display connection

Syntax

display connection [ access-type { dot1x | mac-authentication | portal } | domain isp-name | interface interface-type interface-number | ip ip-address | mac mac-address | ucibindex ucib-index | user-name user-name | vlan vlan-id ] [ slot slot-number ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

access-type: Specifies the user connections of the specified access type.

domain isp-name: Specifies the user connections of an ISP domain. The isp-name argument refers to the name of an existing ISP domain and is a case-insensitive string of 1 to 24 characters.

interface interface-type interface-number: Specifies the user connections on an interface. Only Layer 2 Ethernet interfaces are supported.

ip ip-address: Specifies the user connections of an IP address.

mac mac-address: Specifies the user connections of a MAC address, with mac-address in the format H-H-H.

ucibindex ucib-index: Specifies the user connection that uses the connection index. The value range is from 0 to 4294967295.

user-name user-name: Specifies the user connections that use the username. The user-name argument is a case-sensitive string of 1 to 80 characters. For a username entered without a domain name, the system assumes that the user is in the default domain name or the mandatory authentication domain.

vlan vlan-id: Specifies the user connections of a VLAN, with vlan-id ranging from 1 to 4094.

slot slot-number: Specifies the user connections on the switch by its device ID. The slot-number argument represents the device ID, which must be 1.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.

begin: Displays the first line that matches the specified regular expression and all lines that follow.

exclude: Displays all lines that do not match the specified regular expression.

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display connection to display information about AAA user connections.

This command does not display information about FTP user connections.

With no parameter specified, this command displays brief information about all AAA user connections.

If you specify the ucibindex ucib-index option, this command displays detailed information. Otherwise, this command displays brief information.

If an interface is configured with a mandatory authentication domain (for example, an 802.1X mandatory authentication domain), the switch uses the mandatory authentication domain to perform authentication, authorization, and accounting for users who access the interface through the specified access type. To display connections of such users, use the display connection domain isp-name command and specify the mandatory authentication domain.

How the switch displays the username of a user on an interface configured with a mandatory authentication domain depends on the format of the username entered by the user at login:

For 802.1X users whose usernames use a slash (/) or backslash (\) as the domain name delimiter, you cannot query the connections by username. For example, the display connection user-name aaa\bbb command cannot display the connections of the user aaa\bbb.

Related commands: cut connection.

Examples

# Display information about all AAA user connections.

<Sysname> display connection
Slot:  1
Index=0   , Username=telnet@system
IP=10.0.0.1 
IPv6=N/A

 Total 1 connection(s) matched on slot 1.
 Total 1 connection(s) matched.

# Display information about AAA user connections using the index of 0.

<Sysname> display connection ucibindex 0
Slot:  1
Index=0   , Username=telnet@system
IP=10.0.0.1 
IPv6=N/A
Access=Admin   ,AuthMethod=PAP
Port Type=Virtual ,Port Name=N/A
Initial VLAN=999, Authorized VLAN=20
ACL Group=Disable
User Profile=N/A
CAR=Disable
Priority=Disable
Start=2011-01-16 10:53:03 ,Current=2011-01-16 10:57:06 ,Online=00h04m03s
 Total 1 connection matched.

Table 1: Command output

Field

Description

Username

Username of the connection, in the format username@domain.

MAC

MAC address of the user.

IP

IPv4 address of the user.

IPv6

IPv6 address of the user.

Access

User access type.

ACL Group

Authorization ACL group. If no authorization ACL group is assigned, this field displays Disable.

User Profile

Authorization user profile.

CAR(kbps)

Authorized CAR parameters.

UpPeakRate

Uplink peak rate.

DnPeakRate

Downlink peak rate.

UpAverageRate

Uplink average rate.

DnAverageRate

Downlink average rate.