background image

VLAN Commands

583

Default Configuration

This command has no default configuration.

Command Mode

Privileged EXEC mode

User Guidelines

This command has no user guidelines.

Example

The following example displays detailed information for unit/port "1/g1."

console#show dvlan-tunnel interface 1/g1

Interface

Mode

EtherType

---------

------- --------------

1/g1

Enable

vMAN

The following table describes the significant fields shown in the example.

show interfaces switchport

Use the 

show interfaces switchport

 command in Privileged EXEC mode to 

display switchport configuration.

Field

Description

Mode

This field specifies the administrative mode through which 

Double VLAN Tunneling can be enabled or disabled. The default 

value for this field is 

disabled

.

Interface

Interface Number.

EtherType

This field represents a 2-byte hex EtherType to be used as the first 

16 bits of the DVLAN tunnel. The three different EtherType tags 

are: (1) 802.1Q, which represents the commonly used value of 

0x8100. (2) vMAN, which represents the commonly used value of 

0x88A8. (3) If EtherType is not one of these two values, it is a 

custom tunnel value, representing any value in the range of 0 to 

65535.

Summary of Contents for PowerConnect 6224

Page 1: ...Dell PowerConnect 6200 Series Systems CLI Reference Guide Models PC6224 PC6248 PC6224P PC6248P and PC6224F ...

Page 2: ...d in this text Dell the DELL logo and PowerConnect are trademarks of Dell Inc sFlow is a registered trademark of InMon Corporation Cisco is a registered trademark of Cisco Systems Inc and or its affiliates in the United States and certain other countries Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products Dell...

Page 3: ...r 2 Commands 61 2 Using the CLI 135 135 Introduction 135 Entering and Editing CLI Commands 135 CLI Command Modes 141 3 Layer 2 Commands 187 Introduction 187 4 AAA Commands 188 aaa authentication enable 190 aaa authentication login 191 aaa authorization network default radius 193 ...

Page 4: ...Configuration 198 password User EXEC 199 show authentication methods 200 show users accounts 201 show users login history 202 username 203 5 ACL Commands 205 deny permit 207 ip access group 209 no ip access group 209 mac access group 210 mac access list extended 211 mac access list extended rename 212 show ip access lists 213 show mac access list 214 ...

Page 5: ...e multicast forward all 224 bridge multicast forward unregistered 224 clear bridge 225 port security 226 port security max 227 show bridge address table 227 show bridge address table count 228 show bridge address table static 229 show bridge multicast address table 230 show bridge multicast filtering 232 show ports security 232 show ports security addresses 234 7 CDP Interoperability Commands 237 ...

Page 6: ...bors 246 show isdp traffic 248 8 DHCP Layer 2 Relay Commands 251 dhcp l2relay Interface Configuration 252 dhcp l2relay circuit id 253 dhcp l2relay remote id 254 dhcp l2relay trust 254 dhcp l2relay vlan 255 9 DHCP Snooping Commands 257 ip dhcp snooping 258 ip dhcp snooping binding 259 ip dhcp snooping database 260 ip dhcp snooping database write delay 261 ...

Page 7: ...dhcp snooping interfaces 267 show ip dhcp snooping statistics 269 10 Dynamic ARP Inspection Commands 271 clear counters ip arp inspection 272 ip arp inspection filter 273 ip arp inspection limit 274 ip arp inspection trust 275 ip arp inspection validate 275 ip arp inspection vlan 276 permit ip host mac host 277 show arp access list 278 show ip arp inspection ethernet 279 show ip arp inspection sta...

Page 8: ...0 negotiation 291 show interfaces advertise 292 show interfaces configuration 293 show interfaces counters 295 show interfaces description 299 show interfaces detail 300 show interfaces status 303 show statistics ethernet 308 show storm control 312 shutdown 313 speed 314 storm control broadcast 315 storm control multicast 315 storm control unicast 316 ...

Page 9: ...cs 326 show gvrp statistics 328 13 IGMP Snooping Commands 331 ip igmp snooping interface 332 ip igmp snooping host time out 333 ip igmp snooping leave time out 334 ip igmp snooping mrouter time out 335 show ip igmp snooping groups 336 show ip igmp snooping interface 337 show ip igmp snooping mrouter 338 ip igmp snooping VLAN 338 ip igmp snooping fast leave 339 ip igmp snooping groupmembership inte...

Page 10: ...mp snooping querier query interval 348 ip igmp snooping querier timer expiry 349 ip igmp snooping querier version 349 show igmp snooping querier 350 15 IP Addressing Commands 353 ip address 354 ip address dhcp 355 ip address vlan 356 ip default gateway 357 ip domain lookup 358 ip domain name 358 ip host 359 ip name server 360 ipv6 address 361 ipv6 enable 362 ipv6 gateway 363 ...

Page 11: ...ffic filter 373 show ipv6 access lists 375 17 IPv6 MLD Snooping Querier Commands 379 ipv6 mld snooping querier VLAN mode 380 ipv6 mld snooping querier address 381 ipv6 mld snooping querier election participate 382 ipv6 mld snooping querier query interval 382 ipv6 mld snooping querier timer expiry 383 show ipv6 mld snooping querier 384 18 LACP Commands 387 lacp system priority 388 lacp timeout 389 ...

Page 12: ...no add port channel 398 depends on ethernet 399 no depends on ethernet 400 depends on port channel 400 no depends on port channel 401 show link dependency 402 20 LLDP Commands 405 clear lldp statistics 406 lldp med 407 lldp med confignotification 408 lldp med faststartrepeatcount 408 lldp med transmit tlv 409 lldp notification 410 lldp notification interval 411 ...

Page 13: ...device 418 show lldp med 419 show lldp med interface 420 show lldp med local device 422 show lldp med remote device 424 show lldp remote device 427 show lldp statistics 429 21 Port Channel Commands 433 interface port channel 434 interface range port channel 435 hashing mode 436 no hashing mode 437 show interfaces port channel 438 show statistics port channel 439 ...

Page 14: ...map rename 451 classofservice dot1p mapping 452 classofservice ip dscp mapping 453 classofservice trust 453 conform color 454 cos queue min bandwidth 455 cos queue strict 456 diffserv 457 drop 458 mark cos 459 mark ip dscp 459 mark ip precedence 460 match class map 461 match cos 462 match destination address mac 463 ...

Page 15: ...match ip dscp 468 match ip precedence 469 match ip tos 469 match protocol 470 match source address mac 471 match srcip 472 match srcip6 473 match srcl4port 473 match vlan 474 mirror 475 police simple 476 policy map 477 redirect 478 service policy 479 show class map 480 show classofservice dot1p mapping 482 ...

Page 16: ...show diffserv service interface port channel in 490 show diffserv service brief 490 show interfaces cos queue 491 show policy map 494 show policy map interface 495 show service policy 496 traffic shape 498 24 RADIUS Commands 499 acct port 500 auth port 501 deadtime 502 key 503 msgauth 503 name 504 primary 505 priority 505 radius server deadtime 506 ...

Page 17: ...10 retransmit 511 show radius servers 512 show radius servers statistics 514 source ip 518 timeout 519 usage 520 25 Spanning Tree Commands 521 exit mst 523 instance mst 524 name mst 525 revision mst 526 show spanning tree 526 show spanning tree summary 539 spanning tree 540 spanning tree auto portfast 541 spanning tree bpdu flooding 542 ...

Page 18: ... 549 spanning tree mode 549 spanning tree mst 0 external cost 550 spanning tree mst configuration 551 spanning tree mst cost 552 spanning tree mst port priority 553 spanning tree mst priority 554 spanning tree portfast 555 spanning tree portfast bpdufilter default 556 spanning tree portfast default 556 spanning tree port priority 557 spanning tree priority 558 spanning tree tcnguard 559 spanning t...

Page 19: ...67 show tacacs 568 tacacs server host 569 tacacs server key 569 tacacs server timeout 570 timeout 571 28 VLAN Commands 573 interface vlan 575 interface range vlan 576 mode dvlan tunnel 577 name 578 protocol group 579 protocol vlan group 580 protocol vlan group all 581 show dvlan tunnel 582 show dvlan tunnel interface 582 ...

Page 20: ...tchport forbidden vlan 593 switchport general acceptable frame type tagged only 594 switchport general allowed vlan 594 switchport general ingress filtering disable 595 switchport general pvid 596 switchport mode 597 switchport protected 598 switchport protected name 599 switchport trunk allowed vlan 600 vlan 601 vlan association mac 601 vlan association subnet 602 vlan database 603 vlan makestati...

Page 21: ...11 voice vlan Interface 612 voice vlan data priority 613 show voice vlan 614 30 802 1x Commands 617 dot1x max req 619 dot1x max users 620 dot1x port control 621 dot1x re authenticate 622 dot1x re authentication 623 dot1x system auth control 624 dot1x timeout guest vlan period 624 dot1x timeout quiet period 625 dot1x timeout re authperiod 626 dot1x timeout server timeout 627 ...

Page 22: ... ethernet 635 show dot1x statistics 637 show dot1x users 639 dot1x guest vlan 640 dot1x unauth vlan 641 show dot1x advanced 641 radius server attribute 4 644 31 Layer 3 Commands 645 Introduction 645 32 ARP Commands 646 arp cachesize 647 arp dynamicrenew 648 arp purge 649 arp resptime 650 arp retries 651 arp timeout 652 ...

Page 23: ...ount 659 bootpdhcprelay minwaittime 659 bootpdhcprelay cidridoptmode 660 show bootpdhcprelay 661 34 DHCPv6 Commands 663 dns server 664 domain name 665 ipv6 dhcp pool 666 ipv6 dhcp relay 667 ipv6 dhcp relay agent info opt 668 ipv6 dhcp relay agent info remote id subopt 669 ipv6 dhcp server 669 prefix delegation 670 service dhcpv6 671 show ipv6 dhcp 672 ...

Page 24: ...trapflags 681 show ip dvmrp 682 show ip dvmrp interface 683 show ip dvmrp neighbor 683 show ip dvmrp nexthop 684 show ip dvmrp prune 685 show ip dvmrp route 685 36 IGMP Commands 687 ip igmp last member query count 688 ip igmp last member query interval 689 ip igmp query interval 690 ip igmp query max response time 691 ip igmp robustness 692 ip igmp startup query count 692 ...

Page 25: ...P Proxy Commands 701 ip igmp proxy reset status 702 ip igmp proxy unsolicited report interval 703 show ip igmp proxy 704 show ip igmp proxy interface 705 show ip igmp proxy groups 706 show ip igmp proxy groups detail 707 38 IP Helper Commands 709 ip helper address global configuration 710 ip helper address interface configuration 712 ip helper enable 714 show ip helper address 715 show ip helper s...

Page 26: ...e distance 725 ip routing 726 routing 727 show ip brief 728 show ip interface 728 show ip protocols 731 show ip route 732 show ip route preferences 734 show ip route summary 735 show ip stats 736 vlan routing 738 40 IPv6 MLD Snooping Commands 739 ipv6 mld snooping groupmembership interval 741 ipv6 mld snooping maxresponse 741 ...

Page 27: ...icast Commands 749 ipv6 pimsm VLAN Interface config 750 ipv6 pimsm bsr border 751 ipv6 pimsm bsr candidate 752 ipv6 pimsm dr priority 753 ipv6 pimsm hello interval 753 ipv6 pimsm join prune interval 754 ipv6 pimsm register threshold 755 ipv6 pimsm rp address 755 ipv6 pimsm rp candidate 756 ipv6 pimsm spt threshold 757 ipv6 pimsm ssm 758 show ipv6 pimsm 758 show ipv6 pimsm bsr 760 show ipv6 pimsm i...

Page 28: ...69 ipv6 forwarding 770 ipv6 host 771 ipv6 mld last member query count 772 ipv6 mld last member query interval 772 ipv6 mld proxy 773 ipv6 mld proxy reset status 774 ipv6 mld proxy unsolicit rprt interval 774 ipv6 mld query interval 775 ipv6 mld query max response time 776 ipv6 mld router 777 ipv6 mtu 777 ipv6 nd dad attempts 778 ipv6 nd managed config flag 779 ipv6 nd ns interval 780 ...

Page 29: ... pimdm 786 ipv6 pimdm hello interval 786 ipv6 route 787 ipv6 route distance 788 ipv6 unicast routing 789 ping ipv6 790 ping ipv6 interface 791 show ipv6 brief 792 show ipv6 interface 793 show ipv6 mld groups 795 show ipv6 mld interface 799 show ipv6 mld proxy 801 show ipv6 mld proxy groups 803 show ipv6 mld proxy groups detail 804 show ipv6 mld proxy interface 806 ...

Page 30: ...v6 route 813 show ipv6 route preferences 814 show ipv6 route summary 815 show ipv6 traffic 816 show ipv6 vlan 820 traceroute ipv6 821 43 Loopback Interface Commands 823 show interfaces loopback 824 44 Multicast Commands 827 ip mroute 829 ip multicast 830 ip multicast ttl threshold 831 ip pimsm 832 ip pimsm bsr border 833 ip pimsm bsr candidate 833 ...

Page 31: ... pimsm spt threshold 839 ip pimsm ssm 839 show bridge multicast address table count 840 show ip mcast 841 show ip mcast boundary 842 show ip mcast interface 843 show ip mcast mroute 844 show ip mcast mroute group 845 show ip mcast mroute source 846 show ip mcast mroute static 848 show ip pimsm bsr 849 show ip pimsm interface 850 show ip pimsm rphash 851 show ip pimsm rp mapping 852 ...

Page 32: ...lator stab intv 862 area range 863 area stub 864 area stub no summary 865 area virtual link 866 area virtual link authentication 867 area virtual link dead interval 868 area virtual link hello interval 869 area virtual link retransmit interval 870 area virtual link transmit delay 871 auto cost 872 bandwidth 873 capability opaque 873 clear ip ospf 874 default information originate 875 ...

Page 33: ...880 ip ospf area 881 ip ospf authentication 882 ip ospf cost 883 ip ospf dead interval 884 ip ospf hello interval 884 ip ospf mtu ignore 885 ip ospf network 886 ip ospf priority 887 ip ospf retransmit interval 888 ip ospf transmit delay 889 maximum paths 889 network area 890 nsf 891 nsf helper 893 nsf helper strict lsa checking 893 ...

Page 34: ...905 show ip ospf area 906 show ip ospf asbr 908 show ip ospf database 909 show ip ospf database database summary 913 show ip ospf interface 915 show ip ospf interface brief 917 show ip ospf interface stats 918 show ip ospf neighbor 919 show ip ospf statistics 923 show ip ospf stub table 924 show ip ospf virtual link 925 show ip ospf virtual link brief 927 timers spf 928 ...

Page 35: ...ranslator stab intv 939 area range 940 area stub 941 area stub no summary 942 area virtual link 942 area virtual link dead interval 943 area virtual link hello interval 944 area virtual link retransmit interval 945 area virtual link transmit delay 946 default information originate 947 default metric 948 distance ospf 948 enable 949 exit overflow interval 950 external lsdb limit 951 ...

Page 36: ...nore 955 ipv6 ospf network 956 ipv6 ospf priority 957 ipv6 ospf retransmit interval 958 ipv6 ospf transmit delay 959 ipv6 router ospf 960 maximum paths 960 nsf 961 nsf helper 962 nsf helper strict lsa checking 963 nsf restart interval 964 passive interface 965 passive interface default 966 redistribute 966 router id 967 show ipv6 ospf 968 ...

Page 37: ...ce brief 983 show ipv6 ospf interface stats 984 show ipv6 ospf neighbor 987 show ipv6 ospf range 989 show ipv6 ospf stub table 990 show ipv6 ospf virtual link 990 show ipv6 ospf virtual link brief 992 47 PIM DM Commands 993 show ip pimdm 994 show ip pimdm interface 995 show ip pimdm neighbor 996 48 PIM SM Commands 997 ip pimsm spt threshold 998 ip pim trapflags 999 show ip pimsm 1000 ...

Page 38: ... irdp holdtime 1007 ip irdp maxadvertinterval 1008 ip irdp minadvertinterval 1009 ip irdp multicast 1010 ip irdp preference 1011 show ip irdp 1012 50 Routing Information Protocol Commands 1015 default information originate 1016 default metric 1017 distance rip 1018 distribute list out 1018 enable 1019 hostroutesaccept 1020 ip rip 1021 ip rip authentication 1021 ...

Page 39: ...e 1027 show ip rip interface brief 1028 split horizon 1029 51 Tunnel Interface Commands 1031 show interfaces tunnel 1032 tunnel destination 1033 tunnel mode ipv6ip 1034 tunnel source 1035 52 Virtual LAN Routing Commands 1037 53 Virtual Router Redundancy Protocol Commands 1039 ip vrrp authentication 1041 ip vrrp ip 1042 ip vrrp mode 1043 ...

Page 40: ...047 show ip vrrp 1048 show ip vrrp interface 1049 show ip vrrp interface brief 1050 show ip vrrp interface stats 1051 54 Utility Commands 1053 55 Autoconfig Commands 1053 boot host dhcp 1055 boot host retry count 1056 show boot 1057 56 Captive Portal Commands 1059 authentication timeout 1061 captive portal 1061 enable 1062 http port 1063 ...

Page 41: ... name 1070 protocol 1071 redirect 1071 redirect url 1072 session timeout 1072 verification 1073 captive portal client deauthenticate 1074 show captive portal client status 1074 show captive portal configuration client status 1076 show captive portal interface client status 1077 show captive portal interface configuration status 1079 clear captive portal users 1080 ...

Page 42: ...nfiguration interface 1086 show captive portal configuration locales 1088 show captive portal configuration status 1089 show trapflags captive portal 1090 user group 1091 user group moveusers 1092 user group name 1092 57 Clock Commands 1095 show clock 1095 show sntp configuration 1096 show sntp status 1097 sntp authenticate 1098 sntp authentication key 1099 sntp broadcast client enable 1100 ...

Page 43: ...mezone 1104 clock summer time recurring 1105 clock summer time date 1106 no clock summer time 1107 show clock 1108 58 Configuration and Image File Commands 1111 clear config 1112 copy 1113 delete backup config 1116 delete backup image 1117 delete startup config 1118 filedescr 1118 script apply 1119 script delete 1120 script list 1120 script validate 1122 ...

Page 44: ...code 1129 59 Denial of Service Commands 1131 dos control icmp 1132 dos control l4port 1133 dos control sipdip 1134 dos control tcpflag 1135 dos control tcpfrag 1135 ip icmp echo reply 1136 ip icmp error interval 1137 ip unreachables 1138 ip redirects 1138 ipv6 icmp error interval 1139 ipv6 unreachables 1140 show dos control 1140 ...

Page 45: ...nt access class 1151 management access list 1152 permit management 1153 show management access class 1155 show management access list 1156 62 Password Management Commands 1157 passwords history 1158 passwords lock out 1159 passwords min length 1160 show passwords configuration 1161 63 PHY Diagnostics Commands 1163 show copper ports tdr 1164 ...

Page 46: ...nline priority 1172 power inline traps 1173 power inline usage threshold 1173 show poe firmware version 1174 show power inline 1175 show power inline ethernet 1176 65 RMON Commands 1179 rmon collection history 1181 rmon event 1183 show rmon alarm 1184 show rmon alarm table 1186 show rmon collection history 1187 show rmon events 1188 show rmon history 1189 show rmon statistics 1195 ...

Page 47: ...1x 1203 debug igmpsnooping 1204 debug ip acl 1204 debug ip dvmrp 1205 debug ip igmp 1206 debug ip mcache 1207 debug ip pimdm 1207 debug ip pimsm 1208 debug ip vrrp 1209 debug ipv6 mcache 1210 debug ipv6 mld 1210 debug ipv6 pimdm 1211 debug ipv6 pimsm 1212 debug isdp 1213 debug lacp 1213 debug mldsnooping 1214 debug ospf 1215 ...

Page 48: ... Commands 1221 sflow polling 1223 sflow polling Interface Mode 1224 sflow sampling 1225 sflow sampling Interface Mode 1226 show sflow agent 1227 show sflow destination 1228 show sflow polling 1229 show sflow sampling 1230 68 SNMP Commands 1233 show snmp engineID 1235 show snmp filters 1236 show snmp groups 1237 show snmp users 1239 ...

Page 49: ...rver enable traps authentication 1249 snmp server engineID local 1250 snmp server filter 1251 snmp server group 1253 snmp server host 1254 snmp server location 1256 snmp server user 1257 snmp server view 1258 snmp server v3 host 1260 69 SSH Commands 1263 crypto key generate rsa 1264 crypto key pubkey chain ssh 1265 ip ssh port 1266 ip ssh pubkey auth 1267 ip ssh server 1268 ...

Page 50: ...r key 1274 70 Syslog Commands 1275 clear logging file 1276 description 1277 level 1278 logging cli command 1278 logging 1279 logging buffered 1280 logging console 1281 logging facility 1282 logging file 1282 logging on 1283 logging snmp 1284 logging web session 1285 port 1285 show logging 1286 show logging file 1288 ...

Page 51: ...kpoint statistics 1295 cut through mode 1296 hostname 1297 initiate failover 1297 member 1298 movemanagement 1299 no standby 1300 ping 1302 reload 1304 set description 1305 show boot version 1306 show checkpoint statistics 1306 show cut through mode 1307 show memory cpu 1308 show nsf 1309 show process cpu 1310 show sessions 1313 ...

Page 52: ... supported switchtype 1320 show switch 1323 show system 1329 show system id 1331 show tech support 1332 show users 1335 show version 1336 stack 1337 stack port 1337 standby 1338 switch priority 1339 switch renumber 1340 telnet 1340 traceroute 1343 72 Telnet Server Commands 1347 ip telnet port 1348 show ip telnet 1349 ...

Page 53: ...certificate generate 1357 crypto certificate import 1358 crypto certificate request 1360 duration 1361 ip http port 1361 ip http server 1362 ip https certificate 1363 ip https port 1363 ip https server 1364 key generate 1365 location 1366 organization unit 1366 show crypto certificate mycertificate 1367 show ip http 1368 ...

Page 54: ...54 Contents show ip https 1369 state 1370 ...

Page 55: ...al monitor The CLI can be accessed from a console terminal connected to an EIA TIA 232 port or through a Telnet session This guide describes how the CLI is structured describes the command syntax and describes the command functionality This guide also provides information for configuring the PowerConnect switch details the procedures and provides configuration examples Basic installation configura...

Page 56: ...P Snooping Querier and displays IGMP Snooping Querier information IP Addressing Configures and manages IP addresses on the switch IPv6 ACL Configures and displays ACL information for IPv6 IPv6 MLD Snooping Configures IPv6 MLD Snooping IPv6 MLD Snooping Querier Configures IPv6 Snooping Querier and displays IPv6 Snooping Querier information LACP Configures and displays LACP information Link Dependen...

Page 57: ...P Proxy Mcast Manages IGMP Proxy on the system IP Helper Configures relay of UDP packets IP Routing IPv4 Configures IP routing and addressing IPv6 Multicast Manages IPv6 Multicasting on the system IPv6 Routing Configures IPv6 routing and addressing Loopback Interface IPv6 Manages Loopback configurations Multicast Mcast Manages Multicasting on the system OSPF IPv4 _ Manages shortest path operations...

Page 58: ...ides several Denial of Service options Line Configures the console SSH and remote Telnet connection Management ACL Configures and displays management access list information Password Management Provides password management PHY Diagnostics Diagnoses and displays the interface status Power Over Ethernet PoE Configures PoE and displays PoE information RMON Can be configured through the CLI and displa...

Page 59: ...ock name and authorized users Telnet Server Configures Telnet service on the switch and displays Telnet information User Interface Describes user commands used for entering CLI commands Web Server Configures web based access to the switch Table 1 1 System Command Groups continued Command Group Description ...

Page 60: ...ace Configuration IP IP Access List Configuration KC Key Chain KE Key L Logging LC Line Configuration MA Management Access level MC MST Configuration ML MAC List Configuration MT MAC acl PE Privileged EXEC PM Policy Map Configuration PCGC Policy Map Global Configuration PCMC Policy Class Map Configuration R Radius RIP Router RIP Configuration RC Router Configuration ROSPF Router Open Shortest Path...

Page 61: ...lege levels GC aaa authentication login Defines login authentication GC aaa authorization network default radius Enables the switch to accept VLAN assignment by the RADIUS server GC enable authentication Specifies the authentication method list when accessing a higher privilege level from a remote telnet or console LC enable password Sets a local password to control access to the normal level GC i...

Page 62: ...traffic if the conditions defined in the deny statement are matched The permit command allows traffic if the conditions defined in the permit statement are matched ML ip access group Attaches a specified access control list to an interface GC or IC ip access group name out Applies an IP based egress ACL on an Ethernet interface or a group of interfaces IC mac access group Attaches a specific MAC A...

Page 63: ...rbidden forward unregistered Forbids a port to be a forwarding unregistered multicast addresses port IC bridge multicast forward all Enables forwarding of all Multicast packets on a port IC bridge multicast forward unregistered Enables the forwarding of unregistered multicast addresses IC clear bridge Removes any learned entries from the forwarding database PE port security Disables new address le...

Page 64: ...ear isdp table Clears entries in the ISDP table PE isdp advertise v2 Enables the sending of ISDP version 2 packets from the device GC isdp enable Enables ISDP on the switch GC IC isdp holdtime Configures the hold time for ISDP packets that the switch transmits GC isdp timer Sets period of time between sending new ISDP packets GC show isdp Displays global ISDP settings PE show isdp interface Displa...

Page 65: ...page 60 Command Description Mode clear ip dhcp snooping binding Clears all DHCP Snooping entries PE clear ip dhcp snooping statistics clears all DHCP Snooping statistics PE ip dhcp snooping Enables DHCP snooping globally or on a specific VLAN GC IC ip dhcp snooping binding Configures a static DHCP Snooping binding GC ip dhcp snooping database Configures the persistent location of the DHCP snooping...

Page 66: ...snooping statistics Displays the DHCP snooping filtration statistics PE NOTE For the meaning of each Mode abbreviation see Mode Types on page 60 Command Description Mode arp access list Creates an ARP ACL GC clear counters ip arp inspection Resets the statistics for Dynamic ARP Inspection on all VLANs PE ip arp inspection filter Configures the ARP ACL to be used for a single VLAN or a range of VLA...

Page 67: ...amic ARP Inspection configuration on all the VLANs in the given VLAN range PE NOTE For the meaning of each Mode abbreviation see Mode Types on page 60 Command Description Mode clear counters Clears statistics on an interface PE description Adds a description to an interface IC duplex Configures the full half duplex operation of a given Ethernet interface when not using auto negotiation IC flowcont...

Page 68: ...es UE show statistics ethernet Displays statistics for one port or for the entire switch PE show storm control Displays the storm control configuration PE shutdown Disables interfaces IC speed Configures the speed of a given Ethernet interface when not using auto negotiation IC storm control broadcast Enables Broadcast storm control IC storm control multicast Enables the switch to count Multicast ...

Page 69: ...each Mode abbreviation see Mode Types on page 60 Command Description Mode ip igmp snooping Global In Global Config mode Enables Internet Group Management Protocol IGMP snooping GC ip igmp snooping Interface Enables Internet Group Management Protocol IGMP snooping on a specific VLAN IC ip igmp snooping host time out Configures the host time out IC ip igmp snooping leave time out Configures the leav...

Page 70: ...s on page 60 Command Description Mode ip igmp snooping querier Enables disables IGMP Snooping Querier on the system Global Configuration mode or on a VLAN GC VLAN ip igmp snooping querier election participate Enables the Snooping Querier to participate in the Querier Election process when it discovers the presence of another Querier in the VLAN VLAN ip igmp snooping querier query interval Sets the...

Page 71: ...ain name to complete unqualified host names GC ip host Configures static host name to address mapping in the host cache GC ip name server Configures available name servers GC ipv6 address Set the IPv6 address of the management interface GC ipv6 enable Enable IPv6 on the management interface GC ipv6 gateway Configures an IPv6 gateway for the management interface GC show arp switch Displays the entr...

Page 72: ...ach Mode abbreviation see Mode Types on page 60 Command Description Mode ipv6 mld snooping immediate leave Enables or disables MLD Snooping immediate leave admin mode on a selected interface or VLAN IC VLAN ipv6 mld snooping groupmembership interval Sets the MLD Group Membership Interval time on a VLAN or interface IC VLAN ipv6 mld snooping maxresponse Sets the MLD Maximum Response time for an int...

Page 73: ...erier Election process when it discovers the presence of another Querier in the VLAN VLAN ipv6 mld snooping querier query interval Sets the MLD Querier Query Interval time GC ipv6 mld snooping querier timer expiry Sets the MLD Querier timer expiration period GC show ipv6 mld snooping querier Displays MLD Snooping Querier information PE show ipv6 mld snooping groups Displays the MLD Snooping entrie...

Page 74: ...t channel Adds member port channels to the dependency list Link Dependency no add port channel Removes member port channels from the dependency list Link Dependency depends on ethernet Adds the dependent Ethernet ports list Link Dependency no depends on ethernet Removes the dependent Ethernet ports list Link Dependency depends on port channel Adds the dependent port channels list Link Dependency n...

