H3C series Ethernet switches provide a
command line interface (CLI) and commands for you to configure and manage your
switches. The CLI is featured by the following:
l
Commands are grouped by level. This prevents
unauthorized users from configuring switches with relevant commands.
l
You can gain online help at any time by entering
a question mark "?".
l
Common diagnostic utilities (such as Tracert and
Ping) are available.
l
A variety of debugging information is available.
l
A function similar to Doskey is provided for you
to execute a history command.
l
You can execute a command by entering part of
the command in the CLI as long as the keywords you enter do not conflict those
of other commands.
To prevent unauthorized accesses, commands
are grouped by level.
Commands fall into four levels: visit,
monitor, system, and manage.
l
Visit level: Commands at this level are mainly
used to diagnose network and switch the language mode on the user interface,
and they cannot be saved in configuration files. Such commands include ping,
tracert, and language-mode.
l
Monitor level: Commands at this level are mainly
used to maintain the system and diagnose service faults, and they cannot be
saved in configuration files. Such commands include display and debugging.
l
System level: Commands at this level are mainly
used to configure services. Commands concerning routing and network layers are
at this level. These commands can be used to provide network services directly.
l
Manage level: Commands at this level are
associated with the basic operation modules and support modules of the system.
These commands provide supports for services. Commands concerning file system,
FTP/TFTP/XModem downloading, user management, and level setting are at this
level.
Users logging in to a switch also fall into
four levels, which respectively correspond to the command levels. Users at a
specific level can only use the commands at the same level or lower levels.
You can switch from one user level to
another by executing a related command and set a password for the switching as
required after logging in to a switch.
I. Setting a password for user
level switching
Table 1-1 lists the operations to set a password for user level switching.
Table 1-1 Set a password for user level switching
|
Operation
|
Command
|
Description
|
|
Enter system view
|
system-view
|
—
|
|
Set a password for switching from a lower
user level to the user level specified by the level argument
|
super password [ level level ] { simple | cipher
} password
|
Optional
A password is necessary only when a user
switches from a lower user level to a higher user level.
|
II. Switching between user levels
Table 1-2 lists the operation to switch between user levels.
Table 1-2 Switch between user levels
|
Operation
|
Command
|
Description
|
|
Switch from the current user level to the
user level specified by the level argument
|
super [ level
]
|
Required
Execute this command in user view.
If you have set a password for user level
switching by using the super password command and you want to switch
from a lower user level to a higher user level, you need to enter the correct
password. Otherwise, you will remain at the original user level.
|
l
By default, you switch from the current user
level to level 3.
l
For the purpose of security, you cannot see the
password you enter on the screen. You will remain at the original user level if
you fail to enter the correct password after you have tried more than three
times.
You can configure a level for a specific
command in a specific view. Commands fall into four levels: visit, monitor,
system, and manage, which are identified as 0, 1, 2, and 3 respectively. The
administrator can change the command level according to the requirements..
Table 1-3 lists the operations to configure a level for a specific command.
Table 1-3 Configure a level for a specific command in a specific view
|
Operation
|
Command
|
Description
|
|
Enter system view
|
system-view
|
—
|
|
Configure a level for a specific command
in a specific view
|
command-privilege level level view view command
|
Required
It is forbidden to change the command
level at will. Doing so may bring inconvenience to maintenance and operation.
|
CLI views are designed for different
configuration tasks. They are related but distinguished. You will enter user
view once you log in to a switch successfully, where you can view operation
status and statistics information. After executing the system-view command,
you can enter system view, where you can go into other views by entering
corresponding commands.
The following CLI views are provided:
l
User view
l
System view
l
Ethernet interface view
l
VLAN view
l
VLAN interface view
l
Loopback interface view
l
Local user view
l
User interface view
l
FTP client view
l
SFTP client view
l
MST region view
l
Cluster view
l
Public key view
l
Public key code view
l
DHCP address pool view
l
PIM view
l
RIP view
l
OSPF view
l
OSPF area view
l
Routing policy view
l
Basic ACL view
l
Advanced ACL view
l
Layer 2 ACL view
l
User-defined ACL view
l
QoS profile view
l
RADIUS scheme view
l
ISP domain view
l
HWPing view
l
HWTACACS view
l
MSDP view
l
PoE profile view
Table 1-4 lists operations you can perform in these CLI views and details about commands used to enter these CLI views.
