A H3C series Ethernet switch provides a
command line interface (CLI) and commands for you to configure and manage the
Ethernet switch. The CLI is featured by the following:
l
Commands are grouped by levels. This prevents
unauthorized users from operating the switch with relevant commands.
l
Users can gain online help at any time by
entering the question mark "?".
l
Commonly used diagnosing utilities (such as
Tracert and Ping) are available.
l
Debugging information of various kinds is
available.
l
The command history is available. You can recall
and execute a history command easily.
l
You can execute a command by only entering part
of the command in the CLI, as long as the keywords you input uniquely identify
the corresponding ones.
To prevent unauthorized accesses, commands
are grouped by command levels.
Commands fall into four levels: visit,
monitor, system, and manage:
l
Visit level: Commands at this level are mainly
used to diagnose network and change the language mode of user interface, and
cannot be saved in configuration files. For example, the ping, tracert,
and language-mode commands are at this level.
l
Monitor level: Commands at this level are mainly
used to maintain the system and diagnose service problems, and cannot be saved
to configuration files. For example, the display and debugging
commands are at this level.
l
System level: Commands at this level are mainly
used to configure services. Commands concerning routing and network layers are
at this level. You can utilize network services by using these commands.
l
Manage level: Commands at this level are
associated with the basic operation of the system, and the system supporting
modules. These commands provide supports to services. Commands concerning file
system, FTP/TFTP/XModem downloading, user management, and level setting are at
this level.
Users logging into a switch also fall into
four levels, each of which corresponding to one of the above command levels.
Users at a specific level can only use the commands of the same level and those
of the lower levels.
A user can switch the user level from one
to another by executing a related command after logging into a switch. The
administrator can also set user level switching passwords as required.
I. Setting a user level switching
password
Table 1-1
lists the operations to set a user level switching password.
Table 1-1 Set a user level switching password
|
Operation
|
Command
|
Description
|
|
Enter system view
|
system-view
|
—
|
|
Set a password for switching from a lower
user level to the user level identified by the level argument
|
super password [ level level ] { simple | cipher
} password
|
Optional
A password is necessary only when a user
switches from a lower user level to a higher user level.
|
II. Switching to another user
level
Table 1-2
lists operations to switch to another user level.
Table 1-2 Switch to another user level
|
Operation
|
Command
|
Description
|
|
Switch to the user level identified by
the level argument
|
super [ level
]
|
Required
Execute this command in user view.
If a password for switching to the user
level identified by the level argument is set and you want to switch
to a lower user level, you will remain at the lower user level unless you
provide the correct password after executing this command.
|
l
If the user level is not specified when user
level switching and the switching password are set, the user level is 3 by
default.
l
For security purpose, the password a user enters
when switching to a higher user level is not displayed. A user will remain at
the original user level if the user has tried three times to enter the correct
password but fails to do this.
You can configure the level of a specific
command in a specific view. Commands fall into four command levels: visit,
monitor, system, and manage, which are identified as 0, 1, 2, and 3
respectively. The administrator can change the command level a command belongs
to.
Table 1-3
lists the operations to configure the level of a specific command.
Table 1-3 Configure the level of a specific command in a specific view
|
Operation
|
Command
|
Description
|
|
Enter system view
|
system-view
|
—
|
|
Configure the level of a specific command
in a specific view
|
command-privilege level level view view command
|
Required
Use this command with caution to prevent
inconvenience on maintenance and operation.
|
CLI views are designed for different
configuration tasks. They are interrelated. You will enter user view once you
log into a switch successfully, where you can perform operations such as
displaying operation status and statistical information. And by executing the system-view
command, you can enter system view, where you can enter other views by
executing the corresponding commands.