Page 75: ...ent set will be transmitted in the LLDPDUs IC show lldp Displays the current LLDP configuration summary PE show lldp connections Displays the current LLDP remote data PE show lldp interface Displays the current LLDP interface state PE show lldp local device Displays the LLDP local data PE show lldp remote device Displays the LLDP remote data PE show lldp statistics Displays the current LLDP traffi...

Page 76: ...face configuration mode of a specific port channel GC interface range port channel Enters the interface configuration mode to configure multiple port channels GC hashing mode Sets the hashing algorithm on trunk ports IC port channel no hashing mode Sets the hashing algorithm on trunk ports to default 3 IC port channel show interfaces port channel Displays port channel information PE show statistic...

Page 77: ...apping Maps an 802 1p priority to an internal traffic class for a switch GC and IC classofservice ip dscp mapping Maps an IP DSCP value to an internal traffic class GC classofservice trust Sets the class of service trust mode of an interface GC and IC conform color Specifies for each outcome the only possible actions are drop setdscp transmit set prec transmit or transmit PCM C cos queue min bandw...

Page 78: ...et CMC match dstip Adds to the specified class definition a match condition based on the destination IP address of a packet CMC match dstip6 adds to the specified class definition a match condition based on the destination IPv6 address of a packet v6CM C match dstl4port Adds to the specified class definition a match condition based on the destination layer 4 port of a packet using a single keyword...

Page 79: ...the source IPv6 address of a packet v6CM C match srcl4port Adds to the specified class definition a match condition based on the source layer 4 port of a packet using a single keyword a numeric notation or a numeric range notation CMC match vlan Adds to the specified class definition a match condition based on the value of the layer 2 VLAN Identifier field CMC mirror Mirrors all the data that matc...

Page 80: ...service interface port channel in Displays policy service information for the specified interface and direction PE show diffserv service brief Displays all interfaces in the system to which a DiffServ policy has been attached PE show interfaces cos queue Displays the class of service queue configuration for the specified interface PE show policy map Displays all configuration information for the s...

Page 81: ...gns a name to a RADIUS server R primary Specifies that a configured server should be the primary server in the group of authentication servers which have the same server name R priority Specifies the order in which the servers are to be used with 0 being the highest priority R radius server deadtime Improves RADIUS response times when servers are unavailable Causes the unavailable servers to be sk...

Page 82: ...ifies the usage type of the server R NOTE For the meaning of each Mode abbreviation see Mode Types on page 60 Command Description Mode clear spanning tree detected protocols Restarts the protocol migration process on all interfaces or on the specified interface PE exit mst Exits the MST configuration mode and applies configuration changes MC instance mst Maps VLANs to an MST instance MC name mst D...

Page 83: ...r root guard is enabled on an interface IC spanning tree link type Overrides the default link type setting IC spanning tree loopguard Enables loop guard on all ports GC spanning tree max age Configures the spanning tree bridge maximum age GC spanning tree max hops Sets the MSTP Max Hops parameter to a new value for the common and internal spanning tree GC spanning tree mode Configures the spanning...

Page 84: ...ity GC spanning tree tcnguard Prevents a port from propagating topology change notifications IC spanning tree transmit hold count Set the maximum number of BPDUs that a bridge is allowed to send within a hello time window 2 seconds GC NOTE For the meaning of each Mode abbreviation see Mode Types on page 60 Command Description Mode switchport voice detect auto Enables the VoIP Profile on all the in...

Page 85: ...age 60 Command Description Mode dvlan tunnel ethertype Configures the EtherType for the interface GC interface vlan Enters the interface configuration VLAN mode GC interface range vlan Enters the interface configuration mode to configure multiple VLANs GC mode dvlan tunnel Enables Double VLAN tunneling on the specified interface IC name Configures a name to a VLAN IC protocol group Attaches a vlan...

Page 86: ...figures the VLAN ID when the interface is in access mode IC switchport forbidden vlan Forbids adding specific VLANs to a port IC switchport general acceptable frame type tagged only Discards untagged frames at ingress IC switchport general allowed vlan Adds or removes VLANs from a port in General mode IC switchport general ingress filtering disable Disables port ingress filtering IC switchport gen...

Page 87: ...GC vlan protocol group remove Removes the protocol base VLAN group identified by groupid GC vlan routing Enable routing on a VLAN PE NOTE For the meaning of each Mode abbreviation see Mode Types on page 60 Command Description Mode voice vlan Enables the voice VLAN capability on the switch GG voice vlan Enables the voice VLAN capability on the interface IC voice vlan data priority Trusts or not tru...

Page 88: ...te following a failed authentication attempt IC dot1x timeout re authperiod Sets the number of seconds between re authentication attempts IC dot1x timeout server timeout Sets the number of seconds the switch waits for a response from the authentication server before resending the request IC dot1x timeout supp timeout Sets the number of seconds the switch waits for a response to an EAP request fram...

Page 89: ...AN on a port IC dot1x unauth vlan Specifies the unauthenticated VLAN on a port IC dot1x guest vlan Defines a guest VLAN IC show dot1x advanced Displays 802 1X advanced features for the switch or specified interface PE radius server attribute 4 Sets the network access server NAS IP address for the RADIUS server GC NOTE For the meaning of each Mode abbreviation see Mode Types on page 60 Command Desc...

Page 90: ...RP count of maximum request for retries GC arp timeout Configures the ARP entry age out time GC clear arp cache Removes all ARP entries of type dynamic from the ARP cache PE clear arp cache management Removes all entries from the ARP cache learned from the management port PE ip proxy arp Enables proxy ARP on a router interface IC show arp Displays the Address Resolution Protocol ARP cache PE show ...

Page 91: ...ain name which is provided to a DHCPv6 client by the DHCPv6 server v6DP ipv6 dhcp pool Enters IPv6 DHCP Pool Configuration mode GC ipv6 dhcp relay Configures an interface for DHCPv6 relay functionality IC ipv6 dhcp relay agent info opt Configures a number to represent the DHCPv6 Relay Agent Information Option GC ipv6 dhcp relay agent info remote id subopt Configures a number to represent the DHCPv...

Page 92: ...e DVMRP trap mode GC show ip dvmrp Displays the system wide information for DVMRP PE show ip dvmrp interface Displays the interface information for DVMRP on the specified interface PE show ip dvmrp neighbor Displays the neighbor information for DVMRP PE show ip dvmrp nexthop Displays the next hop information on outgoing interfaces for routing multicast datagrams PE show ip dvmrp prune Displays the...

Page 93: ... allows tuning of the interface IC ip igmp startup query count Sets the number of queries sent out on startup at intervals equal to the startup query interval for the interface IC ip igmp startup query interval Sets the interval between general queries sent at startup on the interface IC ip igmp version Configures the version of IGMP for an interface IC show ip igmp Displays system wide IGMP infor...

Page 94: ...isplays complete information about multicast groups that IGMP Proxy has reported PE NOTE For the meaning of each Mode abbreviation see Mode Types on page 60 Command Description Mode clear ip helper statistics Resets to 0 the statistics displayed in show ip helper statistics PE ip helper address global configuration Configures the relay of certain UDP broadcast packets received on any interface GC ...

Page 95: ...ets the default distance preference for static routes GC ip routing Globally enables IPv4 routing on the router GC routing Enables IPv4 and IPv6 routing for an interface IC show ip brief Displays all the summary information of the IP PE show ip interface Displays all pertinent information about the IP interface PE show ip protocols Displays the parameters and current state of the active routing pr...

Page 96: ...ce IC ipv6 pimsm join prune interval Configures the interface join prune interval for the PIM SM router IC ipv6 pimsm register threshold Configure the Register Threshold rate for the RP router to switch to the shortest path GC ipv6 pimsm rp address Statically configures the RP address for one or more multicast groups GC ipv6 pimsm rp candidate Configures the router to advertise itself as a PIM can...

Page 97: ...ck and tunnel interfaces PE ipv6 address Configures an IPv6 address on an interface including tunnel and loopback interfaces IC ipv6 enable Enables IPv6 routing on an interface including tunnel and loopback interfaces that has not been configured with an explicit IPv6 address IC ipv6 forwarding Enables IPv6 forwarding on a router GC ipv6 host Defines static host name to ipv6 address mapping in the...

Page 98: ...nsmitted while doing neighbor discovery IC ipv6 nt managed config flag Sets the managed address configuration flag in router advertisements IC ipv6 nd ns interval Sets the interval between router advertisements for advertised neighbor solicitations IC ipv6 nd other config flag Sets the other stateful configuration flag in router advertisements sent from the interface IC ipv6 nd prefix Sets the IPv...

Page 99: ...ays the IPv6 status of forwarding mode and IPv6 unicast routing mode PE show ipv6 interface Shows the usability status of IPv6 interfaces PE show ipv6 mld groups Displays information about multicast groups that MLD reported PE show ipv6 mld interface Displays MLD related information for an interface PE show ipv6 mld proxy Displays a summary of the host interface status parameters PE show ipv6 mld ...

Page 100: ...ce Shows the preference value associated with the type of route PE show ipv6 route summary Displays a summary of the routing table PE show ipv6 traffic Shows traffic and statistics for IPv6 and ICMPv6 UE show ipv6 vlan Displays IPv6 VLAN routing interface addresses PE traceroute ipv6 Discovers the routes that packets actually take when traveling to their destination through the network on a hop by...

Page 101: ...uter BSR GC ip pimsm dr priority Sets the priority value for which a router is elected as the designated router DR IC ip pimsm hello interval Configures the PIM SM Hello Interval for the specified interface IC ip pimsm join prune interval Configures the interface join prune interval for the PIM SM router IC ip pimsm register threshold Configures the Register Threshold rate for the RP router to swi...

Page 102: ... the multicast configuration settings of entries in the multicast mroute table PE show ip mcast mroute static Displays all the static routes configured in the static mcast table PE show ip pimsm bsr Displays the bootstrap router BSR information PE show ip pimsm interface Displays interface config parameters If no interface is specified all interfaces are displayed PE show ip pimsm rp hash Displays...

Page 103: ...rom being advertised into the NSSA ROSPF area virtual link Creates the OSPF virtual interface for the specified area id and neighbor router ROSPF area virtual link authentication Configures the authentication type and key for the OSPF virtual interface identified by the area ID and neighbor ID ROSPF area virtual link dead interval Configures the dead interval for the OSPF virtual interface on the ...

Page 104: ...able Resets the default administrative mode of OSPF in the router active ROSPF exit overflow interval Configures the exit overflow interval for OSPF ROSPF external lsdb limit Configures the external LSDB limit for OSPF ROSPF ip ospf area Enables OSPFv2 and sets the area ID of an interface IC ip ospf authentication Sets the OSPF Authentication Type and Key for the specified interface IC ip ospf cos...

Page 105: ... restart interval Configures the length of the grace period on the restarting router ROSPF network area Enables OSPFv2 on an interface and sets its area ID if the IP address of an interface is covered by this network command ROSPF passive interface Sets the interface or tunnel as passive IC passive interface default Enables the global passive mode by default for all interfaces ROSPF passive interf...

Page 106: ...object or virtual interface tables PE show ip ospf interface stats Displays the statistics for a specific interface PE show ip ospf neighbor Displays information about OSPF neighbors PE show ip ospf range Displays information about the area ranges for the specified area id PE show ip ospf statistics Displays information about recent Shortest Path First SPF calculations PE show ip ospf stub table D...

Page 107: ...gures the translator stability interval of the NSSA ROSV3 area range Creates an area range for a specified NSSA ROSV3 area stub Creates a stub area for the specified area ID ROSV3 area stub no summary Disables the import of Summary LSAs for the stub area identified by areaid ROSV3 area virtual link Creates the OSPF virtual interface for the specified areaid and neighbor ROSV3 area virtual link dea...

Page 108: ...outer interface or loopback interface IC ipv6 ospf areaid Sets the OSPF area to which the specified router interface belongs IC ipv6 ospf cost Configures the cost on an OSPF interface IC ipv6 ospf dead interval Sets the OSPF dead interval for the specified interface IC ipv6 ospf hello interval Sets the OSPF hello interval for the specified interface IC ipv6 ospf mtu ignore Disables OSPF maximum tr...

Page 109: ...isplays the internal OSPFv3 routes to reach Autonomous System Boundary Routes ASBR PE show ipv6 ospf database Displays information about the link state database when OSPFv3 is enabled PE show ipv6 ospf database database summary Displays the number of each type of LSA in the database and the total number of LSAs in the database PE show ipv6 ospf interface Displays the information for the IFO object...

Page 110: ...strative mode of PIM DM on an interface to enabled IC ip pimdm query interval Configures the transmission frequency of hello messages between PIM enabled neighbors IC show ip pimdm Displays system wide information for PIM DM PE show ip pimdm interface Displays interface information for PIM DM on the specified interface PE show ip pimdm interface stats Displays the statistical information for PIM D...

Page 111: ...enabled neighbors IC ip pimsm register rate limit Sets the Register Threshold rate for the RP Rendezvous Point router to switch to the shortest path GC ip pimsm spt threshold Configures the threshold rate for the RP router to switch to the shortest path GC ip pimsm staticrp Creates RP IP address for the PIM SM router GC ip pim trapflags Enables the PIM trap mode for both Sparse Mode SM and Dense M...

Page 112: ...owed between sending router advertisements from the interface IC ip irdp preference Configures the preference of the address as a default router address relative to other router addresses on the same subnet IC show ip irdp Displays the router discovery information for all interfaces or for a specified interface PE NOTE For the meaning of each Mode abbreviation see Mode Types on page 60 Command Des...

Page 113: ...redistribution of routes from the specified source protocol routers PIP router rip Enters Router RIP mode GC show ip rip Displays information relevant to the RIP router PE show ip rip interface Displays information related to a particular RIP interface PE show ip rip interface brief Displays general information for each RIP interface PE split horizon Sets the RIP split horizon mode RIP NOTE For th...

Page 114: ...he administrative mode of VRRP for the router GC ip vrrp authentication Sets the authorization details value for the virtual router configured on a specified interface IC ip vrrp ip Sets the virtual router IP address value for an interface IC ip vrrp mode Enables the virtual router configured on an interface Enabling the status field starts a virtual router IC ip vrrp preempt Sets the preemption m...

Page 115: ...r statistics of a virtual router configured on a specific interface PE show ip vrrp interface brief Displays information about each virtual router configured on the switch PE show ip vrrp interface stats Displays the statistical information about each virtual router configured on the switch PE vrrp track interface Alters the priority of the VRRP router based on the availability of its interfaces I...

Page 116: ...ption Mode authentication timeout Configures the authentication timeout CP captive portal Enables the captive portal configuration mode GC http port Configures an additional HTTP port for captive portal to monitor CP https port Configures an additional HTTPS port for captive portal to monitor CP show captive portal Displays the status of captive portal PE show captive portal status Reports the sta...

Page 117: ...on CPI captive portal client deauthenticate Deauthenticates a specific captive portal client PE show captive portal client status Displays client connection details or a connection summary for connected captive portal users PE show captive portal configuration client status Displays the clients authenticated to all captive portal configurations or a to specific configuration PE show captive portal...

Page 118: ...ed to a captive portal configuration or about a specific interface assigned to a captive portal configuration PE show captive portal configuration locales Displays locales associated with a specific captive portal configuration PE show captive portal configuration status Displays information about all configured captive portal configurations or a specific captive portal configuration PE show capti...

Page 119: ...le Network Time Protocol SNTP will synchronize GC sntp unicast client enable Enables clients to use Simple Network Time Protocol SNTP predefined Unicast clients GC clock timezone hours offset Sets the offset to Coordinated Universal Time GC no clock timezone Resets the time zone settings GC clock summer time recurring Sets the summertime offset to UTC recursively every year GC clock summer time da...

Page 120: ... Displays contents of a backup configuration file PE show bootvar Displays the active system image file that the switch loads at startup UE show dir Lists all the files available on the flash file system PE show running config Displays the contents of the currently running configuration file PE show startup config Displays the startup configuration file contents PE update bootcode Updates the boot...

Page 121: ...ion of ICMP Destination Unreachable messages IC ip icmp redirects Enables the generation of ICMP Redirect messages IC ipv6 icmp error internal Limits the rate at which ICMPv6 error messages are sent GC ipv6 unreachables Enables the generation of ICMPv6 Destination Unreachable messages IC show dos control Displays Denial of Service configuration information PE NOTE For the meaning of each Mode abbr...

Page 122: ... a management access list and enters the access list for configuration GC permit management Defines a permit rule MA show management access class Displays the active management access list PE show management access list Displays management access lists PE NOTE For the meaning of each Mode abbreviation see Mode Types on page 60 Command Description Mode passwords aging Implements aging on the passwo...

Page 123: ... Command Description Mode show copper ports cable length Displays the estimated copper cable length attached to a port PE show copper ports tdr Displays the last TDR Time Domain Reflectometry tests on specified ports PE show fiber ports optical transceiver Displays the optical transceiver diagnostics PE test copper port tdr Diagnoses with TDR Time Domain Reflectometry technology the quality and ch...

Page 124: ...tal power consumed in the system and the globally set usage threshold PE show power inline ethernet Displays the inline power summary for the interface PE NOTE For the meaning of each Mode abbreviation see Mode Types on page 60 Command Description Mode rmon alarm Configures alarm conditions GC rmon collection history Enables a Remote Monitoring RMON MIB history statistics group on an interface IC ...

Page 125: ...packets transmitted and or received by the switch PE debug ip acl Enables debug of IP Protocol packets matching the ACL criteria PE debug ip dvmrp Traces DVMRP packet reception and transmission PE debug ip igmp Traces IGMP packet reception and transmission PE debug ip mcache Traces MDATA packet reception and transmission PE debug ip pimdm Traces PIMDM packet reception and transmission PE debug ip ...

Page 126: ...s tracing of RIP requests and responses PE debug sflow Enables sFlow debug packet trace PE debug spanning tree Traces spanning tree BPDU packet reception and transmission PE show debugging Displays packet tracing configurations PE NOTE For the meaning of each Mode abbreviation see Mode Types on page 60 Command Description Mode sflow destination Configures sFlow collector parameters owner string re...

Page 127: ... engineID Displays the SNMP engine ID PE show snmp filters Displays the configuration of filters PE show snmp groups Displays the configuration of groups PE show snmp users Displays the configuration of users PE show snmp views Displays the configuration of views PE show trapflags Shows the status of the configurable SNMP traps PE snmp server community Sets up the community access string to permit...

Page 128: ... Protocol SNMP server view entry GC NOTE For the meaning of each Mode abbreviation see Mode Types on page 60 Command Description Mode crypto key generate dsa Generates DSA key pairs for the switch GC crypto key generate rsa Generates RSA key pairs for the switch GC crypto key pubkey chain ssh Enters SSH Public Key chain configuration mode GC ip ssh port Specifies the port to be used by the SSH ser...

Page 129: ...ommand logging GC logging Logs messages to a syslog server GC logging buffered Limits syslog messages displayed from an internal buffer based on severity GC logging console Limits messages logged to the console based on severity GC logging facility Sets the facility of the logging messages GC logging file Limits syslog messages sent to the logging file based on severity GC logging on Controls erro...

Page 130: ...ntiate failover Forces failover of management unit GC member Configures the switch SG movemanagement Moves the Management Switch functionality from one switch to another SG nsf Specifies non stop forwarding GC nsf restart interval Specifies the length of the grace period on the restarting router GC no cut through mode Disables the cut through mode on the switch GC no standby Removes standby config...

Page 131: ...k UE show supported switchtype Displays information about all supported switch types UE show switch Displays information about the switch status UE show system Displays system information UE show system id Displays the service ID information UE show tech support Displays system and configuration information for debugging calls to technical support PE show users Displays information about the activ...

Page 132: ...show ip telnet Displays the status of the Telnet server and the Telnet service port number PE NOTE For the meaning of each Mode abbreviation see Mode Types on page 60 Command Description Mode enable Enters the privileged EXEC mode UE end Gets the CLI user control back to the privileged execution mode or user execution mode Any exit configuration Exits any configuration mode to the previously highe...

Page 133: ...to be configured from a browser GC ip https certificate Configures the active certificate for HTTPS GC ip https port Configures a TCP port for use by a secure web browser to configure the switch GC ip https server Enables the switch to be configured from a secured browser GC key generate Specifies the key generate CC location Specifies the location or city name CC organization unit Specifies the o...

Page 134: ...134 Command Groups ...

Page 135: ...command show interfaces status ethernet 1 g5 show interfaces and status are keywords ethernet is an argument that specifies the interface type and 1 g5 specifies the unit port When working with the CLI the command options are not displayed The command is not selected by a menu but is entered manually To see what commands are available in each mode or within an Interface Configuration the CLI provi...

Page 136: ...nds are stored in the buffer which operates on a First In First Out FIFO basis These commands can be recalled reviewed modified and reissued This buffer is not preserved after switch resets By default the history buffer system is enabled but it can be disabled at any time The standard number of 10 stored commands can be increased to 216 By configuring 0 the effect is the same as disabling the hist...

Page 137: ... valid or if some parameters of the command are not valid or missing an error message is displayed to assist in entering the correct command By pressing the tab key an incomplete command is changed into a complete command If the characters already entered are not enough for the system to identify a single matching command the key displays the available commands matching the characters already ente...

Page 138: ...line Ctrl E Go to end of line Ctrl F Go forward one character Ctrl B Go backward one character Ctrl D Delete current character Ctrl U X Delete to beginning of line Ctrl K Delete to the end of the line Ctrl W Delete previous word Ctrl T Transpose previous character Ctrl P Go to previous line history buffer Ctrl R Rewrites or pastes the line Ctrl N Go to next line in history buffer Ctrl Y Print last...

Page 139: ... xg The following formats are allowed For LAG use interface range port channel 1 48 When operating on a range of objects the CLI implementation hides the parameters that may not be configured in a range for example parameters that must be uniquely configured for each instance The CLI uses best effort when operating on a list of objects If the user requests an operation on a list of objects the CLI...

Page 140: ...r For example 2 g10 identifies the gigabit port 10 on the second unit 1 g1 identifies the fast Ethernet port 1 on the first unit within the stack Interface Types the following interface types are defined g stands for gigabit Ethernet port for example g2 is the gigabit port 2 xg stands for 10 Gigabit Ethernet port for example xg2 is the 10 gigabit Ethernet port 2 Convention Description In a command...

Page 141: ... This layer defines the addressing and routing structure of the Internet Utility describes commands used to manage the switch Commands that cause specific actions to be taken immediately by the system and do not directly affect the system configurations are defined at the top of the command tree For example commands for rebooting the system or for downloading or backing up the system configuration...

Page 142: ...nd other specific configuration modes User EXEC Mode After logging into the switch the user is automatically in the User EXEC command mode unless the user is defined as a privileged user In general the User EXEC commands allow the user to perform basic tests and list system information The user level prompt consists of the switch host name followed by the angle bracket console The default host nam...

Page 143: ...s The Global Configuration mode command line is used to enter the Line Interface mode VLAN Database Contains commands to create a VLAN as a whole The Global Configuration mode command vlan database is used to enter the VLAN Database mode Router OSPF Configuration Global configuration mode command router ospf is used to enter into the Router OSPF Configuration mode Router RIP Configuration Global c...

Page 144: ...e assigning ports to a port channel Most of these commands are the same as the commands in the Ethernet interface mode and are used to manage the member ports as a single entity The Global Configuration mode command interface port channel is used to enter the Port Channel mode Tunnel Contains commands to manage tunnel interfaces The Global Configuration mode command interface tunnel enters the Tun...

Page 145: ...ion Configures the parameters for crypto certificate generate Logging Configures the parameters for syslog log server Identifying the Switch and Command Mode from the System Prompt The system prompt provides the user with the name of the switch hostname and identifies the command mode The following is a formal description of the system command prompt device name command mode object device name is ...

Page 146: ...de hierarchy Command Mode Access Method Command Prompt Exit or Access Previous Mode User EXEC The user is automatically in User EXEC mode unless the user is defined as a privileged user console logout Privileged EXEC Use the enable command to enter into this mode This mode is password protected console Use the exit command or press Ctrl Z to return to the User EXEC mode Global Configuration From P...

Page 147: ...uration mode use the exit command or press Ctrl Z to Privileged EXEC mode Policy Class Map From Global Configuration mode use the policy map class command console config policy classmap To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode Class Map From Global Configuration mode use the class map command console config classmap To exit to Global Configu...

Page 148: ...l Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode SSH Public Key String From the SSH Public Key Chain mode use the user key user name rsa dsa command console config pubkey key To return to the SSH Public key chain mode use the exit command or press Ctrl Z to Privileged EXEC mode TACACS From Global Configuration mode use the tacacs server host command console tacacs ...

Page 149: ... the exit command or press Ctrl Z to Privileged EXEC mode SNMP v3 Host Configuration From Global Configuration mode use the snmp server v3 host command console config snmp To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode SNMP Community Configuration From Global Configuration mode use the snmp server community command console config snmp To exit to G...

Page 150: ...request command console config crypto cert To exit to PrivilegedEXEC mode use the exit command or press Ctrl Z Stack From Global Configuration mode use the stack command console config stack To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode Logging From Global Configuration mode use the logging command console config logging To exit to Global Configu...

Page 151: ...uration mode use the exit command or press Ctrl Z to Privileged EXEC mode Router OSPF Conf From Global Configuration mode use the router ospf command console config router To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode Router RIP Config From Global Configuration mode use the router rip command console config router To exit to Global Configuration ...

Page 152: ...e use the exit command or press Ctrl Z to Privileged EXEC mode Interface Configuration Modes Ethernet From Global Configuration mode use the interface ethernet command console config if n gn or n xgn To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode Port Channel From Global Configuration mode use the interface port channel command console config if c...

Page 153: ...uration mode use the interface tunnel command console config tunneln To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode Loopback From Global configurationmode use the interface loopback command console config loopbackn To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode Command Mode Access Method Command P...

Page 154: ...sy Setup Wizard The Easy Setup Wizard guides the user in the basic initial configuration of a newly installed switch so that it can be immediately deployed and functional in its basic operation and be completely manageable through the Web CLI and the remote Dell Network Manager After initial setup the user may enter to the system to set up more advanced configurations By default the switch is ship...

Page 155: ...lthough spaces are allowed in the community string their use is discouraged The default community string contains no spaces Allows the user to specify the management server IP or permit SNMP access from all IP addresses Sets up the default gateway IP address If the user chooses not to use the wizard initially the session defaults to the CLI mode with a warning to refer the documentation During a s...

Page 156: ...lt factory configuration While waiting for the response from the user normal switch operation will continue including but not limited to If BOOTP DHCP is supported and enabled by default the switch attempts to get its address The switch continues to switch traffic The switch continues do MAC learning If spanning tree is on by default the switch participates in the spanning tree protocol Functional...

Page 157: ...the user want to use setup wizard No Transfer to CLI mode No Did the user previously save a startup configuration Yes Transfer to CLI mode Yes Is SNMP Management Required Yes Yes Save Setup Discard Changes and Restart Wizard Request IP Address Network Mask Default Gateway IP Request SNMP Community String Server IP Address No No ...

Page 158: ... the SNMP HTTP and CLI interfaces The user may also choose to allow all IP addresses to access these management interfaces by choosing the 0 0 0 0 IP address An IP address is configured for the default management VLAN 1 A default gateway address is configured The following example contains the sequence of prompts and responses associated with running an example Dell Easy Setup Wizard session using...

Page 159: ...h using SNMP required for Dell Network Manager you can o Set up the initial SNMP version 2 account now o Return later and setup other SNMP accounts For more information on setting up an SNMP version 1 or 3 account see the user documentation Would you like to setup the SNMP management interface now Y N y To setup the SNMP management account you must specify the management system IP address and the ...

Page 160: ...er accounts and changing privilege levels see the user documentation To setup a user account Please enter the user name admin Enter Please enter the user password Enter Please reenter the user password Enter Step 3 Next an IP address is setup The IP address is defined on the default VLAN VLAN 1 of which all ports are members This is the IP address you use to access the CLI Web interface or SNMP in...

Page 161: ...his network is reachable 192 168 1 1 Enter This is the configuration information that has been collected SNMP Interface public 192 168 2 1 User Account setup admin Password Management IP address 192 168 2 1 255 255 255 0 Gateway 0 0 0 0 Step 5 If the information is correct please select Y to save the configuration and copy to the start up configuration file If the information is incorrect select N...

Page 162: ...ke to run the setup wizard you must answer this question within 60 seconds Y N y Step 1 The system is not setup for SNMP management by default To manage the switch using SNMP required for Dell Network Manager you can Set up the initial SNMP version 2 account now Return later and setup other SNMP accounts For more information on setting up an SNMP version 1 or 3 account see the user documentation W...

