You must enable javascript in order to view this page or you can go
here
to view the webhelp.
Contents
Search
Loading, please wait ...
Aruba 2930F / 2930M Management and Configuration Guide for ArubaOS-Switch 16.09
Home
About this guide
Applicable products
Switch prompts used in this guide
Time Protocols
General steps for running a time protocol on the switch
TimeP time synchronization
SNTP time synchronization
NTP time synchronization
timesync Command
Selecting a time synchronization protocol
Disabling time synchronization
TimeP: Selecting and configuring
Viewing the current TimeP configuration (CLI)
Configuring (enabling or disabling) the TimeP mode
SNTP: Selecting and configuring
Viewing and configuring SNTP (CLI)
Configuring (enabling or disabling) the SNTP mode
SNTP client authentication
Requirements
Configuring the key-identifier, authentication mode, and key-value (CLI)
Configuring a trusted key
Associating a key with an SNTP server (CLI)
Enabling SNTP client authentication
Configuring unicast and broadcast mode for authentication
Viewing SNTP authentication configuration information (CLI)
Saving configuration files and the include-credentials command
SNTP unicast time polling with multiple SNTP servers
Displaying all SNTP server addresses configured on the switch (CLI)
Adding and deleting SNTP server addresses
Adding addresses
Deleting addresses
SNTP messages in the Event Log
Network Time Protocol (NTP)
Commands
timesync ntp
ntp
ntp
ntp enable
ntp authentication
ntp authentication key-id
ntp max-association
ntp server
ntp server key-id
ntp ipv6-multicast
debug ntp
ntp trap
show ntp statistics
show ntp status
show ntp associations
show ntp authentication
Precision Time Protocol (PTP)
ptp
show ptp
Monitoring resources
Displaying current resource usage
Viewing information on resource usage
Policy enforcement engine
Usage notes for show resources output
When insufficient resources are available
Port Status and Configuration
Viewing port status and configuring port parameters
Connecting transceivers to fixed-configuration devices
Viewing port status and configuration (CLI)
Dynamically updating the show interfaces command (CLI/Menu)
Customizing the show interfaces command (CLI)
Error messages associated with the show interfaces command
show interface smartrate
Viewing port utilization statistics (CLI)
Operating notes for viewing port utilization statistics
Viewing transceiver status (CLI)
Operating Notes
Enabling or disabling ports and configuring port mode (CLI)
Enabling or disabling flow control (CLI)
Port shutdown with broadcast storm
Viewing broadcast storm
SNMP MIB
Multicast Storm Control
Overview
fault-finder multicast-storm
fault-finder multicast-storm action
show logging
Restrictions
Configuring auto-MDIX
Manual override
Configuring auto-MDIX (CLI)
Using friendly (optional) port names
Configuring and operating rules for friendly port names
Configuring friendly port names (CLI)
Configuring a single port name (CLI)
Configuring the same name for multiple ports (CLI)
Displaying friendly port names with other port data (CLI)
Listing all ports or selected ports with their friendly port names (CLI)
Including friendly port names in per-port statistics listings (CLI)
Searching the configuration for ports with friendly port names (CLI)
Uni-directional link detection (UDLD)
Configuring UDLD
Configuring uni-directional link detection (UDLD) (CLI)
Enabling UDLD (CLI)
Changing the keepalive interval (CLI)
Changing the keepalive retries (CLI)
Configuring UDLD for tagged ports
Viewing UDLD information (CLI)
Viewing summary information on all UDLD-enabled ports (CLI)
Viewing detailed UDLD information for specific ports (CLI)
Clearing UDLD statistics (CLI)
Uplink Failure Detection
Configuration Guidelines for UFD
UFD enable/disable
uplink-failure-detection
UFD configuration
uplink-failure-detection track
show uplink-failure-detection
Error log
Invalid port error messages
Basic USB port commands
usb-port
show usb-port
Power Over Ethernet (PoE/PoE+) Operation
Introduction to PoE
PoE terminology
Planning and implementing a PoE configuration
Power requirements
Assigning PoE ports to VLANs
Applying security features to PoE configurations
Assigning priority policies to PoE traffic
PoE operation
Configuration options
PD support
Power priority operation
When is power allocation prioritized?
How is power allocation prioritized?