The following CLI views are provided:
l
User view
l
System view
l
M-Ethernet interface view
l
Ethernet port view
l
Null interface view
l
Tunnel interface view
l
VLAN view
l
VLAN interface view
l
Loopback interface view
l
Local user view
l
User interface view
l
FTP client view
l
SFTP client view
l
Cluster view
l
DHCP address pool view
l
MST region view
l
RRPP domain view
l
MSDP region view
l
Port-isolate-group view
l
HWping view
l
Public key view
l
Public key code view
l
PIM view
l
RIP view
l
OSPF view
l
OSPF area view
l
BGP view
l
BGP IPv4 family multicast view
l
IS-IS view
l
ES-IS view
l
Routing policy view
l
Basic ACL view
l
Advanced ACL view
l
Layer 2 ACL view
l
User-defined ACL view
l
Traffic-group view
l
QoS view
l
QinQ view
l
RADIUS scheme view
l
HWTACACS scheme view
l
ISP domain view
Table 1-4
lists information about CLI views (including the operations you can performed
in these views, how to enter these views, and so on).
Table 1-4 CLI views
|
View
|
Available operation
|
Prompt example
|
Enter method
|
Quit method
|
|
User view
|
Display operation status and statistical
information
|
<H3C>
|
Enter user view once logging into the
switch.
|
Execute the quit command in user
view to log out of the switch.
|
|
System view
|
Configure system parameters
|
[H3C]
|
Execute the system-view command in
user view.
|
Execute the quit or return
command to return to user view.
|
|
M-Ethernet interface view
|
Configure M-Ethernet interface parameters
|
[H3C-M-Ethernet0/0/0]
|
Manage Ethernet port view.
Execute the interface m-ethernet
0/0/0 command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
Ethernet port view
|
Configure Ethernet port parameters
|
[H3C-Ethernet3/0/1]
|
100 M Ethernet port view
Execute the interface ethernet
3/0/1 command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
[H3C-GigabitEthernet4/0/1]
|
Gigabit Ethernet port view
Execute the interface gigabitethernet
4/0/1 command in system view.
|
|
Null interface view
|
Configure null interface parameters
|
[H3C-NULL0]
|
Execute the interface null 0
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
Tunnel interface view
|
Configure tunnel interface parameters
|
[H3C-Tunnel0]
|
Execute the interface tunnel 0
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
VLAN view
|
Configure VLAN parameters
|
[H3C-vlan1]
|
Execute the vlan 1 command in
system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
VLAN interface view
|
Configure IP interface parameters for
VLANs
|
[H3C-Vlan-interface1]
|
Execute the interface vlan-interface
1 command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
Loopback interface view
|
|
[H3C-LoopBack0]
|
Execute the interface loopback 0
command in system view
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
Local user view
|
Configure local user parameters
|
[H3C-luser-user1]
|
Execute the local-user user1
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
User interface view
|
Configure user interface parameters
|
[H3C-ui0]
|
Execute the user-interface 0
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
FTP client view
|
Configure FTP client parameters
|
[ftp]
|
Execute the ftp command in user
view.
|
Execute the quit command to return
to user view.
|
|
SFTP client view
|
Configure SFTP client parameters
|
<sftp-client>
|
Execute the sftp 10.1.1.1 command
in system view.
|
Execute the quit command to return
to user view.
|
|
Cluster view
|
Configure cluster parameters
|
[H3C-cluster]
|
Execute the cluster command in
system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
DHCP address pool view
|
Configure DHCP address pool parameters
|
[H3C-dhcp-pool-1]
|
Execute the dhcp server ip-pool 1
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
MST region view
|
Configure MST region parameters
|
[H3C-mst-region]
|
Execute the stp region-configuration
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
RRPP domain view
|
Configure RRPP domain parameters
|
[H3C- rrpp-domain1]
|
Execute the rrpp domain 1 command
in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
MSDP domain view
|
Configure MSDP domain parameters
|
[H3C-msdp]
|
Execute the msdp command in system
view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
Port-isolate-group view
|
Configure port-isolate-group parameters
|
[H3C-port-isolate-group1]
|
Execute the port-isolate group 1
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
HWping view
|
Configure HWping test group parameters
|
[H3C-hwping-administrator-test]
|
Execute the hwping administrator
test command in system view
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
Public key view
|
Configure RSA public keys for secure
shell (SSH) users
|
[H3C-rsa-public-key]
|
Execute the rsa peer-public-key
H3C003 command in system view.