Page 163: ...CP this requires that you have a DHCP server running on the network To setup an IP address Please enter the IP address of the device A B C D or enter DHCP without the quotes to automatically request an IP address from the network DHCP server 192 168 2 1 Please enter the IP subnet mask A B C D or nn 255 255 255 0 Step 4 Finally setup the default gateway Please enter the IP address of the gateway fr...

Page 164: ...ational mode as Simple Mode Y N n Step 6 If the information is correct please select Y to save the configuration and copy to the start up configuration file If the information is incorrect select N to discard configuration and restart the wizard Y N ...

Page 165: ...eboots There is one backup configuration image The system also provides methods to back up these images to a remote system File System Commands All files are stored in a flat file system The following commands are used to perform operations on these files Copying Files The copy command not only provides a method for copying files within the file system but also to and from remote servers With the ...

Page 166: ...special virtual system files which are under control of the system and may not be removed or added These file names are reserved and may not be used as user defined files When the user copies a local source file into one of these special files and the source file has an attached file description it also is copied as the file description for the special file backup config This file refers to the ba...

Page 167: ...down and the user has not configured the system to revert to local managed accounts The following rules and specifications apply to these interfaces The CLI is accessible from remote telnet through the management IP address for the switch The CLI is accessible from a secure shell interface The CLI generates keys for SSH locally The serial session defaults to 9600 baud rate eight data bits non pari...

Page 168: ...ccess Control In addition to authenticating a user the CLI also assigns the user access to one of two security levels Level 1 has read only access This level allow the user to read information but not configure the switch The access to this level cannot be modified Level 15 is the special access level assigned to the superuser of the switch This level has full access to all functions within the sw...

Page 169: ...down the CLI allows the user to log in to the serial interface authenticated by locally managed account data Syslogs The CLI uses syslog support to send logging messages to a remote syslog server The user configures the switch to generate all logging messages to a remote log server If no remote log server exists then the CLI maintains a rolling log of at most the last 1000 critical system events T...

Page 170: ...me source and instead the CLI records one event within a period of time and includes that count as part of the log Management ACAL In addition to user access control the system also manages the access level for particular management interfaces The system allows individual hosts or subnets to access only specific management protocols The user defines a management profile which identifies management...

Page 171: ...q key stops the display and returns to the CLI prompt Boot Message The boot message is a system message that is not user configurable and is displayed when the system is booting Displayed information includes the following Operational code date The board type The CPU Memory size To start the normal booting process select item 1 in the Boot Menu The following is a sample log for booting information...

Page 172: ...de copyback DOS_WRITE max of simultaneously open files 52 file descriptors in use 0 of different files in use 0 of descriptors for deleted files 0 of obsolete descriptors 0 current volume configuration volume label NO LABEL in boot sector volume Id 0x1b19 total number of sectors 60 716 bytes per sector 512 of sectors per cluster 4 of reserved sectors 1 FAT entry size FAT16 of sectors per FAT copy ...

Page 173: ...start sector 121 of sectors per root 15 max of entries in root 240 FAT handler information allocation group size 2 clusters free space on volume 10 852 352 bytes Boot Menu 3 2 0 1 Select an option If no selection in 10 seconds then operational code will start 1 Start operational code 2 Start Boot Menu Select 1 2 Operational Code Date Mon Jan 4 04 26 56 2010 Uncompressing ...

Page 174: ...set to TUE JUN 28 14 29 04 2005 Value obtained from file system volume descriptor pointer 0x348ef70 The old setting was THU JAN 01 00 00 00 1970 Accepted system dates are greater than THU DEC 27 00 00 00 1990 DskVol Volume is OK total of clusters 15 147 of free clusters 5 299 of bad clusters 0 total free space 10 598 Kb max contiguous free space 8 345 600 bytes of files 30 of folders 1 total bytes...

Page 175: ...rent files in use 0 of descriptors for deleted files 0 of obsolete descriptors 0 current volume configuration volume label NO LABEL in boot sector volume Id 0x1b19 total number of sectors 60 716 bytes per sector 512 of sectors per cluster 4 of reserved sectors 1 FAT entry size FAT16 of sectors per FAT copy 60 of FAT table copies 2 of hidden sectors 4 first cluster is in sector 136 Update last acce...

Page 176: ...666 MHz MEM 266 666664 MHz PCI 66 666666 MHz CPU 533 333328 MHz PCI unit 0 Dev 0xb314 Rev 0x01 Chip BCM56314_A0 Driver BCM56314_A0 SOC unit 0 attached to PCI device BCM56314_A0 Adding BCM transport pointers Configuring CPUTRANS TX Configuring CPUTRANS RX Instantiating download as rawFs device 0x20001 Formatting download for DOSFS Instantiating download as rawFs device 0x20001 Formatting download f...

Page 177: ...isk check in progress RamCP Volume is OK total of clusters 1 975 of free clusters 1 973 of bad clusters 0 total free space 1 010 176 max contiguous free space 1 010 176 bytes of files 0 of folders 0 total bytes in files 0 of lost chains 0 total bytes in lost chains 0 OK Unit 1 Waiting to select management unit Welcome to Dell Easy Setup Wizard The Setup Wizard guides you through the initial switch...

Page 178: ...th normal operation using the default system configuration Note You can exit the setup wizard at any point by entering ctrl z Would you like to run the setup wizard you must answer this question within 60 seconds Y N n Thank you for using Dell Easy Set up Wizard You will now enter CLI mode Applying Global configuration please wait Applying Interface configuration please wait console console consol...

Page 179: ...e menu and may be typed only during the initial boot up sequence When the system boot up is complete typing the escape sequence does not display the menu Reloading all switches Boot code Boot Menu Version 3 2 0 1 Select an option If no selection in 10 seconds then operational code will start 1 Start operational code 2 Start Boot Menu Select 1 2 2 The Boot Utility Menu offers the following options ...

Page 180: ...ory defaults delete config files 11 Activate Backup Image 12 Password Recovery Procedure The boot utility menu provides the following Option to set baud rate of the serial port Boot Menu 2 Select baud rate 1 1200 2 2400 3 4800 4 9600 5 19200 6 38400 7 57600 8 115200 0 no change The previously described setting takes effect immediately Option to retrieve event log using XMODEM ...

Page 181: ...e Send several Control X characters to cancel before transfer starts Option to display Boot Image Information This option can be used to determine which image is active and will be booted when option one is chosen Boot Menu 5 The following image is in the Flash File System File Name image2 CRC 0x dd0a 56586 Target Device 0x0050854 1 Size 0x 91ced4 9555668 Number of Components 3 Operational Code Si...

Page 182: ... Boot Code Size 0x100000 1048576 Boot Code Offset 0x79027c 7930492 Boot Code FLASH flag 0 Boot Code CRC 0x2C8B VPD rel 3 ver 2 maint_lvl 0 build_num 1 Timestamp Mon Jan 4 04 26 56 2010 File Dell Ent esw kinnick pct 8541 V6R CSxw 6IQHSr3v2m0b1 opr Option to Abort boot code update Boot Menu 6 There is no output from this option Option to Update Boot Code Boot Menu 7 ...

Page 183: ...oot Flash Done Wrote 0x10000 bytes Wrote 0x20000 bytes Wrote 0x30000 bytes Wrote 0x40000 bytes Wrote 0x50000 bytes Wrote 0x60000 bytes Wrote 0x70000 bytes Wrote 0x80000 bytes Wrote 0x90000 bytes Wrote 0xa0000 bytes Wrote 0xb0000 bytes Wrote 0xc0000 bytes Wrote 0xd0000 bytes Wrote 0xe0000 bytes Wrote 0xf0000 bytes Wrote 0x100000 bytes Validating Flash Passed Flash update completed ...

Page 184: ...re to reset the system through Boot Menu Boot Menu 9 Are you SURE you want to reset the system y n y Boot code Boot Menu Version 3 2 0 1 Select an option If no selection in 10 seconds then operational code will start 1 Start operational code 2 Start Boot Menu Select 1 2 2 Option to Boot Without Using Startup Configuration and Only Load System Default Selecting 10 from the Boot Menu restores system...

Page 185: ...e Boot Menu 12 Monitoring Traps from CLI It is possible to connect to the CLI session and monitor the events or faults that are being sent as traps from the system This feature is equivalent to the alarm monitoring window in a typical network management system The user enables events or monitor traps from the CLI by entering the command logging console Traps generated by the system are dumped to a...

Page 186: ...186 Using the CLI ...

Page 187: ...d checksum functions for Ethernet packets This section of the document contains the following Layer 2 topics AAA Commands ACL Commands Address Table Commands CDP Interoperability Commands DHCP Layer 2 Relay Commands DHCP Snooping Commands Dynamic ARP Inspection Commands Ethernet Configuration Commands GVRP Commands IGMP Snooping Commands IGMP Snooping Querier Commands IP Addressing Commands IPv6 A...

Page 188: ...mands AAA Commands This chapter explains the following commands aaa authentication dot1x aaa authentication enable aaa authentication login aaa authorization network default radius enable authentication enable password ip http authentication ip https authentication login authentication password Line Configuration password User EXEC show authentication methods show users accounts show users login h...

Page 189: ...obal Configuration mode User Guidelines The additional methods of authentication are used only if the previous method returns an error not if it fails To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line Example The following example uses the aaa authentication dot1x default command with no authentication console config...

Page 190: ...entication methods activated when using access higher privilege levels Range 1 12 characters method1 method2 Specify at least one from the following table Default Configuration The default enable list is enableList It is used by console telnet and SSH and only contains the method none Command Mode Global Configuration mode User Guidelines The default and optional list names created with the aaa au...

Page 191: ...US server is down NOTE Requests sent by the switch to a RADIUS server include the username enabx where x is the requested privilege level For enable to be authenticated on Radius servers add enabx users to them The login user ID is now sent to TACACS servers for enable authentication Example The following example sets authentication when accessing higher privilege levels console config aaa authent...

Page 192: ...fies the list of methods that the authentication algorithm tries in the given sequence The additional methods of authentication are used only if the previous method returns an error not if there is an authentication failure To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line For example if none is specified as an authe...

Page 193: ...horization network default radius default Name of the authorization list radius Name of the authorization method Default Configuration By default the switch does not accept VLAN assignments by the RADIUS server Command Mode Global Configuration mode User Guidelines The RADIUS server can place a port in a particular VLAN based on the result of the authentication VLAN assignment must be configured o...

Page 194: ...Uses the indicated list created with the aaaa authentication enable command Range 1 12 characters Default Configuration Uses the default set with the command aaa authentication enable Command Mode Line Configuration mode User Guidelines This command has no user guidelines Example The following example specifies the default authentication method when accessing a higher privilege level console conso...

Page 195: ...elines This command has no user guidelines Example The following example defines password xxxyyyzzz to control access to user and privilege levels console config enable password xxxyyyzzz ip http authentication Use the ip http authentication command in Global Configuration mode to specify authentication methods for http server users To return to the default use the no form of this command Syntax i...

Page 196: ...r radius no authentication is used if the RADIUS server is down Example The following example configures the http authentication console config ip http authentication radius local ip https authentication Use the ip https authentication command in Global Configuration mode to specify authentication methods for https server users To return to the default configuration use the no form of this command...

Page 197: ...ation method after radius no authentication is used if the RADIUS server is down Example The following example configures https authentication console config ip https authentication radius local login authentication Use the login authentication command in Line Configuration mode to specify the login authentication method list for a line console telnet or SSH To return to the default specified by t...

Page 198: ... command has no user guidelines Example The following example specifies the default authentication method for a console console config line console console config line login authentication default password Line Configuration Use the password command in Line Configuration mode to specify a password on a line To remove the password use the no form of this command Syntax password password encrypted n...

Page 199: ...se the password command in User EXEC mode to allow a user to change the password for only that user This command should be used after the password has aged The user is prompted to enter the old password and the new password Syntax password Default Configuration There is no default configuration for this command Command Mode User EXEC mode User Guidelines This command has no user guidelines Example...

Page 200: ... about the authentication methods Syntax show authentication methods Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the authentication configuration console show authentication methods Login Authentication Method Lists defaultList local Enable Authentication...

Page 201: ...ableList HTTPS local HTTP local DOT1X none show users accounts Use the show users accounts command in Privileged EXEC mode to display information about the local user database Syntax show users accounts long Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines ...

Page 202: ... login history Use the show users login history command in Global Configuration mode to display information about the login history of users Syntax show users login history long name name of user Range 1 20 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example sh...

Page 203: ... the no form of this command Syntax username name password password level level encrypted no username name name The name of the user Range 1 20 characters password The authentication password for the user Range 8 64 characters This value can be 0 zero if the no passwords min length command has been executed level The user level Level 0 can be assigned by a level 15 user to another user to suspend ...

Page 204: ...de User Guidelines This command can be used to unlock a locked user account for an already existing user Example The following example configures user bob with password xxxyyymmmm and user level 15 console config username bob password xxxyyymmmm level 15 ...

Page 205: ...mmands This chapter explains the following commands access list deny permit ip access group no ip access group mac access group mac access list extended mac access list extended rename show ip access lists show mac access list ...

Page 206: ... Access list name up to 31 characters in length deny permit Specifies whether the IP ACL rule permits or denies an action every Allows all protocols eq Equal Refers to the Layer 4 port number being used as match criteria The first reference is source match criteria the second is destination match criteria number Standard protocol number Protocol keywords icmp igmp ip tcp udp srcip Source IP addres...

Page 207: ...s but if a packet does not match any user specified rules the packet is dropped by the implicit deny all rule Examples The following examples create an ACL to discard any HTTP traffic from 192 168 77 171 but allow all other traffic from 192 168 77 171 console config access list alpha deny 192 168 77 171 0 0 0 0 0 0 0 0 255 255 255 255 eq http console config access list alpha permit 192 168 77 171 ...

Page 208: ...tocol data unit ethertypekey Either a keyword or valid four digit hexadecimal number Range Supported values are appletalk arp ibmsna ipv4 ipv6 ipx mplsmcast mplsucast Netbios novell pppoe rarp 0x0600 0xFFFF Specify custom ethertype value hexadecimal range 0x0600 0xFFFF vlan eq VLAN number Range 0 4095 cos Class of service Range 0 7 log Specifies that this rule is to be logged assign queue Specifie...

Page 209: ...ffic from MAC address 0806 c200 0000 console config mac access list extended DELL123 console config mac access list deny 0806 c200 0000 ffff ffff ffff any ip access group no ip access group Use the ip access group or no ip access group command to apply disable an IP based egress ACL on an Ethernet interface or a group of interfaces An IP based ACL should have been created by the access list name c...

Page 210: ...n console config no ip access group aclname in console config ip access group aclname1 out console config if 1 g1 ip access group aclname out 2 console config if 1 g1 no ip access group aclname out mac access group Use the mac access group command in Global Configuration or Interface Configuration mode to attach a specific MAC Access Control List ACL to an interface in a given direction Syntax mac...

Page 211: ...sing that sequence number If the sequence number is not specified for this command a sequence number is selected that is one greater than the highest sequence number currently in use for this interface and direction This command specified in Interface Configuration mode only affects a single interface Example The following example assigns a MAC access group to port 1 g1 with the name DELL123 conso...

Page 212: ...MAC Access List Configuration mode console config mac access list extended LVL7DELL console config mac access list mac access list extended rename Use the mac access list extended rename command in Global Configuration mode to rename the existing MAC Access Control List ACL Syntax mac access list extended rename name newname name Existing name of the access list Range 1 31 characters newname New n...

Page 213: ...y access lists applied on interfaces and all rules that are defined for the access lists Syntax show ip access lists accesslistname accesslistname The name used to identify the ACL The range is 1 31 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example...

Page 214: ... list name name Identifies a specific MAC access list to display Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays a MAC access list and all associated rules console show mac access list DELL123 The command output provides the following information Fields Descr...

Page 215: ...onfigured rules defined for the MAC ACL The implicit deny all rule defined at the end of every MAC ACL is not included Interfaces Displays the list of interfaces unit port to which the MAC ACL is attached in a given direction Fields Description ...

Page 216: ...216 ACL Commands ...

Page 217: ...ering bridge multicast forbidden address bridge multicast forbidden forward unregistered bridge multicast forward all bridge multicast forward unregistered clear bridge port security port security max show bridge address table show bridge address table static show bridge multicast address table show bridge multicast filtering show ports security show ports security addresses ...

Page 218: ...nent no bridge address mac address mac address A valid MAC address in the format xxxx xxxx xxxx interface A valid Ethernet port port channel number A valid port channel number permanent The address can be deleted only by using the no bridge address command Default Configuration No static addresses are defined The default mode for an added address is permanent Command Mode Interface Configuration V...

Page 219: ...0 seconds Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example In this example the bridge aging time is set to 400 console config bridge aging time 400 bridge multicast address Use the bridge multicast address command in Interface Configuration mode to register MAC layer Multicast addresses to the bridge table and to add ports to the group statically T...

Page 220: ...ith a comma and no spaces use a hyphen to designate a range of ports port channel number list Separate nonconsecutive port channels with a comma and no spaces use a hyphen to designate a range of port channels Default Configuration No Multicast addresses are defined Command Mode Interface Configuration VLAN mode User Guidelines If the command is executed without add or remove the command registers...

Page 221: ...idge multicast filtering no bridge multicast filtering Default Configuration Disabled All Multicast addresses are flooded to all ports of the relevant VLAN Command Mode Global Configuration mode User Guidelines If switches exist on the VLAN do not change the unregistered Multicast addresses state to drop on the switch ports If switches exist on the VLAN and IGMP snooping is not enabled use the bri...

Page 222: ... channel number list no bridge multicast forbidden address mac multicast address ip multicast address add Adds ports to the group remove Removes ports from the group mac multicast address MAC Multicast address ip multicast address IP Multicast address interface list Separate nonconsecutive valid Ethernet ports with a comma and no spaces use a hyphen to designate a range of ports port channel numbe...

Page 223: ...orward unregistered command in Interface Configuration mode to forbid Forwarding unregistered multicast addresses Use the no form of this command to return to the default Syntax bridge multicast forbidden forward unregistered no bridge multicast forbidden forward unregistered Default Configuration The default for this command is not forbidden Command Mode Interface configuration VLAN mode User Gui...

Page 224: ...efault Configuration Forward unregistered Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example In this example all VLAN1 Multicast packets are forwarded console config if vlan1 bridge multicast forward all bridge multicast forward unregistered Use the bridge multicast forward unregistered command in Interface Configuration mode to enable the fo...

Page 225: ...nd on the same interface Example The following example displays how to enable forwarding of unregistered multicast addresses console config if vlan1 bridge multicast forward unregistered clear bridge Use the clear bridge command in Privileged EXEC mode to remove any learned entries from the forwarding database Syntax clear bridge Default Configuration This command has no default configuration Comm...

Page 226: ...s the minimal amount of time in seconds between two consecutive traps Range 1 1000000 Default Configuration Disabled No port security Command Mode Interface Configuration Ethernet Port channel mode User Guidelines When port security is enabled on an interface all dynamic entries learned up to that point are flushed and new entries can be learned only to the limit set by the port security max comma...

Page 227: ...arning on the port Range 0 100 Default Configuration The default value for this command is 100 Command Mode Interface Configuration Ethernet Port channel mode User Guidelines This command has no user guidelines Example The following example shows using this command in Ethernet Interface Configuration mode console config if 1 g3 port security max 80 show bridge address table Use the show bridge add...

Page 228: ...xample In this example all classes of entries in the bridge forwarding database are displayed console show bridge address table Aging time is 300 Sec Vlan Mac Address Port Type 1 0000 0001 0000 1 g1 Dynamic 1 0000 8420 5010 1 g1 Dynamic 1 0000 E26D 2C2A 1 g1 Dynamic 1 0000 E89A 596E 1 g1 Dynamic 1 0001 02F1 0B33 1 g1 Dynamic show bridge address table count Use the show bridge address table count c...

Page 229: ...mmand has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the addresses in the Forwarding Database console show bridge address table count Capacity 8192 Used 109 Static addresses 2 Secure addresses 1 Dynamic addresses 97 Internal addresses 9 show bridge address table static Use the show bridge add...

Page 230: ...er Guidelines This command has no user guidelines Example In this example all static entries in the bridge forwarding database are displayed console show bridge address table static Vlan Mac Address Port Type 1 0001 0001 0001 1 g1 Static show bridge multicast address table Use the show bridge multicast address table command in Privileged EXEC mode to display Multicast MAC address table information...

Page 231: ... EXEC mode User Guidelines A MAC address can be displayed in IP format only if it is in the range 01 00 5e 00 00 00 through 01 00 5e 7f ff ff Example In this example Multicast MAC address table information is displayed console show bridge multicast address table Vlan MAC Address Type Ports 1 0100 5E05 0505 Static Forbidden ports for multicast addresses Vlan MAC Address Ports 1 0100 5E05 0505 NOTE ...

Page 232: ...VLAN ID value Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example In this example the Multicast configuration for VLAN 1 is displayed console show bridge multicast filtering 1 Filtering Disabled VLAN 1 Mode Forward Unregistered show ports security Use the show ports security command in Privile...

Page 233: ...nfiguration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example In this example all classes of entries in the port lock status are displayed console show ports security Port Status Action Maximum Trap Fr equency 1 g1 Locked Discard 3 Enable 10 0 1 g2 Unlocked 28 1 g3 Locked Discard Shutdown 8 Disable The following table describes the fields in this example...

Page 234: ...ation This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Examples The following example displays dynamic addresses for port channel number 1 g1 Status The status can be one of the following Locked or Unlocked Actions Action on violations Maximum The maximum addresses that can be associated on this port in Static Learning ...

Page 235: ...Address Table Commands 235 console show ports security addresses ethernet 1 g1 Dynamic addresses 83 Maximum addresses 100 Learned addresses ...

Page 236: ...236 Address Table Commands ...

Page 237: ...teroperability Commands This chapter explains the following commands clear isdp counters clear isdp table isdp advertise v2 isdp enable isdp holdtime isdp timer show isdp show isdp entry show isdp interface show isdp neighbors show isdp traffic ...

Page 238: ...mand Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console clear isdp counters clear isdp table The clear isdp table command clears entries in the ISDP table Syntax clear isdp table Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this...

Page 239: ...uration ISDP sends version 2 packets by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config isdp advertise v2 isdp enable The isdp enable command enables ISDP on the switch User the no form of this command to disable ISDP Use this command in global configuration mode to enable the ISDP function on the switch Use this c...

Page 240: ...1 g1 isdp enable isdp holdtime The isdp holdtime command configures the hold time for ISDP packets that the switch transmits The hold time specifies how long a receiving device should store information sent in the ISDP packet before discarding it The range is given in seconds Use the no form of this command to reset the holdtime to the default Syntax isdp holdtime time no isdp holdtime time The ti...

Page 241: ...ge is given in seconds Use the no form of this command to reset the timer to the default Syntax isdp timer time no isdp timer time The time in seconds range 5 254 seconds Default Configuration The default timer is 30 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example sets the isdp timer value to 40 seconds cons...

Page 242: ... Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show isdp Timer 30 Hold Time 180 Version 2 Advertisements Enabled Neighbors table last time changed 0 days 00 06 01 Device ID QTFMPW82400020 Device ID format capability Serial Number Device ID format Serial Number Switchin...

Page 243: ...try command displays ISDP entries If a device id specified then only the entry about that device is displayed Syntax show isdp entry all deviceid all Show ISDP settings for all devices deviceid The device ID associated with a neighbor Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this comm...

Page 244: ...000 I9K91S M Version 12 2 25 EWA9 RELEASE SOFTWARE fc3 Technical Support http www cisco com techsupport Copyright c 1986 2007 by Cisco Systems Inc Compiled Wed 21 Mar 07 12 20 by tinhuang show isdp interface The show isdp interface command displays ISDP settings for the specified interface Syntax show isdp interface all ethernet interface all Show ISDP settings for all interfaces interface Specifi...

Page 245: ...er guidelines for this command Example console show isdp interface all Interface Mode 1 g1 Enabled 1 g2 Enabled 1 g3 Enabled 1 g4 Enabled 1 g5 Enabled 1 g6 Enabled 1 g7 Enabled 1 g8 Enabled 1 g9 Enabled 1 g10 Enabled 1 g11 Enabled 1 g12 Enabled 1 g13 Enabled 1 g14 Enabled 1 g15 Enabled 1 g16 Enabled ...

Page 246: ...face Mode 1 g1 Enabled show isdp neighbors The show isdp neighbors command displays the list of neighboring devices Syntax show isdp neighbors ethernet interface detail interface Specifies a valid interface The full syntax is unit port detail Show detailed information about the neighbors Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode ...

Page 247: ... Host I IGMP r Repeater Device ID Intf Hold Cap Platform Port ID Switch 1 g1 165 RI cisco WS C4948 GigabitEthernet1 1 console show isdp neighbors detail Device ID Switch Address es IP Address 172 20 1 18 IP Address 172 20 1 18 Capability Router IGMP Platform cisco WS C4948 Interface 1 g1 Port ID GigabitEthernet1 1 Holdtime 162 Advertisement Version 2 Entry last changed time 0 days 00 55 20 Version...

Page 248: ...ang show isdp traffic The show isdp traffic command displays ISDP statistics Syntax show isdp traffic Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show isdp traffic ISDP Packets Received 4253 ISDP Packets Transmitted 127 ISDPv1 Packets Received 0 ISDPv1 Packet...

Page 249: ...CDP Interoperability Commands 249 ISDP Bad Header 0 ISDP Checksum Error 0 ISDP Transmission Failure 0 ISDP Invalid Format 0 ISDP Table Full 392 ISDP Ip Address Table Full 737 ...

Page 250: ...250 CDP Interoperability Commands ...

Page 251: ... Commands This chapter explains the following commands dhcp l2relay Global Configuration Global Configuration dhcp l2relay Interface Configuration Interface Configuration dhcp l2relay circuit id dhcp l2relay remote id dhcp l2relay trust dhcp l2relay vlan ...

Page 252: ... l2relay no dhcp l2relay Default Configuration DHCP L2 Relay is disabled by default Command Mode Global Configuration User Guidelines There are no user guidelines for this command Example console config dhcp l2relay dhcp l2relay Interface Configuration Use the dhcp l2relay command to enable DHCP L2 Relay for an interface Use the no form of this command to disable DHCP L2 Relay for an interface Syn...

Page 253: ...nabled the interface number is added as the Circuit ID in DHCP option 82 Use the no form of this command to disable setting the DHCP Option 82 Circuit ID Syntax dhcp l2relay circuit id vlan vlan range no dhcp l2relay circuit id vlan vlan range vlan range The list of VLAN IDs Default Configuration Setting the DHCP Option 82 Circuit ID is disabled by default Command Mode Global Configuration User Gu...

Page 254: ...ge no dhcp l2relay remote id remoteId vlan vlan range remoteId The string to be used as the remote ID in the Option 82 Range 1 128 characters Default Configuration Setting the DHCP Option 82 Remote ID is disabled by default Command Mode Global Configuration User Guidelines There are no user guidelines for this command Example console config dhcp l2relay remote id dslforum vlan 10 20 30 dhcp l2rela...

Page 255: ...and to enable the L2 DHCP Relay agent for a set of VLANs All DHCP packets which arrive on interfaces in the configured VLAN are subject to L2 Relay processing Use the no form of this command to disable L2 DHCP Relay for a set of VLANs Syntax dhcp l2relay vlan vlan range no dhcp l2relay vlan vlan range vlan range The list of VLAN IDs Default Configuration DHCP L2 Relay is disabled on all VLANs by d...

Page 256: ...256 DHCP Layer 2 Relay Commands Example console config dhcp l2relay vlan 10 340 345 ...

Page 257: ... ip dhcp snooping binding ip dhcp snooping database ip dhcp snooping database write delay ip dhcp snooping limit ip dhcp snooping log invalid ip dhcp snooping trust ip dhcp snooping verify mac address show ip dhcp snooping show ip dhcp snooping binding show ip dhcp snooping database show ip dhcp snooping interfaces show ip dhcp snooping statistics ...

Page 258: ...s command Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command Example console clear ip dhcp snooping statistics ip dhcp snooping Use the ip dhcp snooping command to enable DHCP snooping globally or on a specific VLAN Use the no form of this command to disable DHCP snooping Syntax ip dhcp snooping no ip dhcp snooping Default Configuration DHCP Snooping is disa...

Page 259: ...se the no form of this command to remove a static binding Syntax ip dhcp snooping binding mac address vlan vlan id ip address interface interface no ip dhcp snooping binding mac address mac address The client s MAC address vlan id The number of the VLAN the client is authorized to use ip address The IP address of the client interface The interface on which the client is authorized The form is unit...

Page 260: ... This can be local to the switch or on a remote machine Syntax ip dhcp snooping database local tftp hostIP filename hostIP The IP address of the remote host filename The name of the file for the database on the remote host Default Configuration The database is stored locally by default Configuration Mode Global Configuration mode User Guidelines There are no user guidelines for this command Exampl...

Page 261: ... of this command to reset the write delay to the default Syntax ip dhcp snooping database write delay seconds no ip dhcp snooping database write delay seconds The write delay Range 15 86400 seconds Default Configuration The write delay is 300 seconds by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ip dhcp snoopi...

