H3C S3100-52P Ethernet Switch Operation Manual-Release 1500(V1.02)

HomeSupportResource CenterSwitchesH3C S3100 Switch SeriesH3C S3100 Switch SeriesTechnical DocumentsConfigure & DeployConfiguration GuidesH3C S3100-52P Ethernet Switch Operation Manual-Release 1500(V1.02)
01-CLI Operation
Title Size Download
01-CLI Operation 102.25 KB

Chapter 1  CLI Configuration

1.1  Introduction to the CLI

H3C series Ethernet switches provide a command line interface (CLI) and commands for you to configure and manage your switches. The CLI is featured by the following:

l           Commands are grouped by level. This prevents unauthorized users from configuring switches with relevant commands.

l           You can gain online help at any time by entering a question mark "?".

l           Common diagnostic utilities (such as Tracert and Ping) are available.

l           A variety of debugging information is available.

l           A function similar to Doskey is provided for you to execute a history command.

l           You can execute a command by entering part of the command in the CLI as long as the keywords you enter do not conflict those of other commands.

1.2  Command Level/Command View

To prevent unauthorized accesses, commands are grouped by level.

Commands fall into four levels: visit, monitor, system, and manage.

l           Visit level: Commands at this level are mainly used to diagnose network and switch the language mode on the user interface, and they cannot be saved in configuration files. Such commands include ping, tracert, and language-mode.

l           Monitor level: Commands at this level are mainly used to maintain the system and diagnose service faults, and they cannot be saved in configuration files. Such commands include display and debugging.

l           System level: Commands at this level are mainly used to configure services. Commands concerning routing and network layers are at this level. These commands can be used to provide network services directly.

l           Manage level: Commands at this level are associated with the basic operation modules and support modules of the system. These commands provide supports for services. Commands concerning file system, FTP/TFTP/XModem downloading, user management, and level setting are at this level.

Users logging in to a switch also fall into four levels, which respectively correspond to the command levels. Users at a specific level can only use the commands at the same level or lower levels.

1.2.1  Switching between User Levels

You can switch from one user level to another by executing a related command and set a password for the switching as required after logging in to a switch.

I. Setting a password for user level switching

Table 1-1 lists the operations to set a password for user level switching.

Table 1-1 Set a password for user level switching

Operation

Command

Description

Enter system view

system-view

Set a password for switching from a lower user level to the user level specified by the level argument

super password [ level level ] { simple | cipher } password

Optional

A password is necessary only when a user switches from a lower user level to a higher user level.

 

II. Switching between user levels

Table 1-2 lists the operation to switch between user levels.

Table 1-2 Switch between user levels

Operation

Command

Description

Switch from the current user level to the user level specified by the level argument

super [ level ]

Required

Execute this command in user view.

If you have set a password for user level switching by using the super password command and you want to switch from a lower user level to a higher user level, you need to enter the correct password. Otherwise, you will remain at the original user level.

 

&  Note:

l      By default, you switch from the current user level to level 3.

l      For the purpose of security, you cannot see the password you enter on the screen. You will remain at the original user level if you fail to enter the correct password after you have tried more than three times.

 

1.2.2  Configuring a Level for a Specific Command in a Specific View

You can configure a level for a specific command in a specific view. Commands fall into four levels: visit, monitor, system, and manage, which are identified as 0, 1, 2, and 3 respectively. The administrator can change the command level according to the requirements..

Table 1-3 lists the operations to configure a level for a specific command.

Table 1-3 Configure a level for a specific command in a specific view

Operation

Command

Description

Enter system view

system-view

Configure a level for a specific command in a specific view

command-privilege level level view view command

Required

It is forbidden to change the command level at will. Doing so may bring inconvenience to maintenance and operation.

 

1.2.3  CLI Views

CLI views are designed for different configuration tasks. They are related but distinguished. You will enter user view once you log in to a switch successfully, where you can view operation status and statistics information. After executing the system-view command, you can enter system view, where you can go into other views by entering corresponding commands.

