Extreme Networks XOS Commands
List of the handy commands for the XOS in the Extreme Networks SummitX switches family. Documentation sources for Extreme Networks XOS based switches.
- EXOS Concepts Guide -- nefunguje 13.2.2014
- EXOS Concepts Guide 15.4
- EXOS CLI Reference Guide -- nefunguje 13.2.2014
- EXOS Command Reference Guide 15.4
- Online documentation
- Documentation root
Keep in mind that all changes have to be saved to system configuration file by 'save' command, otherwise will be lost. |
Basic commands
Some generic linux commands can be used:
$ ls $ top $ vi
List version of the current XOS image
$ show version image
Displays detailed informations about ports including VLAN membership
$ show ports 48 info detail
Show all VLANs configured at port 2
$ show vlan ports 2
Manage VLANs
Create new VLAN
$ create vlan vlan_4_staff description text tag 4
Add port(s) to VLAN
$ configure vlan_4_staff add ports 25-25 tagged (or untagged)
Show MAC database
$ show fdb <VLANName> | include "String"
List of all vlans and associated ports
$ show configuration vlan
Kills system chosen system process
$ terminate process _processname_
Display the SNMP settings configured on the switch
$ show management
Blocking access by MAC address
Block MAC address
$ create fdbentry aa:bb:cc:dd:ee:ff vlan "VLAN_NAME" blackhole
Unblock MAC address
$ delete fdbentry aa:bb:cc:dd:ee:ff vlan "VLAN_NAME" blackhole
IP interfaces statistics
Show information and statistics about interfaces (vlan, ipv4, ipv6, vr)
$ show ipstats
User account management
Create new account with admin privileges
$ create account admin <username>
and enter your password twice. To login by SSH key create new key and assign it to the existing user account:
$ create sshd2 user-key <keyname> <raw key base64 without comments> $ configure sshd2 user-key <keyname> add user <username>
Access Lists Configuration
To edit access policy felk-kn run internal vi editor:
$ edit policy felk-kn
Sample policy code
entry one {
if {
source-address 147.32.80.0/21;
}
then {
permit;
}
}
entry two {
if {
source-address 10.32.0.0/16;
}
then {
permit;
}
}
entry three {
if {
source-address 2001:718:2:1600::/56;
}
then {
permit;
}
}
entry Telnet_Allow {
if match any {
source-address 192.168.1.0 /24;
source-address 192.168.2.0 /24;
} then {
permit;
}
}
Check written code against semantic errors:
$ check policy felk-kn
Assign it to the service, vlan, port:
$ conf ssh2 access-profile felk-kn
Reload policy
$ refresh policy felk-kn
Upgrade XOS image with ssh module
$ use image secondary $ download image <IPaddress> <ImageName>.xos vr "VR-Default" primary $ download image <IPaddress> <ModuleName>-ssh.xmod vr "VR-Default" primary
Confirm installation with "Yes", wait
$ use image <TargetPartition> $ reboot
LACP configuration
# configure sharing <MasterPort> add ports <SlavePorts> # configure sharing <MasterPort> lacp activity-mode active
Time, SNTP and timezone configuration
To configure proper timezone for CET and CEST
# configure timezone name CET 60 autodst name CEST begins every last sunday march at 2 0 ends every last sunday october at 3 0
SNTP client with primary and secondary server
# enable sntp-client # configure sntp-client primary <IPAddress> vr <VRName> # configure sntp-client secondary <IPAddress> vr <VRName>
IPv6 Address and routing
Basic setup
$ configure "v91_139dcgi1" ipaddress 2001:718:2:1691::1/64 $ enable ipforwarding ipv6 "v91_139dcgi1"
Router Advertisement
$ configure "v91_139dcgi1" router-discovery add prefix 2001:718:2:1691::/64 $ configure "v91_139dcgi1" router-discovery add dnssl felk.cvut.cz $ configure "v91_139dcgi1" router-discovery add rdnss 2001:718:2:1611:0:1:0:90 $ enable router-discovery "v91_139dcgi1"
Universal port and events
SummitX440-L2 switches are little crappy because Universal Port profiles, etc. are not supported at L2. |
Here we configure the UPM to have a liberal execution time.
$ configure upm profile loginbackup maximum execution-time 1000 $ create log target upm loginbackup $ create log filter autologfilter
This will trigger on any AAA.logout event
$ configure log filter autologfilter add event AAA.AuthPass $ configure log target upm loginbackup filter autologfilter $ enable log target upm loginbackup $ enable upm profile loginbackup