A command line interface (CLI) is an
interaction interface, through which users can configure a switch by entering
commands and confirm the configuration result by viewing the output
information. A H3C series Ethernet switch provides a command line interface
(CLI) and commands for you to configure and manage the Ethernet switch. The CLI
is featured by the following:
l
Commands are grouped by levels to ensure that
unauthorized users cannot configure a switch through CLI with a higher level.
l
Users can gain online help at any time by entering
the question mark "?".
l
Commonly used diagnosing utilities (such as Tracert
and Ping) are available.
l
Debugging information of various kinds is
available.
l
The command history is available. You can recall
and execute a history command easily.
l
You can execute a command by only entering part
of the command in the CLI, as long as the keywords you input uniquely identify the
corresponding ones.
To prevent unauthorized accesses, commands are
protected at different levels.
Commands fall into four protection levels: visit,
monitor, system, and manage:
l
Visit level: Commands at this level are mainly used
to diagnose network and change the language mode of user interface, and cannot
be saved in configuration files. For example, the ping, tracert,
and language-mode commands are at this level.
l
Monitor level: Commands at this level are mainly
used to maintain the system and diagnose service problems, and cannot be saved
to configuration files. For example, the display and debugging
commands are at this level.
l
System level: Commands at this level are mainly used
to configure services. Commands concerning routing and network layers are at
this level. You can utilize network services by using these commands.
l
Manage level: Commands at this level are associated
with the basic operation of the system, and the system supporting modules. These
commands provide supports to services. Commands concerning file system, FTP/TFTP/XModem
downloading, user management, and level setting are at this level.
Users logging into a switch also fall into four
levels, each of which corresponding to one of the above command levels. Users at
a specific level can only use the commands of the same level and those of the
lower levels.
By default, the users logging in to the
switch through the Console port can use Level 3 CLI and the users logging in to
the switch through Telnet can use Level 0 CLI.
User levels can be switched with a command.
You can switch to a lower level unconditionally. But if you need to switch to a
higher level, a level switching password is required. Before performing user
level switching, make sure that the level switching password has been
configured by using the super password command. If you enter an
incorrect password or a password has not been configured in advance, you will
fail to switch between user levels.
I. Setting a user level switching
password
Table 1-1 Set a user level switching password
|
Operation
|
Command
|
Description
|
|
Enter system view
|
system-view
|
—
|
|
Set a password for switching from a lower
user level to the user level identified by the level argument
|
super password [ level level ] { simple | cipher
} password
|
Required
|
II. Switching to another user
level
Table 1-2 lists operations to switch to another user level.
Table 1-2 Switch to another user level
|
Operation
|
Command
|
Description
|
|
Switch to the user level identified by
the level argument
|
super [ level
]
|
Required
In user view
|
l
If you do not specify the user level when
setting the password, the user level is 3 by default.
l
For security purpose, the password a user enters
when switching to a higher user level is not displayed. A user will remain at
the original user level if the user has tried three times to enter the correct
password but fails to do this.
You can configure the level of a specific
command in a specific view. Commands fall into four command levels: visit,
monitor, system, and manage, which are identified as 0, 1, 2, and 3 respectively.
The administrator can change the command level a command belongs to.
Table 1-3 Configure the level of a
specific command in a specific view
|
Operation
|
Command
|
Description
|
|
Enter system view
|
system-view
|
—
|
|
Configure the level of a specific command
in a specific view
|
command-privilege level level view view command
|
Required
Use this command with caution to prevent
inconvenience on maintenance and operation.
|
CLI views are designed for different configuration
tasks. They are interrelated. You will enter user view once you log into a
switch successfully, where you can perform operations such as displaying operation
status and statistical information. And by executing the system-view
command, you can enter system view, where you can enter other views by executing
the corresponding commands.
S3100-SI series Ethernet switches provide
the following CLI views:
l
User view
l
System view
l
Ethernet port view
l
VLAN view
l
VLAN interface view
l
LoopBack interface view
l
Null interface view
l
Local user view
l
User interface view
l
FTP client view
l
SFTP client view
l
MST region view
l
Cluster view
l
Public key view
l
Public key editing view
l
Basic ACL view
l
Advanced ACL view
l
RADIUS scheme view
l
ISP domain view
l
HWTACACS view
Table 1-4 lists information about CLI views (including the operations you can performed in these views, how to enter these views, and so on).