Page 262: ...rval is 1 second Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Examples console config if 1 g1 ip dhcp snooping limit none console config if 1 g1 ip dhcp snooping limit rate 100 burst interval 1 ip dhcp snooping log invalid Use the ip dhcp snooping log invalid command to enable logging of DHCP messages filtered by the ...

Page 263: ...snooping log invalid console config if 1 g1 no ip dhcp snooping log invalid ip dhcp snooping trust Use the ip dhcp snooping trust command to configure a port as trusted Use the no form of this command to configure a port as untrusted Syntax ip dhcp snooping trust no ip dhcp snooping trust Default Configuration Ports are untrusted by default Command Mode Interface Configuration Ethernet port channe...

Page 264: ...age Use the no form of this command to disable verification of the source MAC address Syntax ip dhcp snooping verify mac address no ip dhcp snooping verify mac address Default Configuration Source MAC address verification is enabled by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ip dhcp snooping verify mac addr...

Page 265: ...rivileged EXEC mode User Guidelines There are no user guidelines for this command Example console show ip dhcp snooping DHCP snooping is Disabled DHCP snooping source MAC verification is enabled DHCP snooping is enabled on the following VLANs 11 30 40 Interface Trusted Log Invalid Pkts 1 g1 Yes No 1 g2 No Yes 1 g3 No Yes 1 g4 No No 1 g6 No No ...

Page 266: ... or dynamic bindings port The interface for which to show bindings Format is unit port vlan id The number of the VLAN for which to show bindings Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show ip dhcp snooping binding Total number of bindings 2 MAC Address I...

Page 267: ...ng database Default Configuration There is no default configuration for this command Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command Example console show ip dhcp snooping database agent url 10 131 13 79 sai1 txt write delay 5000 show ip dhcp snooping interfaces Use the show ip dhcp snooping interfaces command to show the DHCP Snooping status of the interf...

Page 268: ...tion for this command Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command Example console show ip dhcp snooping interfaces Interface Trust State Rate Limit Burst Interval pps seconds 1 g1 No 15 1 1 g2 No 15 1 1 g3 No 15 1 console show ip dhcp snooping interfaces ethernet 1 g15 ...

Page 269: ...ere is no default configuration for this command Command Mode Privileged EXEC User Guidelines The following fields are displayed by this command MAC Verify Failures The number of DHCP messages that were filtered on an untrusted interface because of source MAC address and client MAC address mismatch Client Ifc Mismatch The number of DHCP release and Deny messages received on the different ports tha...

Page 270: ...ce MAC Verify Client Ifc DHCP Server Failures Mismatch Msgs Rec d 1 g2 0 0 0 1 g3 0 0 0 1 g4 0 0 0 1 g5 0 0 0 1 g6 0 0 0 1 g7 0 0 0 1 g8 0 0 0 1 g9 0 0 0 1 g10 0 0 0 1 g11 0 0 0 1 g12 0 0 0 1 g13 0 0 0 1 g14 0 0 0 1 g15 0 0 0 1 g16 0 0 0 1 g17 0 0 0 1 g18 0 0 0 1 g19 0 0 0 1 g20 0 0 0 ...

Page 271: ...ds arp access list clear counters ip arp inspection ip arp inspection filter ip arp inspection limit ip arp inspection trust ip arp inspection validate ip arp inspection vlan permit ip host mac host show arp access list show ip arp inspection ethernet show ip arp inspection statistics show ip arp inspection vlan ...

Page 272: ...L name Range 1 31 characters Default Configuration There are no ARP ACLs created by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config arp access list tier1 clear counters ip arp inspection Use the clear counters ip arp inspection command to reset the statistics for Dynamic ARP Inspection on all VLANs Syntax clear cou...

Page 273: ...If the static keyword is given packets that do not match a permit statement are dropped without consulting the DHCP snooping bindings Use the no form of this command to unconfigure the ARP ACL Syntax ip arp inspection filter acl name vlan vlan range static no ip arp inspection filter acl name vlan vlan range static acl name The name of a valid ARP ACL Range 1 31 characters vlan range A valid VLAN ...

Page 274: ...alue shown in the range for the rate option might be more than the hardware allowable limit The user needs to understand the box performance and configure the maximum rate pps accordingly Syntax ip arp inspection limit none rate pps burst interval seconds no ip arp inspection limit none To set no rate limit pps The number of packets per second Range 0 300 seconds The number of seconds Range 1 15 D...

Page 275: ...s are configured as untrusted by default Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example console config if 1 g3 ip arp inspection trust ip arp inspection validate Use the ip arp inspection validate command to enable additional validation checks like source MAC address validation destination MAC address validation or IP addres...

Page 276: ...ing the IP address of an ARP packet Default Configuration There is no additional validation enabled by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ip arp inspection validate src mac dst mac ip console config ip arp inspection validate src mac ip console config ip arp inspection validate dst mac ip console confi...

Page 277: ...lines for this command Example console config ip arp inspection vlan 200 300 console config ip arp inspection vlan 200 300 logging permit ip host mac host Use the permit ip host mac host command to configure a rule for a valid IP address and MAC address combination used in ARP packet validation Use the no form of this command to delete an ARP ACL rule Syntax permit ip host sender ip max host sende...

Page 278: ...02 03 04 05 show arp access list Use the show arp access list command to display the configured ARP ACLs with the rules Giving an ARP ACL name as the argument would display only the rules in that ARP ACL Syntax show arp access list acl name acl name A valid ARP ACL name Range 1 31 characters Default Configuration There is no default configuration for this command Command Mode Privileged EXEC User ...

Page 279: ...interfaces Giving an interface argument it displays the values for that interface Syntax show ip arp inspection ethernet interface interface Valid Ethernet port The full syntax is unit port Default Configuration There is no default configuration for this command Command Mode Privileged EXEC User Guidelines The following fields are displayed for each interface Interface The interface id for each di...

Page 280: ...command to display the statistics of the ARP packets processed by Dynamic ARP Inspection Given vlan range argument it displays the statistics on all DAI enabled Vlans in that range In the case of no argument it lists the summary of the forwarded and dropped ARP packets Syntax show ip arp inspection statistics vlan vlan range vlan range A valid VLAN range Default Configuration There is no default c...

Page 281: ... number of invalid ARP packets dropped in this Vlan DHCP Drops The number of packets dropped due to DHCP Snooping binding database match failure ACL Drops The number of packets dropped due to ARP ACL rule match failure DHCP Permits The number of packets permitted due to DHCP snooping binding database match ACL Permits The number of packets permitted due to ARP ACL rule match Bad Src MAC The number...

Page 282: ...also displays the global configuration values for source MAC validation destination MAC validation and invalid IP validation Syntax show ip arp inspection vlan vlan range vlan range A valid VLAN range Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines The following global parameters are displayed Source Mac Validation If Sourc...

Page 283: ...ion Log Invalid ACL Name Static flag 10 Enabled Enabled H2 Enabled 11 Disabled Enabled 12 Enabled Disabled IP Address Validation If IP address validation of ARP frame is enabled Vlan The Vlan Id for each displayed row Configuratio n Whether DAI is enabled on the Vlan Log Invalid Whether logging of invalid ARP packets is enabled on the Vlan ACL Name ARP ACL Name if configured on the Vlan Static fla...

Page 284: ...284 Dynamic ARP Inspection Commands ...

Page 285: ...owcontrol interface ethernet interface range ethernet mtu negotiation show interfaces advertise show interfaces configuration show interfaces counters show interfaces description show interfaces detail show interfaces status show statistics ethernet show storm control shutdown speed storm control broadcast storm control multicast storm control unicast ...

Page 286: ...n This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example In the following example the counters for port 1 g1 are cleared console clear counters ethernet 1 g1 description Use the description command in Interface Configuration mode to add a description to an interface To remove the description use the no form of this co...

Page 287: ...e config interface ethernet 1 g5 console config if 1 g5 description RD_SW 3 duplex Use the duplex command in Interface Configuration mode to configure the full half duplex operation of a given Ethernet interface when not using auto negotiation To restore the default use the no form of this command Syntax duplex half full no duplex half Force half duplex operation full Force full duplex operation D...

Page 288: ...nsole config if 1 g5 duplex full flowcontrol Use the flowcontrol command in Global Configuration mode to configure the flow control To disable flow control use the no form of this command Syntax flowcontrol no flowcontrol Default Configuration Flow Control is disabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example In the following example flow co...

Page 289: ...command has no user guidelines Example The following example enables port 5 g18 for configuration console config interface ethernet 5 g18 interface range ethernet Use the interface range ethernet command in Global Configuration mode to execute a command on multiple ports at the same time Syntax interface range ethernet port range all port range List of valid ports to configure Separate non consecu...

Page 290: ...ctive interfaces Example The following example shows how ports 5 g18 to 5 g20 and ports 3 g1 to g24 are grouped to receive the same command console config interface range ethernet 5 g18 5 g20 3 g1 3 g24 console config if mtu Use the mtu command in Interface Configuration mode to enable jumbo frames on an interface by adjusting the maximum size of a packet To return to the default setting use the n...

Page 291: ...eters of a given interface To disable negotiation use the no form of this command Syntax negotiation capability1 capability2 capability5 no negotiation capabilities Specifies capabilities to advertise Possible values 10h 10f 100h 100f and 1000f Default Configuration If unspecified defaults to list of all capabilities of the port Command Mode Interface Configuration Ethernet mode User Guidelines En...

Page 292: ...splay information about auto negotiation advertisement Syntax show interfaces advertise ethernet interface interface A valid Ethernet port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following examples display information about auto negotiation advertisement console show interfaces...

Page 293: ... show interfaces configuration Use the show interfaces configuration command in User EXEC mode to display the configuration for all configured interfaces Syntax show interfaces configuration ethernet interface port channel port channel number interface Valid Ethernet port port channel number Valid port channel index Default Configuration This command has no default configuration Command Mode User ...

Page 294: ...Level Full 100 Auto Up 1 g2 Gigabit Level N A Unknown Auto Up 1 g3 Gigabit Level N A Unknown Auto Up 1 g4 Gigabit Level N A Unknown Auto Up 1 g5 Gigabit Level N A Unknown Auto Up 1 g6 Gigabit Level N A Unknown Auto Up 1 g7 Gigabit Level N A Unknown Auto Up 1 g8 Gigabit Level N A Unknown Auto Up 1 g9 Gigabit Level N A Unknown Auto Up 1 g10 Gigabit Level N A Unknown Auto Up 1 g11 Gigabit Level N A U...

Page 295: ... uit The displayed port configuration information includes the following show interfaces counters Use the show interfaces counters command in User EXEC mode to display traffic seen by the interface Field Description Port The port number Port Type The port designated IEEE shorthand identifier For example 1000Base T refers to 1000 Mbps baseband signaling including both Tx and Rx transmissions Duplex...

Page 296: ...annel index Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays traffic seen by the physical interface console show interfaces counters Port InOctets InUcastPkts 1 g1 183892 1289 3 g1 123899 1788 Port OutOctets OutUcastPkts 1 g1 9188 9 2 g1 0 0 3 g1 8789 27 ...

Page 297: ... for Ethernet port 1 g1 console show interfaces counters ethernet 1 g1 Port InOctets InUcastPkts 1 g1 183892 1289 Port OutOctets OutUcastPkts 1 g1 9188 9 Alignment Errors 17 FCS Errors 8 Single Collision Frames 0 Multiple Collision Frames 0 Deferred Transmissions 0 Late Collisions 0 Excessive Collisions 0 Oversize Packets 0 Internal MAC Rx Errors 0 ...

Page 298: ...gth and do not pass the FCS check FCS Errors Counted frames received that are an integral number of octets in length but do not pass the FCS check Single Collision Frames Counted frames that are involved in a single collision and are subsequently transmitted successfully Multiple Collision Frames A count of frames that are involved in a multiple collision and are subsequently transmitted successfu...

Page 299: ...ult configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays the description for the interface 1 g1 console show interfaces description Port Description Internal MAC Rx Errors A count of frames for which reception fails due to an internal MAC sublayer receive error Received Pause Frames A count of MAC Control frames receiv...

Page 300: ... all the port commands into a single command Syntax show interfaces detail ethernet interface port channel port channel port channel number interface A valid Ethernet port port channel number A valid port channel trunkindex Default Configuration There is no default configuration for this command Command Mode User EXEC mode User Guidelines The command will be show interfaces detail ethernet interfa...

Page 301: ...ace port channel port channel number show interfaces status ethernet interface port channel port channel number show interfaces switchport ethernet interface port channel port channel number show spanning tree ethernet interface number port channel port channel number instance instance id Example console show interfaces detail Ethernet 1 xg1 Port Type Duplex Speed Neg Admin Link State State 1 xg1 ...

Page 302: ...d Protected Enabled Port 1 xg1 is member in VLAN Name Egress rule Type 1 default untagged System 8 VLAN008 tagged Dynamic 11 VLAN0011 tagged Static 19 IPv6 VLAN untagged Static 72 VLAN0072 untagged Static Static configuration PVID 1 default Ingress Filtering Enabled Acceptable Frame Type All Port 1 xg1 is statically configured to VLAN Name Egress rule 1 default untagged ...

Page 303: ...cost 20000 Port Fast No configured no Designated bridge Priority 32768 Address 00 01 42 97 e0 00 Designated port id 128 25 Designated path cost 0 BPDU sent 2 received 120638 show interfaces status Use the show interfaces status command in User EXEC mode to display the status for all configured interfaces Syntax show interfaces status ethernet interface port channel port channel number interface A ...

Page 304: ...d interfaces console show interfaces status Port Type Duplex Speed Neg Link Flow Control State Status 1 g1 Gigabit Level N A Unknown Auto Down Inactive 1 g2 Gigabit Level N A Unknown Auto Down Inactive 1 g3 Gigabit Level N A Unknown Auto Down Inactive 1 g4 Gigabit Level N A Unknown Auto Down Inactive 1 g5 Gigabit Level N A Unknown Auto Down Inactive 1 g6 Gigabit Level N A Unknown Auto Down Inactiv...

Page 305: ...gabit Level N A Unknown Auto Down Inactive 1 g17 Gigabit Level N A Unknown Auto Down Inactive 1 g18 Gigabit Level N A Unknown Auto Down Inactive 1 g19 Gigabit Level N A Unknown Auto Down Inactive More or q uit 1 g20 Gigabit Level N A Unknown Auto Down Inactive 1 g21 Gigabit Level N A Unknown Auto Down Inactive 1 g22 Gigabit Level N A Unknown Auto Down Inactive 1 g23 Gigabit Level Full 1000 Auto Up...

Page 306: ...k Aggregate Down ch9 Link Aggregate Down More or q uit ch10 Link Aggregate Down ch11 Link Aggregate Down ch12 Link Aggregate Down ch13 Link Aggregate Down ch14 Link Aggregate Down ch15 Link Aggregate Down ch16 Link Aggregate Down ch17 Link Aggregate Down ch18 Link Aggregate Down ch19 Link Aggregate Down ch20 Link Aggregate Down ch21 Link Aggregate Down ch22 Link Aggregate Down ch23 Link Aggregate ...

Page 307: ...egate Down ch36 Link Aggregate Down ch37 Link Aggregate Down ch38 Link Aggregate Down ch39 Link Aggregate Down ch40 Link Aggregate Down ch41 Link Aggregate Down ch42 Link Aggregate Down ch43 Link Aggregate Down ch44 Link Aggregate Down ch45 Link Aggregate Down ch46 Link Aggregate Down ch47 Link Aggregate Down ch48 Link Aggregate Down Flow Control Disabled console The displayed port status informat...

Page 308: ...ber Values are 1 24 or 1 48 for port_type g and 1 4 for port_type xg Example xg2 is the 10 gigabit Ethernet port 2 switchport Displays statistics for the entire switch Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Type The port designated IEEE shorthand identifier For example 1000Base T refers t...

Page 309: ...d 1522 Octets 0 Packets RX and TX 64 Octets 94516 Packets RX and TX 65 127 Octets 483312 Packets RX and TX 128 255 Octets 101329 Packets RX and TX 256 511 Octets 163696 Packets RX and TX 512 1023 Octets 4982 Packets RX and TX 1024 1518 Octets 479845 Packets RX and TX 1519 1522 Octets 0 Packets RX and TX 1523 2047 Octets 0 Packets RX and TX 2048 4095 Octets 0 Packets RX and TX 4096 9216 Octets 0 To...

Page 310: ...0 Total Packets Transmitted Octets 3604988 Packets Transmitted 64 Octets 45566 Packets Transmitted 65 127 Octets 886 Packets Transmitted 128 255 Octets 245 More or q uit Packets Transmitted 256 511 Octets 25 Packets Transmitted 512 1023 Octets 158 Packets Transmitted 1024 1518 Octets 302 Max Frame Size 1518 Total Packets Transmitted Successfully 47182 Unicast Packets Transmitted 2746 Multicast Pac...

Page 311: ...ed 0 EAPOL Frames Transmitted 0 EAPOL Start Frames Received 0 Time Since Counters Last Cleared 1 day 0 hr 41 min 44 sec console show statistics ethernet switchport Total Packets Received Octets 16877295 Unicast Packets Received 1608 Multicast Packets Received 48339 Broadcast Packets Received 69535 Receive Packets Discarded 0 Octets Transmitted 6451988 Packets Transmitted Without Errors 91652 Unica...

Page 312: ... console show storm control Use the show storm control command in Privileged EXEC mode to display the configuration of storm control Syntax show storm control all interface interface Valid Ethernet port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Examples The following example shows storm cont...

Page 313: ...5 console show storm control 802 3x Flow Control Mode Disable shutdown Use the shutdown command in Interface Configuration mode to disable an interface To restart a disabled interface use the no form of this command Syntax shutdown no shutdown Default Configuration The interface is enabled Command Mode Interface Configuration Ethernet Port Channel Tunnel Loopback mode User Guidelines This command ...

Page 314: ...hen not using auto negotiation To restore the default use the no form of this command Syntax speed 10 100 no speed 10 Configures the port to 10 Mbps operation 100 Configures the port to 100 Mbps operation Default Configuration This command has no default setting Command Mode Interface Configuration Ethernet mode User Guidelines This command has no user guidelines Example The following example conf...

Page 315: ...e configured rate as a percentage of link speed rate The configured rate in kilobits per second kbps Range 0 100 Default Configuration The default value is 5 Command Mode Interface Configuration Ethernet mode User Guidelines This command has no user guidelines Example console config if 1 g1 storm control broadcast level 5 storm control multicast Use the storm control multicast command in Interface...

Page 316: ... has no user guidelines Example console config if 1 g1 storm control multicast level 5 storm control unicast Use the storm control unicast command in Interface Configuration mode to enable unknown unicast storm control for an interface If the mode is enabled unicast storm recovery is active and if the rate of unknown L2 unicast destination lookup failure traffic ingressing on an interface increase...

Page 317: ...figured rate as a percentage of link speed rate The configured rate in kilobits per second kbps Range 0 100 Default Configuration The default value is 5 Command Mode Interface Configuration Ethernet mode User Guidelines This command has no user guidelines Example console config if 1 g1 storm control unicast level 5 ...

Page 318: ...318 Ethernet Configuration Commands ...

Page 319: ...is chapter explains the following commands clear gvrp statistics garp timer gvrp enable global gvrp enable interface gvrp registration forbid gvrp vlan creation forbid show gvrp configuration show gvrp error statistics show gvrp statistics ...

Page 320: ...iguration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example clears all the GVRP statistics information on port 1 g8 console clear gvrp statistics ethernet 1 g8 garp timer Use the garp timer command in Interface Configuration mode to adjust the GARP application join leave and leaveall GARP timer values To reset the timer to default v...

Page 321: ...entiseconds Command Mode Interface Configuration Ethernet Port Channel mode User Guidelines The following relationships for the various timer values must be maintained Leave time must be greater than or equal to three times the join time Leaveall time must be greater than the leave time Set the same GARP timer values on all Layer 2 connected devices If the GARP timers are set differently on Layer ...

Page 322: ...obally disabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example globally enables GVRP on the device console config gvrp enable gvrp enable interface Use the gvrp enable command in Interface Configuration mode to enable GVRP on an interface To disable GVRP on an interface use the no form of this command Syntax gvrp enable no g...

Page 323: ...ample enables GVRP on ethernet 1 g8 console config interface ethernet 1 g8 console config if 1 g8 gvrp enable gvrp registration forbid Use the gvrp registration forbid command in Interface Configuration mode to deregister all VLANs on a port and prevent any dynamic registration on the port To allow dynamic registering for VLANs on a port use the no form of this command Syntax gvrp registration for...

Page 324: ... command in Interface Configuration mode to disable dynamic VLAN creation To disable dynamic VLAN creation use the no form of this command Syntax gvrp vlan creation forbid no gvrp vlan creation forbid Default Configuration By default dynamic VLAN creation is enabled Command Mode Interface Configuration Ethernet Port Channel mode User Guidelines This command has no user guidelines Example The follo...

Page 325: ...ber interface A valid Ethernet interface port channel number A valid port channel index Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example shows how to display GVRP configuration information console show gvrp configuration Global GVRP Mode Disabled Join Leave LeaveAll Po...

Page 326: ...abled 1 g12 20 60 1000 Disabled 1 g13 20 60 1000 Disabled 1 g14 20 60 1000 Disabled show gvrp error statistics Use the show gvrp error statistics command in User EXEC mode to display GVRP error statistics Syntax show gvrp error statistics ethernet interface port channel port channel number interface A valid Ethernet interface port channel number A valid port channel index Default Configuration Thi...

Page 327: ...s information console show gvrp error statistics GVRP error statistics Legend INVPROT Invalid Protocol Id INVATYP Invalid Attribute Type INVALEN Invalid Attribute Length INVAVAL Invalid Attribute Value INVEVENT Invalid Event Port INVPROT INVATYP INVAVAL INVALEN INV EVENT 1 g1 0 0 0 0 0 1 g2 0 0 0 0 0 1 g3 0 0 0 0 0 1 g4 0 0 0 0 0 ...

Page 328: ...channel number A valid port channel index Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example This example shows output of the show gvrp statistics command console show gvrp statistics GVRP statistics Legend rJE Join Empty Received rJIn Join In Received rEmp Empty Received rLIn Leave In Received rLE...

Page 329: ... sLA Leave All Sent Port rJE rJIn rEmp rLIn rLE rLA sJE sJIn sEmp s LIn sLE sLA 1 g1 0 0 0 0 0 0 0 0 0 0 0 0 1 g2 0 0 0 0 0 0 0 0 0 0 0 0 1 g3 0 0 0 0 0 0 0 0 0 0 0 0 1 g4 0 0 0 0 0 0 0 0 0 0 0 0 1 g5 0 0 0 0 0 0 0 0 0 0 0 0 1 g6 0 0 0 0 0 0 0 0 0 0 0 0 1 g7 0 0 0 0 0 0 0 0 0 0 0 0 1 g8 0 0 0 0 0 0 0 0 0 0 0 0 ...

Page 330: ...330 GVRP Commands ...

Page 331: ...face ip igmp snooping host time out ip igmp snooping leave time out ip igmp snooping mrouter time out show ip igmp snooping groups show ip igmp snooping interface show ip igmp snooping mrouter ip igmp snooping VLAN ip igmp snooping fast leave ip igmp snooping groupmembership interval ip igmp snooping maxresponse ip igmp snooping mcrtrexpiretime ...

Page 332: ...mand Mode Global Configuration mode User Guidelines IGMP snooping is enabled on static VLANs only and is not enabled on Private VLANs or their community VLANs Example The following example enables IGMP snooping console config ip igmp snooping ip igmp snooping interface Use the ip igmp snooping command in Interface Configuration mode to enable Internet Group Management Protocol IGMP snooping on a s...

Page 333: ...ut command in Interface Configuration mode to configure the host time out If an IGMP report for a Multicast group is not received for a host time out period from a specific port this port is deleted from the member list of that Multicast group To reset to the default host time out use the no form of this command Syntax ip igmp snooping host time out time out no ip igmp snooping host time out time ...

Page 334: ...ved from a specific port the current port is deleted from the member list of that Multicast group To configure the default leave time out use the no form of this command Syntax ip igmp snooping leave time out time out immediate leave no ip igmp snooping leave time out time out Specifies the leave time out in seconds Range 1 3174 immediate leave Specifies that the port should be removed immediately...

Page 335: ...for setting the aging out time after Multicast router ports are automatically learned To reset to the default mrouter time out use the no form of this command Syntax ip igmp snooping mrouter time out time out no ip igmp snooping mrouter time out time out mrouter timeout in seconds for IGMP Range 1 3600 Default Configuration The default value is 300 seconds Command Mode Interface Configuration Ethe...

Page 336: ...ifies an IP Multicast address Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines To see the full Multicast address table including static addresses use the show bridge address table command Example The example shows Multicast groups learned by IGMP snooping for all VLANs console show ip igmp snooping groups Vlan IP Address Ports 1 224 239 13...

Page 337: ...nnel number interface Valid Ethernet port The full syntax is unit port port channel number Valid port channel index Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The example displays IGMP snooping information console show ip igmp snooping interface 1 g1 Slot Port 1 g1 IGMP Snooping Admin...

Page 338: ...d has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example shows IGMP snooping mrouter information console show igmp snooping mrouter Port 1 g1 ip igmp snooping VLAN Use the ip igmp snooping command in VLAN Configuration mode to enable IGMP snooping on a particular interface or on all interfaces participating i...

Page 339: ...e message for that multicast group without first sending out MAC based general queries to the interface The no form of this command disables IGMP Snooping fast leave mode on a VLAN You should enable fast leave admin mode only on VLANs where only one host is connected to each layer 2 LAN port This setting prevents the inadvertent dropping of the other hosts that were connected to the same layer 2 L...

Page 340: ...its for a report from a particular group on a particular interface before deleting the interface from the entry This value must be greater than the IGMPv3 Maximum Response time value The range is 2 to 3600 seconds The no form of this command sets the IGMPv3 Group Membership Interval time to the default value Syntax ip igmp snooping groupmembership interval vlan id seconds no ip igmp snooping group...

Page 341: ... not receive a report for a particular group in that interface This value must be less than the IGMP Query Interval time value The range is 1 to 3174 seconds The no form of this command sets the maximum response time on the VLAN to the default value Syntax ip igmp snooping maxresponse vlan id seconds no ip igmp snooping maxresponse vlan id vlan id Number assigned to the VLAN seconds IGMP Maximum r...

Page 342: ...om the list of interfaces with multicast routers attached The range is 1 2147483647 seconds A value of 0 indicates an infinite time out no expiration The no form of this command sets the Multicast Router Present Expiration time to 0 The time is set for a particular VLAN Syntax ip igmp snooping mcrtexpiretime vlan id seconds no ip igmp mcrtexpiretime vlan id vlan id Number assigned to the VLAN seco...

Page 343: ...IGMP Snooping Commands 343 Example The following example sets the multicast router present expiration time on VLAN 2 to 60 seconds console config vlan ip igmp mcrtexpiretime 2 60 ...

Page 344: ...344 IGMP Snooping Commands ...

Page 345: ...Commands This chapter explains the following commands ip igmp snooping querier ip igmp snooping querier election participate ip igmp snooping querier query interval ip igmp snooping querier timer expiry ip igmp snooping querier version show igmp snooping querier ...

Page 346: ...ality is re enabled if IGMP Snooping is operational on the VLAN The IGMP Snooping Querier application sends periodic general queries on the VLAN to solicit membership reports Syntax ip igmp snooping querier vlan id address ipv4_address no igmp snooping querier vlan id address vlan id A valid VLAN number ipv4_address An IPv4 address used for the source address Default Configuration IGMP snooping qu...

Page 347: ...he VLAN When this mode is enabled if the Snooping Querier finds that the other Querier source address is more than the Snooping Querier address it stops sending periodic queries If the Snooping Querier wins the election then it continues sending periodic queries The no form of this command sets the snooping querier not to participate in the querier election but to go into a non querier mode as soo...

Page 348: ...no form of this command sets the IGMP Querier Query Interval time to its default value Syntax ip igmp snooping querier query interval seconds no ip igmp snooping querier query interval seconds Amount of time in seconds that the switch waits before sending another general query Range 1 1800 Default Configuration The query interval default is 60 seconds Command Mode Global Configuration mode User Gu...

Page 349: ... seconds The time in seconds that the switch remains in Non Querier mode after it has discovered that there is a multicast querier in the network The range is 60 300 seconds Default Configuration The query interval default is 60 seconds Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example sets the querier timer expiry time to 100 ...

Page 350: ...Snooping Querier information Configured information is displayed whether or not IGMP Snooping Querier is enabled When the optional argument vlan_id is not used the command shows the following information Admin Mode Indicates whether or not IGMP Snooping Querier is active on the switch Admin Version Indicates the version of IGMP that will be used while sending out the queries Source IP Address Show...