The following CLI views are provided:

l           User view

l           System view

l           Ethernet interface view

l           VLAN view

l           VLAN interface view

l           Loopback interface view

l           Local user view

l           User interface view

l           FTP client view

l           SFTP client view

l           MST region view

l           Cluster view

l           Public key view

l           Public key code view

l           DHCP address pool view

l           PIM view

l           RIP view

l           OSPF view

l           OSPF area view

l           Routing policy view

l           Basic ACL view

l           Advanced ACL view

l           Layer 2 ACL view

l           User-defined ACL view

l           QoS profile view

l           RADIUS scheme view

l           ISP domain view

l           HWPing view

l           HWTACACS view

l           MSDP view

l           PoE profile view

Table 1-4 lists operations you can perform in these CLI views and details about commands used to enter these CLI views.

Table 1-4 Operations in CLI views

View

Available operation

Prompt

Enter method

Quit method

User view

Display operation status and statistical information

<H3C>

Enter user view once logging in to the switch.

Execute the quit command in user view to log out of the switch.

System view

Configure system parameters

[H3C]

Execute the system-view command in user view.

Execute the quit or return command to return to user view.

Ethernet interface view

Configure Ethernet interface parameters

[H3C-Ethernet1/0/1]

100M Ethernet interface view

Execute the interface ethernet 1/0/1 command in system view.

Execute the quit command to return to system view.

Execute the return command to return to user view.

[H3C-GigabitEthernet1/1/1]

Gigabit Ethernet interface view

Execute the interface gigabitethernet 1/1/1 command in system view.

VLAN view

Configure VLAN parameters

[H3C-vlan1]

Execute the vlan 1 command in system view.

Execute the quit command to return to system view.

Execute the return command to return to user view.

VLAN interface view

Configure IP interface parameters for VLANs and aggregated VLANs

[H3C-Vlan-interface1]

Execute the interface vlan-interface 1 command in system view.

Execute the quit command to return to system view.

Execute the return command to return to user view.

Loopback interface view

Configure loopback interface parameters

[H3C-LoopBack0]

Execute the interface loopback 0 command in system view

Execute the quit command to return to system view.

Execute the return command to return to user view.

Local user view

Configure local user parameters

[H3C-luser-user1]

Execute the local-user user1 command in system view.

Execute the quit command to return to system view.

Execute the return command to return to user view.

User interface view

Configure user interface parameters

[H3C-ui0]

Execute the user-interface 0 command in system view.

Execute the quit command to return to system view.

Execute the return command to return to user view.

FTP client view

Configure FTP client parameters

[ftp]

Execute the ftp command in user view.

Execute the quit command to return to user view.

SFTP client view

Configure SFTP client parameters

sftp-client>

Execute the sftp 10.1.1.1 command in system view.

Execute the quit command to return to user view.

MST region view

Configure MST region parameters

[H3C-mst-region]

Execute the stp region-configuration command in system view.

Execute the quit command to return to system view.

Execute the return command to return to user view.

Cluster view

Configure cluster parameters

[H3C-cluster]

Execute the cluster command in system view.

Execute the quit command to return to system view.

Execute the return command to return to user view.

Public key view

Configure RSA public keys for SSH users

[H3C-rsa-public-key]

Execute the rsa peer-public-key a003 command in system view.

Execute the peer-public-key end command to return to system view.

Public key code view

Edit RSA public key for SSH users

[H3C-rsa-key-code]

Execute the public-key-code begin command in public key code view

Execute the public-key-code end command to return to public key view

DHCP address pool view

Configure DHCP address pool parameters

[H3C-dhcp-pool-a123]

Execute the dhcp server ip-pool a123 command in system view

Execute the quit command to return to system view.

Execute the return command to return to user view.

PIM view

Configure PIM parameters

[H3C-pim]

Execute the pim command in system view

Execute the quit command to return to system view.

Execute the return command to return to user view.

RIP view

Configure RIP parameters

[H3C-rip]

Execute the rip command in system view

Execute the quit command to return to system view.

Execute the return command to return to user view.