Table 1-4 Operations in CLI views
|
View
|
Available operation
|
Prompt
|
Enter method
|
Quit method
|
|
User view
|
Display operation status and statistical
information
|
<H3C>
|
Enter user view once logging in to the
switch.
|
Execute the quit command in user
view to log out of the switch.
|
|
System view
|
Configure system parameters
|
[H3C]
|
Execute the system-view command in
user view.
|
Execute the quit or return
command to return to user view.
|
|
Ethernet interface view
|
Configure Ethernet interface parameters
|
[H3C-Ethernet1/0/1]
|
100M Ethernet interface view
Execute the interface ethernet
1/0/1 command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
[H3C-GigabitEthernet1/1/1]
|
Gigabit Ethernet interface view
Execute the interface gigabitethernet
1/1/1 command in system view.
|
|
VLAN view
|
Configure VLAN parameters
|
[H3C-vlan1]
|
Execute the vlan 1 command in
system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
VLAN interface view
|
Configure IP interface parameters for VLANs
and aggregated VLANs
|
[H3C-Vlan-interface1]
|
Execute the interface vlan-interface
1 command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
Loopback interface view
|
Configure loopback interface parameters
|
[H3C-LoopBack0]
|
Execute the interface loopback 0
command in system view
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
Local user view
|
Configure local user parameters
|
[H3C-luser-user1]
|
Execute the local-user user1
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
User interface view
|
Configure user interface parameters
|
[H3C-ui0]
|
Execute the user-interface 0
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
FTP client view
|
Configure FTP client parameters
|
[ftp]
|
Execute the ftp command in user
view.
|
Execute the quit command to return
to user view.
|
|
SFTP client view
|
Configure SFTP client parameters
|
sftp-client>
|
Execute the sftp 10.1.1.1 command
in system view.
|
Execute the quit command to return
to user view.
|
|
MST region view
|
Configure MST region parameters
|
[H3C-mst-region]
|
Execute the stp region-configuration
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
Cluster view
|
Configure cluster parameters
|
[H3C-cluster]
|
Execute the cluster command in
system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
Public key view
|
Configure RSA public keys for SSH users
|
[H3C-rsa-public-key]
|
Execute the rsa peer-public-key
a003 command in system view.
|
Execute the peer-public-key end
command to return to system view.
|
|
Public key code view
|
Edit RSA public key for SSH users
|
[H3C-rsa-key-code]
|
Execute the public-key-code begin command
in public key code view
|
Execute the public-key-code end
command to return to public key view
|
|
DHCP address pool view
|
Configure DHCP address pool parameters
|
[H3C-dhcp-pool-a123]
|
Execute the dhcp server ip-pool a123
command in system view
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
PIM view
|
Configure PIM parameters
|
[H3C-pim]
|
Execute the pim command in system
view
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
RIP view
|
Configure RIP parameters
|
[H3C-rip]
|
Execute the rip command in system
view
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
OSPF view
|
Configure OSPF protocol parameters
|
[H3C-ospf-1]
|
Execute the ospf command in system
view
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
OSPF area view
|
Configure OSPF area parameters
|
[H3C-ospf-1-area-0.0.0.1]
|
Execute the area 1 command in OSPF
view
|
Execute the quit command to return
to OSPF view.
Execute the return command to
return to user view.
|
|
Routing policy view
|
Configure routing policies
|
[H3C-route-policy]
|
Execute the route-policy policy1 permit
node 10 command in system view
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
Basic ACL view
|
Define sub-rules for a basic ACL (with ID
ranging from 2000 to 2999)
|
[H3C-acl- basic-2000]
|
Execute the acl number 2000
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
Advanced ACL view
|
Define sub-rules for an advanced ACL
(with ID ranging from 3000 to 3999)
|
[H3C-acl- adv-3000]
|
Execute the acl number 3000
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
Layer 2 ACL view
|
Define sub-rules for an layer 2 ACL (with
ID ranging from 4000 to 4999)
|
[H3C-acl-ethernetframe-4000]
|
Execute the acl number 4000
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
User-defined ACL view
|
Define sub-rules for a user-defined ACL
(with ID ranging from 5000 to 5999)
|
[H3C-acl-user-5000]
|
Execute the acl number 5000
command in system view
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
QoS profile view
|
Define QoS profile
|
[H3C-qos-profile-a123]
|
Execute the qos-profile a123
command in system view
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
RADIUS scheme view
|
Configure RADIUS parameters
|
[H3C-radius-1]
|
Execute the radius scheme 1
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
ISP domain view
|
Configure ISP domain parameters
|
[H3C-isp-aaa163.net]
|
Execute the domain aaa163.net
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
HWPing view
|
Configure HWPing parameters
|
[H3C-hwping-a123-a123]
|
Execute the hwping a123 a123
command in system view
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
HWTACACS view
|
Configure HWTACACS parameters
|
[H3C-hwtacacs-a123]
|
Execute the hwtacacs scheme a123
command in system view
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
MSDP view
|
Configure MSDP parameters
|
[H3C-msdp]
|
Execute the msdp command in system
view
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
PoE profile view
|
Configure PoE profile parameters
|
[H3C-poe-profile-a123]
|
Execute the poe-profile a123
command in system view
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
The <Ctrl +
Z> keys function as the return command does.
CLI provides two types of online help:
complete online help and partial online help. You can obtain help information
necessary for the switch configuration.
I. Complete online help
Enter a "?" character in any view
on your terminal to display all the commands available in the view and their
brief descriptions. The following takes user view as an example.
