Contents

Sun Netra CP3140 Switch Software Reference Manual

for the 1GbE Switch

819-3774-15

Contents

1. FASTPATH Software

FASTPATH On the Sun Netra CP3140 Switch

Sun Netra CP3140 Defaults

Protocol, RFC, and MIB Support

Advanced Layer 2 Functionality

System Facilities

Quality of Service (QOS)

2. Command Structure

Format for CLI Commands

Command Conventions

Parameter Conventions

Values of Common Parameters

logical slot/port

Character Strings

Network Addresses

Command Completion

Special Characters

3. Quick Startup

Starting the Switch

System Info and System Setup

Managing IP Addresses

4. Mode-Based Command-Line Interface

Mode-Based Topology

Mode-Based Command Hierarchy

Privileged Exec Mode

Global Config Mode

Interface Config Mode

Line Config Mode

Policy Map Mode

Policy Class Mode

Router OSPF Config Mode

Router RIP Config Mode

Router BGP Config Mode

Bwprovisioning Config Mode

Bwprovisioning Trafficclass Mode

Bwprovisioning bwallocation Mode

DHCP Pool Config Mode

Flow of Operation

“No” Form of a Command

Support for “No” Form

Behavior of Command Help (?)

5. Switching Commands

System Information and Statistics Commands

show arp switch

show eventlog

show hardware

show interface

show interface ethernet

show mac-addr-table

show running-config

System Management Commands

bridge aging-time

no bridge aging-time

network javamode

no network javamode

network mac-address

network mac-type

no network mac-type

network parms

network protocol

remotecon maxsessions

no remotecon maxsessions

remotecon timeout

no remotecon timeout

serial baudrate

no serial baudrate

serial timeout

no serial timeout

serviceport ip

serviceport protocol

show forwardingdb agetime

show remotecon

show serviceport

SNMP Community Commands

show snmpcommunity

show snmptrap

show trapflags

snmp-server community

no snmp-server community

snmp-server community ipaddr

no snmp-server community ipaddr

snmp-server community ipmask

no snmp-server community ipmask

snmp-server community mode

no snmp-server community mode

snmp-server community ro

snmp-server community rw

snmp-server enable traps

no snmp-server enable traps

snmp-server enable traps bcaststorm

no snmp-server enable traps bcaststorm

snmp-server enable traps linkmode

no snmp-server enable traps linkmode

snmp-server enable traps multiusers

no snmp-server enable traps multiusers

snmp-server enable traps stpmode

no snmp-server enable traps stpmode

snmptrap ipaddr

snmptrap mode

no snmptrap mode

snmp trap link-status

no snmp trap link-status

snmp trap link-status all

no snmp trap link-status all

Management VLAN Command

network mgmt_vlan

System Configuration Commands

auto-negotiate

no auto-negotiate

auto-negotiate all

no auto-negotiate all

deleteport (Interface Config)

deleteport (Global Config)