Configuring PoE operation
Disabling or re-enabling PoE port operation
Enabling support for pre-standard devices
Configuring the PoE port priority
Controlling PoE allocation
Manually configuring PoE power levels
Configuring PoE redundancy
Changing the threshold for generating a power notice
PoE/PoE+ allocation using LLDP information
LLDP with PoE
Enabling or disabling ports for allocating power using LLDP
Enabling PoE detection via LLDP TLV advertisement
LLDP with PoE+
Overview
PoE allocation
Viewing PoE when using LLDP information
Operating note
Viewing the global PoE power status of the switch
Viewing PoE status on all ports
Viewing the PoE status on specific ports
802.3bt support
Definition of terms
Configuring the switch
Recommendations
Show commands
PoE Event Log messages
Port Trunking
Overview of port trunking
Port connections and configuration
Port trunk features and operation
Fault tolerance
Trunk configuration methods
Dynamic LACP trunk
Using keys to control dynamic LACP trunk configuration
Static trunk
Viewing and configuring port trunk groups (CLI)
Viewing static trunk type and group for all ports or for selected ports
Viewing static LACP and dynamic LACP trunk data
Dynamic LACP Standby Links
Configuring a static trunk or static LACP trunk group
Removing ports from a static trunk group
Enabling a dynamic LACP trunk group
Removing ports from a dynamic LACP trunk group
Specifying Minimum Active Links for LACP
lacp min-active-links
lacp enable-timer
show lacp min-active-links
Limitations
Viewing existing port trunk groups (WebAgent)
Trunk group operation using LACP
Default port operation
LACP notes and restrictions
802.1X (Port-based access control) configured on a port
Port security configured on a port
Changing trunking methods
Static LACP trunks
Dynamic LACP trunks
VLANs and dynamic LACP
Blocked ports with older devices
Spanning Tree and IGMP
Half-duplex, different port speeds, or both not allowed in LACP trunks
Dynamic/static LACP interoperation
Trunk group operation using the "trunk" option
How the switch lists trunk data
Outbound traffic distribution across trunked links
Trunk load balancing using port layers
Enabling trunk load balancing
Port Traffic Controls
Rate-limiting
All traffic rate-limiting
Configuring in/out rate-limiting
Displaying the current rate-limit configuration
Operating notes for rate-limiting
ICMP rate-limiting
Guidelines for configuring ICMP rate-limiting
Configuring ICMP rate-limiting
Using both ICMP rate-limiting and all-traffic rate-limiting on the same interface
Viewing the current ICMP rate-limit configuration
Operating notes for ICMP rate-limiting
ICMP rate-limiting trap and Event Log messages
Determining the switch port number used in ICMP port reset commands
Configuring inbound rate-limiting for broadcast and multicast traffic
Operating Notes
Guaranteed minimum bandwidth (GMB)
GMB operation
Impacts of QoS queue configuration on GMB operation
Configuring GMB for outbound traffic
Viewing the current GMB configuration
GMB operating notes
Impact of QoS queue configuration on GMB commands
Rate-limiting Unknown Unicast Traffic
rate-limit unknown-unicast in percent
rate-limit unknown-unicast in kbps
show rate-limit unknown-unicast
Jumbo frames
Operating rules
Jumbo traffic-handling
Configuring jumbo frame operation
Overview
Viewing the current jumbo configuration
Enabling or disabling jumbo traffic on a VLAN
Configuring a maximum frame size
Configuring IP MTU
SNMP implementation
Displaying the maximum frame size
Operating notes for maximum frame size
Troubleshooting
A VLAN is configured to allow jumbo frames, but one or more ports drops all inbound jumbo frames
A non-jumbo port is generating "Excessive undersize/giant frames" messages in the Event Log
Fault Finder
Fault Finder thresholds
Enabling Fault Finder
Configuring for Network Management Applications
Using SNMP tools to manage the switch
SNMP management features
SNMPv1 and v2c access to the switch
SNMPv3 access to the switch
Enabling and disabling switch for access from SNMPv3 agents
Enabling or disabling restrictions to access from only SNMPv3 agents
Enabling or disabling restrictions from all non-SNMPv3 agents to read-only access
Viewing the operating status of SNMPv3
Viewing status of message reception of non-SNMPv3 messages
Viewing status of write messages of non-SNMPv3 messages
Enabling SNMPv3
SNMPv3 users
Group access levels
SNMPv3 communities
Listing community names and values (CLI)
SNMP notifications
Supported Notifications
General steps for configuring SNMP notifications
SNMPv1 and SNMPv2c Traps
SNMP trap receivers
Overview
SNMP trap when MAC address table changes
SNMPv2c informs
Configuring SNMPv3 notifications (CLI)
Network security notifications
Enabling Link-Change Traps (CLI)
Source IP address for SNMP notifications
Viewing SNMP notification configuration (CLI)
Hardware events and traps
Current default traps
Event scenario matrix
Enabling and disabling traps