<H3C> ?
User view commands:
backup Backup current
configuration
boot Set boot option
cd Change current
directory
clock Specify the
system clock
cluster Run cluster
command
copy Copy from one
file to another
debugging Enable system
debugging functions
delete Delete a file
dir List files on a
file system
display Display current
system information
<omitted>
Enter a command, a space, and a
"?" character. If a keyword is in the “?” position of the
command, all available keywords and their brief descriptions will be displayed
on your terminal. The following takes the clock command as an example.
<H3C> clock ?
datetime Specify the time and
date
summer-time Configure summer time
timezone Configure time zone
Enter a command, a space, and a
"?" character. If an argument is in the “?” position of
the command, all available arguments and their brief descriptions will be
displayed on your terminal. The following takes the interface vlan
command as an example.
[H3C] interface vlan-interface ?
<1-4094> VLAN interface
number
[H3C] interface vlan-interface 1 ?
<cr>
The <cr> string means that no argument
is available in the “?” position. You can directly execute the
command by pressing <Enter>.
II. Partial online help
Enter a character string followed by a
"?" character on your terminal to display all the commands beginning
with the string. For example:
<H3C> pi?
ping
Enter a command, a space, and a character
string followed by a "?" character on your terminal to display all
the keywords that belong to the command and begin with the string (if
available). For example:
<H3C> display ver?
version
Enter the first several characters of a
keyword in a command and then press <Tab>, the complete keyword will be
displayed on the terminal screen if the input characters uniquely identify a
keyword; all the keywords that match the input characters will be displayed on
the terminal screen if the input characters match more than one keyword.
You can use the language-mode
command to display the help information in English.
CLI provides the following display
features:
l
The prompt information and help information can
be displayed in Chinese or English.
l
Display suspension. That is, the display of
output information can be paused when the screen is full and you can then
perform one of the three operations listed in Table
1-5 as needed.
Table 1-5 Display-related operations
|
Operation
|
Function
|
|
Press <Ctrl+C>
|
Suspend the display and execution of a
command.
|
|
Press the space key
|
Scroll the output information up by one
page.
|
|
Press <Enter>
|
Scroll the output information up by one
line.
|
The CLI provides a function similar to Doskey
to store the history commands automatically. You can recall and execute these
history commands at any time. By default, the CLI can store 10 history commands
for each user. Table 1-6 lists history command-related operations.
Table 1-6 Access history commands
|
Operation
|
Operation
|
Description
|
|
Display history commands
|
Execute the display history-command
command
|
This command displays valid history
commands.
|
|
Recall the previous history command
|
Press the up-arrow key or <Ctrl+P>
|
This operation recalls the previous
history command (if available).
|
|
Recall the next history command
|
Pressing the down-arrow key or <Ctrl+N>
|
This operation recalls the next history command
(if available).
|
l
The Up and Down arrow keys can be used to recall
history commands only in terminals running on Windows 3.x or Telnet running on
Windows 3.x. You can press <Ctrl + P> or <Ctrl + N> in terminals
running on Windows 9x to achieve the same purpose.
l
If you enter and execute the same command for
multiple times, the command is buffered when it is entered for the first time.
If the command you enter passes the syntax
check, it will be successfully executed; otherwise an error message will
appear. Table 1-7 lists the common error messages.
Table 1-7 Common error messages
|
Error message
|
Description
|
|
Unrecognized
command
|
The
command does not exist.
|
|
The keyword does not exist.
|
|
The parameter type is wrong.
|
|
The parameter value is out of range.
|
|
Incomplete command
|
The command entered is incomplete.
|
|
Too many parameters
|
You have entered too many parameters.
|
|
Ambiguous command
|
The parameters entered are ambiguous.
|
|
Wrong parameter found at '^' position
|
The parameter at the '^' position is
incorrect.
|
The CLI provides basic command edit
functions and supports multi-line editing. The maximum number of characters a
command can contain is 256. Table 1-8 lists the CLI edit operations.
Table 1-8 Edit operations
|
Press…
|
To…
|
|
Common key
|
Insert the character the key represents
at the cursor and move the cursor one character to the right if the edit
buffer is not full.
|
|
Backspace key
|
Delete the character on the left of the
cursor and move the cursor one character to the left.
|
|
Left arrow key or <Ctrl+B>
|
Move the cursor one character to the
left.
|
|
Right arrow key or <Ctrl+F>
|
Move the cursor one character to the
right.
|
|
Up arrow key or <Ctrl+P>
Down arrow key or <Ctrl+N>
|
Display history commands.
|
|
Tab key
|
Utilize the partial online help. That is,
when you enter an incomplete keyword and press the Tab key, if the input
keyword uniquely identifies an existing keyword, the system substitutes the
complete key word for the incomplete keyword; if the input keyword matches
more than one keyword, all the keywords are displayed on the terminal screen,
with each keyword on a line; if the input arguments matches no keyword, the
system displays your original input on a new line without any change.
|