OSPF view

Configure OSPF protocol parameters

[H3C-ospf-1]

Execute the ospf command in system view

Execute the quit command to return to system view.

Execute the return command to return to user view.

OSPF area view

Configure OSPF area parameters

[H3C-ospf-1-area-0.0.0.1]

Execute the area 1 command in OSPF view

Execute the quit command to return to OSPF view.

Execute the return command to return to user view.

Routing policy view

Configure routing policies

[H3C-route-policy]

Execute the route-policy policy1 permit node 10 command in system view

Execute the quit command to return to system view.

Execute the return command to return to user view.

Basic ACL view

Define sub-rules for a basic ACL (with ID ranging from 2000 to 2999)

[H3C-acl- basic-2000]

Execute the acl number 2000 command in system view.

Execute the quit command to return to system view.

Execute the return command to return to user view.

Advanced ACL view

Define sub-rules for an advanced ACL (with ID ranging from 3000 to 3999)

[H3C-acl- adv-3000]

Execute the acl number 3000 command in system view.

Execute the quit command to return to system view.

Execute the return command to return to user view.

Layer 2 ACL view

Define sub-rules for an layer 2 ACL (with ID ranging from 4000 to 4999)

[H3C-acl-ethernetframe-4000]

Execute the acl number 4000 command in system view.

Execute the quit command to return to system view.

Execute the return command to return to user view.

User-defined ACL view

Define sub-rules for a user-defined ACL (with ID ranging from 5000 to 5999)

[H3C-acl-user-5000]

Execute the acl number 5000 command in system view

Execute the quit command to return to system view.

Execute the return command to return to user view.

QoS profile view

Define QoS profile

[H3C-qos-profile-a123]

Execute the qos-profile a123 command in system view

Execute the quit command to return to system view.

Execute the return command to return to user view.

RADIUS scheme view

Configure RADIUS parameters

[H3C-radius-1]

Execute the radius scheme 1 command in system view.

Execute the quit command to return to system view.

Execute the return command to return to user view.

ISP domain view

Configure ISP domain parameters

[H3C-isp-aaa163.net]

Execute the domain aaa163.net command in system view.

Execute the quit command to return to system view.

Execute the return command to return to user view.

HWPing view

Configure HWPing parameters

[H3C-hwping-a123-a123]

Execute the hwping a123 a123 command in system view

Execute the quit command to return to system view.

Execute the return command to return to user view.

HWTACACS view

Configure HWTACACS parameters

[H3C-hwtacacs-a123]

Execute the hwtacacs scheme a123 command in system view

Execute the quit command to return to system view.

Execute the return command to return to user view.

MSDP view

Configure MSDP parameters

[H3C-msdp]

Execute the msdp command in system view

Execute the quit command to return to system view.

Execute the return command to return to user view.

PoE profile view

Configure PoE profile parameters

[H3C-poe-profile-a123]

Execute the poe-profile a123 command in system view

Execute the quit command to return to system view.

Execute the return command to return to user view.

 

&  Note:

The <Ctrl + Z> keys function as the return command does.

 

1.3  CLI Features

1.3.1  Online Help

CLI provides two types of online help: complete online help and partial online help. You can obtain help information necessary for the switch configuration.

I. Complete online help

Enter a "?" character in any view on your terminal to display all the commands available in the view and their brief descriptions. The following takes user view as an example.

<H3C> ?

User view commands:

  backup             Backup current configuration

  boot               Set boot option

  cd                 Change current directory

  clock              Specify the system clock

  cluster            Run cluster command

  copy               Copy from one file to another

  debugging          Enable system debugging functions

  delete             Delete a file

  dir                List files on a file system

  display            Display current system information

  <omitted>

Enter a command, a space, and a "?" character. If a keyword is in the “?” position of the command, all available keywords and their brief descriptions will be displayed on your terminal. The following takes the clock command as an example.