SNMP trap captures examples
Configuring the MAC address count option
Displaying information about the mac-count-notify option
Advanced management: RMON
CLI-configured sFlow with multiple instances
Configuring sFlow (CLI)
Viewing sFlow Configuration and Status (CLI)
Configuring UDLD Verify before forwarding
UDLD time delay
Restrictions
UDLD configuration commands
Show commands
RMON generated when user changes UDLD mode
LLDP
General LLDP operation
LLDP-MED
Packet boundaries in a network topology
LLDP operation configuration options
Enable or disable LLDP on the switch
Enable or disable LLDP-MED
Change the frequency of LLDP packet transmission to neighbor devices
Change the Time-To-Live for LLDP packets sent to neighbors
Transmit and receive mode
SNMP notification
Per-port (outbound) data options
Remote management address
Debug logging
Options for reading LLDP information collected by the switch
LLDP and LLDP-MED standards compatibility
LLDP operating rules
Port trunking
IP address advertisements
Spanning-tree blocking
802.1X blocking
Configuring LLDP operation
Displaying the global LLDP, port admin, and SNMP notification status (CLI)
Configuring Global LLDP Packet Controls
Configuring SNMP notification support
Configuring per-port transmit and receive modes (CLI)
Basic LLDP per-port advertisement content
Support for port speed and duplex advertisements
Port VLAN ID TLV support on LLDP
Configuring the VLAN ID TLV
Viewing the TLVs advertised
SNMP support
LLDP-MED (media-endpoint-discovery)
LLDP-MED endpoint support
LLDP-MED endpoint device classes
LLDP-MED operational support
LLDP-MED fast start control
Advertising device capability, network policy, PoE status and location data
Location data for LLDP-MED devices
Viewing switch information available for outbound advertisements
Displaying the current port speed and duplex configuration on a switch port
Viewing advertisements currently in the neighbors MIB
Displaying LLDP statistics
LLDP Operating Notes
Neighbor maximum
LLDP packet forwarding
One IP address advertisement per port
802.1Q VLAN Information
Effect of 802.1X Operation
Neighbor data can remain in the neighbor database after the neighbor is disconnected
Mandatory TLVs
LLDP and CDP data management
LLDP and CDP neighbor data
CDP operation and commands
Viewing the current CDP configuration of the switch
Viewing the current CDP neighbors table of the switch
Enabling and Disabling CDP Operation
Enabling or disabling CDP operation on individual ports
Configuring CDPv2 for voice transmission
Filtering CDP information
Configuring the switch to filter untagged traffic
Displaying the configuration
Filtering PVID mismatch log messages
Overview
Commands
no lldp config basicTlvEnable management_addr
lldp config
Show commands
DHCPv4 server
Overview
IP pools
DHCP options
BootP support
Authoritative server and support for DHCP inform packets
Authoritative pools
Authoritative dummy pools
Change in server behavior
DHCPv4 configuration commands
DHCPv4 server
dhcp-server
DHCP address pool name
dhcp-server pool
Authoritative
DHCP client boot file
bootfile-name
DHCP client default router
default-router
DNS IP servers
dns-server
Configure a domain name
domain-name
Configure lease time
lease
NetBIOS WINS servers
NetBIOS node type
net bios-ode-type
Subnet and mask
network
DHCP server options
Configure DHCP server options
IP address range
range
Static bindings
static-bind
TFTP server domain name
tftp-server
Configure the TFTP server address
tftp-server
Number of ping packets
dhcp-server ping
Save DHCP server automatic bindings
dhcp-server database
DHCP server and SNMP notifications
snmp-server enable traps
Conflict logging on a DHCP server
dhcp-server conflict-logging
Enable the DHCP server on a VLAN
dhcp-server
Clear commands
clear dhcp-server conflicts
Reset all DHCP server and BOOTP counters
clear dhcp-server statistics
Delete an automatic address binding
clear dhcp-server statistics
Show commands
show dhcp-server
DHCPv6 snooping and relay
dhcpv6–snooping
dhcpv6 snooping trust
dhcpv6–snooping authorized-server
ddhcpv6–snooping database file
dhcpv6–snooping max-bindings
dhcpv6–relay option 79
snmp-server enable traps dhcpv6-snooping
clear dhcpv6–snooping stats
debug security dhcpv6–snooping
ipv6 source-lockdown ethernet
ipv6 source-binding
snmp-server enable traps dyn-ipv6-lockdown
debug security dynamic-ipv6-lockdown
Show commands for DHCPv6–snooping
show dhcpv6-snooping
show dhcpv6 snooping bindings
show dhcpv6 snooping statistics
show ipv6 source-lockdown
show ipv6 source-lockdown status
show snmp-server traps
show distributed-trunking consistency-parameters global
show distributed-trunking consistency-parameters
show dhcpv6 relay
Zero Touch Provisioning with AirWave and Central
ZTP with AirWave
DHCP-based ZTP with AirWave
Configuring DHCP-based ZTP with AirWave
DHCP server configuration for DHCP based ZTP
Limitations
Best Practices
Configure AirWave details manually
amp-server
debug ztp
Stacking support
