display connection
Syntax
display connection [ access-type { dot1x | mac-authentication | portal } | domain isp-name | interface interface-type interface-number | ip ip-address | mac mac-address | ucibindex ucib-index | user-name user-name | vlan vlan-id ] [ slot slot-number ] [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
access-type: Specifies the user connections of the specified access type.
dot1x: Indicates 802.1X authentication.
mac-authentication: Indicates MAC address authentication.
portal: Indicates portal authentication. This keyword is available only on the HPE 3100 v2 EI switches.
domain isp-name: Specifies the user connections of an ISP domain. The isp-name argument refers to the name of an existing ISP domain and is a case-insensitive string of 1 to 24 characters.
interface interface-type interface-number: Specifies the user connections on an interface. Only Layer 2 Ethernet interfaces are supported.
ip ip-address: Specifies the user connections of an IP address.
mac mac-address: Specifies the user connections of a MAC address, with mac-address in the format H-H-H.
ucibindex ucib-index: Specifies the user connection that uses the connection index. The value range is from 0 to 4294967295.
user-name user-name: Specifies the user connections that use the username. The user-name argument is a case-sensitive string of 1 to 80 characters. For a username entered without a domain name, the system assumes that the user is in the default domain name or the mandatory authentication domain.
vlan vlan-id: Specifies the user connections of a VLAN, with vlan-id ranging from 1 to 4094.
slot slot-number: Specifies the user connections on the switch by its device ID. The slot-number argument represents the device ID, which must be 1.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use display connection to display information about AAA user connections.
This command does not display information about FTP user connections.
With no parameter specified, this command displays brief information about all AAA user connections.
If you specify the ucibindex ucib-index option, this command displays detailed information. Otherwise, this command displays brief information.
If an interface is configured with a mandatory authentication domain (for example, an 802.1X mandatory authentication domain), the switch uses the mandatory authentication domain to perform authentication, authorization, and accounting for users who access the interface through the specified access type. To display connections of such users, use the display connection domain isp-name command and specify the mandatory authentication domain.
How the switch displays the username of a user on an interface configured with a mandatory authentication domain depends on the format of the username entered by the user at login:
If the username does not contain the character @, the switch displays the username in the format username @mandatory authentication domain name.
If the username contains the character @, the switch displays the entered username. For example, if a user entered the username aaa@123 at login and the name of the mandatory authentication domain is dom, the switch displays the username aaa@123, rather than aaa@123@dom.
For 802.1X users whose usernames use a slash (/) or backslash (\) as the domain name delimiter, you cannot query the connections by username. For example, the display connection user-name aaa\bbb command cannot display the connections of the user aaa\bbb.
Related commands: cut connection.
Examples
# Display information about all AAA user connections.
<Sysname> display connection Slot: 1 Index=0 , Username=telnet@system IP=10.0.0.1 IPv6=N/A Total 1 connection(s) matched on slot 1. Total 1 connection(s) matched.
# Display information about AAA user connections using the index of 0.
<Sysname> display connection ucibindex 0 Slot: 1 Index=0 , Username=telnet@system IP=10.0.0.1 IPv6=N/A Access=Admin ,AuthMethod=PAP Port Type=Virtual ,Port Name=N/A Initial VLAN=999, Authorized VLAN=20 ACL Group=Disable User Profile=N/A CAR=Disable Priority=Disable Start=2011-01-16 10:53:03 ,Current=2011-01-16 10:57:06 ,Online=00h04m03s Total 1 connection matched.
Table 1: Command output
Field | Description |
---|---|
Username | Username of the connection, in the format username@domain. |
MAC | MAC address of the user. |
IP | IPv4 address of the user. |
IPv6 | IPv6 address of the user. |
Access | User access type. |
ACL Group | Authorization ACL group. If no authorization ACL group is assigned, this field displays Disable. |
User Profile | Authorization user profile. |
CAR(kbps) | Authorized CAR parameters. |
UpPeakRate | Uplink peak rate. |
DnPeakRate | Downlink peak rate. |
UpAverageRate | Uplink average rate. |
DnAverageRate | Downlink average rate. |