Page 351: ... the network If the Snooping Switch is in Querier state then it is equal to the configured value Querier Election Participate Indicates whether the IGMP Snooping Querier participates in querier election if it discovers the presence of a querier in the VLAN Last Querier Address Indicates the IP address of the most recent Querier from which a Query was received Last Querier Version Indicates the IGM...

Page 352: ...delines Example The following example shows querier information for VLAN 2 console show ip igmp snooping querier vlan 2 Vlan 2 IGMP Snooping querier status IGMP Snooping Querier Vlan Mode Disable Querier Election Participate Mode Disable Querier Vlan Address 0 0 0 0 Operational State Disabled Operational version 2 ...

Page 353: ...ains the following commands clear host ip address ip address dhcp ip address vlan ip default gateway ip domain lookup ip domain name ip host ip name server ipv6 address ipv6 enable ipv6 gateway show arp switch show hosts show ip helper address show ip interface management ...

Page 354: ...ache Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example deletes all entries from the host name to address cache console clear host ip address Use the ip address command in Global Configuration mode to set an IP address To remove an IP address use the no form of this comm...

Page 355: ...les The following examples configure the IP address 131 108 1 27 and subnet mask 255 255 255 0 and the same IP address with prefix length of 24 bits console config ip address 131 108 1 27 255 255 255 0 console config ip address 131 108 1 27 24 ip address dhcp Use the ip address dhcp command in Global Configuration mode to acquire an IP address for management interface from the Dynamic Host Configu...

Page 356: ...The following example acquires an IP address for the switch management interface from DHCP console config ip address dhcp ip address vlan Use the ip address vlan command in Global Configuration mode to set the management VLAN Syntax ip address vlan vlanid no ip address vlan vlanid vlan identification Range 1 4093 Default Configuration The default configuration value is 1 Command Mode Global Config...

Page 357: ...default gateway is defined Command Mode Global Configuration mode User Guidelines A static IP address must be configured using the ip address command before setting the default gateway The default gateway should reside on the subnet defined by the ip address command NOTE For management traffic forwarding decisions a default route configured on the switch CLI Web SNMP or learned via routing protoco...

Page 358: ... DNS is enabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enables the IP Domain Naming System DNS based host name to address translation console config ip domain lookup ip domain name Use the ip domain name command in Global Configuration mode to define a default domain name used to complete unqualified host names To de...

Page 359: ...Guidelines This command has no user guidelines Example The following example defines a default domain name of dell com console config ip domain name dell com ip host Use the ip host command in Global Configuration mode to define static host name to address mapping in the host cache To delete the name to address mapping use the no form of this command Syntax ip host name address no ip host name nam...

Page 360: ... a name server use the no form of this command Syntax ip name server server address1 server address2 server address8 no ip name server server address1 server address8 server address Valid IPv4 or IPv6 addresses of the name server Range 1 255 characters Default Configuration No name server IP addresses are specified Command Mode Global Configuration mode User Guidelines Server preference is determi...

Page 361: ...der contiguous bits of the address make up the prefix eui64 The optional eui 64 field designates that IPv6 processing on the interfaces is enabled using an EUI 64 interface ID in the low order 64 bits of the address If this option is used the value of prefix_length must be 64 bits autoconfig Use this keyword to set the IPv6 address auto configuration mode dhcp Use this keyword to obtain an IPv6 ad...

Page 362: ... address autoconfig console config no ipv6 address 2003 6 64 console config no ipv6 address 2001 64 eui64 console config no ipv6 address ipv6 enable Use the ipv6 enable command to enable IPv6 on the management interface Use the no form of this command to disable IPv6 on the management interface Syntax ipv6 enable no ipv6 enable Default Configuration IPv6 is enabled on the management interface by d...

Page 363: ...t interface Use the no form of this command to reset the gateway to the default Syntax ipv6 gateway gateway address no ipv6 gateway gateway address The gateway address in IPv6 global or link local address format Default Configuration There is no IPv6 gateway configured by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console co...

Page 364: ...erface It is logically separate from the ARP table used by the routing interfaces See the show arp command for details on how to view ARP entries for the routing interfaces Example The following example displays ARP table information console show arp switch MAC Address IP Address Interface 0016 9CE1 D800 10 27 6 1 1 g37 show hosts Use the show hosts command in User EXEC mode to display the default...

Page 365: ...ts Host name Default domain gm com sales gm com usa sales gm com Name address lookup is enabled Name servers Preference order 176 16 1 18 176 16 1 19 Configured host name to address mapping Host Addresses accounting gm com 176 16 8 8 Cache TTL Hours Host Total Elapsed Type Ad dresses www stanford edu 72 3 IP 17 1 64 14 203 show ip helper address Use the show ip helper address command in Privileged...

Page 366: ...ommand has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console show ip helper address IP helper is enabled Interface UDP Port Discard Hit Count Server Address vlan 25 domain No 0 192 168 40 2 vlan 25 dhcp No 0 192 168 40 2 vlan 30 dhcp Yes 0 vlan 30 162 No 0 192 168 23 1 Any dhcp No 0 192 168 40 1 ...

Page 367: ...Guidelines There are no user guidelines for this command Example The following example displays the management interface configuration console show ip interface management IP Address 10 27 21 52 Subnet Mask 255 255 255 0 Default Gateway 10 27 21 1 IPv6 Administrative Mode Enabled IPv6 Prefix is FE80 2FF F2FF FEA3 7777 64 IPv6 Gateway none Burned In MAC Address 00 FF F2 A3 77 77 Configured IPv4 Pro...

Page 368: ...368 IP Addressing Commands ...

Page 369: ...IPv6 Access List Commands 369 15 IPv6 Access List Commands This chapter explains the following commands deny permit ipv6 access list ipv6 access list rename ipv6 traffic filter show ipv6 access lists ...

Page 370: ... queue for handling traffic that matches this rule The assign queue parameter is valid only for a permit rule Syntax permit deny every icmp igmp ipv6 tcp udp number any source ipv6 prefix prefix length eq portkey portvalue any destination ipv6 prefix prefix length eq portkey portvalue flow label value dscp dscp log assign queue queue id mirror redirect interface deny permit Specifies whether the I...

Page 371: ...this rule to be copied to the specified interface redirect interface This parameter allows the traffic matching this rule to be forwarded to the specified interface Default Configuration This command has no default configuration Command Mode Ipv6 Access List Configuration mode User Guidelines Users are permitted to add rules but if a packet does not match any user specified rules the packet is dro...

Page 372: ... IPv6 access list If an IPv6 ACL with this name already exists this command enters Ipv6 Access List config mode to update the existing IPv6 ACL Use the no form of the command to delete an IPv6 ACL from the system Syntax ipv6 access list name no ipv6 access list name name Alphanumeric string of 1 to 31 characters uniquely identifying the IPv6 access list Default Configuration There is no default co...

Page 373: ...n existing IPv6 ACL newname alphanumeric string from 1 to 31 characters uniquely identifying the IPv6 access list Default Configuration There is no default configuration for this command Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console Config ipv6 access list rename DELL_IP6 DELL_IP6_NEW_NAME ipv6 traffic filter The ipv6 traffic f...

Page 374: ...and to remove an IPv6 ACL from the interface s in a given direction Syntax ipv6 traffic filter name direction sequence seq num no ipv6 traffic filter name direction name Alphanumeric string of 1 to 31 characters uniquely identifying the IPv6 access list direction Direction of the ACL Range in or out sequence seq num Order of access list relative to other access lists already assigned to this inter...

Page 375: ... Syntax show ipv6 access lists name Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays configuration information for the IPv6 ACLs console show ipv6 access lists Current number of all ACLs 1 Maximum number of all ACLs 100 IPv6 ACL Name Rules D...

Page 376: ...Number The ordered rule number identifier defined within the IPv6 ACL Action Displays the action associated with each rule The possible values are Permit or Deny Match All Indicates whether this access list applies to every packet Possible values are True or False Protocol This displays the protocol to filter for this rule Source IP Address This displays the source IP address for this rule Source ...

Page 377: ...el This field indicates the value specified for IPv6 Flow Label Log Displays when you enable logging for the rule Assign Queue Displays the queue identifier to which packets matching this rule are assigned Mirror Interface Displays the interface to which packets matching this rule are copied Redirect Interface Displays the interface to which packets matching this rule are forwarded ...

Page 378: ...378 IPv6 Access List Commands ...

Page 379: ...er explains the following commands ipv6 mld snooping querier ipv6 mld snooping querier VLAN mode ipv6 mld snooping querier address ipv6 mld snooping querier election participate ipv6 mld snooping querier query interval ipv6 mld snooping querier timer expiry show ipv6 mld snooping querier ...

Page 380: ...mmand Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ipv6 mld snooping querier ipv6 mld snooping querier VLAN mode Use the ipv6 mld snooping querier command in VLAN mode to enable MLD Snooping Querier on a VLAN Use the no form of this command to disable MLD Snooping Querier on a VLAN Syntax ipv6 mld snooping querier vlan id no ip...

Page 381: ...t the global MLD Snooping Querier address to the default Syntax ipv6 mld snooping querier address prefix prefix length no ipv6 mld snooping querier address prefix The bits of the address to be configured prefix length Designates how many of the high order contiguous bits of the address make up the prefix Default Configuration There is no global MLD Snooping Querier address configured by default Co...

Page 382: ...m of this command to disable election participation on a VLAN Syntax ipv6 mld snooping querier election participate vlan id no ipv6 mld snooping querier election participate vlan id vlan id A valid VLAN ID Range 1 4093 Default Configuration Election participation is disabled by default Command Mode VLAN Database mode User Guidelines There are no user guidelines for this command Example console con...

Page 383: ...6 mld snooping querier 120 ipv6 mld snooping querier timer expiry Use the ipv6 mld snooping querier timer expiry command to set the MLD Querier timer expiration period It is the time period that the switch remains in Non Querier mode once it has discovered that there is a Multicast Querier in the network Use the no form of this command to reset the timer expiration period to the default Syntax ipv...

Page 384: ...er command to display MLD Snooping Querier information Configured information is displayed whether or not MLD Snooping Querier is enabled Syntax show ipv6 mld snooping querier detail vlan vlan id vlan id A valid VLAN ID Range 1 4093 Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines When the optional argument vlan vlan id is n...

Page 385: ...rier operational state before moving to a Querier state MLD Snooping Querier VLAN Mode Indicates whether MLD Snooping Querier is active on the VLAN Querier Election Participate Mode Indicates whether the MLD Snooping Querier participates in querier election if it discovers the presence of a querier in the VLAN Querier VLAN Address Shows the IP Address which will be used in the IPv6 header while se...

Page 386: ...386 IPv6 MLD Snooping Querier Commands MLD Version Indicates the version of MLD ...

Page 387: ...LACP Commands 387 17 LACP Commands This chapter explains the following commands lacp port priority lacp system priority lacp timeout show lacp ethernet show lacp port channel ...

Page 388: ...fault port priority value is 1 Command Mode Interface Configuration Ethernet mode User Guidelines This command has no user guidelines Example The following example configures the priority value for port 1 g8 to 247 console config interface ethernet 1 g8 console config if 1 g8 lacp port priority 247 lacp system priority Use the lacp system priority command in Global Configuration mode to configure ...

Page 389: ...o 120 console config lacp system priority 120 lacp timeout Use the lacp timeout command in Interface Configuration mode to assign an administrative LACP timeout To reset the default administrative LACP timeout use the no form of this command Syntax lacp timeout long short no lacp timeout long Specifies a long timeout value short Specifies a short timeout value Default Configuration The default por...

Page 390: ...show lacp ethernet command in Privileged EXEC mode to display LACP information for Ethernet ports Syntax show lacp ethernet interface parameters statistics Interface Ethernet interface Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example shows how to display LACP Ethernet ...

Page 391: ...P Activity ACTIVE Aggregation AGGREGATABLE synchronization FALSE collecting FALSE distributing FALSE expired FALSE Partner system priority 0 system mac addr 00 00 00 00 00 00 port Admin key 0 port Oper key 0 port Admin priority 0 port Oper priority 0 port Oper timeout LONG LACP Activity ASSIVE Aggregation AGGREGATABLE synchronization FALSE collecting FALSE distributing FALSE ...

Page 392: ...cp port channel port_channel_number port_channel_number The port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example shows how to display LACP port channel information console show lacp port channel 1 Port Channel 1 Port Type 1000 Ethernet Actor System Prio...

Page 393: ...LACP Commands 393 Oper Key 29 Partner System Priority 0 MAC Address 000000 000000 Oper Key 14 ...

Page 394: ...394 LACP Commands ...

Page 395: ...apter explains the following commands link dependency group no link dependency group add ethernet add port channel add port channel no add port channel depends on ethernet no depends on ethernet depends on port channel no depends on port channel show link dependency ...

Page 396: ...his command has no default configuration Command Mode Global Configuration mode User Guidelines No specific guidelines Example console config link dependency group 1 console config linkDep group 1 no link dependency group Use the no link dependency group command to remove the configuration for a link dependency group Syntax no link dependency group GroupId GroupId Link dependency group identifier ...

Page 397: ... s to the dependency list Syntax add ethernet intf list intf list List of Ethernet interfaces Separate nonconsecutive ports with a comma and no spaces Use a hyphen to designate the range of ports Range Valid Ethernet interface list or range Default Configuration This command has no default configuration Command Mode Link Dependency mode User Guidelines No specific guidelines Example console config...

Page 398: ...t or range Default Configuration This command has no default configuration Command Mode Link Dependency mode User Guidelines No specific guidelines Example console config linkDep group 1 add port channel 2 no add port channel Use the no add port channel command to remove member port channels from the dependency list Syntax no add port channel port channel list port channel list List of port channe...

Page 399: ...t command to add the dependent Ethernet ports list Syntax depends on ethernet intf list intf list List of Ethernet interfaces Separate nonconsecutive ports with a comma and no spaces Use a hyphen to designate the range of ports Range Valid Ethernet interface list or range Default Configuration This command has no default configuration Command Mode Link Dependency mode User Guidelines No specific g...

Page 400: ...e Default Configuration This command has no default configuration Command Mode Link Dependency mode User Guidelines No specific guidelines Example console config linkDep group 1 no depends on ethernet 1 g10 depends on port channel Use the depends on port channel command to add the dependent port channels list Syntax depends on port channel port channel list port channel list List of port channel i...

Page 401: ...no depends on port channel command to remove the dependent port channels list Syntax no depends on port channel port channel list port channel list List of port channel interfaces Separate nonconsecutive ports with a comma and no spaces Use a hyphen to designate the range of ports Range Valid port channel interface list or range Default Configuration This command has no default configuration Comma...

Page 402: ...link dependency groups are displayed Syntax show link dependency group GroupId GroupId Link dependency group identifier Range Valid Group Id 1 16 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines No specific guidelines Example The following command shows link dependencies for all groups console show link dependency GroupId Member Port...

Page 403: ...Link Dependency Commands 403 The following command shows link dependencies for group 2 only console show link dependency group 2 GroupId Member Ports Ports Depended On 2 1 g1 1 g4 1 g8 1 g9 ...

Page 404: ...404 Link Dependency Commands ...

Page 405: ...lldp med faststartrepeatcount lldp med transmit tlv lldp notification lldp notification interval lldp receive lldp timers lldp transmit lldp transmit mgmt lldp transmit tlv show lldp show lldp interface show lldp local device show lldp med show lldp med interface show lldp med local device show lldp med remote device show lldp remote device show lldp statistics ...

Page 406: ...m reset Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays how to clear the LLDP remote data console clear lldp remote data clear lldp statistics Use the clear lldp statistics command in Privileged EXEC mode to reset all LLDP statistics Syntax clear lldp statistics Default Configuration By default the statistics are only cle...

Page 407: ...isable LLDP MED on an interface By enabling MED the transmit and receive functions of LLDP are effectively enabled Syntax Description lldp med no lldp med Parameter Ranges Not applicable Command Mode Interface Ethernet Configuration Default Value LLDP MED is disabled on all supported interfaces Usage Guidelines No specific guidelines Example console config interface ethernet 1 g1 console config if...

Page 408: ...t Configuration Default Value By default notifications are disabled on all supported interfaces Usage Guidelines No specific guidelines Example console config lldp med confignotification lldp med faststartrepeatcount This command is used to set the value of the fast start repeat count Syntax Description lldp med faststartrepeatcount count no lldp med faststartrepeatcount count Number of LLDPPDUs t...

Page 409: ... explained in the normative section of the specification For example the MED TLV capabilities is mandatory By disabling this bit MED is effectively disable on this interface Syntax Description lldp med transmit tlv capabilities network policy ex pse ex pd location inventory no med lldp transmit tlv capabilities network policy ex pse ex pd location inventory Capabilities Transmit the capabilities T...

Page 410: ...v capabilities console config if 1 g1 lldp med transmit tlv network policies lldp notification Use the lldp notification command in Interface Configuration mode to enable remote data change notifications To disable notifications use the no form of this command Syntax lldp notification no lldp notification Default Configuration By default notifications are disabled on all supported interfaces Comma...

Page 411: ...fication interval to the factory default use the no form of this command Syntax lldp notification interval interval no lldp notification interval interval The smallest interval in seconds at which to send remote data change notifications Range 5 3600 seconds Default Configuration The default value is 5 seconds Command Mode Global Configuration mode User Guidelines This command has no user guidelin...

Page 412: ...rnet mode User Guidelines This command has no user guidelines Example The following example displays how to enable the LLDP receive capability console config if 1 g3 lldp receive lldp timers Use the lldp timers command in Global Configuration mode to set the timing parameters for local data transmission on ports enabled for LLDP To return any or all parameters to factory default use the no form of...

Page 413: ... seconds Command Mode Global Configuration mode User Guidelines This command has no user guidelines Examples The following example displays how to configure LLDP to transmit local information every 1000 seconds console config lldp timers interval 1000 The following example displays how to set the timing parameter at 1000 seconds with a hold multiplier of 8 and a 5 second delay before re initializa...

Page 414: ...ion of local data console config if 1 g3 lldp transmit lldp transmit mgmt Use the lldp transmit mgmt command in Interface Configuration mode to include transmission of the local system management address information in the LLDPDUs To cancel inclusion of the management information use the no form of this command Syntax lldp transmit mgmt no lldp transmit mgmt Default Configuration By default manage...

Page 415: ...management set will be transmitted in the LLDPDUs To remove an optional TLV use the no form of this command Syntax lldp transmit tlv sys desc sys name sys cap port desc no lldp transmit tlv sys desc sys name sys cap port desc sys name Transmits the system name TLV sys desc Transmits the system description TLV sys cap Transmits the system capabilities TLV port desc Transmits the port description TL...

Page 416: ...tax show lldp Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the current LLDP configuration summary console show lldp Global Configurations Transmit Interval 30 seconds Transmit TTL Value 120 seconds Reinit Delay 2 seconds Notification Interval limited to ev...

Page 417: ...efault configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Examples This example show how the information is displayed when you use the command with the all parameter console show lldp interface all Interface Link Transmit Receive Notify TLVs Mgm t 1 g1 Up Enabled Enabled Enabled 0 1 2 3 Y 1 g2 Down Enabled Enabled Disabled Y 1 g3 Down Disabled Disab...

Page 418: ...data This command can display summary information or detail for each interface Syntax show lldp local device detail interface interface all detail includes a detailed version of remote data interface Specifies a valid physical interface on the device unit port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user ...

Page 419: ... 62 48 00 00 00 Port ID Subtype MAC Address Port ID 00 62 48 00 00 02 System Name System Description Routing Port Description System Capabilities Supported bridge router System Capabilities Enabled bridge Management Address Type IPv4 Address 192 168 17 25 show lldp med This command displays a summary of the current LLDP MED configuration Syntax Description show lldp med Parameter Ranges Not applic...

Page 420: ...ast Start Repeat Count 3 Device Class Network Connectivity show lldp med interface This command displays a summary of the current LLDP MED configuration for a specific interface Syntax Description show lldp med interface unit port all unit port Indicates a specific physical interface All Indicates all valid LLDP interfaces Parameter Ranges Not applicable Command Mode Privileged EXEC ...

Page 421: ...nterface Link configMED operMED ConfigNotify TLVsTx 1 g1 Down Disabled Disabled Disabled 1 g2 Down Disabled Disabled Disabled console show lldp med interface 1 g1 LLDP MED Interface Configuration Interface Link configMED operMED ConfigNotify TLVsTx 1 g1 Up Enabled Enabled Disabled 0 1 TLV Codes 0 Capabilities 1 Network Policy ...

Page 422: ...ax Description show lldp med local device detail unit port unit port Indicates a specific physical interface detail Includes a detailed version of remote data for the indicated interface Parameter Ranges Not applicable Command Mode Privileged EXEC Default Value Not applicable Example Console show lldp med local device detail 1 g1 LLDP MED Local Device Detail Interface 1 0 8 Network Policies Media ...

Page 423: ...Type streamingvideo Vlan ID 20 Priority 1 DSCP 2 Unknown False Tagged True Inventory Hardware Rev xxx xxx xxx Firmware Rev xxx xxx xxx Software Rev xxx xxx xxx Serial Num xxx xxx xxx Mfg Name xxx xxx xxx Model Name xxx xxx xxx Asset ID xxx xxx xxx Location Subtype elin Info xxx xxx xxx Extended POE ...

Page 424: ...nt LLDP MED remote data This command can display summary information or detail for each interface Syntax Description show lldp med remote device unit port all show lldp med remote device detail unit port unit port Indicates a specific physical interface all Indicates all valid LLDP interfaces detail Includes a detailed version of remote data for the indicated interface Parameter Ranges Not applica...

Page 425: ...e Class 1 g1Class I 1 g2 Not Defined 1 g3Class II 1 g4Class III 1 g5Network Con Console show lldp med remote device detail 1 g1 LLDP MED Remote Device Detail Local Interface 1 g1 Capabilities MED Capabilities Supported capabilities networkpolicy location extendedpse MED Capabilities Enabled capabilities networkpolicy Device Class Endpoint Class I ...

Page 426: ...nown False Tagged True Media Policy Application Type streamingvideo Vlan ID 20 Priority 1 DSCP 2 Unknown False Tagged True Inventory Hardware Rev xxx xxx xxx Firmware Rev xxx xxx xxx Software Rev xxx xxx xxx Serial Num xxx xxx xxx Mfg Name xxx xxx xxx Model Name xxx xxx xxx Asset ID xxx xxx xxx Location ...

Page 427: ...ote device Use the lldp remote device command in Privileged EXEC mode to display the current LLDP remote data This command can display summary information or detail for each interface Syntax show lldp remote device detail interface interface all detail Includes detailed version of remote data interface Specifies a valid physical interface on the device unit port Default Configuration This command ...

Page 428: ...te device Local Remote Interface Device ID Port ID TTL 1 g1 01 23 45 67 89 AB 01 23 45 67 89 AC 60 seconds 1 g2 01 23 45 67 89 CD 01 23 45 67 89 CE 120 seconds 1 g3 01 23 45 67 89 EF 01 23 45 67 89 FG 80 seconds console show lldp remote device detail 1 g1 Ethernet1 g1 Remote ID 01 23 45 67 89 AB System Name system 1 System Description System Capabilities Bridge Port ID 01 23 45 67 89 AC Port Descr...

Page 429: ...ace all interface Specifies a valid physical interface on the switch or unit port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Examples The following examples shows an example of the display of current LLDP traffic statistics console show lldp statistics all LLDP Device Statistics Last Update 0...

Page 430: ...s a complete set of information advertised by a remote device has been inserted into the table Total Deletes The number of times a complete set of information advertised by a remote device has been deleted from the table Total Drops Number of times a complete set of information advertised by a remote device could not be inserted due to insufficient resources Total Ageouts Number of times any remot...

Page 431: ...TTL expiration TLV Discards Number LLDP TLVs Type Length Value sets received on the indicated port and discarded for any reason by the LLDP agent TLV Unknowns Number of LLDP TLVs received on the indicated port for a type not recognized by the LLDP agent TLV MED Number of OUI specific MED Media Endpoint Device TLVs received TLV 802 1 Number of OUI specific 802 1 specific TLVs received TLV 802 3 Num...

Page 432: ...432 LLDP Commands ...

Page 433: ...33 20 Port Channel Commands This chapter explains the following commands channel group interface port channel interface range port channel hashing mode no hashing mode show interfaces port channel show statistics port channel ...

Page 434: ... to join a channel without LACP auto Forces the port to join a channel with LACP Default Configuration This command has no default configuration Command Mode Interface Configuration Ethernet mode User Guidelines This command has no user guidelines Example The following example shows how port 1 g5 is configured to port channel number 1 without LACP console config interface ethernet 1 g5 console con...

Page 435: ...ole config interface port channel 1 console config if ch1 interface range port channel Use the interface range port channel command in Global Configuration mode to execute a command on multiple port channels at the same time Syntax interface range port channel port channel range all port channel range List of port channels to configure Separate non consecutive port channels with a comma and no spa...

Page 436: ...nsole config interface range port channel 1 2 8 console config if hashing mode Use the hashing mode command to set the hashing algorithm on trunk ports Syntax hashing mode mode mode Mode value in the range of 1 to 6 Range 1 6 1 Source MAC VLAN EtherType source module and port ID 2 Destination MAC VLAN EtherType source module and port ID 3 Source IP and source TCP UDP port 4 Destination IP and dest...

Page 437: ...ng mode 4 no hashing mode Use the no hashing mode command to set the hashing algorithm on Trunk ports to the default 3 Syntax Description no hashing mode Default Configuration This command has no default configuration Command Mode Interface Configuration port channel User Guidelines No specific guidelines Example console config interface port channel 1 console config if ch1 no hashing mode ...

Page 438: ... optional If the port channel number is not given all the channel groups are displayed Range Valid port channel number 1 to 48 Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines No specific guidelines Example Console show interfaces port channel Channel Ports H ashing mode ch1 Active 1 e1 2 e2 1 ch2 Active 2 e2 2 e7 Inactive 3 e1 2 ch3 Acti...

Page 439: ...stination TCP UDP port 5 Source Destination MAC VLAN EtherType and source MODID port 6 Source Destination IP and source destination TCP UDP port show statistics port channel Use the show statistics port channel command in Privileged EXEC mode to display statistics about a specific port channel Syntax show statistics port channel port channel number port channel number Valid port channel number cha...

Page 440: ...nd TX 128 255 Octets 201 Packets RX and TX 256 511 Octets 418 Packets RX and TX 512 1023 Octets 1 Packets RX and TX 1024 1518 Octets 0 Packets RX and TX 1519 1522 Octets 0 Packets RX and TX 1523 2047 Octets 0 Packets RX and TX 2048 4095 Octets 0 Packets RX and TX 4096 9216 Octets 0 Total Packets Received Without Errors 0 Unicast Packets Received 0 Multicast Packets Received 0 Broadcast Packets Rec...

Page 441: ...dcast Storm Recovery 0 CFI Discards 0 Upstream Threshold 0 Total Packets Transmitted Octets 263567 Max Frame Size 1518 Total Packets Transmitted Successfully 1824 Unicast Packets Transmitted 330 Multicast Packets Transmitted 737 Broadcast Packets Transmitted 757 Total Transmit Errors 0 FCS Errors 0 More or q uit Tx Oversized 0 Underrun Errors 0 Total Transmit Packets Discarded 0 Single Collision F...

Page 442: ...Excessive Collision Frames 0 Port Membership Discards 0 802 3x Pause Frames Transmitted 0 GVRP PDUs received 0 GVRP PDUs Transmitted 0 GVRP Failed Registrations 0 Time Since Counters Last Cleared 0 day 0 hr 17 min 52 sec console ...

Page 443: ...Port Monitor Commands 443 21 Port Monitor Commands This chapter explains the following commands monitor session show monitor session ...

Page 444: ...administrative mode of the session If enabled the probe port monitors all the traffic received and transmitted on the physical monitored port Syntax monitor session session id source interface src interface rx tx destination interface dst interface mode no monitor session session id Session identification number src interface Ethernet interface Range Any valid Ethernet Port rx Monitors received pa...

Page 445: ...ion Use the show monitor session command in Privileged EXEC mode to display status of port monitoring Syntax show monitor session session id session id Session identification number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following examples shows port monitoring status console ...

Page 446: ...446 Port Monitor Commands 1 Enable 1 g10 1 g8 Rx Tx ...

Page 447: ... dot1p mapping classofservice ip dscp mapping classofservice trust conform color cos queue min bandwidth cos queue strict diffserv drop mark cos mark ip dscp mark ip precedence match class map match cos match destination address mac match dstip match dstip6 match dstl4port match ethertype match ip6flowlbl match ip dscp match ip precedence ...

Page 448: ...t service policy show class map show classofservice dot1p mapping show classofservice ip dscp mapping show classofservice trust show diffserv show diffserv service interface ethernet in show diffserv service interface port channel in show diffserv service brief show interfaces cos queue show policy map show policy map interface show service policy traffic shape ...

Page 449: ... mode User Guidelines This command has no user guidelines Example The following example displays how to change the queue ID to 4 for the associated traffic stream console config policy classmap assign queue 4 class Use the class command in Policy Map Class Configuration mode to create an instance of a class definition within the specified policy for the purpose of defining treatment of the traffic...

