arp inspection filter vlan ..................................................................... 5707.4.5 ip arp inspection limit ............................................................................. 5717.4.6 ip arp inspection log-buffer .................................................................... 5727.4.7 ip arp inspection trust ............................................................................ 5737.4.8 ip arp inspection validate ........................................................................ 5747.4.9 ip arp inspection vlan ............................................................................. 5767.4.10 ip arp inspection vlan logging ............................................................... 5777.4.11 permit | deny (arp access-list) ............................................................... 5787.4.12 show ip arp inspection ......................................................................... 5807.4.13 show ip arp inspection log .................................................................... 584

7.5 IPアドレス簡単設定機能 .............................................................. 5867.5.1 ip setup interface ................................................................................... 5867.5.2 show ip_setup_interface ........................................................................ 587

8 マルチキャスト制御 ..............................................................................5888.1 IGMP（Internet Group Management Protocol）Snooping ......... 589

8.1.1 clear ip igmp snooping statistics ............................................................. 5898.1.2 ip igmp snooping ................................................................................... 5908.1.3 ip igmp snooping access-group .............................................................. 5928.1.4 ip igmp snooping fast-leave .................................................................... 5938.1.5 ip igmp snooping last-member-query-interval ......................................... 5948.1.6 ip igmp snooping limit ............................................................................ 5958.1.7 ip igmp snooping mrouter ...................................................................... 5978.1.8 ip igmp snooping proxy-reporting ........................................................... 5988.1.9 ip igmp snooping querier ....................................................................... 5998.1.10 ip igmp snooping query-interval ........................................................... 6008.1.11 ip igmp snooping query-max-response-time .......................................... 6018.1.12 ip igmp snooping query-version ............................................................ 6028.1.13 ip igmp snooping rate-limit ................................................................... 6048.1.14 ip igmp snooping robustness-variable ................................................. 6058.1.15 ip igmp snooping static-group .............................................................. 6068.1.16 show ip igmp snooping ........................................................................ 6088.1.17 show ip igmp snooping groups ............................................................ 6098.1.18 show ip igmp snooping filter ................................................................ 6108.1.19 show ip igmp snooping mrouter ........................................................... 6128.1.20 show ip igmp snooping statistics .......................................................... 6138.1.21 show ip igmp snooping static-group ..................................................... 6158.1.22 ip igmp snooping unknown-data limit .................................................. 6168.1.23 ip igmp snooping unknown-data learn ................................................. 6178.1.24 ip igmp snooping unknown-data expiry-time ........................................ 6188.1.25 clear ip igmp snooping unknown-data .................................................. 619

8.2 MLD（Multicast Listener Discovery）Snooping .......................... 6208.2.1 clear ipv6 mld snooping statistics ........................................................... 6208.2.2 ipv6 mld snooping .................................................................................. 6218.2.3 ipv6 mld snooping access-group ............................................................. 6228.2.4 ipv6 mld snooping fast-leave .................................................................. 623

11

8.2.5 ipv6 mld snooping last-listener-query-interval .......................................... 6248.2.6 ipv6 mld snooping limit .......................................................................... 6258.2.7 ipv6 mld snooping mrouter .................................................................... 6278.2.8 ipv6 mld snooping proxy-reporting ......................................................... 6298.2.9 ipv6 mld snooping querier ...................................................................... 6308.2.10 ipv6 mld snooping query-interval .......................................................... 6318.2.11 ipv6 mld snooping query-max-response-time ........................................ 6328.2.12 ipv6 mld snooping query-version .......................................................... 6338.2.13 ipv6 mld snooping rate-limit ................................................................. 6348.2.14 ipv6 mld snooping robustness-variable ................................................. 6358.2.15 ipv6 mld snooping static-group ............................................................ 6368.2.16 show ipv6 mld snooping ...................................................................... 6388.2.17 show ipv6 mld snooping filter .............................................................. 6398.2.18 show ipv6 mld snooping groups ........................................................... 6408.2.19 show ipv6 mld snooping mrouter ......................................................... 6428.2.20 show ipv6 mld snooping static-group ................................................... 6438.2.21 show ipv6 mld snooping statistics ........................................................ 644

9 ネットワークの管理 ..............................................................................6469.1 SNMP（Simple Network Management Protocol） ...................... 647