monitor session

no monitor session

monitor session mode

no monitor session mode

no shutdown all

storm-control broadcast

no storm-control broadcast

storm-control flowcontrol

no storm-control flowcontrol

show mac-address-table multicast

show mac-address-table static

show mac-address-table staticfiltering

show mac-address-table stats

show port protocol

show storm-control

Virtual LAN (VLAN) Commands

vlan acceptframe

no vlan acceptframe

vlan ingressfilter

no vlan ingressfilter

vlan makestatic

vlan participation

vlan participation all

vlan port acceptframe all

no vlan port acceptframe all

vlan port ingressfilter all

no vlan port ingressfilter all

vlan port pvid all

no vlan port pvid all

vlan port tagging all

no vlan port tagging all

vlan protocol group

vlan protocol group add protocol

no vlan protocol group add protocol

vlan protocol group remove

protocol group

no protocol group

protocol vlan group

no protocol vlan group

protocol vlan group all

no protocol vlan group all

no vlan tagging

show vlan brief

show vlan port

System Utility Commands

clear counters

clear igmpsnooping

enable passwd

clear port-channel

clear traplog

User Account Commands

show loginsession

no users name

no users passwd

users snmpv3 accessmode

no users snmpv3 accessmode

users snmpv3 authentication

no users snmpv3 authentication

users snmpv3 encryption

no users snmpv3 encryption

Port Based Network Access Control (IEEE 802.1X) Commands

authentication login

no authentication login

clear dot1x statistics

clear radius statistics

dot1x defaultlogin

dot1x initialize

dot1x max-req

no dot1x max-req

dot1x port-control

no dot1x port-control

dot1x port-control All

no dot1x port-control All

dot1x re-authenticate

dot1x re-authentication

no dot1x re-authentication

dot1x system-auth-control

no dot1x system-auth-control

dot1x timeout

no dot1x timeout

no dot1x user

show radius accounting

show authentication

show authentication users

show dot1x users

show users authentication

users defaultlogin

Remote Authentication Dial In User Service (RADIUS) Commands

radius accounting mode

no radius accounting mode

radius server host

no radius server host

radius server key

radius server msgauth

radius server primary

radius server retransmit

no radius server retransmit

radius server timeout

no radius server timeout

show radius statistics

Secure Shell (SSH) Commands

ip ssh protocol

Hypertext Transfer Protocol (HTTP) Commands

ip http secure-port

no ip http secure-port

ip http secure-protocol

ip http secure-server

no ip http secure-server

ip http server

no ip http server

DHCP Server Commands

client-identifier

no client-identifier

no client-name

default-router

no default-router

no dns-server

hardware-address

no hardware-address

ip dhcp excluded-address

no ip dhcp excluded-address

ip dhcp ping packets

no ip dhcp ping packets

no ip dhcp pool

no service dhcp

no domain-name

ip dhcp bootp automatic

no ip dhcp bootp automatic

ip dhcp conflict logging

no ip dhcp conflict logging

netbios-name-server

no netbios-name-server

netbios-node-type

no netbios-node-type

no next-server

show ip dhcp binding

show ip dhcp global configuration

show ip dhcp pool configuration

show ip dhcp server statistics

show ip dhcp conflict

clear ip dhcp binding

clear ip dhcp server statistics

clear ip dhcp conflict

Double VLAN Commands

dvlan-tunnel customer-id

no dvlan-tunnel customer-id

dvlan-tunnel etherType

no dvlan-tunnel etherType

mode dot1q-tunnel

no mode dot1q-tunnel

mode dvlan-tunnel

no mode dvlan-tunnel

show dot1q-tunnel

show dot1q-tunnel interface

show dvlan-tunnel

show dvlan-tunnel interface

Provisioning (IEEE 802.1p) Commands

classofservice dot1pmapping

show classofservice dot1pmapping

vlan port priority all

vlan priority

set garp timer join

no set garp timer join

set garp timer join all

no set garp timer join all

set garp timer leave

no set garp timer leave

set garp timer leave all

no set garp timer leave all

set garp timer leaveall

no set garp timer leaveall

set garp timer leaveall all

no set garp timer leaveall all

GARP VLAN Registration Protocol (GVRP) Commands

set gvrp adminmode

no set gvrp adminmode

set gvrp interfacemode

no set gvrp interfacemode

set gvrp interfacemode all

no set gvrp interfacemode all

show gvrp configuration

GARP Multicast Registration Protocol (GMRP) Commands

set gmrp adminmode

no set gmrp adminmode

set gmrp interfacemode

no set gmrp interfacemode

set gmrp interfacemode all

no set gmrp interfacemode all

show gmrp configuration

show mac-address-table gmrp

Internet Group Management Protocol (IGMP) Commands

set igmp groupmembershipinterval