Page 450: ...fy the DiffServ class name of DELL console config policy map DELL1 console config classmap class DELL class map Use the class map command in Global Configuration mode to define a new DiffServ class of type match all To delete the existing class use the no form of this command Syntax class map match all class map name ipv4 ipv6 no class map match all class map name class map name a case sensitive a...

Page 451: ... the name of a DiffServ class Syntax class map rename classname newclassname classname The name of an existing DiffServ class Range 1 31 characters newclassname A case sensitive alphanumeric string Range 1 31 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following exa...

Page 452: ...c class Syntax classofservice dot1p mapping 802 1ppriority trafficclass no classofservice dot1p mapping 802 1ppriority Specifies the user priority mapped to the specified traffic class for this switch Range 0 7 trafficclass Specifies the traffic class for this switch Range 0 6 Default Configuration This command has no default configuration Command Mode Global Configuration or Interface Configurati...

Page 453: ...s4 cs5 cs6 cs7 ef trafficclass Specifies the traffic class for this value mapping Range 0 6 Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example displays mapping for IP DSCP 1 and traffic class 2 console config classofservice ip dscp mapping 1 2 classofservice trust U...

Page 454: ...User Guidelines This command has no user guidelines Examples The following example displays how you set the class of service trust mode of an interface to trust dot1p 802 1p packet markings when in Global Configuration mode console config classofservice trust dot1p The following example displays how you set the class of service trust mode of an interface to trust IP Precedence packet mark console ...

Page 455: ... color command console config policy classmap conform color test_class test_class is class map name cos queue min bandwidth Use the cos queue min bandwidth command in either Global Configuration mode or Interface Configuration mode to specify the minimum transmission bandwidth for each interface queue To restore the default for each queue s minimum bandwidth value use the no form of this command S...

Page 456: ...e the cos queue strict command in either Global Configuration mode or Interface Configuration mode to activate the strict priority scheduler mode for each specified queue To restore the default weighted scheduler mode for each specified queue use the no form of this command Syntax cos queue strict queue id 1 queue id 2 queue id n no cos queue strict queue id 1 queue id 2 queue id n queue id 1 Spec...

Page 457: ...ate the strict priority scheduler mode for three queues console config cos queue strict 1 2 4 diffserv Use the diffserv command in Global Configuration mode to set the DiffServ operational mode to active While disabled the DiffServ configuration is retained and can be changed but it is not activated When enabled DiffServ services are activated To set the DiffServ operational mode to inactive use t...

Page 458: ...p Configuration mode to specify that all packets for the associated traffic stream are to be dropped at ingress Syntax drop Default Configuration This command has no default configuration Command Mode Policy Class Map Configuration mode User Guidelines This command has no user guidelines Example The following example displays how to specify that matching packets are to be dropped at ingress consol...

Page 459: ...ue Specifies the CoS value as an integer Range 0 7 Default Configuration The default value for this command is 1 Command Mode Policy Class Map Configuration mode User Guidelines This command has no user guidelines Example The following example displays how to mark all packets with a CoS value console config policy classmap mark cos 7 mark ip dscp Use the mark ip dscp command in Policy Class Map Co...

Page 460: ... has no user guidelines Example The following example displays how to mark all packets with an IP DSCP value of cs4 console config policy classmap mark ip dscp cs4 mark ip precedence Use the mark ip precedence command in Policy Class Map Configuration mode to mark all packets for the associated traffic stream with the specified IP precedence value Syntax mark ip precedence prec value prec value Sp...

Page 461: ...or another class Use the no form of this command to remove from the specified class definition the set of match conditions defined for another class Syntax match class map refclassname no match class map refclassname refclassname The name of an existing DiffServ class whose match conditions are being referenced by the specified class definition Default Configuration This command has no default con...

Page 462: ...aximum number of available rules in the class definition by one Example The following example adds match conditions defined for the Dell class to the class currently being configured console config classmap match class map Dell The following example deletes the match conditions defined for the Dell class from the class currently being configured console config classmap no match class map Dell matc...

Page 463: ...finition a match condition based on the destination MAC address of a packet Syntax match destination address mac macaddr macmask macaddr Specifies any valid layer 2 MAC address formatted as six two digit hexadecimal numbers separated by colons macmask Specifies a valid layer 2 MAC address bit mask formatted as six two digit hexadecimal numbers separated by colons This address bit mask does not nee...

Page 464: ...n IP address of a packet Syntax match dstip ipaddr ipmask ipaddr Specifies a valid IP address ipmask Specifies a valid IP address bit mask Note that even though this parameter is similar to a standard subnet mask it does not need to be contiguous Default Configuration This command has no default configuration Command Mode Class Map Configuration mode User Guidelines This command has no user guidel...

Page 465: ...delines There are no user guidelines for this command Example console config classmap match dstip6 2001 DB8 32 match dstl4port Use the match dstl4port command in Class Map Configuration mode to add to the specified class definition a match condition based on the destination layer 4 port of a packet using a single keyword or a numeric notation Syntax match dstl4port portkey port number portkey Spec...

Page 466: ...h ethertype Use the match ethertype command in Class Map Configuration mode to add to the specified class definition a match condition based on the value of the ethertype Syntax match ethertype keyword 0x0600 0xffff keyword Specifies either a valid keyword or a valid hexadecimal number The supported keywords are appletalk arp ibmsna ipv4 ipv6 ipx mplsmcast mplsucast netbios novell pppoe rarp Range...

Page 467: ... IPv6 flow label of a packet Syntax match ip6flowlbl label label The value to match in the Flow Label field of the IPv6 header Range 0 1048575 Default Configuration There is no default configuration for this command Command Mode Ipv6 Class Map Configuration mode User Guidelines There are no user guidelines for this command Example The following example adds a rule to match packets whose IPv6 Flow ...

Page 468: ...ues af11 af12 af13 af21 af22 af23 af31 af32 af33 af41 af42 af43 be cs0 cs1 cs2 cs3 cs4 cs5 cs6 cs7 ef Default Configuration This command has no default configuration Command Mode Class Map Configuration mode User Guidelines The ip dscp ip precedence and ip tos match conditions are alternative ways to specify a match criterion for the same Service Type field in the IP header but with a slightly dif...

Page 469: ...ecedence and ip tos match conditions are alternative ways to specify a match criterion for the same Service Type field in the IP header but with a slightly different user notation To specify a match on all precedence values use the match ip tos tosbits tosmask command with tosbits set to 0 zero and tosmask set to hex 1F Example The following example displays adding a match condition based on the v...

Page 470: ...ion for the same Service Type field in the IP header but with a slightly different user notation This specification is the free form version of the IP DSCP Precedence TOS match specification in that you have complete control of specifying which bits of the IP Service Type field are checked Example The following example displays adding a match condition based on the value of the IP TOS field in a p...

Page 471: ...tocol name keyword console config classmap match protocol ip match source address mac Use the match source address mac command in Class Map Configuration mode to add to the specified class definition a match condition based on the source MAC address of the packet Syntax match source address mac address macmask macaddr Specifies any valid layer 2 MAC address formatted as six two digit hexadecimal n...

Page 472: ...p Use the match srcip command in Class Map Configuration mode to add to the specified class definition a match condition based on the source IP address of a packet Syntax match srcip ipaddr ipmask ipaddr Specifies a valid IP address ipmask Specifies a valid IP address bit mask Note that although this IP address bit mask is similar to a subnet mask it does not need to be contiguous Default Configur...

Page 473: ... length source ipv6 prefix IPv6 prefix in IPv6 global address format prefix length IPv6 prefix length value Default Configuration There is no default configuration for this command Command Mode Ipv6 Class Map Configuration mode User Guidelines There are no user guidelines for this command Example console config classmap match srcip6 2001 DB8 32 match srcl4port Use the match srcl4port command in Cl...

Page 474: ... Mode Class Map Configuration mode User Guidelines This command has no user guidelines Example The following example displays how to add a match condition using the snmp port name keyword console config classmap match srcl4port snmp match vlan Use the match vlan command in Class Map Configuration mode to add to the specified class definition a match condition based on the value of the layer 2 VLAN...

Page 475: ...ch vlan 2 mirror Use the mirror command in Policy Class Map Configuration mode to mirror all the data that matches the class defined to the destination port specified Syntax mirror interface interface Specifies the Ethernet port to which data needs to be copied Default Configuration This command has no default configuration Command Mode Policy Class Map Configuration mode User Guidelines The port ...

Page 476: ...cos set prec transmit cos set dscp transmit dscpval transmit datarate Data rate in kilobits per second kbps Range 1 4294967295 burstsize Burst size in Kbps Range 1 128 conform action Indicates what happens when the packet is conforming to the policing rule it could be dropped it could have its COS modified it could have its IP precedence modified or it could have its DSCP modified The same actions...

Page 477: ...icy use the no form of this command Syntax policy map policyname in no policy map policyname policyname Specifies the DiffServ policy name as a unique case sensitive alphanumeric string of characters Range 1 31 alphanumeric characters in Inbound direction Must be specified for new DiffServ policies Not specified for existing DiffServ policies A new policy can be specified with in only An existing ...

Page 478: ...ecify that all incoming packets for the associated traffic stream are redirected to a specific egress interface physical port or port channel Syntax redirect interface interface Specifies any valid interface Interface is Ethernet port or port channel Range lag1 lag18 Default Configuration This command has no default configuration Command Mode Policy Class Map Configuration mode User Guidelines Thi...

Page 479: ...nfiguration Command Mode Global Configuration mode for all system interfaces Interface Configuration Ethernet Port channel mode for a specific interface User Guidelines This command effectively enables DiffServ on an interface No separate interface administrative mode command for DiffServ is available Ensure that no attributes within the policy definition exceed the capabilities of the interface W...

Page 480: ...an existing DiffServ class Range 1 31 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays all the configuration information for the class named Dell console show class map Class L3 Class Name Type Proto Reference Class Name ipv4 All ipv4 ipv6 All ipv6 ...

Page 481: ...Type All Class Layer3 Protocol ipv4 Match Criteria Values Source IP Address 2 2 2 2 255 255 255 0 console show class map stop_http_class Class Name stop_http_class Class Type All Class Layer3 Protocol ipv6 Match Criteria Values Source IP Address 2001 DB8 32 Source Layer 4 Port 80 http www ...

Page 482: ...are g for gigabit Ethernet port or xg for 10 gigabit Ethernet port port port number Values are 1 24 or 1 48 for port_type g and 1 4 for port_type xg Example xg2 is the 10 gigabit Ethernet port 2 port channel number Specifies a valid port channel number Range is 1 8 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines If the interface is ...

Page 483: ...apping command in Privileged EXEC mode to display the current IP DSCP mapping to internal traffic classes for a specific interface Syntax show classofservice ip dscp mapping Command is supported only globally Default Configuration This command has no default configuration Parameter Description User Priority The 802 1p user priority value Traffic Class The traffic class internal queue identifier to...

Page 484: ...nd Mode Privileged EXEC mode User Guidelines Example console show classofservice ip dscp mapping IP DSCP Traffic Class 0 be cs0 1 1 1 2 1 3 1 4 1 5 1 6 1 7 1 8 cs1 0 9 0 10 af11 0 11 0 12 af12 0 13 0 14 af13 0 15 0 16 cs2 0 ...

Page 485: ...ommands 485 17 0 18 af21 0 19 0 More or q uit 20 af22 0 21 0 22 af23 0 23 0 24 cs3 1 25 1 26 af31 1 27 1 28 af32 1 29 1 30 af33 1 31 1 32 cs4 2 33 2 34 af41 2 35 2 36 af42 2 37 2 38 af43 2 39 2 40 cs5 2 41 2 ...

Page 486: ...486 QoS Commands 42 2 More or q uit 43 2 44 2 45 2 46 ef 2 47 2 48 cs6 3 49 3 50 3 51 3 52 3 53 3 54 3 55 3 56 cs7 3 57 3 58 3 59 3 60 3 61 3 62 3 63 3 console ...

Page 487: ...0 gigabit Ethernet port port port number Values are 1 24 or 1 48 for port_type g and 1 4 for port_type xg Example xg2 is the 10 gigabit Ethernet port 2 port channel number Specifies a valid port channel number Range is 1 8 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines If the interface is specified the port trust mode of the interf...

Page 488: ...erv Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the DiffServ information console show diffserv DiffServ Admin mode Enable Class Table Size Current Max 5 25 Class Rule Table Size Current Max 6 150 Policy Table Size Current Max 2 64 Policy Instance Table Si...

Page 489: ...ax show diffserv service interface ethernet unit port type port in unit port type port A valid unit port type port in the system Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines This command has no user guidelines Example console show diffserv service interface ethernet 1 g1 in DiffServ Admin Mode Enable Interface 1 g1 Direction In No pol...

Page 490: ...s no default configuration Command Mode Privileged EXEC User Guidelines Not applicable Example console show diffserv service interface port channel 1 in DiffServ Admin Mode Enable Interface ch1 Direction In No policy is attached to this interface in this direction show diffserv service brief Use the show diffserv service brief command in Privileged EXEC mode to display all interfaces in the system...

Page 491: ...serv service brief Interface Direction OperStatus Policy Name 1 g1 in Down DELL show interfaces cos queue Use the show interfaces cos queue command in Privileged EXEC mode to display the class of service queue configuration for the specified interface Syntax show interfaces cos queue unit port type port port channel port channel number unit port type port Specifies a valid unit port combination un...

Page 492: ...and Mode Privileged EXEC mode User Guidelines If the interface is specified the class of service queue configuration of the interface is displayed If omitted the most recent global configuration settings are displayed Examples The following example displays the COS configuration with no unit port or port channel parameter console show interfaces cos queue Global Configuration Interface Shaping Rat...

Page 493: ...p 6 0 Weighted Tail Drop This example displays the COS configuration for the specified interface 1 g1 console show interfaces cos queue 1 g1 Interface 1 g1 Interface Shaping Rate 0 Queue Id Min Bandwidth Scheduler Type Queue Management Type 0 0 Weighted Tail Drop 1 0 Weighted Tail Drop 2 0 Weighted Tail Drop 3 0 Weighted Tail Drop ...

Page 494: ... a whole It is independent of any per queue maximum bandwidth values in effect for the interface This value is a configured value Queue Mgmt Type The queue depth management technique used for all queues on this interface Queue An interface supports n queues numbered 0 to n 1 The specific n value is platform dependent Internal egress queue of the interface queues 0 6 are available Minimum Bandwidth...

Page 495: ...ample The following example displays the DiffServ information console show policy map Policy Name Policy Type Class Members POLY1 xxx DellClass DELL xxx DellClass show policy map interface Use the show policy map interface command in Privileged EXEC mode to display policy oriented statistics information for the specified interface Syntax show policy map interface unit port in unit port Specifies a...

Page 496: ... Interface 1 g1 Operational Status Down Policy Name DELL Interface Summary Class Name murali In Discarded Packets 0 Class Name test In Discarded Packets 0 Class Name DELL1 In Discarded Packets 0 Class Name DELL In Discarded Packets 0 show service policy Use the show service policy command in Privileged EXEC mode to display a summary of policy oriented statistics information for all interfaces Synt...

Page 497: ...This command has no user guidelines Example The following example displays a summary of policy oriented statistics information console show service policy Oper Policy Intf Stat Name 1 g1 Down DELL 1 g2 Down DELL 1 g3 Down DELL 1 g4 Down DELL 1 g5 Down DELL 1 g6 Down DELL 1 g7 Down DELL 1 g8 Down DELL 1 g9 Down DELL 1 g10 Down DELL ...

Page 498: ...estore the default interface shaping rate value use the no form of this command Syntax traffic shape bw kbps no traffic shape bw Maximum transmission bandwidth value expressed in Kpbs Range 64 4294967295 Default Configuration This command has no default configuration Command Mode Global Configuration mode Interface Configuration Ethernet Port channel mode User Guidelines This command has no user g...

Page 499: ...efault start stop group radius acct port auth port deadtime key msgauth name primary priority radius server deadtime radius server host radius server key radius server retransmit radius server source ip radius server timeout retransmit show radius servers show radius servers statistics source ip timeout usage ...

Page 500: ...default start stop group radius Default Configuration RADIUS accounting is disabled by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config aaa accounting network default start stop group radius acct port Use the acct port command to set the port that connects to the RADIUS accounting server Use the no form of this comm...

Page 501: ... acct radius acct port 56 auth port Use the auth port command in Radius mode to set the port number for authentication requests of the designated Radius server Syntax auth port auth port number auth port number Port number for authentication requests Range 1 65535 Default Configuration The default value of the port number is 1812 Command Mode Radius mode User Guidelines The host is not used for au...

Page 502: ...the unavailable server to be skipped Syntax deadtime deadtime deadtime The amount of time that the unavailable server is skipped over Range 0 2000 minutes Default Configuration The default deadtime interval is 0 minutes Command Mode Radius mode User Guidelines User must enter the mode corresponding to a specific Radius server before executing this command Example The following example specifies a ...

Page 503: ...ault Command Mode Radius mode User Guidelines There are no user guidelines for this command Example The following example specifies an authentication and encryption key of lion king console config radius server host acct 3 2 3 2 console Config acct radius key keyacct msgauth Use the msgauth command to enable the message authenticator attribute to be used for the RADIUS Authenticating server being ...

Page 504: ... to assign a name to a RADIUS server Use the no form of this command to reset the name to the default Syntax name servername no name servername The name for the RADIUS server Range 1 32 characters Default Configuration The default RADIUS server name is Default RADIUS Server Command Mode Radius mode User Guidelines There are no user guidelines for this command Example console config radius server h...

Page 505: ...erver name by default If it fails to communicate with the primary server for any reason it uses the backup servers configured with the same server name These backup servers are identified as the Secondary type Syntax primary Default Configuration There is no primary authentication server by default Command Mode Radius mode User Guidelines There are no user guidelines for this command Example conso...

Page 506: ...rity 10 radius server deadtime Use the radius server deadtime command in Global Configuration mode to improve Radius response times when servers are unavailable The command is used to cause the unavailable servers to be skipped To set the deadtime to 0 use the no form of this command Syntax radius server deadtime deadtime no radius server deadtime deadtime Length of time in minutes for which a Rad...

Page 507: ...ode To delete the specified Radius host use the no form of this command Syntax radius server host acct auth ipaddress hostname acct auth The type of server accounting or authentication ipaddress The RADIUS server host IP address hostname Host name of the Radius server host Range 1 255 characters Default Configuration The default server type is authentication The default server name is Default RADI...

Page 508: ...m of this command Syntax radius server key key string no radius server key key string Specifies the authentication and encryption key for all Radius communications between the switch and the Radius server This key must match the encryption used on the Radius server Range 1 128 characters Default Configuration The default is an empty string Command Mode Global Configuration mode User Guidelines Thi...

Page 509: ...ttempts Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example configures the number of times the Radius client attempts to retransmit requests to the Radius server to 5 attempts console config radius server retransmit 5 radius server source ip Use the radius server source ip command in Global Configuration mode to specify the sourc...

Page 510: ...r communication with Radius servers to 10 1 1 1 console config radius server source ip 10 1 1 1 radius server timeout Use the radius server timeout command in Global Configuration mode to set the interval for which a switch waits for a server host to reply To restore the default use the no form of this command Syntax radius server timeout timeout no radius server timeout timeout Specifies the time...

Page 511: ...s the Radius client retransmits requests to the Radius server Syntax retransmit retries retries Specifies the retransmit value Range 1 10 attempts Default Configuration The default number for attempts is 3 Command Mode Radius mode User Guidelines User must enter the mode corresponding to a specific Radius server before executing this command Example The following example of the retransmit command ...

Page 512: ...rver names to be displayed instead of the server configuration parameters servername Will cause only the server s with server name name to be displayed There are no global parameters displayed when this parameter is specified Default Configuration Authentication servers are displayed by default Command Mode Privileged EXEC mode User Guidelines The following fields are displayed Field Description C...

Page 513: ...onfigured timeout value in seconds for request retransmissions Retransmit The configured value of the maximum number of times a request packet is retransmitted Deadtime The length of time an unavailable RADIUS server is skipped RADIUS Accounting Mode A Global parameter to indicate whether the accounting mode for all the servers is enabled or not RADIUS Attribute 4 Mode A Global parameter to indica...

Page 514: ...US Server 2 2 2 2 1813 Secondary console show radius servers name Default RADIUS Server RADIUS Server Name Default RADIUS Server Current Server IP Address 1 1 1 1 Retransmits 4 Timeout 5 Deadtime 0 Port 1812 Source IP 0 0 0 0 Secret Configured No Message Authenticator Enable show radius servers statistics Use the show radius servers statistics command to show the statistics for an authentication o...

Page 515: ...nes The following fields are displayed for accounting servers Field Description RADIUS Accounting Server Name Name of the accounting server Server Host Address IP address of the host Round Trip Time The time interval in hundredths of a second between the most recent Accounting Response and the Accounting Request that matched it from this RADIUS accounting server Requests The number of RADIUS Accou...

Page 516: ...received from this server on accounting port Packets Dropped The number of RADIUS packets received from this server on accounting port and dropped for some other reason Field Description RADIUS Server Name Name of the authenticating server Server Host Address IP address of the host Access Requests The number of RADIUS Access Request packets sent to this server This number does not include retransm...

Page 517: ...or signature attributes or unknown types are not included as malformed access responses Bad Authenticators The number of RADIUS Access Response packets containing invalid authenticators or signature attributes received from this server Pending Requests The number of RADIUS Access Request packets destined for this server that have not yet timed out or received a response Timeouts The number of auth...

Page 518: ...ccess Accepts 0 Access Rejects 0 Access Challenges 0 Malformed Access Responses 0 Bad Authenticators 0 Pending Requests 0 Timeouts 0 Unknown Types 0 Packets Dropped 0 source ip Use the source ip command in Radius mode to specify the source IP address to be used for communication with Radius servers 0 0 0 0 is interpreted as a request to use the IP address of the outgoing IP interface Syntax source...

Page 519: ...ss console config radius server host 192 143 120 123 console config radius source ip 10 240 1 23 timeout Use the timeout command in Radius mode to set the timeout value in seconds for the designated Radius server Syntax timeout timeout timeout Timeout value in seconds for the specified server Range 1 30 seconds Default Configuration The default value is 3 seconds Command Mode Radius mode User Guid...

Page 520: ...the usage type of the server Syntax usage type type Variable can be one of the following values login 802 1x or all Default Configuration The default variable setting is all Command Mode Radius mode User Guidelines User must enter the mode corresponding to a specific Radius server before executing this command Example The following example specifies usage type login console config radius server ho...

Page 521: ...tree spanning tree auto portfast spanning tree bpdu flooding spanning tree bpdu protection spanning tree cost spanning tree disable spanning tree forward time spanning tree guard spanning tree loopguard spanning tree max age spanning tree max hops spanning tree mode spanning tree mst 0 external cost spanning tree mst configuration spanning tree mst cost spanning tree mst port priority spanning tre...

Page 522: ... Spanning Tree Commands spanning tree portfast bpdufilter default spanning tree portfast default spanning tree port priority spanning tree priority spanning tree tcnguard spanning tree transmit hold count ...

Page 523: ...interface A valid Ethernet port The full syntax is unit port port channel number A valid port channel Default Configuration This command has no default setting Command Mode Privileged EXEC mode User Guidelines This feature is used only when working in RSTP or MSTP mode Example The following example restarts the protocol migration process forces the renegotiation with neighboring switches on 1 g1 c...

Page 524: ...nsole config mst exit instance mst Use the instance command in MST mode to map VLANS to an MST instance Syntax instance instance id add remove vlan vlan range instance ID ID of the MST instance Range 1 15 vlan range VLANs to be added to the existing MST instance To specify a range of VLANs use a hyphen To specify a series of VLANs use a comma Range 1 4093 Default Configuration VLANs are mapped to ...

Page 525: ...st have the same VLAN mapping the same configuration revision number and the same name Example The following example maps VLANs 10 20 to MST instance 1 console config spanning tree mst configuration console config mst instance 1 add vlan 10 20 name mst Use the name command in MST mode to define the configuration name To return to the default setting use the no form of this command Syntax name stri...

Page 526: ...ing use the no form of this command Syntax revision value no revision value Configuration revision number Range 0 65535 Default Configuration Revision number is 0 Command Mode MST mode User Guidelines This command has no user guidelines Example The following example sets the configuration revision to 1 console config spanning tree mst configuration console config mst revision 1 show spanning tree ...

Page 527: ...the MST configuration identifier interface number A valid Ethernet port number port channel number A valid port channel index instance id ID of the spanning tree instance Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Examples The following examples display spanning tree information console show ...

Page 528: ...sec Interfaces Name State Prio Nbr Cost Sts Role PortFast Restricted 1 g1 Enabled 128 1 0 DIS Disb No No 1 g2 Enabled 128 2 0 DIS Disb No No 1 g3 Enabled 128 3 0 DIS Disb No No 1 g4 Enabled 128 4 0 DIS Disb No No More or q uit Name State Prio Nbr Cost Sts Role PortFast Restricted 1 g5 Enabled 128 5 0 DIS Disb No No 1 g6 Enabled 128 6 0 DIS Disb No No ...

Page 529: ...bled 128 11 0 DIS Disb No No 1 g12 Enabled 128 12 0 DIS Disb No No 1 g13 Enabled 128 13 0 DIS Disb No No 1 g14 Enabled 128 14 0 DIS Disb No No 1 g15 Enabled 128 15 0 DIS Disb No No 1 g16 Enabled 128 16 0 DIS Disb No No 1 g17 Enabled 128 17 0 DIS Disb No No 1 g18 Enabled 128 18 0 DIS Disb No No 1 g19 Enabled 128 19 0 DIS Disb No No 1 g20 Enabled 128 20 0 DIS Disb No No More or q uit ...

Page 530: ...Disb No No 1 g24 Enabled 128 24 0 DIS Disb No No 1 xg1 Enabled 128 25 0 DIS Disb No No 1 xg2 Enabled 128 26 0 DIS Disb No No 1 xg3 Enabled 128 27 0 DIS Disb No No 1 xg4 Enabled 128 28 0 DIS Disb No No ch1 Enabled 128 626 0 DIS Disb No No ch2 Enabled 128 627 0 DIS Disb No No ch3 Enabled 128 628 0 DIS Disb No No ch4 Enabled 128 629 0 DIS Disb No No ch5 Enabled 128 630 0 DIS Disb No No ...

Page 531: ...e Spanning tree Enabled BPDU Flooding disabled Portfast BPDU filtering Disabled m ode rstp CST Regional Root 80 00 00 FC E3 90 00 5D Regional Root Path Cost 0 ROOT ID Address 40 00 00 FC E3 90 06 0F Path Cost 20000 Root Port 1 g1 Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec TxHoldCount 6 sec Bridge ID Priority 32768 Address 80 00 00 FC E3 90 00 5D ...

Page 532: ...cted More or q uit Name State Prio Nbr Cost Sts Role PortFast Restricted 1 g1 Enabled 128 1 20000 FWD Root No No 1 g2 Enabled 128 2 0 DIS Disb No No 1 g3 Enabled 128 3 200000 DSC Desg No No 1 g4 Enabled 128 4 20000 DSC Altn No No 1 g5 Enabled 128 5 20000 DSC Altn No No 1 g6 Enabled 128 6 0 DIS Disb No No 1 g7 Enabled 128 7 0 DIS Disb No No ...

Page 533: ...No 1 g12 Enabled 128 12 0 DIS Disb No No 1 g13 Enabled 128 13 0 DIS Disb No No 1 g14 Enabled 128 14 0 DIS Disb No No 1 g15 Enabled 128 15 0 DIS Disb No No 1 g16 Enabled 128 16 0 DIS Disb No No More or q uit Name State Prio Nbr Cost Sts Role PortFast Restricted 1 g17 Enabled 128 17 0 DIS Disb No No 1 g18 Enabled 128 18 0 DIS Disb No No 1 g19 Enabled 128 19 0 DIS Disb No No ...

Page 534: ...No No 1 g24 Enabled 128 24 0 DIS Disb No No 1 xg1 Enabled 128 25 0 DIS Disb No No 1 xg2 Enabled 128 26 0 DIS Disb No No 1 xg3 Enabled 128 27 0 DIS Disb No No 1 xg4 Enabled 128 28 0 DIS Disb No No ch1 Enabled 128 626 0 DIS Disb No No ch2 Enabled 128 627 0 DIS Disb No No ch3 Enabled 128 628 0 DIS Disb No No More or q uit Name State Prio Nbr Cost Sts Role PortFast Restricted ...

Page 535: ... 0 DIS Disb No No ch9 Enabled 128 634 0 DIS Disb No No ch10 Enabled 128 635 0 DIS Disb No No ch11 Enabled 128 636 0 DIS Disb No No ch12 Enabled 128 637 0 DIS Disb No No ch13 Enabled 128 638 0 DIS Disb No No ch14 Enabled 128 639 0 DIS Disb No No ch15 Enabled 128 640 0 DIS Disb No No ch16 Enabled 128 641 0 DIS Disb No No ch17 Enabled 128 642 0 DIS Disb No No ch18 Enabled 128 643 0 DIS Disb No No ...