<H3C> clock ?

  datetime     Specify the time and date

  summer-time  Configure summer time

  timezone     Configure time zone

Enter a command, a space, and a "?" character. If an argument is in the “?” position of the command, all available arguments and their brief descriptions will be displayed on your terminal. The following takes the interface vlan command as an example.

[H3C] interface vlan-interface ?

  <1-4094>  VLAN interface number

[H3C] interface vlan-interface 1 ?

  <cr>

The <cr> string means that no argument is available in the “?” position. You can directly execute the command by pressing <Enter>.

II. Partial online help

Enter a character string followed by a "?" character on your terminal to display all the commands beginning with the string. For example:

<H3C> pi?

   ping

Enter a command, a space, and a character string followed by a "?" character on your terminal to display all the keywords that belong to the command and begin with the string (if available). For example:

<H3C> display ver?

  version

Enter the first several characters of a keyword in a command and then press <Tab>, the complete keyword will be displayed on the terminal screen if the input characters uniquely identify a keyword; all the keywords that match the input characters will be displayed on the terminal screen if the input characters match more than one keyword.

You can use the language-mode command to display the help information in English.

1.3.2  Terminal Display

CLI provides the following display features:

l           The prompt information and help information can be displayed in Chinese or English.

l           Display suspension. That is, the display of output information can be paused when the screen is full and you can then perform one of the three operations listed in Table 1-5 as needed.

Table 1-5 Display-related operations

Operation

Function

Press <Ctrl+C>

Suspend the display and execution of a command.

Press the space key

Scroll the output information up by one page.

Press <Enter>

Scroll the output information up by one line.

 

1.3.3  History Commands

The CLI provides a function similar to Doskey to store the history commands automatically. You can recall and execute these history commands at any time. By default, the CLI can store 10 history commands for each user. Table 1-6 lists history command-related operations.

Table 1-6 Access history commands

Operation

Operation

Description

Display history commands

Execute the display history-command command

This command displays valid history commands.

Recall the previous history command

Press the up-arrow key or <Ctrl+P>

This operation recalls the previous history command (if available).

Recall the next history command

Pressing the down-arrow key or <Ctrl+N>

This operation recalls the next history command (if available).

 

&  Note:

l      The Up and Down arrow keys can be used to recall history commands only in terminals running on Windows 3.x or Telnet running on Windows 3.x. You can press <Ctrl + P> or <Ctrl + N> in terminals running on Windows 9x to achieve the same purpose.

l      If you enter and execute the same command for multiple times, the command is buffered when it is entered for the first time.

 

1.3.4  Error Messages

If the command you enter passes the syntax check, it will be successfully executed; otherwise an error message will appear. Table 1-7 lists the common error messages.

Table 1-7 Common error messages

Error message

Description

Unrecognized command

The command does not exist.

The keyword does not exist.

The parameter type is wrong.

The parameter value is out of range.

Incomplete command

The command entered is incomplete.

Too many parameters

You have entered too many parameters.

Ambiguous command

The parameters entered are ambiguous.

Wrong parameter found at '^' position

The parameter at the '^' position is incorrect.

 

1.3.5  Command Edit

The CLI provides basic command edit functions and supports multi-line editing. The maximum number of characters a command can contain is 256. Table 1-8 lists the CLI edit operations.

Table 1-8 Edit operations

Press…

To…

Common key

Insert the character the key represents at the cursor and move the cursor one character to the right if the edit buffer is not full.

Backspace key

Delete the character on the left of the cursor and move the cursor one character to the left.

Left arrow key or <Ctrl+B>

Move the cursor one character to the left.

Right arrow key or <Ctrl+F>

Move the cursor one character to the right.

Up arrow key or <Ctrl+P>

Down arrow key or <Ctrl+N>

Display history commands.

Tab key

Utilize the partial online help. That is, when you enter an incomplete keyword and press the Tab key, if the input keyword uniquely identifies an existing keyword, the system substitutes the complete key word for the incomplete keyword; if the input keyword matches more than one keyword, all the keywords are displayed on the terminal screen, with each keyword on a line; if the input arguments matches no keyword, the system displays your original input on a new line without any change.