Disabling ZTP
Image Upgrade
Using SNMPv3 in AirWave Template
Troubleshooting
AMP server messages
Activate based ZTP with AirWave
Configuring Activate-based ZTP with AirWave
IPsec for AirWave Connectivity
Overview
IPsec for Management Traffic
IPsec Tunnel Establishment
IPsec Tunnel Failures
IPsec tunnel to secondary controller
AirWave IP after discovery
Configuring the Aruba controller
AirWave Controller IP configuration commands
aruba-vpn type
Show commands
show aruba-vpn
show ip route
show interfaces tunnel aruba-vpn
show crypto-ipsec sa
show running-configuration
ZTP with Aruba Central
LED Blink feature
Aruba Central Configuration manually
Activating ArubaOS-Switch Firmware Integration
activate software-update enable
activate software-update check
activate software-update update
activate provision force
show activate software-update
Show activate provision
aruba-central
Troubleshooting
Show aruba-central
Error reason for Aruba Central
debug ztp
Error Reason log for Activate Provision
Stacking support
Fault finder switch events
interface device-type network-device
HTTP Proxy support with ZTP overview
e Proxy Configuration
proxy server
proxy exception ip | host
show proxy config
File Transfers
Overview
Downloading switch software
General software download rules
Using TFTP to download software from a server
Troubleshooting TFTP download failures
Downloading from a server to flash using TFTP (CLI)
Enabling TFTP (CLI)
Configuring the switch to download software automatically from a TFTP server using auto-TFTP (CLI)
Use USB to transfer files to and from the switch
Using SCP and SFTP
Enabling SCP and SFTP
Disabling TFTP and auto-TFTP for enhanced security
Enabling SSH V2 (required for SFTP)
Authentication
SCP/SFTP operating notes
Troubleshooting SSH, SFTP, and SCP operations
Using Xmodem to download switch software from a PC or UNIX workstation
Downloading to primary or secondary flash using Xmodem and a terminal emulator (CLI)
Switch-to-switch download
Downloading the OS from another switch (CLI)
Using AirWave to update switch software
Using IMC to update switch software
Copying software images
TFTP: Copying a software image to a remote host (CLI)
Xmodem: Copying a software image from the switch to a serially connected PC or UNIX workstation (CLI)
Copying diagnostic data
copy command-log
copy event-log
Transferring switch configurations
TFTP: Copying a configuration file to a remote host (CLI)
TFTP: Copying a configuration file from a remote host (CLI)
TFTP: Copying a customized command file to a switch (CLI)
USB: Copying a configuration file to a USB device
USB: Copying a configuration file from a USB device
Xmodem: Copying a configuration file to a serially connected PC or UNIX workstation (CLI)
Xmodem: Copying a configuration file from a serially connected PC or UNIX workstation (CLI)
Transferring ACL command files
TFTP: Uploading an ACL command file from a TFTP server (CLI)
Xmodem: Uploading an ACL command file from a serially connected PC or UNIX workstation (CLI)
Single copy command
Single copy command
Multiple management switches
Stacking switches
Standalone switches
Crash file options
Flight Data Recorder (FDR)
USB
usb-port
show usb-port
Downloading switch software using USB
Prerequisites
Copying using USB
copy flash usb
copy usb command-file
Monitoring and Analyzing Switch Operation
Overview
Switch and network operations
Status and counters data
show system
chassislocate
Chassislocate at startup
General system information
Accessing system information (CLI)
Collecting processor data with the task monitor (CLI)
task-monitor cpu
Switch management address information access
show management
Component information views
show modules
Task usage reporting
Switch management address information
Accessing switch management address information (CLI)
Overview of MAC Address Management
Port Status
Viewing port status (CLI)
Viewing port and trunk group statistics (WebAgent)
Port and trunk group statistics and flow control status
Accessing port and trunk group statistics (CLI)
Displaying trunk load balancing statistics
Clearing trunk load balancing statistics
Resetting the port counters
Viewing the switch's MAC address tables
Accessing MAC address views and searches (CLI)
Accessing MSTP Data (CLI)
Viewing internet IGMP status (CLI)
Viewing VLAN information (CLI)
WebAgent status information
Compatibility mode for v2 zl and zl modules
allow-v2-modules
Port status
show interfaces brief
Accessing port and trunk group statistics
Trunk bandwidth utilization
show interfaces
show interfaces trunk-utilization
Statistic interactions of interface counters
Reset port counters
clear statistics
MAC address tables
MAC address views and searches
show mac-add detail
show mac-address
show mac-address <MAC-ADDRESS> detail
Finding the port connection for a specific device on a VLAN
Determining whether a specific device is connected to the selected port
MSTP data
show spanning-tree
IP IGMP status
show ip igmp