|
Execute the peer-public-key end
command to return to system view.
|
|
Public key code view
|
Edit RSA public keys of SSH users
|
[H3C-rsa-key-code]
|
Execute the public-key-code begin
command in public key view.
|
Execute the public-key-code end
command to return to public key view.
|
|
PIM view
|
Configure PIM parameters
|
[H3C-pim]
|
Execute the pim command in system
view.
Use the multicast routing-enable
command in system view to enable multicast routing if multicast routing is
disabled.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
RIP view
|
Configure RIP parameters
|
[H3C-rip]
|
Execute the rip command in system
view
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
OSPF view
|
Configure OSPF protocol parameters
|
[H3C-ospf-1]
|
Execute the ospf command in system
view
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
OSPF area view
|
Configure OSPF area parameters
|
[H3C-ospf-1-area-0.0.0.1]
|
Execute the area 1 command in OSPF
view
|
Execute the quit command to return
to OSPF view.
Execute the return command to
return to user view.
|
|
BGP view
|
Configure parameters for the (border
gateway protocol) BGP protocol
|
[H3C-bgp]
|
Execute the bgp 100 command in
system view
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
BGP IPv4 family multicast view
|
Configure parameters for BGP IPv4 family
multicast
|
[H3C-bgp-af-mul]
|
Execute the ipv4-family multicast
command in BGP view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
IS-IS view
|
Configure IS-IS parameters
|
[H3C-isis]
|
Execute the isis command in system
view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
ES-IS view
|
Configure parameters for the ES-IS
protocol
|
[H3C-esis]
|
Execute the esis command in system
view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
Routing policy view
|
Configure routing policies
|
[H3C-route-policy]
|
Execute the route-policy policy1 permit
node 10 command in system view
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
Basic ACL view
|
Define rules for a basic ACL (ACLs with
their IDs ranging from 2000 to 2999 are basic ACLs.)
|
[H3C-acl- basic-2000]
|
Execute the acl number 2000
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
Advanced ACL view
|
Define rules for an advanced ACL (ACLs
with their IDs ranging from 3000 to 3999 are advanced ACLs.)
|
[H3C-acl- adv-3000]
|
Execute the acl number 3000
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
Layer 2 ACL view
|
Define the sub-rules of Layer 2 ACLs,
which is numbered from 4,000 to 4,999.
|
[H3C-acl-link-4000]
|
Execute the acl number 4000
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
User-defined ACL view
|
Define the sub-rules of user-defined
ACLs, which are in the range of 5000 to 5999
|
[H3C-acl-user-5000]
|
Execute the acl number 5000
command in system view
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
Traffic-group view
|
Configure traffic group parameters
|
[H3C-traffic-group-1]
|
Execute the traffic-accounting
traffic-group 1 command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
QoS view
|
Configure QoS parameters
|
[H3C-qoss-GigabitEthernet4/0/1]
or:
[H3C-qosb-GigabitEthernet4/0/1]
|
Execute the qos command in
Ethernet port view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
QinQ view
|
Create QinQ instances and configure
parameters for QinQ
|
[H3C-GigabitEthernet4/0/1-vid-1000]
|
Execute the vlan-vpn vid 1000
command in Ethernet port view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
RADIUS scheme view
|
Configure RADIUS parameters
|
[H3C-radius-1]
|
Execute the radius scheme 1
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
HWTACACS scheme view
|
Configure parameters for the HWTACACS
protocol
|
[H3C-hwtacacs-1]
|
Execute the hwtacacs scheme 1
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
|
ISP domain view
|
Configure parameters for an ISP domain
|
[H3C-isp-aabbcc.net]
|
Execute the domain aabbcc.net
command in system view.
|
Execute the quit command to return
to system view.