Page 536: ...DU filtering Disabl ed mode rstp CST Regional Root 80 00 00 FC E3 90 00 5D Regional Root Path Cost 0 MST 0 Vlan Mapped 1 3001 ROOT ID Address 40 00 00 FC E3 90 06 0F Path Cost 20000 Root Port 1 g1 Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 Address 80 00 00 FC E3 90 00 5D Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Interfaces ...

Page 537: ...le PortFast RestrictedPort 1 g1 Enabled 128 1 20000 FWD Root No No 1 g3 Enabled 128 3 200000 FWD Desg No No 1 g4 Enabled 128 4 20000 DSC Altn No No 1 g5 Enabled 128 5 20000 DSC Altn No No console console show spanning tree blockedports Spanning tree Enabled BPDU flooding Disabled mode rstp CST Regional Root 80 00 00 FC E3 90 00 5D ...

Page 538: ...st 20000 Root Port 1 g1 Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 Address 80 00 00 FC E3 90 00 5D Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Interfaces Name State Prio Nbr Cost Sts Role PortFast RestrictedPort More or q uit Name State Prio Nbr Cost Sts Role PortFast RestrictedPort ...

Page 539: ...is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines The following fields are displayed Spanning Tree Admin Mode Enabled or disabled Spanning Tree Version Version of 802 1 currently supported IEEE 802 1s IEEE 802 1w or IEEE 802 1d based upon the mode parameter BPDU Protection Mode Enabled or disabled BPDU Filter Mode Enabled or disabled BPDU Flooding Mode ...

Page 540: ...ances to display spanning tree Use the spanning tree command in Global Configuration mode to enable spanning tree functionality To disable spanning tree functionality use the no form of this command Configuration Revision Level Identifier used to identify the configuration currently being used Configuration Digest Key A generated Key used in the exchange of the BPDUs Configuration Format Selector ...

Page 541: ... config spanning tree spanning tree auto portfast Use the spanning tree auto portfast command to set the port to auto portfast mode This enables the port to become a portfast port if it does not see any BPDUs for 3 seconds Use the no form of this command to disable auto portfast mode Syntax spanning tree auto portfast no spanning tree auto portfast Default Configuration Auto portfast mode is disab...

Page 542: ... spanning tree bpdu flooding The spanning tree bpdu flooding command allows flooding of BPDUs received on non spanning tree ports to all other non spanning tree ports Use the no form of the command to disable flooding Syntax spanning tree bpdu flooding no spanning tree bpdu flooding Default Configuration This feature is disabled by default Command Mode Global Configuration mode Usage Guidelines Th...

Page 543: ...auses network topology flapping In normal cases these ports do not receive any BPDU packets However someone may forge BPDU to maliciously attack the switch and cause network flapping RSTP provides BPDU protection function against such attack After BPDU protection function is enabled on a switch the system disables an edge port that has received BPDU and notifies the network manager about it The di...

Page 544: ...g tree cost cost The port path cost Range 0 200 000 000 Default Configuration The default cost is 0 which signifies that the cost is automatically calculated based on port speed 10G Port path cost 2000 Port Channel 20 000 1000 mbps giga 20 000 100 mbps 200 000 10 mbps 2 000 000 Command Mode Interface Configuration Ethernet Port Channel mode User Guidelines There are no user guidelines for this com...

Page 545: ...hernet Port Channel mode User Guidelines This command has no user guidelines Example The following example disables spanning tree on 1 g5 console config interface ethernet 1 g5 console config if 1 g5 spanning tree disable spanning tree forward time Use the spanning tree forward time command in Global Configuration mode to configure the spanning tree bridge forward time which is the amount of time ...

Page 546: ...xample The following example configures spanning tree bridge forward time to 25 seconds console config spanning tree forward time 25 spanning tree guard The spanning tree guard command selects whether loop guard or root guard is enabled on an interface If neither is enabled the port operates in accordance with the multiple spanning tree protocol Use the no form of this command to disable loop guar...

Page 547: ...ce 4 g1 console config console config interface ethernet 4 g1 console config if 4 g1 spanning tree guard none spanning tree loopguard Use the spanning tree loopguard command to enable loop guard on all ports Use the no form of this command to disable loop guard on all ports Syntax spanning tree loopguard default no spanning tree loopguard default Default Configuration Loop guard is disabled by def...

Page 548: ...t maximum age use the no form of this command Syntax spanning tree max age seconds no spanning tree max age seconds Time in seconds Range 6 40 Default Configuration The default max age for IEEE STP is 20 seconds Command Mode Global Configuration mode User Guidelines When configuring the Max Age the following relationships should be satisfied 2 Forward Time 1 Max Age Max Age 2 Hello Time 1 Example ...

Page 549: ...Default Configuration The Maximum number of hops is 20 by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config spanning tree max hops 32 spanning tree mode Use the spanning tree mode command in Global Configuration mode to configure the spanning tree protocol To return to the default configuration use the no form of thi...

Page 550: ... MSTP console config spanning tree mode mstp spanning tree mst 0 external cost Use the spanning tree mst 0 external cost command to set the external cost for the common spanning tree The external cost is used by the switch when negotiating spanning tree topology outside the region Since by default each switch is in its own region the external cost is considered in determining the spanning tree in ...

Page 551: ... no user guidelines for this command Example The following example configures the spanning tree mst 0 external cost at 20000 console config if 4 g1 spanning tree mst 0 external cost 20000 spanning tree mst configuration Use the spanning tree mst configuration command in Global Configuration mode to enable configuring an MST region by entering the multiple spanning tree MST mode Syntax spanning tre...

Page 552: ...de to configure the path cost for multiple spanning tree MST calculations If a loop occurs the spanning tree considers path cost when selecting an interface to put in the forwarding state To return to the default port path cost use the no form of this command Syntax spanning tree mst instance id cost cost no spanning tree mst instance id cost instance ID ID of the spanning tree instance Range 1 15...

Page 553: ...se the spanning tree mst port priority command in Interface Configuration mode to configure port priority To return to the default port priority use the no form of this command Syntax spanning tree mst instance id port priority priority no spanning tree mst instance id port priority instance ID ID of the spanning tree instance Range 1 15 priority The port priority Range 0 240 in multiples of 16 De...

Page 554: ...spanning tree mst instance id priority instance id ID of the spanning tree instance Range 1 15 priority Sets the switch priority for the specified spanning tree instance This setting affects the likelihood that the switch is selected as the root switch A lower value increases the probability that the switch is selected as the root switch Range 0 61440 Default Configuration The default bridge prior...

Page 555: ...Configuration PortFast mode is disabled Command Mode Interface Configuration Ethernet Port Channel mode User Guidelines This command only applies to all ports The command is to be used only with interfaces connected to end stations Otherwise an accidental topology loop could cause a data packet loop and disrupt switch and network operations An interface with PortFast mode enabled is moved directly...

Page 556: ...tion This feature is disabled by default Command Mode Global Configuration mode Usage Guidelines There are no usage guidelines for this command Example The following example discards BPDUs received on spanning tree ports in portfast mode console spanning tree portfast bpdufilter default spanning tree portfast default Use the spanning tree portfast default command to enable Portfast mode only on ac...

Page 557: ...panning tree port priority Use the spanning tree port priority command in Interface Configuration mode to configure port priority To reset the default port priority use the no form of this command Syntax spanning tree port priority priority no spanning tree port priority priority The port priority Range 0 240 Default Configuration The default port priority for IEEE STP is 128 Command Mode Interfac...

Page 558: ...dge is elected as the root bridge To reset the default spanning tree priority use the no form of this command Syntax spanning tree priority priority no spanning tree priority priority Priority of the bridge Range 0 61440 Default Configuration The default bridge priority for IEEE STP is 32768 Command Mode Global Configuration mode User Guidelines The priority value must be a multiple of 4096 The sw...

Page 559: ... mode User Guidelines There are no user guidelines for this command Example The following example configures spanning tree tcnguard on 4 g1 console config if 4 g1 spanning tree tcnguard spanning tree transmit hold count Use the spanning tree transmit hold count command to set the maximum number of BPDUs that a bridge is allowed to send within a hello time window 2 seconds Use the no form of this c...

Page 560: ...default hold count is 6 BPDUs Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example sets the maximum number of BPDUs sent to 6 console config spanning tree transmit hold count 6 ...

Page 561: ...Switchport Voice Commands 561 25 Switchport Voice Commands This chapter explains the following commands show switchport voice switchport voice detect auto ...

Page 562: ...cifies a valid interface The full syntax is unit port port channel index Specifies the port channel number Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show switchport voice Interface Auto VoIP Mode Traffic Class 1 g1 Enabled 6 1 g2 Enabled 6 1 g3 Enabled 6 1 ...

Page 563: ...nabled 6 1 g14 Enabled 6 1 g15 Enabled 6 1 g16 Enabled 6 1 g17 Enabled 6 1 g18 Enabled 6 1 g19 Enabled 6 1 g20 Enabled 6 More or q uit console show switchport voice ethernet 1 g1 Interface Auto VoIP Mode Traffic Class 1 g1 Disabled 6 console show switchport voice port channel 1 Interface Auto VoIP Mode Traffic Class ...

Page 564: ...ct auto command is used to enable the VoIP Profile on all the interfaces of the switch global configuration mode or for a specific interface interface configuration mode Use the no form of the command to disable the VoIP Profile Syntax switchport voice detect auto no switchport voice detect auto Default Configuration This feature is disabled by default Command Mode Global Configuration Interface E...

Page 565: ...TACACS Commands 565 26 TACACS Commands This chapter explains the following commands key port priority show tacacs tacacs server host tacacs server key tacacs server timeout timeout ...

Page 566: ...haracters Default Configuration If left unspecified the key string parameter defaults to the global value Command Mode TACACS Configuration mode User Guidelines This command has no user guidelines Example The following example specifies an encryption and authentication key of 12 console config tacacs key 12 port Use the port command in TACACS Configuration mode to specify a server port number Synt...

Page 567: ...iority command in TACACS Configuration mode to specify the order in which servers are used where 0 zero is the highest priority Syntax priority priority priority Specifies the priority for servers 0 zero is the highest priority Range 0 65535 Default Configuration If left unspecified this parameter defaults to 0 zero Command Mode TACACS Configuration mode User Guidelines This command has no user gu...

Page 568: ... Syntax show tacacs ip address ip address The name or IP address of the host Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Examples The following example displays TACACS server settings console show tacacs Global Timeout 5 IP address Port Timeout Priority 10 254 24 162 49 Global 0 ...

Page 569: ...stname The hostname of the TACACS server Range 1 255 characters Default Configuration No TACACS host is specified Command Mode Global Configuration mode User Guidelines To specify multiple hosts multiple tacacs server host commands can be used Example The following example specifies a TACACS host console config tacacs server host 172 16 1 1 console tacacs tacacs server key Use the tacacs server ke...

Page 570: ...onfiguration mode User Guidelines This command has no user guidelines Example The following example sets the authentication encryption key console config tacacs server key dell s tacacs server timeout Use the tacacs server timeout command in Global Configuration mode to set the interval during which a switch waits for a server host to reply To restore the default use the no form of this command Sy...

Page 571: ...Configuration mode to specify the timeout value in seconds If no timeout value is specified the global value is used Syntax timeout timeout timeout The timeout value in seconds Range 1 30 Default Configuration If left unspecified the timeout defaults to the global value Command Mode TACACS Configuration mode User Guidelines This command has no user guidelines Example This example shows how to spec...

Page 572: ...572 TACACS Commands ...

Page 573: ...n tunnel show dvlan tunnel interface show interfaces switchport show port protocol show port protocol show vlan show vlan association mac show vlan association subnet switchport access vlan switchport forbidden vlan switchport general acceptable frame type tagged only switchport general allowed vlan switchport general ingress filtering disable switchport general pvid switchport mode switchport pro...

Page 574: ...chport trunk allowed vlan vlan vlan association mac vlan association subnet vlan database vlan makestatic vlan protocol group vlan protocol group add protocol vlan protocol group name vlan protocol group remove vlan routing ...

Page 575: ...s the EtherType as 0x8100 vman Configures the EtherType as 0x88A8 custom Custom configures the EtherType for the DVLAN tunnel The value must be 0 65535 Default Configuration The default for this command is 802 1Q Command Mode Global Configuration User Guidelines This command has no user guidelines Example The following example displays configuring Double VLAN tunnel for vman EtherType console conf...

Page 576: ...k 255 255 255 0 console config interface vlan 1 console config vlan ip address 131 108 1 27 255 255 255 0 interface range vlan Use the interface range vlan command in Global Configuration mode to execute a command on multiple VLANs at the same time Syntax interface range vlan vlan range all vlan range A list of valid VLAN IDs to add Separate nonconsecutive VLAN IDs with a comma and no spaces use a...

Page 577: ... VLAN 889 to receive the same command console config interface range vlan 221 228 889 console config if mode dvlan tunnel Use the mode dvlan tunnel command in Interface Configuration mode to enable Double VLAN Tunneling on the specified interface To disable Double VLAN Tunneling on the specified interface use the no form of this command Syntax mode dvlan tunnel no mode dvlan tunnel Default Configu...

Page 578: ...his command NOTE This command cannot be configured for a range of interfaces range context Syntax name string no name string Comment or description to help identify a specific VLAN Range 1 32 characters Default Configuration No name is defined Command Mode Interface Configuration VLAN mode User Guidelines The VLAN name must be unique Example The following example names VLAN number 19 with the name...

Page 579: ...m of this command Syntax protocol group groupid vlanid no protocol group groupid vlanid groupid The protocol based VLAN group ID which is automatically generated when you create a protocol based VLAN group with the vlan protocol group command To see the group ID associated with the name of a protocol group use the show port protocol all command vlanid A valid VLAN ID Default Configuration This com...

Page 580: ...RP is expected to create the VLAN To remove the interface from this protocol based VLAN group that is identified by this groupid use the no form of this command If you select all all ports are removed from this protocol group Syntax protocol vlan group groupid no protocol vlan group groupid groupid The protocol based VLAN group ID which is automatically generated when you create a protocol based V...

Page 581: ... of the protocol based group except when GVRP is expected to create the VLAN To remove all interfaces from this protocol based group that is identified by this groupid use the no form of the command Syntax protocol vlan group all groupid no protocol vlan group all groupid groupid The protocol based VLAN group ID which is automatically generated when you create a protocol based VLAN group with the ...

Page 582: ... has no user guidelines Example The following example shows how to display all interfaces for Double VLAN Tunneling console show dvlan tunnel Interfaces Enabled for DVLAN Tunneling 1 g1 show dvlan tunnel interface Use the show dvlan tunnel interface command in Privileged EXEC mode to display detailed information about Double VLAN Tunneling for the specified interface or all interfaces Syntax show ...

Page 583: ...port command in Privileged EXEC mode to display switchport configuration Field Description Mode This field specifies the administrative mode through which Double VLAN Tunneling can be enabled or disabled The default value for this field is disabled Interface Interface Number EtherType This field represents a 2 byte hex EtherType to be used as the first 16 bits of the DVLAN tunnel The three differe...

Page 584: ...ation Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Examples The following example displays switchport configuration individually for g1 console show interface switchport ethernet 1 g1 Port 1 g1 VLAN Membership mode General Operating parameters PVID 1 default Ingress Filtering Enabled Acceptable Frame Type All GVRP status Enabled Protected Enabled Port 1 g1 ...

Page 585: ...Port 1 g1 is statically configured to VLAN Name Egress rule 11 VLAN0011 tagged 19 IPv6 VLAN untagged 72 VLAN0072 untagged Forbidden VLANS VLAN Name 73 Out The following example displays switchport configuration individually for 1 g2 console show interface switchport ethernet 1 g2 Port 1 g2 VLAN Membership mode General Operating parameters PVID 4095 discard vlan Ingress Filtering Enabled Acceptable...

Page 586: ...rt 1 g2 is statically configured to VLAN Name Egress rule 8 VLAN0072 untagged 91 IP Telephony tagged Forbidden VLANS VLAN Name 73 Out The following example displays switchport configuration individually for 2 g19 console show interfaces switchport ethernet 2 g19 Port 2 g19 Operating parameters PVID 2922 Ingress Filtering Enabled Acceptable Frame Type Untagged GVRP status Disabled ...

Page 587: ...rule Type 2921 Primary A untagged Static 2922 Community A1 untagged Static show port protocol Use the show port protocol command in Privileged EXEC mode to display the Protocol Based VLAN information for either the entire system or for the indicated group Syntax show port protocol groupid all groupid The protocol based VLAN group ID which is automatically generated when you create a protocol based...

Page 588: ...e system console show port protocol all Group Group Name ID Protocol s VLAN Interface s test 1 IP 1 1 g1 show switchport protected Use the show switchport protected command in Privileged EXEC mode to display the status of all the interfaces including protected and unprotected interfaces Syntax show switchport protected groupid groupid Identifies which group the port is to be protected in Range 0 2...

Page 589: ... Use the show vlan command in Privileged EXEC mode to display VLAN information Syntax show vlan id vlan id name vlan name vlan id A valid VLAN ID vlan name A valid VLAN name string Range 1 32 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays all VLAN...

Page 590: ...quired 3964 Guest VLAN 1 g17 Guest show vlan association mac Use the show vlan association mac command in Privileged EXEC mode to display the VLAN associated with a specific configured MAC address If no MAC address is specified the VLAN associations of all the configured MAC addresses are displayed Syntax show vlan association mac mac address mac address Specifies the MAC address to be entered in ...

Page 591: ...mand in Privileged EXEC mode to display the VLAN associated with a specific configured IP Address and netmask If no IP Address and net mask are specified the VLAN associations of all the configured IP subnets are displayed Syntax show vlan association subnet ip address ip mask ip address Specifies IP address to be shown ip mask Specifies IP mask to be shown Default Configuration This command has n...

Page 592: ...econfigure the default use the no form of this command Syntax switchport access vlan vlan id no switchport access vlan vlan id A valid VLAN ID of the VLAN to which the port is configured Default Configuration The default value for the vlan id parameter is 1 Command Mode Interface Configuration Ethernet port channel mode User Guidelines The command automatically removes the port from the previous V...

Page 593: ...orbidden list Separate nonconsecutive VLAN IDs with a comma and no spaces Use a hyphen to designate a range of IDs remove vlan list List of valid VLAN IDs to remove from the forbidden list Separate nonconsecutive VLAN IDs with a comma and no spaces Use a hyphen to designate a range of IDs Default Configuration All VLANs allowed Command Mode Interface Configuration Ethernet port channel mode User G...

Page 594: ... types are accepted at ingress Command Mode Interface Configuration Ethernet port channel mode User Guidelines This command has no user guidelines Example The following example configures 1 g8 to discard untagged frames at ingress console config interface ethernet 1 g8 console config if 1 g8 switchport general acceptable frame type tagged only switchport general allowed vlan Use the switchport gen...

Page 595: ...for the VLANs Default Configuration Untagged Command Mode Interface Configuration Ethernet port channel mode User Guidelines You can use this command to change the egress rule for example from tagged to untagged without first removing the VLAN from the list Example The following example shows how to add VLANs 1 2 5 and 8 to the allowed list console config if 1 g8 switchport general allowed vlan ad...

Page 596: ...ngress filtering disable switchport general pvid Use the switchport general pvid command in Interface Configuration mode to configure the Port VLAN ID PVID when the interface is in general mode Use the switchport mode general command to set the VLAN membership mode of a port to general To configure the default value use the no form of this command Syntax switchport general pvid vlan id no switchpo...

Page 597: ...and Syntax switchport mode access trunk general no switchport mode access An access port connects to a single end station belonging to a single VLAN An access port is configured with ingress filtering enabled and will accept either an untagged frame or a packet tagged with the access port VLAN An access port only egresses untagged packets trunk Trunk port connects two switches A trunk port may bel...

Page 598: ...tected port The groupid parameter identifies the set of protected ports to which this interface is assigned You can only configure an interface as protected in one group You are required to remove an interface from one group before adding it to another group Port protection occurs within a single switch Protected port configuration does not affect traffic between ports on two different switches No...

Page 599: ...ted name Use the switchport protected name command in Global Configuration mode to adds the port to the protected group 1 and also sets the group name to protected Syntax switchport protected groupid name name no switchport protected groupid name groupid Identifies which group the port is to be protected in Range 0 2 name Name of the group Range 0 32 characters Default Configuration This command h...

Page 600: ...VLAN IDs to add Separate non consecutive VLAN IDs with a comma and no spaces Use a hyphen to designate a range of IDs remove vlan list List of VLAN IDs to remove Separate non consecutive VLAN IDs with a comma and no spaces Use a hyphen to designate a range of IDs Default Configuration This command has no default configuration Command Mode Interface Configuration Ethernet port channel mode User Gui...

Page 601: ...Ds Range 2 4093 Default Configuration This command has no default configuration Command Mode VLAN Database mode User Guidelines Deleting the VLAN for an access port will cause that port to become unusable until it is assigned a VLAN that exists Example The following example shows how to create add VLAN of IDs 22 23 and 56 console config vlan vlan 22 23 56 console config vlan vlan association mac U...

Page 602: ...has no user guidelines Example The following example associates MAC address with VLAN ID 1 console config vlan vlan association mac 0001 0001 0001 1 vlan association subnet Use the vlan association subnet command in VLAN Database mode to associate a VLAN to a specific IP subnet Syntax vlan association subnet ip address subnet mask vlanid no vlan association subnet ip address subnet mask ip address...

Page 603: ...lan association subnet 192 245 23 45 255 255 255 0 100 vlan database Use the vlan database command in Global Configuration mode to enter the VLAN database configuration mode Syntax vlan database Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enters the VLAN data...

Page 604: ...er Guidelines The dynamic VLAN created via GRVP should exist prior to executing this command See the Type column in output from the show vlan command to determine that the VLAN is dynamic Example The following changes vlan 3 to a static VLAN console config vlan vlan makestatic 3 vlan protocol group Use the vlan protocol group command in Global Configuration mode to add protocol based groups to the...

Page 605: ...24 the problem on the latest code will remain Syntax vlan protocol group groupid no vlan protocol group groupid groupid The protocol based VLAN group ID to create a protocol based VLAN group To see the created protocol groups use the show port protocol all command Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has...

Page 606: ...ocol based VLAN group with the vlan protocol group command To see the group ID associated with the name of a protocol group use the show port protocol all command ethertype The protocol you want to add The ethertype can be any valid hexadecimal number in the range 1536 to 65535 Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Th...

Page 607: ... be up to 16 characters length It can be any valid alpha numeric characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console config vlan protocol group name 1 usergroup vlan protocol group remove Use the vlan protocol group remove command in Global Configuration mode to remove ...

Page 608: ...on any VLANs by default Command Mode VLAN Database mode User Guidelines The user is not required to use this command Routing can still be enabled using the routing command in VLAN Interface Configuration mode Examples console config vlan vlan routing 10 1 groupid The protocol based VLAN group ID which is automatically generated when you create a protocol based VLAN group with the vlan protocol gro...

Page 609: ...ommands 609 User Guidelines This command has no user guidelines Example The following example displays the removal of the protocol based VLAN group identified as 2 console config vlan protocol group remove 2 ...

Page 610: ...610 VLAN Commands ...

Page 611: ...Voice VLAN Commands 611 28 Voice VLAN Commands This chapter explains the following commands voice vlan voice vlan Interface voice vlan data priority show voice vlan ...

Page 612: ...pplicable Default Value This feature is disabled by default Example console config voice vlan console config no voice vlan voice vlan Interface This command is used to enable the voice vlan capability on the interface Syntax voice vlan vlanid dot1p priority none untagged data priority trust untrust auth enable disable dscp dscp no voice vlan vlanid The voice VLAN ID priority The Dot1p priority for...

Page 613: ...are no user guidelines for this command Example console config if 1 g1 voice vlan 1 console config if 1 g1 voice vlan dot1p 1 console config if 1 g1 voice vlan none console config if 1 g1 voice vlan untagged voice vlan data priority This command is to either trust or not trust untrust the data traffic arriving on the voice VLAN port Syntax voice vlan data priority trust untrust trust Trust the dot...

Page 614: ...f the voice VLAN is displayed When the interface parameter is specified Voice VLAN ModeThe admin mode of the voice VLAN on the interface Voice VLAN IdThe voice VLAN ID Voice VLAN PriorityThe Dot1p priority for the voice VLAN on the port Voice VLAN Untagged The tagging option foe the voice VLAN traffic Voice VLAN COS Override The Override option for the voice traffic arriving on the port Voice VLAN...

Page 615: ...Voice VLAN Commands 615 Interface 1 g1 Voice VLAN Interface Mode Enabled Voice VLAN ID 1 Voice VLAN COS Override False Voice VLAN Port Status Disabled ...

Page 616: ...616 Voice VLAN Commands ...

Page 617: ...1x re authentication dot1x system auth control dot1x timeout guest vlan period dot1x timeout quiet period dot1x timeout re authperiod dot1x timeout server timeout dot1x timeout supp timeout dot1x timeout tx period show dot1x show dot1x clients show dot1x ethernet show dot1x statistics show dot1x users 802 1x Advanced Features dot1x guest vlan dot1x unauth vlan show dot1x advanced ...

Page 618: ...618 802 1x Commands 802 1x Option 81 radius server attribute 4 ...

Page 619: ...g example sets MAC Authentication Bypass on interface 1 2 console config if 1 g2 dot1x mac auth bypass dot1x max req Use the dot1x max req command in Interface Configuration mode to set the maximum number of times that the switch sends an Extensible Authentication Protocol EAP request frame assuming that no response is received to the client before restarting the authentication process To return t...

Page 620: ...net 1 g16 console config if 1 g16 dot1x max req 6 dot1x max users Use the dot1x max users command in Interface Configuration mode to set the maximum number of clients supported on the port when MAC based 802 1X authentication is enabled on the port Use the no version of the command to reset the maximum number of clients supported on the port when MAC based 802 1X authentication is enabled on the p...

Page 621: ...horized or unauthorized state based on the 802 1x authentication exchange between the switch and the client force authorized Disables 802 1x authentication on the interface and causes the port to transition to the authorized state without any authentication exchange required The port sends and receives normal traffic without 802 1x based authentication of the client force unauthorized Denies all a...

Page 622: ...entication the port must be in switchport general mode Example The following command enables MAC based authentication on port 1 g2 console config interface ethernet 1 g2 console config if 1 g2 dot1x port control mac based dot1x re authenticate Use the dot1x re authenticate command in Privileged EXEC mode to enable manually initiating a re authentication of all 802 1x enabled ports or the specified...

Page 623: ...de to enable periodic re authentication of the client To return to the default setting use the no form of this command Syntax dot1x re authentication no dot1x re authentication Default Configuration Periodic re authentication is disabled Command Mode Interface Configuration Ethernet mode User Guidelines This command has no user guidelines Example The following example enables periodic re authentic...

Page 624: ...uration mode User Guidelines This command has no user guidelines Example The following example enables 802 1x globally console config dot1x system auth control dot1x timeout guest vlan period Use the dot1x timeout guest vlan period command in Interface Configuration mode to set the number of seconds that the switch waits before authorizing the client if the client is a dot1x unaware client Syntax ...

Page 625: ... config dot1x timeout guest vlan period 100 dot1x timeout quiet period Use the dot1x timeout quiet period command in Interface Configuration mode to set the number of seconds that the switch remains in the quiet state following a failed authentication exchange for example the client provided an invalid password To return to the default setting use the no form of this command Syntax dot1x timeout q...

Page 626: ...xample sets the number of seconds that the switch remains in the quiet state following a failed authentication exchange to 3600 console config interface ethernet 1 g16 console config if 1 g16 dot1x timeout quiet period 3600 dot1x timeout re authperiod Use the dot1x timeout re authperiod command in Interface Configuration mode to set the number of seconds between re authentication attempts To retur...

Page 627: ...erver timeout Use the dot1x timeout server timeout command in Interface Configuration mode to set the time that the switch waits for a response from the authentication server To return to the default setting use the no form of this command Syntax dot1x timeout server timeout seconds no dot1x timeout server timeout seconds Time in seconds that the switch waits for a response from the authentication...

Page 628: ...re retransmitting an Extensible Authentication Protocol EAP request frame to the client To return to the default setting use the no form of this command Syntax dot1x timeout supp timeout seconds no dot1x timeout supp timeout seconds Time in seconds that the switch should wait for a response to an EAP request frame from the client before resending the request Range 1 65535 Default Configuration The...

Page 629: ...ient before resending the request To return to the default setting use the no form of this command Syntax dot1x timeout tx period seconds no dot1x timeout tx period seconds Time in seconds that the switch should wait for a response to an EAP request identity frame from the client before resending the request Range 1 65535 Default Configuration The period of time is set to 30 seconds Command Mode I...