9.1.1 show snmp ............................................................................................ 6479.1.2 show snmp user ..................................................................................... 6499.1.3 snmp-server community ......................................................................... 6509.1.4 snmp-server engineID local ..................................................................... 6529.1.5 snmp-server group ................................................................................. 6539.1.6 snmp-server host .................................................................................... 6559.1.7 snmp-server user .................................................................................... 6579.1.8 snmp-server view ................................................................................... 6599.1.9 show snmp trap link-status ..................................................................... 6609.1.10 show snmp-server ................................................................................ 6619.1.11 show snmp-server trap-sending ............................................................ 6639.1.12 snmp-server ......................................................................................... 6649.1.13 snmp-server contact ............................................................................. 6659.1.14 snmp-server enable traps ..................................................................... 6669.1.15 snmp-server enable traps snmp ............................................................ 6679.1.16 snmp-server location ............................................................................ 6689.1.17 snmp-server name ................................................................................ 6699.1.18 snmp-server trap-sending disable .......................................................... 6709.1.19 snmp-server service-port ....................................................................... 6719.1.20 snmp-server response broadcast-request .............................................. 6729.1.21 snmp trap link-status ............................................................................ 673

9.2 LLDP（Link Layer Discovery Protocol） ........................................ 6759.2.1 clear lldp counters .................................................................................. 6759.2.2 clear lldp table ....................................................................................... 6769.2.3 lldp dot1-tlv-select .................................................................................. 6789.2.4 lldp dot3-tlv-select .................................................................................. 6809.2.5 lldp fast-count ........................................................................................ 6829.2.6 lldp hold-multiplier ................................................................................. 6839.2.7 lldp management-address ...................................................................... 6849.2.8 lldp med-tlv-select .................................................................................. 6869.2.9 lldp receive ............................................................................................. 687

12

9.2.10 lldp reinit .............................................................................................. 6889.2.11 lldp run ................................................................................................ 6899.2.12 lldp forward ......................................................................................... 6909.2.13 lldp tlv-select ........................................................................................ 6919.2.14 lldp transmit ......................................................................................... 6929.2.15 lldp tx-delay .......................................................................................... 6939.2.16 lldp tx-interval ...................................................................................... 6949.2.17 snmp-server enable traps lldp ............................................................... 6959.2.18 lldp notification enable ......................................................................... 6969.2.19 lldp subtype ......................................................................................... 6979.2.20 show lldp ............................................................................................. 6989.2.21 show lldp interface ............................................................................... 6999.2.22 show lldp local interface ....................................................................... 7019.2.23 show lldp management-address ........................................................... 7039.2.24 show lldp neighbor interface ................................................................ 7049.2.25 show lldp traffic ................................................................................... 7089.2.26 show lldp traffic interface ..................................................................... 710

9.3 SMTP（Simple Mail Transfer Protocol） ...................................... 7129.3.1 smtp server ............................................................................................ 7129.3.2 smtp self ................................................................................................ 7139.3.3 smtp recipient ........................................................................................ 7149.3.4 smtp interval .......................................................................................... 7159.3.5 show smtp ............................................................................................. 7169.3.6 smtp send-testmsg ................................................................................. 717

10 IPパケット中継および IP付加機能 .......................................................71910.1 DHCPクライアント .................................................................. 720

10.1.1 ip dhcp client class-id ............................................................................ 72010.1.2 ip dhcp client client-id ........................................................................... 72210.1.3 ip dhcp client hostname ....................................................................... 72310.1.4 ip dhcp client lease ............................................................................... 724

10.2 DHCP snooping ...................................................................... 726

10.2.1 ip dhcp snooping ................................................................................. 72610.2.2 ip dhcp snooping information option allow-untrusted .......................... 72810.2.3 ip dhcp snooping database .................................................................. 72910.2.4 clear ip dhcp snooping database statistics ............................................ 73010.2.5 clear ip dhcp snooping binding ............................................................. 73110.2.6 renew ip dhcp snooping database ........................................................ 73210.2.7 ip dhcp snooping binding ..................................................................... 73310.2.8 ip dhcp snooping trust ......................................................................... 73410.2.9 ip dhcp snooping limit entries ............................................................... 73610.2.10 ip dhcp snooping limit rate ................................................................. 73710.2.11 ip dhcp snooping station-move deny .................................................. 73810.2.12 ip dhcp snooping verify mac-address .................................................. 73910.2.13 ip dhcp snooping vlan ........................................................................ 74010.2.14 show ip dhcp snooping ...................................................................... 74110.2.15 show ip dhcp snooping binding .......................................................... 74210.2.16 show ip dhcp snooping database ....................................................... 745