no set igmp groupmembershipinterval

set igmp interfacemode all

no set igmp interfacemode all

set igmp maxresponse

no set igmp maxresponse

set igmp mcrtrexpiretime

no set igmp mcrtrexpiretime

show igmpsnooping

show mac-address-table igmpsnooping

Spanning Tree (STP) Commands

spanning-tree max-hops

no spanning-tree max-hops

spanning-tree

no spanning-tree

spanning-tree configuration name

no spanning-tree configuration name

spanning-tree configuration revision

no spanning-tree configuration revision

spanning-tree edgeport

no spanning-tree edgeport

spanning-tree forceversion

no spanning-tree forceversion

spanning-tree forward-time

no spanning-tree forward-time

spanning-tree hello-time

no spanning-tree hello-time

spanning-tree max-age

no spanning-tree max-age

spanning-tree mst instance

no spanning-tree mst instance

spanning-tree mst priority

no spanning-tree mst priority

spanning-tree mst vlan

no spanning-tree mst vlan

spanning-tree port mode

no spanning-tree port mode

spanning-tree port mode all

no spanning-tree port mode all

spanning-tree

spanning-tree bpdumigrationcheck

no spanning-tree bpdumigrationcheck

show spanning-tree

show spanning-tree interface

show spanning-tree mst detailed

show spanning-tree mst port detailed

show spanning-tree mst port summary

show spanning-tree mst summary

show spanning-tree summary

show spanning-tree vlan

Layer 2 Failover Commands

failover track

show track failover

Link Aggregation (LAG)/Port-Channel (802.3AD) Commands

port-channel staticcapability

no port-channel staticcapability

port lacpmode

no port lacpmode

port lacpmode all

no port lacpmode all

no port-channel

port-channel adminmode all

no port-channel adminmode

port-channel linktrap

no port-channel linktrap

port-channel name

show port-channel brief

show port-channel

6. Quality of Service Commands

Access Control List (ACL) Commands

no access-list

ip access-group

ip access-group all

show ip access-lists

Bandwidth Provisioning (BP) Commands

no bwallocation

no maxbandwidth

no minbandwidth

show bwp-trafficclass detailed

show bwp-trafficclass summary

show bwp-trafficclass allocatedbw

show bwp-bwallocation detailed

show bwp-bwallocation summary

traffic-class

no traffic-class

Differentiated Services Commands

class-map rename

match class-map

no match class-map

match destination-address mac

match dstl4port

match ip dscp

match ip precedence

match protocol

match source-address mac

match srcl4port

Policy Commands

bandwidth kbps

bandwidth percent

mark ip-precedence

police-simple

police-single-rate

police-two-rate

no policy-map

policy-map rename

Service Commands

service-policy

no service-policy

show class-map

show diffserv

show policy-map

show diffserv service

show diffserv service brief

show policy-map interface

show service-policy

7. Routing Commands

Address Resolution Protocol Commands

arp cachesize

no arp cachesize

arp dynamicrenew

no arp dynamicrenew

no arp resptime

no arp retries

no arp timeout

clear arp-cache

show arp brief

no ip routing

no ip address

ip route default

no ip route default

ip route distance

no ip route distance

ip forwarding

no ip forwarding

ip netdirbcast

no ip netdirbcast

show ip brief

show ip interface

show ip interface brief

show ip route

show ip route bestroutes

show ip route entry

show ip route preferences

show ip stats

encapsulation

Bootp/DHCP Relay Commands

bootpdhcprelay cidoptmode

no bootpdhcprelay cidoptmode

bootpdhcprelay enable

no bootpdhcprelay enable

bootpdhcprelay maxhopcount

no bootpdhcprelay maxhopcount

bootpdhcprelay minwaittime

no bootpdhcprelay minwaittime

bootpdhcprelay serverip

no bootpdhcprelay serverip

show bootpdhcprelay

Router Discovery Protocol Commands

ip irdp address

no ip irdp address

ip irdp holdtime

no ip irdp holdtime

ip irdp maxadvertinterval

no ip irdp maxadvertinterval

ip irdp minadvertinterval

no ip irdp minadvertinterval

ip irdp preference

no ip irdp preference

Virtual LAN Routing Commands

no vlan routing

Virtual Router Redundancy Protocol (VRRP) Commands

no ip vrrp mode

ip vrrp authentication

no ip vrrp authentication

ip vrrp preempt

no ip vrrp preempt

ip vrrp priority

no ip vrrp priority

ip vrrp timers advertise

no ip vrrp timers advertise

show ip vrrp interface stats

show ip vrrp interface

show ip vrrp interface brief

VRRP Tracking Commands

track <object-number> interface <unit/port> line-protocol

track <object-number> interface <unit/port> ip routing

track <object-number> ip route <ip-address/prefix-length> reachability

show ip vrrp track

Open Shortest Path First (OSPF) Commands

enable (OSPF)

no enable (OSPF)