Table 1-4 CLI views
|
View
|
Available operation
|
Prompt example
|
Enter method
|
Quit method
|
|
User view
|
Display operation status and statistical
information
|
<H3C>
|
Enter user view once logging into the
switch.
|
Execute the quit command in user
view to log out of the switch.
|
|
System view
|
Configure system parameters
|
[H3C]
|
Execute the system-view command in
user view.
|
Execute the quit or return
command to return to user view.
|
|
Ethernet port view
|
Configure Ethernet port parameters
|
[H3C-Ethernet1/0/1]
|
Execute the interface ethernet
1/0/1 command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to return
to user view.
|
|
VLAN view
|
Configure VLAN parameters
|
[H3C-Vlan1]
|
Execute the vlan 1 command in
system view.
|
Execute the quit command to return
to system view.
Execute the return command to return
to user view.
|
|
VLAN interface view
|
Configure IP interface parameters for VLANs
and aggregated VLANs
|
[H3C-Vlan-interface1]
|
Execute the interface vlan-interface
1 command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to return
to user view.
|
|
LoopBack interface view
|
Configure LoopBack interface parameters
|
[H3C-LoopBack0]
|
Execute the interface loopback 0
command in system view
|
Execute the quit command to return
to system view.
Execute the return command to return
to user view.
|
|
Null interface view
|
Configure null interface parameters
|
[H3C-NULL0]
|
Execute the interface NULL
0 command in system view
|
Execute the quit command to return
to system view.
Execute the return command to return
to user view.
|
|
Local user view
|
Configure local user parameters
|
[H3C-luser-user1]
|
Execute the local-user user1
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
User interface view
|
Configure user interface parameters
|
[H3C-ui0]
|
Execute the user-interface 0
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
FTP client view
|
Configure FTP client parameters
|
[ftp]
|
Execute the ftp command in user
view.
|
Execute the quit command to return
to user view.
|
|
SFTP client view
|
Configure SFTP client parameters
|
<sftp-client>
|
Execute the sftp 10.1.1.1 command
in system view.
|
Execute the quit command to return
to user view.
|
|
MST region view
|
Configure MST region parameters
|
[H3C-mst-region]
|
Execute the stp region-configuration
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
Cluster view
|
Configure cluster parameters
|
[H3C-cluster]
|
Execute the cluster command in
system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
Public key view
|
Configure RSA public keys for SSH users
|
[H3C-rsa-public-key]
|
Execute the rsa peer-public-key H3C003
command in system view.
|
Execute the peer-public-key end
command to return to system view.
|
|
Public key editing view
|
Edit RSA public keys of SSH users
|
[H3C-rsa-key-code]
|
Execute the public-key-code begin
command in public key view.
|
Execute the public-key-code end
command to return to public key view.
|
|
Basic ACL view
|
Define rules for a basic ACL (ACLs with
their IDs ranging from 2000 to 2999 are basic ACLs.)
|
[H3C-acl- basic-2000]
|
Execute the acl number 2000
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
Advanced ACL view
|
Define rules for an advanced ACL (ACLs
with their IDs ranging from 3000 to 3999 are advanced ACLs.)
|
[H3C-acl- adv-3000]
|
Execute the acl number 3000
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
RADIUS scheme view
|
Configure RADIUS parameters
|
[H3C-radius-1]
|
Execute the radius scheme 1
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
ISP domain view
|
Configure parameters for an ISP domain
|
[H3C-isp-a163.net]
|
Execute the domain a163.net
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
HWTACACS view
|
Configure HWTACACS parameters
|
[H3C-hwtacacs-a123]
|
Execute the hwtacacs scheme a123
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
The function of
<Ctrl+Z> is the same as that of the return command.
CLI provides two types of online help:
complete online help and partial online help. They assist you with your
configuration.
I. Complete online help
Enter a "?" character in any view
on your terminal to display all the commands available in the view and their brief
descriptions. The following takes user view as an example.
<H3C> ?
User view commands:
boot Set boot option
cd Change current
directory
clock Specify the
system clock
cluster Run cluster
command
copy Copy from one
file to another
debugging Enable system
debugging functions
delete Delete a file
dir List files on a
file system
display Display current
system information
<omitted>
Enter a command, a space, and a "?"
character (instead of a keyword available in this position of the command) on
your terminal to display all the available keywords and their brief
descriptions. The following takes the clock command as an example.