10.3 IP Source Guard ...................................................................... 747

13

10.3.1 ip verify source vlan dhcp-snooping ...................................................... 74710.3.2 ip source binding .................................................................................. 74810.3.3 show ip source binding ........................................................................ 75010.3.4 show ip verify source ............................................................................ 752

10.4 DHCPv6クライアント ............................................................... 75510.4.1 clear ipv6 dhcp client ............................................................................ 75510.4.2 ipv6 dhcp client pd ............................................................................... 75610.4.3 show ipv6 dhcp .................................................................................... 757

10.5 DNS（Domain Name System） ................................................. 76010.5.1 clear host ............................................................................................. 76010.5.2 ip dns server ......................................................................................... 76110.5.3 ip dns lookup ....................................................................................... 76210.5.4 ip domain lookup ................................................................................. 76310.5.5 ip host ................................................................................................. 76410.5.6 ip name-server ..................................................................................... 76510.5.7 ip name-server timeout ........................................................................ 76610.5.8 show hosts ........................................................................................... 76710.5.9 show ip name-server ............................................................................ 768

11 認証機能 ...........................................................................................77011.1 AAA（Authentication, Authorization, and Accounting） ........... 771

11.1.1 aaa new-model .................................................................................... 77111.1.2 aaa accounting commands ................................................................... 77211.1.3 aaa accounting exec ............................................................................. 77311.1.4 aaa accounting network ....................................................................... 77411.1.5 aaa accounting system ......................................................................... 77611.1.6 aaa authentication auth-mac ................................................................ 77811.1.7 aaa authentication auth-user ................................................................ 77911.1.8 aaa authentication enable .................................................................... 78011.1.9 aaa authentication dot1x ..................................................................... 78211.1.10 aaa authentication login ..................................................................... 78311.1.11 aaa authentication mac ...................................................................... 78511.1.12 aaa authentication web ...................................................................... 78611.1.13 aaa group server radius ...................................................................... 78711.1.14 aaa group server tacacs+ .................................................................... 78811.1.15 accounting commands ....................................................................... 79011.1.16 accounting exec ................................................................................. 79111.1.17 clear aaa counters servers .................................................................. 79211.1.18 login authentication ........................................................................... 79311.1.19 radius-server deadtime ....................................................................... 79411.1.20 radius-server host ............................................................................... 79511.1.21 server (RADIUS) ................................................................................. 79711.1.22 server (TACACS+) ............................................................................... 79811.1.23 show aaa ........................................................................................... 79911.1.24 tacacs-server host ............................................................................... 80011.1.25 show aaa authentication auth-mac ..................................................... 80111.1.26 show aaa authentication auth-user ..................................................... 80211.1.27 show aaa authentication dot1x .......................................................... 80311.1.28 show aaa authentication mac ............................................................. 804

14

11.1.29 show aaa authentication web ............................................................ 80511.1.30 show tacacs statistics ......................................................................... 806

11.2 802.1X ................................................................................... 808

11.2.1 dot1x control-direction ......................................................................... 81111.2.2 dot1x eap-request ................................................................................ 81211.2.3 dot1x eap-request interval .................................................................... 81311.2.4 dot1x forceAuthorized mac .................................................................. 81411.2.5 dot1x init ............................................................................................. 81611.2.6 dot1x mac-based init ............................................................................ 81611.2.7 dot1x mac-based re-authenticate ......................................................... 81711.2.8 dot1x mac-based re-authentication ...................................................... 81811.2.9 dot1x max-req ...................................................................................... 82011.2.10 dot1x nas-id ....................................................................................... 82111.2.11 dot1x port-auth-mode ........................................................................ 82211.2.12 dot1x port-control .............................................................................. 82311.2.13 dot1x re-authenticate ......................................................................... 82411.2.14 dot1x re-authentication ...................................................................... 82511.2.15 dot1x re-auth-timer local .................................................................... 82611.2.16 dot1x statistics reset ........................................................................... 82711.2.17 dot1x supplicant-num ......................................................................... 82811.2.18 dot1x system-auth-control .................................................................. 82911.2.19 dot1x timeout .................................................................................... 83011.2.20 dot1x unauthorized age-out time ....................................................... 83111.2.21 dot1x unauthorized mac .................................................................... 83211.2.22 eap-forward ....................................................................................... 83311.2.23 show dot1x ........................................................................................ 83411.2.24 show dot1x eap-request port config ................................................... 83611.2.25 show dot1x forceAuthorized-MAC ..................................................... 83711.2.26 show dot1x statistics .......................................................................... 83811.2.27 show dot1x unauthorized mac-address-table ...................................... 839