1583compatibility

no 1583compatibility

area default-cost

area nssa default-info-originate

area nssa no-redistribute (OSPF)

area nssa no-summary (OSPF)

area nssa translator-role (OSPF)

area nssa translator-stab-intv

no area range

area stub summarylsa

no area stub summarylsa

area virtual-link

no area virtual-link

area virtual-link authentication

no area virtual-link authentication

area virtual-link dead-interval

no area virtual-link dead-interval

area virtual-link hello-interval

no area virtual-link hello-interval

area virtual-link retransmit-interval

no area virtual-link retransmit-interval

area virtual-link transmit-delay

no area virtual-link transmit-delay

default-information originate (OSPF)

no default-information originate (OSPF)

default-metric (OSPF)

no default-metric (OSPF)

distance ospf

no distance ospf

distribute-list out

no distribute-list out

exit-overflow-interval

no exit-overflow-interval

external-lsdb-limit

no external-lsdb-limit

ip ospf areaid

ip ospf authentication

no ip ospf authentication

no ip ospf cost

ip ospf dead-interval

no ip ospf dead-interval

ip ospf hello-interval

no ip ospf hello-interval

ip ospf priority

no ip ospf priority

ip ospf retransmit-interval

no ip ospf retransmit-interval

ip ospf transmit-delay

no ip ospf transmit-delay

ip ospf mtu-ignore

no ip ospf mtu-ignore

no redistribute

maximum-paths

no maximum-paths

show ip ospf area

show ip ospf database

show ip ospf interface

show ip ospf interface brief

show ip ospf interface stats

show ip ospf neighbor

show ip ospf neighbor brief

show ip ospf range

show ip ospf stub table

show ip ospf virtual-link

show ip ospf virtual-link brief

Routing Information Protocol (RIP) Commands

no enable (RIP)

no auto-summary

default-information originate (RIP)

no default-information originate (RIP)

default-metric (RIP)

no default-metric (RIP)

no distance rip

distribute-list out

no distribute-list out

no default-information originate

ip rip authentication

no ip rip authentication

ip rip receive version

no ip rip receive version

ip rip send version

no ip rip send version

hostroutesaccept

no hostroutesaccept

split-horizon

no split-horizon

no redistribute

show ip rip interface brief

show ip rip interface

A. Configuration Examples

IEEE 802.1Q VLAN

VLAN Solution 1

VLAN Solution 2

RIP Configuration

STP, RSTP and MSTP Configuration

Setting Up VRRP on the Sun Netra CP3140

Sun Netra CP3140 VRRP Configuration

VRRP CLI Configuration Examples

Example 1: Configuring VRRP on FASTPATH as a Master Router

Example 2: Configuring VRRP on FASTPATH as a Backup Router

B. Using RADIUS

RADIUS Configuration Example

C. Management Security

Enabling Management Security

Certificate Generation

Configuring Secure Shell

Configuring Secure Socket Layer

Certificate Generation Scripts

SSH sshKeygen.sh

SSL pemCreate.sh

D. uBoot Software

E-Keying Control in uBoot

Serial Baud Rate Control in uBoot

Boot Utility Menu

TFTP Code Update From Utility Menu

Erase Current Configuration

Erase Permanent Storage

BCM Debug Shell

Network Booting

E. Firmware Updating Procedures

Testing Updates Before Installing Them

Updating the Switch Firmware Through the Boot Utility Menu

Updating the Switch Firmware Through the FASTPATH Software

Copyright © 2009 Sun Microsystems, Inc. All rights reserved.