VLAN information
show vlan
Configuring local mirroring
Local mirroring sessions
Traffic-direction criteria
interface monitor all
Mirror policy for inbound traffic
class [ipv4|ipv6]
policy mirror
MAC-based criteria to select traffic
monitor mac
Remote mirroring destination on a remote switch
Remote mirroring destination on a local switch
mirror remote ip
Local mirroring destination on the local switch
mirror port
Monitored traffic
interface
monitor all
service-policy
Destination mirror on a remote switch
mirror endpoint
Source mirror on the local switch
mirror remote ip
Traffic-direction criteria
Configure ACL criteria to select inbound
interface monitor ip access-group
Configuring a destination switch in a remote mirroring session
Configuring a source switch in a local mirroring session
Configuring a source switch in a remote mirroring session
Selecting all traffic on a port interface for mirroring according to traffic direction
Selecting all traffic on a VLAN interface for mirroring according to traffic direction
Configuring a MAC address to filter mirrored traffic on an interface
Configuring classifier-based mirroring
Applying a mirroring policy on a port or VLAN interface
Viewing a classifier-based mirroring configuration
Viewing all mirroring session configured on the switch
Viewing the remote endpoints configured on the switch
Viewing the mirroring configuration for a specific session
Viewing a remote mirroring session
Viewing a MAC-based mirroring session
Viewing a local mirroring session
Viewing information on a classifier-based mirroring session
Viewing information about a classifier-based mirroring with classname configuration
Viewing information about a classifier-based mirroring with policy-name configuration
Viewing resource usage for mirroring policies
Viewing the mirroring configurations in the running configuration file
Compatibility mode
Traffic mirroring overview
Mirroring overview
Mirroring destinations
Mirroring sources and sessions
Mirroring sessions
Mirroring session limits
Selecting mirrored traffic
Mirrored traffic destinations
Local destinations
Remote destinations
Monitored traffic sources
Criteria for selecting mirrored traffic
Mirroring configuration
Remote mirroring endpoint and intermediate devices
Remote mirroring overview
Quick reference to remote mirroring setup
High-level overview of the mirror configuration process
Determine the mirroring session and destination
For a local mirroring session
For a remote mirroring session
Configure a mirroring destination on a remote switch
Configure a destination switch in a remote mirroring session
Configure a mirroring session on the source switch
Configure a source switch in a remote mirroring session
Configure the monitored traffic in a mirror session
Traffic selection options
Mirroring-source restrictions
About selecting all inbound/outbound traffic to mirror
Untagged mirrored packets
About using SNMP to configure no-tag-added
Operating notes
About selecting inbound/outbound traffic using a MAC address
About selecting inbound traffic using advanced classifier-based mirroring
Classifier-based mirroring configuration
Classifier-based mirroring restrictions
About applying multiple mirroring sessions to an interface
Mirroring configuration examples
Maximum supported frame size
Enabling jumbo frames to increase the mirroring path MTU
Effect of downstream VLAN tagging on untagged, mirrored traffic
Operating notes for traffic mirroring
Troubleshooting traffic mirroring
Interface monitoring features
Configuring port and static trunk monitoring (CLI)
Displaying the monitoring configuration
Configuring the monitor port
Selecting or removing monitoring source interfaces
Show Aruba Switch Memory
Fans
show system
show system fans
show system power-supply
Fan failures and SNMP traps
Troubleshooting
Overview
Troubleshooting approaches
Browser or Telnet access problems
Cannot access the WebAgent
Cannot Telnet into the switch console from a station on the network
Unusual network activity
General problems
The network runs slow; processes fail; users cannot access servers or other devices
Duplicate IP addresses
Duplicate IP addresses in a DHCP network
The switch has been configured for DHCP/Bootp operation, but has not received a DHCP or Bootp reply
802.1Q Prioritization problems
Ports configured for non-default prioritization (level 1 to 7) are not performing the specified action
Addressing ACL problems
ACLs are properly configured and assigned to VLANs, but the switch is not using the ACLs to filter IP layer 3 packets
The switch does not allow management access from a device on the same VLAN
Error (Invalid input) when entering an IP address
Apparent failure to log all "deny" matches
The switch does not allow any routed access from a specific host, group of hosts, or subnet
The switch is not performing routing functions on a VLAN
Routing through a gateway on the switch fails
IGMP-related problems
