This page is based on the notes I took when managing Alcatel Omniswitchs 6600, 6800 and 6850. The full documentation can be found on the Alcatel-Lucent website.
Alcatel Omniswitchs can operate in two modes: working and certified (
show running-directory to know in which mode the switch is). In working mode, the configuration can be modified, whereas it's no possible in certified mode (in fact, it is). When booting, if working and certified configuration files are different, the switch will boot in certified mode. Conf files are stored in certifed/boot.cfg and working/boot.cfg (they can be directly edited with vi).
copy working certified [flash-synchro], flash-synchro will synchronize the configuration with all the slots
configuration snapshot all <file>. Then move the file to working/boot.cfg
reload working no rollback-timeout
show configuration snapshot [all|vlan|ip|...]or
reload in <n>where n is the number of minutes to wait before reloading. A reload can be canceled with
show reloadwill show you when the switch will reboot.
A layer 2 VLAN is created with
vlan <vlan_number> enable name “VLAN name” and removed with
no vlan <vlan_number>.
show vlan lists all the VLANs,
show vlan <vlan_number> shows the details of <vlan_number>.
Depending on the microcode version (
show microcode), a layer 3 VLAN is created using:
ip interface “interface name” vlan <vlan_number> address <address> mask <netmask>
vlan router “interface name” vlan <vlan_number> address <address> mask <netmask>
no ip interface “interface name”
no vlan router “interface name”
vlan <vlan_number> port default <slot>/<port>
show vlan port
show vlan <vlan_number> port
show vlan port <slot>/<port>
vlan <vlan_number> 802.1Q <slot>/<port> [<“comment”>]
vlan <vlan_number> no 802.1Q <slot>/<port>
lacp linkagg <id> size <nb_links> admin state enable
lacp linkagg <id> actor admin key <key>
lacp agg <slot/port> actor admin key <key
static linkagg <id> size <nb_links> admin state enable
static linkagg <id> name <name>
static agg <slot/port> agg num <id>
When stacking is operational, one switch is primary, one other secondary and the others in idle state. If the primary disappears, the secondary becomes primary and the first ilde becomes secondary.
Get info about the chassis:
show chassis and about the stack:
show stack topology.
show interface [port|status|<slot>/<port>|...]
interface <slot>/<port> [speed <10_100_1000>|duplex <half_full>|autoneg <state>|flood rate <rate>](to switch from autoneg to 100FD: autoneg off, speed 100 and duplex full – if forced in 100FD while autoneg is on, the port will stay down)
interface <slot>/<port> admin down
interfaces <slot>[/port1-port2] no l2 statistics
To monitor the health of the system:
show health all (cpu|memory)
To show CMM (Control Management Module) information:
Uptime, date, name, contact, location:
system name <“name”>
system contact <“contact”>
system location <“location”>
The default prompt is “->”.
session prompt default “sw1->” changes it to “sw1->”. You can get the other session parameters with
show session config
When a command lists to many lines on the screen, it's possible to use more to see page by page:
more size <size> where <size> is the number of lines shown. Use
more to activate the mode and
more size <size> to set the number of lines shown. Cancel this mode with
To change the timeout of the telnet/ssh sessions:
session timeout cli <timeout>
Set a server:
ntp server <server_ip>. Even if the DNS is configured, you can't specify a name for the NTP server. Then activate NTP:
ntp client enable.
Get NTP info:
show ntp client: tells if NTP is on or off, when was the last update, ...
show ntp server-list: get the servers'list and with which server the switch is synchronized
Show logging configuration:
Show switch logs:
show log swlog: get all logs
show log swlog timestamp <mounth/day/year> <hour:minute>: only logs since the specified hour
Enable syslog with:
swlog output socket <syslog_server_ip>
STP can operates in two modes: flat and 1x1. In flat mode, there is only one instance for the whole switch whereas in 1x1 mode, there is one instance per VLAN. I recommand the 1x1 mode (now the default one). Change STP mode:
bridge mode (flat|1x1)
Get STP configuration:
It is possible to deactivate STP on specified vlans/ports :
vlan <vlan_number> stp (enable|disable) and
bridge <vlan_number> <slot>/<port> (enable|disable)
Change STP algorithm:
bridge protocol (802.1D|STP|RTSP). I didn't managed to set rstp for all vlan as a global config, I had to set it vlan per vlan using:
bridge 1x1 <vlan_number> protocol (802.1D|STP|RTSP).
ip name-server <IP1> <IP2>
ip domain-name <domain-name>
ip service udp-relay
ip helper per-vlan only
ip helper address <dhcp_server> vlan <vlan_number>
ip udp relay BOOTP
[no] ip service (ftp|ssh|telnet|http|secure-http|udp-relay|snmp|all). List of activated services:
show ip service.
ip http ssl
Authentification can be local or made with a radius
To activate a service, the authentication has to be set:
aaa authentication default “local”, aaa authentication (console|ssh|ftp|802.1X|vlan|...) “local”
Mac Address table:
Add a static MAC/IP entry:
arp <IP> <MAC>,
no arp <IP> to remove it.
Clear dynamic arp entries:
To specify when an dynamic entry timeouts (default: 300seconds):
mac-address-table aging-time <seconds> [vlan <vlan_number>]
Firts, you have to create a user and give it the right to do SNMP:
user <“username”> read-only (all|ip|interface|...) password <password>
user <“username”> no snmp
snmp security no security
snmp community map <“community”> user <“username”> on
snmp station <server_ip> [<port>] <“user”> (v1|v2c|v3) enable
snmp authentification trap (enable|disable)
snmp trap filter <server_ip> <filter_code>
Port mirroring works 12 ports by 12 ports (at least for models up to 6800). It is possible to configure multiple sources for one session and thus see the traffic of multiple ports in one output.
show port mirroring status
port mirroring <session> source <slot>/<port> destination <slot>/<port> enable
no port mirroring <session>
By default, the POE is disabled on all ports.
lanpower start <slot>/<port>
lanpower start <slot>
lanpower stop (<slot>/<port>|<slot>)
show lanpower <slot>
lanpower <slot>/<port> power <milliwatts>
lanpower <slot> maxpower <watts>
A power of 230W is enough for a full slot equipped with IP Phones (note: TBC). It has been noticed that a switch may provide instable POE if too many equipments are connected and its PSU is not enough powerfull.
To come soon ...
To come soon ...