Execute the return command to
return to user view.
|
CLI provides two types of online help: complete
online help and partial online help. They assist you with your configuration.
I. Complete online help
Enter a "?" character in any view
on your terminal to display all the commands available in the view and their
brief descriptions. The following takes user view as an example.
<H3C>
?
User
view commands:
backup Backup current configuration
boot Set boot option
cd Change current directory
clock Specify the system clock
cluster Run cluster command
copy Copy from one file to another
debugging Enable system debugging functions
delete Delete a file
dir List files on a file system
display Display current
system information
<omitted>
Enter a command, a space, and a
"?" character (instead of a keyword available in this position of the
command) on your terminal to display all the available keywords and their brief
descriptions. The following takes the clock command as an example.
<H3C> clock ?
datetime Specify the time and
date
summer-time Configure summer time
timezone Configure time zone
Enter a command, a space, and a
"?" character (instead of an argument available in this position of
the command) on your terminal to display all the available arguments and their
brief descriptions. The following takes the interface vlan command as an
example.
[H3C] interface vlan-interface ?
<1-4094> VLAN interface
number
[H3C] interface vlan-interface 1 ?
<cr>
The string <cr> means no argument is
available in the position occupied by the "?" character. You can
execute the command without providing any other information.
II. Partial online help
Enter a string followed directly by a
"?" character on your terminal to display all the commands beginning
with the string. For example:
<H3C> pi?
ping
Enter a command, a space, and a string
followed by a "?" character on your terminal to display all the
keywords that belong to the command and begin with the string (if available).
For example:
<H3C> display ver?
version
Enter the first several characters of a
keyword in a command and then press <Tab>, the complete keyword will be
displayed on the terminal screen if the input characters uniquely identify a
keyword; all the keyword that match the input characters will be displayed on
the terminal screen if the input characters match more than one keywords.
You can use the language-mode
command to translate the help into Chinese.
CLI provides the following display feature:
l
Display suspending. That is, the displaying of
output information can be paused when the screen is full and you can then
perform the three operations listed in Table 1-5
as needed.
Table 1-5 Displaying-related operations
|
Operation
|
Function
|
|
Press <Ctrl + C>
|
Suspend displaying and executing.
|
|
Press the space key
|
Scroll the output information up by one
page.
|
|
Press <Enter>
|
Scroll the output information up by one
line.
|
CLI can store the latest executed commands
as history commands so that users can recall and execute them again. By
default, CLI can store 10 history commands for each user. Table 1-6 lists history command-related operations.
Table 1-6 Access history commands
|
Operation
|
Operation
|
Description
|
|
Display history commands
|
Execute the display history-command
command
|
This command displays valid history
commands.
|
|
Recall the previous history command
|
Press the up-arrow key or <Ctrl +
P>
|
This operation recalls the previous
history command (if available).
|
|
Recall the next history command
|
Pressing the down-arrow key or <Ctrl +
N>
|
This operation recalls the next history
command (if available).
|
l
As the Up and Down keys have different meanings
in HyperTerminal running on Windows 9x, these two keys can be used to recall
history commands only in terminals running Windows 3.x or Telnet running in
Windows 3.x. You can press <Ctrl + P> or <Ctrl + N> in Windows 9x
to achieve the same purpose.
l
If you enter and execute the same command
successively for multiple times, only the first command is buffered.
If the command you enter passes the syntax
check, it will be successfully executed; otherwise an error message will
appear. Table 1-7 lists the common error messages.
Table 1-7 Common error messages
|
Error message
|
Description
|
|
Unrecognized
command
|
The
command does not exist.
|
|
The keyword does not exist.
|
|
The parameter type is wrong.
|
|
The parameter value is out of range.
|
|
Incomplete command
|
The command entered is incomplete.
|
|
Too many parameters
|
You have entered too many parameters.
|
|
Ambiguous command
|
The parameters entered are ambiguous.
|
|
Wrong parameter found at '^' position.
|