IP multicast (IGMP) traffic that is directed by IGMP does not reach IGMP hosts or a multicast router connected to a port
IP multicast traffic floods out all ports; IGMP does not appear to filter traffic
LACP-related problems
Unable to enable LACP on a port with the interface <port-number> lacp command
Port-based access control (802.1X)-related problems
The switch does not receive a response to RADIUS authentication requests
The switch does not authenticate a client even though the RADIUS server is properly configured and providing a response to the authentication request
During RADIUS-authenticated client sessions, access to a VLAN on the port used for the client sessions is lost
The switch appears to be properly configured as a supplicant, but cannot gain access to the intended authenticator port on the switch to which it is connected
The supplicant statistics listing shows multiple ports with the same authenticator MAC address
The show port-access authenticator <port-list> command shows one or more ports remain open after they have been configured with control unauthorized
RADIUS server fails to respond to a request for service, even though the server's IP address is correctly configured in the switch
The authorized MAC address on a port that is configured for both 802.1X and port security either changes or is re-acquired after execution of aaa port-access authenticator <port-list> initialize
A trunked port configured for 802.1X is blocked
QoS-related problems
Loss of communication when using VLAN-tagged traffic
Radius-related problems
The switch does not receive a response to RADIUS authentication requests
RADIUS server fails to respond to a request for service, even though the server's IP address is correctly configured in the switch
MSTP and fast-uplink problems
Broadcast storms appearing in the network
STP blocks a link in a VLAN even though there are no redundant links in that VLAN
Fast-uplink troubleshooting
SSH-related problems
Switch access refused to a client
Executing IP SSH does not enable SSH on the switch
Switch does not detect a client's public key that does appear in the switch's public key file (show ip client-public-key)
An attempt to copy a client public-key file into the switch has failed and the switch lists one of the following messages
Client ceases to respond ("hangs") during connection phase
TACACS-related problems
All users are locked out of access to the switch
No communication between the switch and the TACACS+ server application
Access is denied even though the username/password pair is correct
Unknown users allowed to login to the switch
System allows fewer login attempts than specified in the switch configuration
TimeP, SNTP, or Gateway problems
The switch cannot find the time server or the configured gateway
VLAN-related problems
Monitor port
None of the devices assigned to one or more VLANs on an 802.1Q-compliant switch are being recognized
Link configured for multiple VLANs does not support traffic for one or more VLANs
Duplicate MAC addresses across VLANs
Disabled overlapping subnet configuration
Fan failure
Mitigating flapping transceivers
Fault-finder link-flap
Show fault-finder link-flap
Restrictions
Viewing transceiver information
Viewing information about transceivers (CLI)
MIB support
Viewing transceiver information
Information displayed with the detail parameter
Viewing transceiver information for copper transceivers with VCT support
Testing the Cable
Viewing transceiver information
Using the Event Log for troubleshooting switch problems
Using the CLI
Clearing Event Log entries
Turning event numbering on
Using log throttling to reduce duplicate Event Log and SNMP messages
Log throttle periods
Example: of event counter operation
Reporting information about changes to the running configuration
Debug/syslog operation
Debug/syslog messaging
Hostname in syslog messages
Logging origin-id
Viewing the identification of the syslog message sender
SNMP MIB
Debug/syslog destination devices
Debug/syslog configuration commands
Configuring debug/syslog operation
Viewing a debug/syslog configuration
Debug command
Debug messages
Debug destinations
Logging command
Configuring a syslog server
Adding a description for a Syslog server
Adding a priority description
Configuring the severity level for Event Log messages sent to a syslog server
Configuring the system module used to select the Event Log messages sent to a syslog server
Enabling local command logging
Operating notes for debug and Syslog
Diagnostic tools
Port auto-negotiation
Ping and link tests
Ping test
Link test
Executing ping or link tests (WebAgent)
Testing the path between the switch and another device on an IP network
Issuing single or multiple link tests
Tracing the route from the switch to a host address
Halting an ongoing traceroute search
A low maxttl causes traceroute to halt before reaching the destination address
If a network condition prevents traceroute from reaching the destination