11.3 MAC認証 ................................................................................ 84111.3.1 mac-authentication .............................................................................. 84111.3.2 mac-authentication auth-fail block-time ................................................ 84211.3.3 mac-authentication mac-format ........................................................... 84311.3.4 mac-authentication password type ....................................................... 84411.3.5 mac-authentication password manual .................................................. 84511.3.6 mac-authentication interface ................................................................ 84611.3.7 show mac-authentication ..................................................................... 84711.3.8 snmp-server enable traps mac-auth ...................................................... 848

11.4 Secure Sockets Layer（SSL） .................................................... 85011.4.1 no certificate ........................................................................................ 85011.4.2 crypto pki import pem .......................................................................... 85111.4.3 crypto pki trustpoint ............................................................................. 85311.4.4 crypto pki certificate chain .................................................................... 85411.4.5 primary ................................................................................................ 85511.4.6 show crypto pki trustpoints .................................................................. 85611.4.7 show ssl-service-policy .......................................................................... 85711.4.8 ssl-service-policy ................................................................................... 858

15

11.5 WEB認証 ................................................................................ 86111.5.1 web-authentication interface ................................................................ 86111.5.2 web-authentication contents ................................................................ 86211.5.3 web-authentication redirect ................................................................. 86311.5.4 web-authentication .............................................................................. 86411.5.5 web-authentication virtual-ip ................................................................ 86511.5.6 web-authentication web-port ............................................................... 86611.5.7 web-authentication auth-fail block-time ................................................ 86711.5.8 show web-authentication ..................................................................... 86811.5.9 show web-authentication contents ....................................................... 86911.5.10 copy tftp logo-data ............................................................................ 869

11.6 認証コマンド ............................................................................ 87111.6.1 authentication aging-time .................................................................... 87111.6.2 authentication default-vlan ................................................................... 87211.6.3 authentication dynamic-vlan radius-attribute ........................................ 87311.6.4 authentication guest-vlan ..................................................................... 87411.6.5 authentication step-auth ...................................................................... 87511.6.6 authentication step-auth second-step-timeout ...................................... 87711.6.7 no authentication mac ......................................................................... 87811.6.8 show authentication ............................................................................ 87911.6.9 show authentication dynamic-vlan ....................................................... 88011.6.10 show authentication sort .................................................................... 881

12 冗長化機能 ........................................................................................88312.1 STP（Spanning Tree Protocol） ................................................ 884

12.1.1 clear spanning-tree detected-protocols ................................................. 88612.1.2 show spanning-tree .............................................................................. 88712.1.3 show spanning-tree mst ....................................................................... 88912.1.4 show spanning-tree configuration interface .......................................... 89012.1.5 spanning-tree global state .................................................................... 89112.1.6 spanning-tree (timers) .......................................................................... 89212.1.7 spanning-tree state .............................................................................. 89312.1.8 spanning-tree cost ................................................................................ 89412.1.9 spanning-tree guard root ..................................................................... 89512.1.10 spanning-tree link-type ....................................................................... 89712.1.11 spanning-tree mode ........................................................................... 89812.1.12 spanning-tree portfast ........................................................................ 89912.1.13 spanning-tree port-priority .................................................................. 90012.1.14 spanning-tree priority ......................................................................... 90112.1.15 spanning-tree tcnfilter ........................................................................ 90212.1.16 spanning-tree tx-hold-count ................................................................ 90312.1.17 spanning-tree forward-bpdu ............................................................... 904