<H3C> clock ?
datetime Specify the time and
date
summer-time Configure summer time
timezone Configure time zone
Enter a command, a space, and a "?"
character (instead of an argument available in this position of the command) on
your terminal to display all the available arguments and their brief
descriptions. The following takes the interface vlan command as an
example.
[H3C] interface vlan-interface ?
<1-4094> VLAN interface
number
[H3C] interface vlan-interface 1 ?
<cr>
The string <cr> means no argument is available
in the position occupied by the "?" character. You can execute the
command without providing any other information.
II. Partial online help
Enter a string followed directly by a "?"
character on your terminal to display all the commands beginning with the
string. For example:
<H3C> p?
ping
pwd
Enter a command, a space, and a string
followed by a "?" character on your terminal to display all the
keywords that belong to the command and begin with the string (if available).
For example:
<H3C> display v?
version
vlan
Enter the first several characters of a
keyword in a command and then press <Tab>, the complete keyword will be
displayed on the terminal screen if the input characters uniquely identify a
keyword; all the keywords that match the input characters will be displayed on
the terminal screen if the input characters match more than one keyword.
CLI provides the Display suspending
feature. That is, the displaying of output information can be paused when the
screen is full and you can then perform the three operations listed in Table 1-5 as needed.
Table 1-5 Displaying-related operations
|
Operation
|
Function
|
|
Press <Ctrl+C>
|
Suspend displaying
|
|
Press the space key
|
Scroll the output information up by one
page.
|
|
Press <Enter>
|
Scroll the output information up by one
line.
|
CLI can store the latest executed commands as
history commands so that users can recall and execute them again. By default,
CLI can store 10 history commands for each user. Table
1-6 lists history command-related operations.
Table 1-6 Access history commands
|
Operation
|
Operation
|
Description
|
|
Display history commands
|
Execute the display history-command
command
|
This command displays valid history
commands.
|
|
Access the previous history command
|
Press the up-arrow key or <Ctrl+P>
|
This operation recalls the previous history
command (if available).
|
|
Access the next history command
|
Pressing the down-arrow key or <Ctrl+N>
|
This operation recalls the next history
command (if available).
|
l
You may use arrow keys to access history
commands in Windows 2000/XP/2003 Terminal or Telnet. However, the up-arrow and
down-arrow keys are invalid in Windows 9X HyperTerminal, because they are
defined in a different way. You can use <Ctrl+P> and <Ctrl+N>
instead.
l
When you enter the same command several times,
only one command is saved by the CLI as a history command.
If the command you enter passes the syntax
check, it will be successfully executed; otherwise an error message will appear.
Table 1-7 lists the common error messages.
Table 1-7 Common error messages
|
Error message
|
Description
|
|
Unrecognized
command
|
The
command does not exist.
|
|
The keyword does not exist.
|
|
The parameter type is wrong.
|
|
The parameter value is out of range.
|
|
Incomplete command
|
The command entered is incomplete.
|
|
Too many parameters
|
You have entered too many parameters.
|
|
Ambiguous command
|
The parameters entered are ambiguous.
|
|
Wrong parameter
|
A parameter entered is incorrect.
|
|
found at '^' position.
|
An error is found at '^' position.
|
The CLI provides basic command edit functions
and supports multi-line editing. The maximum number of characters a command can
contain is 254. Table 1-8 lists the CLI edit operations.
Table 1-8 Edit operations
|
Press…
|
To…
|
|
A common key
|
If the command does not reach 254
characters, insert the character at the current cursor position and move the
cursor one character to the right.
|
|
The Backspace key
|
Delete the character on the left of the
cursor and move the cursor one character to the left.
|
|
The left arrow key or <Ctrl+B>
|
Move the cursor one character to the
left.
|
|
The right arrow key or <Ctrl+F>
|
Move the cursor one character to the
right.
|
|
The up arrow key or <Ctrl+P>
The down arrow key or <Ctrl+N>
|
Access history commands.
|
|
The Tab key
|
Utilize the partial online help. That is,
when you enter an incomplete keyword and the Tab key, if the entered keyword
uniquely identifies an existing keyword, the system completes the keyword and
displays the command on the next line; if the input keyword matches more than
one keyword, the keywords are displayed in a new line in turn each time you
press Tab key; if the input keyword matches no keyword, the system displays
your original input on a new line without any change.
|