Viewing switch configuration and operation
Viewing the startup or running configuration file
Viewing the configuration file (WebAgent)
Viewing a summary of switch operational data
Saving show tech command output to a text file
Customizing show tech command output
Viewing more information on switch operation
Searching for text using pattern matching with show command
Displaying the information you need to diagnose problems
Restoring the factory-default configuration
Resetting to the factory-default configuration
Using the CLI
Using Clear/Reset
Restoring a flash image
Recovering from an empty or corrupted flash state
DNS resolver
Basic operation
Configuring and using DNS resolution with DNS-compatible commands
Configuring a DNS entry
Using DNS names with ping and traceroute: Example:
Viewing the current DNS configuration
Operating notes
Locating a switch (Locator LED)
Job Scheduler
Overview
Commands
Job at | delay | enable | disable
Show job
Show job <Name>
Configuration backup and restore without reboot
Overview
Benefits of configuration restore without reboot
Recommended scenarios
Use cases
Switching to a new configuration
Rolling back to a stable configuration using job scheduler
Commands used in switch configuration restore without reboot
Configuration backup
cfg-backup
show config files
Configuration restore without reboot
cfg-restore
Force configuration restore
cfg-restore non-blocking
cfg-restore recovery-mode
cfg-restore verbose
cfg-restore config_bkp
Configuration restore with force option
System reboot commands
Configuration restore without force option
show cfg-restore status
Viewing the differences between a running configuration and a backup configuration
Show commands to show the SHA of a configuration
show hash
Scenarios that block the configuration restoration process
Troubleshooting and support
debug cfg-restore
Virtual Technician
Cisco Discovery Protocol (CDP)
Show cdp traffic
Clear cdp counters
show cdp neighbors detail
Enable/Disable debug tracing for MOCANA code
Debug security
User diagnostic crash via Front Panel Security (FPS) button
Front panel security password-clear
Front-panel-security diagnostic-reset
no front-panel-security diagnostic-reset
Front-panel-security diagnostic-reset clear-button
no front-panel-security diagnostic-reset clear-button
Show front-panel-security
Diagnostic table
FPS Error Log
User initiated diagnostic crash via the serial console
Front-panel-security diagnostic-reset serial-console
no front-panel-security diagnostic-reset serial-console
Serial console error messages
IP Service Level Agreement
Overview
How IP SLA works
Configuration commands
no ip-sla <ID>
ip-sla <ID> clear
no ip-sla <ID> history-size
no ip-sla <ID> icmp-echo
no ip-sla <ID> udp-echo
no ip-sla <ID> tcp-connect
ip-sla <ID> monitor threshold-config
no ip-sla <ID> monitor packet-loss
no ip-sla <ID> monitor test-completion
no ip-sla <ID> schedule
no ip-sla <ID> tos
no ip-sla responder
no ip-sla <ID> udp-jitter
no ip-sla <ID> udp-jitter-voip
Show commands
show ip-sla <ID>
show ip-sla <ID> history
show ip-sla <ID> message-statistics
show ip-sla <ID> results
show ip-sla <ID> aggregated-results
show ip-sla responder
show ip-sla responder statistics
show tech ip-sla
clear ip-sla responder statistics
Interoperability
IP SLA UDP Jitter and Jitter for VoIP
Overview
Significance of jitter
Solution components
SLA Measurements
Dynamic Segmentation
Definition of Terms
Overview
Benefits of Dynamic Segmentation
Use Cases
Users/Devices and Policy Enforcement Recommendations
Colorless Ports
Port-Based Tunneling
Configuring Port-Based Tunneling
Operating notes
Interaction table
Restrictions
Preventing double tunneling of Aruba Access Points
Preventing double tunneling using device profile
User-Based Tunneling
User Authentication Workflow
How it works
Licensing Requirements
Dependencies
Simplifying User-Based Tunneling with Reserved VLAN
Configuration and show commands
Commands to configure a tunneled node server on the switch
Show commands
Commands to configure VLAN ID in user role
Tunneled Node profile on a Mobility Controller and Cluster
Using User Roles with User-Based Tunneling
User-Based Tunneling in v6 networks
PAPI security
Protocol Application Programming Interface (PAPI)
PAPI configurable secret key
papi-security
Frequently Asked Questions
Cable Diagnostics
Virtual cable testing
Cable diagnostics tests
show cable-diagnostics
clear cable-diagnostics
Limitations
Virtual Switching Framework (VSF)
List of abbreviated terms
Overview of VSF
Benefits of VSF
VSF domain ID
VSF link
Physical VSF ports
VSF member ID
Interface naming conventions
VSF member roles
Member priority
Supported topologies
Running-configuration synchronization
VSF split
VSF merge
VSF commands
Configuration commands
vsf enable
vsf disable
vsf member link
vsf domain
vsf member
vsf member shutdown
vsf member reboot
vsf member remove
vsf member remove reboot
vsf member priority
vsf member type
snmp-server enable traps vsf