12.2 MSTP（Multiple Spanning Tree Protocol） ................................ 90612.2.1 spanning-tree mst configuration ........................................................... 90612.2.2 instance ............................................................................................... 90712.2.3 name ................................................................................................... 90812.2.4 revision ................................................................................................ 90912.2.5 spanning-tree mst ................................................................................ 910

16

12.2.6 spanning-tree mst max-hops ................................................................ 91112.2.7 spanning-tree mst hello-time ................................................................ 91212.2.8 spanning-tree mst priority .................................................................... 913

12.3 BPDUガード ............................................................................ 91512.3.1 spanning-tree bpdu-guard (global) ....................................................... 91512.3.2 spanning-tree bpdu-guard (Interface) ................................................... 91612.3.3 show spanning-tree bpdu-guard ........................................................... 91712.3.4 snmp-server enable traps stp-bpdu-guard ............................................. 919

12.4 リングプロトコル ...................................................................... 92112.4.1 rrp enable ............................................................................................ 92112.4.2 timer .................................................................................................... 92212.4.3 rrp domain ........................................................................................... 92312.4.4 control-vlan-id ...................................................................................... 92412.4.5 data-vlan-id .......................................................................................... 92512.4.6 type ..................................................................................................... 92612.4.7 primary-port ......................................................................................... 92712.4.8 secondary-port ..................................................................................... 92812.4.9 ring-guard-port .................................................................................... 92912.4.10 domain .............................................................................................. 93012.4.11 show rrp ............................................................................................ 931

13 SDN ................................................................................................936

13.1 PPS（Power to Progress SDN） ................................................. 93713.1.1 no pps neighbor ................................................................................... 93713.1.2 pps connection .................................................................................... 93913.1.3 pps controller-id ................................................................................... 94013.1.4 pps neighbor aging-time ..................................................................... 94113.1.5 pps notification counter interface ........................................................ 94213.1.6 pps notification counter interval .......................................................... 94313.1.7 pps notification syslog ......................................................................... 94413.1.8 pps priority .......................................................................................... 94513.1.9 pps retry count .................................................................................... 94613.1.10 pps start-status .................................................................................. 94713.1.11 pps status enable .............................................................................. 94813.1.12 pps timeout ...................................................................................... 94913.1.13 restart pps ........................................................................................ 94913.1.14 show pps connection ........................................................................ 95013.1.15 show pps interface ............................................................................ 95113.1.16 show pps neighbor ............................................................................ 95313.1.17 show pps notification ........................................................................ 95413.1.18 show pps status ................................................................................ 955

14 付録ｰシステムログ .............................................................................95714.1 システムログ一覧 ...................................................................... 958

14.1.1 802.1X ................................................................................................. 95814.1.2 AAA ..................................................................................................... 95914.1.3 ARP ..................................................................................................... 96214.1.4 認証（2ステップ） .................................................................................. 963

17

14.1.5 BPDUガード ......................................................................................... 96414.1.6 DDM .................................................................................................... 96514.1.7 デバッグエラー ...................................................................................... 96614.1.8 DHCPv6クライアント ............................................................................ 96714.1.9 DNSリゾルバ ........................................................................................ 96914.1.10 ファン ................................................................................................. 97014.1.11 インタフェース .................................................................................... 97114.1.12 PoE .................................................................................................... 97214.1.13 PoEスケジューラ ................................................................................. 97314.1.14 PoEオートリブート .............................................................................. 97414.1.15 LLDP-MED .......................................................................................... 97514.1.16 ループ検知 ........................................................................................... 97814.1.17 MACベースアクセスコントロール ......................................................... 97914.1.18 MSTPデバッグ拡張機能 ........................................................................ 98014.1.19 ポートセキュリティ .............................................................................. 98214.1.20 PPS (Power to Progress SDN) ............................................................. 98314.1.21 RADIUS .............................................................................................. 98514.1.22 RRP .................................................................................................... 98614.1.23 SNMP ................................................................................................ 98714.1.24 システム .............................................................................................. 98814.1.25 SNTP .................................................................................................. 98914.1.26 Telnet ................................................................................................ 99014.1.27 温度 .................................................................................................... 99114.1.28 トラフィック制御 ................................................................................. 99214.1.29 音声 VLAN .......................................................................................... 99314.1.30 WAC ..................................

GA-ML Series CLIリファレンス2...

Documents

Transcript of GA-ML Series CLIリファレンス2...