vsf port-speed
vsf vlan-mad
vsf lldp-mad ipv4
Show commands
show vsf
show vsf detail
show vsf link
show vsf link detail
show vsf member
show vsf topology
show vsf topology detail
show vsf topology change-history
show vsf lldp-mad
show vsf vlan-mad
show vsf trunk-designated-forwarder
show cpu
show power-over-ethernet
show system information
show system information vsf member
show system fans
show system chassislocate
show system power-supply
show uptime
Support commands
copy core-dump
copy fdr-log
copy crash-log
copy crash-data
show boot-history
core-dump
erase fdr-log vsf
copy crash-files
VSF configuration
Manual configuration of a VSF
Manual configuration with multiple ports bundled in a VSF link
Automatic configuration of a VSF fabric
Port speed
VSF port LED front panel
VSF port LEDs
Diagnostic tips for stacking error
LED 1 and LED 2 display solid green color, whereas, LED 3 displays solid orange
LED 1 displays slow flash orange, LED 2 displays solid green, whereas, LED 3 displays different colors
LED 1 displays slow flash orange and LED 2 displays solid green color, whereas, LED 3 displays different colors
LED 1 and LED 2 display solid green, whereas, LED 3 displays different colors
Locating LED behavior in stacking system
VSF restrictions
VSF Use Cases
Use Case 1: Multiple Active Detection
Use Case 2: Replacing a switch in a stack
Use Case 3: Changing VSF link speed
Use Case 4: Adding a switch to a stack
Use Case 5: Stack split and merge
Simplifying Wireless and IoT Deployments
Overview
Auto configuring Aruba APs
Associating a device with a profile
device-profile name
device-profile type
device-profile type device-name
show device-profile
show command device-profile status
show device-profile config
show device-profile status
Default AP Profile
allow-jumbo-frames
Auto configuring IoT Devices
Creating a device identity and associating a device type
show device-identity
device-profile type-device associate
show device-profile config
show device-profile status
Support for Aruba device types
Isolating Rogue APs
Using the Rogue AP Isolation feature
rogue-ap-isolation
rogue-ap-isolation action
rogue-ap-isolation whitelist
clear rogue-ap-isolation
Feature Interactions
L3 MAC
Limitations
Troubleshooting
Switch does not detect the rogue AP TLVs
Show commands
Requirements
Limitations
Feature Interactions
Profile Manager and 802.1X
Profile Manager and LMA/WMA/MAC-AUTH
Profile manager and Private VLANs
MAC lockout and lockdown
LMA/WMA/802.1X/Port-Security
Troubleshooting
Dynamic configuration not displayed when using “show running-config”
The show run command displays non-numerical value for untagged-vlan
Show commands
Network Out-of-Band Management (OOBM)
OOBM concepts
OOBM and switch applications
Example
OOBM Configuration
Entering the OOBM configuration context from the general configuration context
Enabling and disabling OOBM
Enabling and disabling the OOBM port
Setting the OOBM port speed
Configuring an OOBM IPv4 address
Configuring an OOBM IPv4 default gateway
Configuring an IPv6 default gateway for OOBM devices
oobm ipv6 default-gateway
oobm member ipv6 default-gateway
IPv6 default router preferences
ipv6 nd ra router-preference
OOBM show commands
Showing the global OOBM and OOBM port configuration
Showing OOBM IP configuration
Showing OOBM ARP information
show oobm ipv6
show oobm ipv6 (for stacked switches)
show oobm ipv6 member (for stacked switches)
show oobm ip detail (for stacked switches)
Application server commands
Application client commands
Websites
Support and other resources
Accessing Hewlett Packard Enterprise Support
Accessing updates
Customer self repair
Remote support
Warranty information
Regulatory information
Documentation feedback
LACP-MAD Passthrough
Overview
LACP-MAD Passthrough commands
interface lacp
show lacp
clear lacp statistics
Remote Device Deployment (TR-069)
Introduction
Advantages of TR-069
Zero-touch configuration process
Zero-touch configuration setup and execution
CLI commands
Configuration setup
ACS password configuration
When encrypt-credentials is off
When encrypt-credentials is on
ACS URL configuration
ACS username configuration
CPE configuration
CPE password configuration
When encrypt-credentials is on
When encrypt-credentials is off
CPE username configuration
Enable/disable CWMP
Show commands
CWMP configuration and status query
Event logging
System logging
Status/control commands
Configuration backup and restore without reboot
Limitations
Blocking of configuration from other sessions
Smart Rate Technology
Show Smart Rate port
Rate-Limiting — GMB features when Fast-Connect SmartRate ports are configured
Error messages
Speed-duplex
Limitations on 5Gbps ports
Error messages
100 Mbps Support on Smart Rate ports
Overview
interface speed-duplex auto-100
show interfaces smartrate
show interface config
show running-config
Downgrade with CLI reboot command
Downgrade without CLI reboot command (power cycle)
Glossary
Your browser does not support iframes.