Page 630: ... interface This feature is an extension of Dot1x Option 81 feature added in Power Connect Release 2 1 The feature accepts a VLAN name as an alternative to a number when RADIUS indicates the Tunnel Private Group ID for a supplicant Syntax show dot1x ethernet interface interface A valid Ethernet interface Default Configuration This command has no default configuration Command Mode Privileged EXEC mo...

Page 631: ...d Supplicant Timeout 30 Server Timeout secs 30 Authenticator PAE State Initialize Backend Authentication State Initialize Authentication Success 9 Authentication Fails 1 The show dot1x output for a specified interface varies depending on the 802 1X Admin Mode of the port and whether any supplicants are authenticated on the port The following table describes the significant fields shown in the disp...

Page 632: ... the port is unauthorized it shows the last user that was authenticated successfully Quiet period The number of seconds that the switch remains in the quiet state following a failed authentication exchange for example the client provided an invalid password Transmit period The number of seconds that the switch waits for a response to an Extensible Authentication Protocol EAP request identity frame...

Page 633: ...cator PAE State Current state of the authenticator PAE state machine Possible values are Initialize Disconnected Connecting Authenticating Authenticated Aborting Held ForceAuthorized and ForceUnauthorized Backend Authentication State Current state of the backend authentication state machine Possible values are Request Response Success Fail Timeout Idle and Initialize Authentication success Counts ...

Page 634: ...user guidelines Example The following example displays information about the 802 1x clients authenticated on port 1 g9 console show dot1x clients ethernet 1 g9 Interface 1 g9 User Name guest1 Supp MAC Address 0012 1756 76EA Session Time 118 Filter Id VLAN Assigned 1 Interface 1 g9 User Name guest1 Supp MAC Address 0012 1756 796B Session Time 80 Filter Id ...

Page 635: ...umber Username The username representing the identity of the Supplicant This field shows the username when the port control is auto or mac based If the port is Authorized it shows the username of the current user If the port is unauthorized it shows the last user that was authenticated successfully Supp MAC Address The MAC address of the supplicant Session Time The amount of time in seconds since ...

Page 636: ... ethernet 1 g1 Administrative Mode Disabled Port Admin Oper Reauth Reauth Mode Mode Control Period 1 g1 auto Authorized FALSE 3600 Quiet Period 60 Transmit Period 30 Maximum Requests 2 Max Users 16 VLAN Assigned 10 exampleVlanName Supplicant Timeout 30 Server Timeout secs 30 MAB mode configured Disabled MAB mode operational Disabled Authenticator PAE State Initialize Backend Authentication State I...

Page 637: ...ation This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays 802 1x statistics for the specified interface console show dot1x statistics ethernet 1 g2 Port 1 g2 EAPOL Frames Received 0 EAPOL Frames Transmitted 0 EAPOL Start Frames Received 0 EAPOL Logoff Frames Received 0 Last EAPOL Fram...

Page 638: ...e number of EAPOL Logoff frames that have been received by this Authenticator EapolRespIdFramesRx The number of EAP Resp Id frames that have been received by this Authenticator EapolRespFramesRx The number of valid EAP Response frames other than Resp Id frames that have been received by this Authenticator EapolReqIdFramesTx The number of EAP Req Id frames that have been transmitted by this Authent...

Page 639: ...d has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays 802 1x users console show dot1x users Port Username 1 g1 Bob 1 g2 John Switch show dot1x users username Bob LastEapolFrameVersion The protocol version number carried in the most recently received EAPOL frame LastEapolFrameSource The source MAC ...

Page 640: ... command sets the guest VLAN id to zero which disables the guest VLAN on a port Syntax dot1x guest vlan vlan id no dot1x guest vlan vlan id The ID of a valid VLAN to use as the guest VLAN Range 0 4093 Default Configuration The guest VLAN is disabled on the interface by default Command Mode Interface Configuration Ethernet mode User Guidelines Configure the guest VLAN before using this command Fiel...

Page 641: ...of a valid VLAN to use for unauthenticated clients Range 0 4093 Default Configuration The unauthenticated VLAN is disabled on the interface by default Command Mode Interface Configuration Ethernet mode User Guidelines Configure the unauthenticated VLAN before using this command Example The following example set the unauthenticated VLAN on port 1 g2 to VLAN 20 console config if 1 g2 dot1x unauth vl...

Page 642: ...dvanced ethernet interface interface Specifies a valid ethernet interface Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays 802 1x advanced features for the switch console show dot1x advanced Port Guest Unauthenticated VLAN Vlan 1 g1 Disabled Disabled 1 g2 10 2...

Page 643: ...802 1x Commands 643 console show dot1x advanced ethernet 1 g2 Port Guest Unauthenticated VLAN Vlan 1 g2 10 20 ...

Page 644: ... 4 ip address no dot1x guest vlan ip address Specifies the IP address to be used as the RADIUS attribute 4 the NAS IP address Default Configuration If a RADIUS server has been configured on the switch the default attribute 4 value is the RADIUS server IP address Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example sets the NAS IP ...

Page 645: ...a network These commands define the addressing and routing structure of the Internet This section of the document contains the following Layer 3 topics ARP Commands DHCP and BOOTP Relay Commands DHCPv6 Commands DVMRP Commands IGMP Commands IGMP Proxy Commands IP Helper Commands IP Routing Commands IPv6 MLD Snooping Commands IPv6 Multicast Commands IPv6 Routing Commands Loopback Interface Commands ...

Page 646: ...s Tunnel Interface Commands Virtual LAN Routing Commands Virtual Router Redundancy Protocol Commands ARP Commands This chapter explains the following commands arp arp cachesize arp dynamicrenew arp purge arp resptime arp retries arp timeout clear arp cache clear arp cache management ip proxy arp show arp ...

Page 647: ... for that device Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example creates an ARP entry consisting of an IP address and a MAC address console config arp 192 168 1 2 00A2 64B3 A245 arp cachesize Use the arp cachesize command in Global Configuration mode to configure...

Page 648: ...elines Example The following example defines an arp cachesize of 500 console config arp cachesize 500 arp dynamicrenew Use the arp dynamicrenew command in Global Configuration mode to enable the ARP component to automatically renew dynamic ARP entries when they age out To disable the automatic renewal of dynamic ARP entries when they age out use the no form of the command Syntax arp dynamicrenew n...

Page 649: ...d subsequent data packets to the host trigger an ARP request Traffic to the host is lost until the router receives an ARP reply from the host Gateway entries entries for a neighbor router are always renewed The dynamic renew option only applies to host entries The disadvantage of enabling dynamic renew is that once an ARP cache entry is created that cache entry continues to take space in the ARP c...

Page 650: ...mple removes the specified IP address from arp cache console arp purge 192 168 1 10 arp resptime Use the arp resptime command in Global Configuration mode to configure the ARP request response timeout To return the response timeout to the default value use the no form of this command Syntax arp resptime integer no arp resptime integer IP ARP entry response time out Range 1 10 seconds Default Confi...

Page 651: ... ARP count of maximum requests for retries To return to the default value use the no form of this command Syntax arp retries integer no arp retries integer The maximum number of requests for retries Range 0 10 Default Configuration The default value is 4 retries Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example defines 6 as the...

Page 652: ...ation The default value is 1200 seconds Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example defines 900 seconds as the timeout console config arp timeout 900 clear arp cache Use the clear arp cache command in Privileged EXEC mode to remove all ARP entries of type dynamic from the ARP cache Syntax clear arp cache gateway gateway R...

Page 653: ...he console clear arp cache gateway clear arp cache management Use the clear arp cache management command to clear all entries from the ARP cache learned from the management port Syntax clear arp cache management Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console clear arp cache manage...

Page 654: ...form of the command to disable proxy ARP on a router interface Syntax ip proxy arp no ip proxy arp Default Configuration Enabled is the default configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example enables proxy arp for VLAN 15 config interface vlan 15 console config if vlan15 ip proxy arp show arp Use the sho...

Page 655: ...nfiguration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example shows show arp command output console show arp Age Time seconds 1200 Response Time seconds 1 Retries 4 Cache Size 896 Dynamic Renew Mode Enable Total Entry Count Current Peak 1 1 Static Entry Count Configured Active Max 0 0 64 console show arp switch ...

Page 656: ...656 ARP Commands IP Address MAC Address Interface Type Age console ...

Page 657: ...nd BOOTP Relay Commands 657 31 DHCP and BOOTP Relay Commands This chapter explains the following commands bootpdhcprelay cidridoptmode bootpdhcprelay maxhopcount bootpdhcprelay minwaittime show bootpdhcprelay ...

Page 658: ...show arposhow arpwshow arp arpshoshow arpw arpshow arpmshow arpode Default Configuration Disabled is the default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enables the circuit ID and remote agent ID options console config bootpdhcprelay cidridoptmode Enable Disable Circuit Id Option and Remote Agent Id Mode...

Page 659: ...ystem Range 1 16 Default Configuration The default integer configuration is 4 Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example defines a maximum hopcount of 6 console config bootpdhcprelay maxhopcount 6 bootpdhcprelay minwaittime Use the bootpdhcprelay minwaittime command in Global Configuration mode to configure the minimum w...

Page 660: ...delines Example The following example defines a minimum wait time of 10 seconds console config bootpdhcprelay minwaittime 10 bootpdhcprelay cidridoptmode Use the bootpdhcprelay cidridoptmode command in Global Configuration mode to enable the circuit ID option and remote agent ID mode for BootP DHCP Relay on the system Use the no form of the command to disable the circuit ID option and remote agent...

Page 661: ... ID options console config bootpdhcprelay cidridoptmode Circuit Id and Remote Agent Id Mode set Successfully show bootpdhcprelay Use the show bootpdhcprelay command in User EXEC mode to display the BootP DHCP Relay information Syntax show bootpdhcprelay Default Configuration The command has no deafult configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines ...

Page 662: ...DHCP and BOOTP Relay Commands Example The following example defines the Boot DHCP Relay information console show bootpdhcprelay Maximum Hop Count 4 Minimum Wait Time Seconds 0 Circuit Id Option Mode Disable ...

Page 663: ...6 dhcp dns server domain name ipv6 dhcp pool ipv6 dhcp relay ipv6 dhcp relay agent info opt ipv6 dhcp relay agent info remote id subopt ipv6 dhcp server prefix delegation service dhcpv6 show ipv6 dhcp show ipv6 dhcp binding show ipv6 dhcp interface show ipv6 dhcp pool show ipv6 dhcp statistics ...

Page 664: ...ault configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Examples The following examples clears DHCPv6 statistics for VLAN 11 console clear ipv6 dhcp interface vlan 11 statistics dns server Use the dns server command in IPv6 DHCP Pool Configuration mode to set the ipv6 DNS server address which is provided to a DHCPv6 client by the DHCPv6 server DNS s...

Page 665: ...erver console config ipv6 dhcp pool addrpool console config dhcp6s pool dns server 2020 1 1 domain name Use the domain name command in IPv6 DHCP Pool Configuration mode to set the DNS domain name which is provided to a DHCPv6 client by the DHCPv6 server DNS domain name is configured for stateless server support Syntax domain name dns domain name no domain name dns domain name dns domain name DHCPv...

Page 666: ...ol Use the ipv6 dhcp pool command in Global Configuration mode to enter IPv6 DHCP Pool Configuration mode DHCPv6 pools are used to specify information for DHCPv6 server to distribute to DHCPv6 clients These pools are shared between multiple interfaces over which DHCPv6 server capabilities are configured Syntax ipv6 dhcp pool pool name no ipv6 dhcp pool pool name pool name DHCPv6 pool name Range 1 ...

Page 667: ...ing destination Keyword that sets the relay server IPv6 address relay address An IPv6 address of a DHCPv6 relay server interface Sets the relay server interface vlan id A valid VLAN ID remote id duid ifid user defined string The Relay Agent Information Option remote ID sub option to be added to relayed messages This can either be the special keyword duid ifid which causes the remote ID to be deriv...

Page 668: ...onfig if vlan15 ipv6 dhcp relay destination 2020 1 1 ipv6 dhcp relay agent info opt Use ipv6 dhcp relay agent info opt command in Global Configuration mode to configure a number to represent the DHCPv6 Relay Agent Information Option The DHCPv6 Relay Agent Information Option allows for various sub options to be attached to messages that are being relayed by the local router to a relay server The re...

Page 669: ... remote id subopt suboption suboption Remote ID suboption Range 1 65535 Default Configuration The default value for suboption is 1 Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example configures the number 100 to represent the DHCPv6 the remote id sub option console config ipv6 dhcp relay agent info remote id subopt 100 ipv6 dhcp ...

Page 670: ...guration Command Mode Interface Configuration VLAN Tunnel mode User Guidelines This command has no user guidelines Example The following example configures DHCPv6 server functionality console config interface vlan 15 console config if vlan15 ipv6 dhcp server pool prefix delegation Use the prefix delegation command in IPv6 DHCP Pool Configuration mode to define Multiple IPv6 prefixes within a pool ...

Page 671: ... 604800 seconds is the default value for valid lifetime Command Mode IPv6 DHCP Pool Configuration mode User Guidelines This command has no user guidelines Example The following example defines a Multiple IPv6 prefix and client DUID within a pool for distributing to specific DHCPv6 Prefix delegation clients console config ipv6 dhcp pool addrpool console config dhcp6s pool prefix delegation 2020 1 1...

Page 672: ... enables DHCPv6 globally console configure console config service dhcpv6 console config no service dhcpv6 show ipv6 dhcp Use the show ipv6 dhcp command in Privileged EXEC mode to display the DHCPv6 server name and status Syntax show ipv6 dhcp Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines ...

Page 673: ... Privileged EXEC mode to display the configured DHCP pool Syntax show ipv6 dhcp binding ipv6 addr ipv6 addr Valid IPv6 address Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the configured DHCP pool based on the entered IPv6 address console show ipv6 dhcp bi...

Page 674: ... interface tunnel tunnel id vlan vlan id statistics tunnel id Tunnel identifier Range 0 7 vlan id Valid VLAN ID statistics Enables statistics display if interface is specified Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Examples The following examples display DHCPv6 information for VLAN 11 console s...

Page 675: ... Packets Received 0 DHCPv6 Decline Packets Received 0 DHCPv6 Inform Packets Received 0 DHCPv6 Relay forward Packets Received 0 DHCPv6 Relay reply Packets Received 0 DHCPv6 Malformed Packets Received 0 Received DHCPv6 Packets Discarded 0 Total DHCPv6 Packets Received 0 DHCPv6 Advertisement Packets Transmitted 0 DHCPv6 Reply Packets Transmitted 0 DHCPv6 Reconfig Packets Transmitted 0 DHCPv6 Relay re...

Page 676: ... has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the configured DHCP pool console show ipv6 dhcp pool test DHCPv6 Pool test show ipv6 dhcp statistics Use the show ipv6 dhcp statistics command in User EXEC mode to display the DHCPv6 server name and status Syntax show ipv6 dhcp statistics Defaul...

Page 677: ...m Packets Received 0 DHCPv6 Renew Packets Received 0 DHCPv6 Rebind Packets Received 0 DHCPv6 Release Packets Received 0 DHCPv6 Decline Packets Received 0 DHCPv6 Inform Packets Received 0 DHCPv6 Relay forward Packets Received 0 DHCPv6 Relay reply Packets Received 0 DHCPv6 Malformed Packets Received 0 Received DHCPv6 Packets Discarded 0 Total DHCPv6 Packets Received 0 DHCPv6 Advertisement Packets Tr...

Page 678: ...678 DHCPv6 Commands DHCPv6 Relay forward Packets Transmitted 0 Total DHCPv6 Packets Transmitted 0 ...

Page 679: ...VMRP Commands This chapter explains the following commands ip dvmrp ip dvmrp metric ip dvmrp trapflags show ip dvmrp show ip dvmrp interface show ip dvmrp neighbor show ip dvmrp nexthop show ip dvmrp prune show ip dvmrp route ...

Page 680: ...ation VLAN mode User Guidelines This command has no user guidelines Example The following example sets VLAN 15 s administrative mode of DVMRP to active console config interface vlan 15 console config if vlan15 ip dvmrp ip dvmrp metric Use the ip dvmrp metric command in Interface Configuration mode to configure the metric for an interface This value is used in the DVMRP messages as the cost to reac...

Page 681: ...fig interface vlan 15 console config if vlan15 ip dvmrp metric 5 ip dvmrp trapflags Use the ip dvmrp trapflags command in Global Configuration mode to enable the DVMRP trap mode Syntax ip dvmrp trapflags no ip dvmrp trapflags Default Configuration Disabled is the default state Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following command e...

Page 682: ...P Syntax show ip dvmrp Default Configuration This command has no default condition Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays system wide information for DVMRP console config show ip dvmrp Admin Mode Disable Version 3 Total Number of Routes 0 Reachable Routes 0 DVMRP INTERFACE STATUS Interface Interface Mode Protocol...

Page 683: ... has no default condition Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays interface information for VLAN 11 DVMRP console config show ip dvmrp interface vlan 11 Interface Mode Disable show ip dvmrp neighbor Use the show ip dvmrp neighbor command in Privileged EXEC mode to display the neighbor information for DVMRP Syntax ...

Page 684: ...p dvmrp nexthop command in Privileged EXEC mode to display the next hop information on outgoing interfaces for routing multicast datagrams Syntax show ip dvmrp nexthop Default Configuration This command has no default condition Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the next hop information on outgoing interfaces...

Page 685: ...uration This command has no default condition Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the table that lists the router s upstream prune information console config show ip dvmrp prune Expir y Group IP Source IP Source Mask Time secs show ip dvmrp route Use the show ip dvmrp route command in Privileged EXEC mode to d...

Page 686: ...fault condition Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the multicast routing information for DVMRP console show ip dvmrp route Upstream Expiry Up Time Source Address Neighbor Interface Metric Time secs secs ...

Page 687: ...ery count ip igmp last member query interval ip igmp query interval ip igmp query max response time ip igmp robustness ip igmp startup query count ip igmp startup query interval ip igmp version show ip igmp show ip igmp groups show ip igmp interface show ip igmp interface membership show ip igmp interface stats ...

Page 688: ...ser guidelines Example The following example globally enables IGMP console config ip igmp ip igmp last member query count Use the ip igmp last member query count command in Interface Configuration mode to set the number of Group Specific Queries sent before the router assumes that there are no local members on the interface Syntax ip igmp last member query count count no ip igmp last member query ...

Page 689: ...query count ip igmp last member query interval Use the ip igmp last member query interval command in Interface Configuration mode to configure the Maximum Response Time inserted in Group Specific Queries which are sent in response to Leave Group messages Syntax ip igmp last member query interval tenthsofseconds no ip igmp last member query interval tenthsofseconds Maximum Response Time in tenths o...

Page 690: ...face Configuration mode to configure the query interval for the specified interface The query interval determines how fast IGMP Host Query packets are transmitted on this interface Syntax ip igmp query interval seconds no ip igmp query interval seconds Query interval Range 1 3600 Default Configuration The default query interval value is 125 seconds Command Mode Interface Configuration VLAN mode Us...

Page 691: ...is specified in tenths of a second Syntax ip igmp query max response time tenthsofseconds no ip igmp query max response time tenthsofseconds Maximum response time Range 1 25 seconds Default Configuration The default maximum response time value is 100 tenths of seconds Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example co...

Page 692: ...obustness variable Range 1 255 Default Configuration The default robustness value is 2 Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example configures a robustness value of 10 for VLAN 15 console config interface vlan 15 console config if vlan15 ip igmp robustness 10 ip igmp startup query count Use the ip igmp startup quer...

Page 693: ...of queries sent out on startup at 10 console config interface vlan 15 console config if vlan15 ip igmp startup query count 10 ip igmp startup query interval Use the ip igmp startup query interval command in Interface Configuration mode to set the interval between general queries sent at startup on the interface Syntax ip igmp startup query interval seconds no ip igmp startup query interval seconds...

Page 694: ... if vlan15 ip igmp startup query interval 10 ip igmp version Use the ip igmp version command in Interface Configuration mode to configure the version of IGMP for an interface Syntax ip igmp version version version IGMP version Range 1 3 Default Configuration The default version is 3 Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The follo...

Page 695: ...fault Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays system wide IGMP information console show ip igmp IGMP Admin Mode Enabled IGMP Router Alert check Disabled IGMP INTERFACE STATUS Interface Interface Mode Operational Status vlan 3 Enabled Non Operational ...

Page 696: ...d detail vlan id Valid VLAN ID Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the registered multicast groups for VLAN 1 console show ip igmp groups interface vlan 3 detail REGISTERED MULTICAST GROUP DETAILS Version1 Version2 Group Multicast Last Up Expiry H...

Page 697: ...iguration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays IGMP information for VLAN 11 console show ip igmp vlan 11 Interface 11 IGMP Admin Mode Enable Interface Mode Enable IGMP Version 3 Query Interval secs 125 Query Max Response Time 1 10 of a second 100 Robustness 2 Startup Qu...

Page 698: ...sted interfaces Syntax show ip igmp interface membership groupaddr detail groupaddr Group IP address Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Examples The following examples display the list of interfaces that have registered in the multicast group at IP address 224 5 5 5 the latter in deta...

Page 699: ... stats Use the show ip igmp interface stats command in User EXEC mode to display the IGMP statistical information for the interface The statistics are only displayed when the interface is enabled for IGMP Syntax show ip igmp interface stats vlan vlan id vlan id Valid VLAN ID Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines This command ha...

Page 700: ...ays the IGMP statistical information for VLAN 7 console show ip igmp interface stats vlan 7 Querier Status Querier Querier IP Address 7 7 7 7 Querier Up Time secs 55372 Querier Expiry Time secs 0 Wrong Version Queries 0 Number of Joins 7 Number of Groups 1 ...

Page 701: ...mmands This chapter explains the following commands ip igmp proxy ip igmp proxy reset status ip igmp proxy unsolicited report interval show ip igmp proxy show ip igmp proxy interface show ip igmp proxy groups show ip igmp proxy groups detail ...

Page 702: ...d is the default configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example enables the IGMP Proxy on the VLAN 15 router console config interface vlan 15 console config if vlan15 ip igmp proxy ip igmp proxy reset status Use the ip igmp proxy reset status command in Interface Configuration mode to reset the host int...

Page 703: ...roxy reset status ip igmp proxy unsolicited report interval Use the ip igmp proxy unsolicited report interval command in Interface Configuration mode to set the unsolicited report interval for the IGMP Proxy router This command is valid only if IGMP Proxy on the interface is enabled Syntax ip igmp proxy unsolicited report interval seconds seconds Unsolicited report interval Range 1 260 seconds Def...

Page 704: ...mand in Privileged EXEC mode to display a summary of the host interface status parameters It displays status parameters only when IGMP Proxy is enabled Syntax show ip igmp proxy Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays a summary of the host interface s...

Page 705: ...gmp proxy interface command in Privileged EXEC mode to display a detailed list of the host interface status parameters It displays status parameters only when IGMP Proxy is enabled Syntax show ip igmp proxy interface Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example fai...

Page 706: ...y a table of information about multicast groups that IGMP Proxy reported It displays status parameters only when IGMP Proxy is enabled Syntax show ip igmp proxy groups Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example attempts to display a table of information about mul...

Page 707: ...roxy groups detail command in Privileged EXEC mode to display complete information about multicast groups that IGMP Proxy has reported Syntax show ip igmp proxy groups detail Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays complete information about multicast...

Page 708: ...708 IGMP Proxy Commands Group Address Last Reporter Up Time Member State Filter Mode Sources 225 0 1 1 13 13 13 1 26 DELAY MEMBER Exclude 0 225 0 1 2 13 13 13 1 67 DELAY MEMBER Exclude 0 ...

Page 709: ...lper Commands This chapter explains the following commands clear ip helper statistics ip helper address global configuration ip helper address interface configuration ip helper enable show ip helper address show ip helper statistics ...

Page 710: ...lobal configuration command to configure the relay of certain UDP broadcast packets received on any interface To delete an IP helper entry use the no form of this command Syntax ip helper address server address dest udp port dhcp domain isakmp mobile ip nameserver netbios dgm netbios ns ntp pim auto rp rip tacacs tftp time no ip helper address server address dest udp port dhcp domain isakmp mobile...

Page 711: ...69 and time port 37 Other ports must be specified by number Default Configuration No helper addresses are configured Command Mode Global Configuration mode User Guidelines This command can be invoked multiple times either to specify multiple server addresses for a given port number or to specify multiple port numbers handled by a specific server The command no ip helper address with no arguments c...

Page 712: ...le ip nameserver netbios dgm netbios ns ntp pim auto rp rip tacacs tftp time server address The IPv4 unicast or directed broadcast address to which relayed UDP broadcast packets are sent The server address cannot be an IP address configured on any interface of the local router discard Matching packets should be discarded rather than relayed even if a global ip helper address configuration matches ...

Page 713: ...ments clears all helper addresses on the interface Example To relay DHCP packets received on vlan 5 to two DHCP servers 192 168 10 1 and 192 168 20 1 use the following commands console config console config interface vlan 5 console config if vlan5 ip helper address 192 168 10 1 dhcp console config if vlan5 ip helper address 192 168 20 1 dhcp To relay both DHCP and DNS packets to 192 168 30 1 use t...

Page 714: ... packets received on vlan 6 console config console config ip helper address 192 168 40 1 dhcp console config interface vlan 5 console config if vlan5 ip helper address 192 168 40 2 dhcp console config if vlan5 ip helper address 192 168 40 2 domain console config if vlan5 exit console config interface 2 6 console config if vlan6 ip helper address 192 168 23 1 162 console config if vlan6 ip helper a...

Page 715: ... of any other protocols for which an IP helper address has been configured Example console config ip helper enable show ip helper address Use the show ip helper address command to display the IP helper address configuration Syntax show ip helper address interface interface Optionally specify an interface to limit the output to the configuration of a single interface The interface is identified as ...

Page 716: ...e This field is set to any for global IP helper entries UDP Port The relay configuration is applied to packets whose destination UDP port is this port Entries whose UDP port is identified as any are applied to packets with the destination UDP ports listed in Table 4 Discard If Yes packets arriving on the given interface with the given destination UDP port are discarded rather than relayed Discard ...

Page 717: ...s received from the DHCP server This count only includes messages that the DHCP server unicasts to the relay agent for relay to the client DHCP server messages relayed The number of DHCP server messages relayed to a client UDP client messages received The number of valid UDP packets received This count includes DHCP messages and all other protocols relayed Conditions are similar to those for the f...

Page 718: ...mum secs value is a configurable value and is displayed in show bootpdhcprelay A log message is written for each such failure The DHCP relay agent does not relay these packets DHCP message with giaddr set to local address The number of DHCP client messages received whose gateway address giaddr is already set to an IP address configured on one of the relay agent s own IP addresses In this case anot...

Page 719: ...the following commands encapsulation ip address ip mtu ip netdirbcast ip route ip route default ip route distance ip routing routing show ip brief show ip interface show ip protocols show ip route show ip route preferences show ip route summary show ip stats vlan routing ...

Page 720: ...the default configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example applies SNAP encapsulation for VLAN 15 console config interface vlan 15 console config if vlan15 encapsulation snap ip address Use the ip address command in Interface Configuration mode to configure an IP address on an interface Also use this co...

Page 721: ...mple The following example defines the IP address and subnet mask for VLAN 15 console config interface vlan 15 console config if vlan15 ip address 192 168 10 10 255 255 255 0 ip mtu Use the ip mtu command in Interface Configuration mode to set the IP Maximum Transmission Unit MTU on a routing interface The IP MTU is the size of the largest IP packet that can be transmitted on the interface without...

Page 722: ...e preference of an individual static route Range 68 9198 Default Configuration 1500 bytes is the default configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example defines 1480 as the MTU for VLAN 15 console config interface vlan 15 console config if vlan15 ip mtu 1480 ip netdirbcast Use the ip netdirbcast command ...

Page 723: ...route The IP route command sets a value for the route preference Among routes to the same destination the route with the lowest preference value is the route entered into the forwarding database Specifying the preference of a static route controls whether a static route is more or less preferred than routes from dynamic routing protocols The preference also controls whether a static route is more ...

Page 724: ...ible you must Enable ip routing globally Enable ip routing for the interface Confirm that the associated link is also up Example The following example identifies the ip address subnet mask next hop ip and a preference value of 200 console config ip route 192 168 10 10 255 255 255 0 192 168 20 1 metric 200 ip route default Use the ip route default command in Global Configuration mode to configure t...

Page 725: ...e config ip route 192 168 10 10 255 255 255 0 192 168 20 1 200 ip route distance Use the ip route distance command in Global Configuration mode to set the default distance preference for static routes Lower route preference values are preferred when determining the best route The ip route and ip route default commands allow optional setting of the distance of an individual static route The default...

Page 726: ...ues are preferred when determining the best route Example The following example sets the default route metric to 80 console config ip route distance 80 ip routing To globally enable IPv4 routing on the router use the ip routing command in Global Configuration mode To disable IPv4 routing globally use the no form of this command Syntax ip routing no ip routing Default Configuration The ip routing d...

Page 727: ... with the show ip brief command The value is labeled Routing Mode in the output display Use the no form of the command to disable routing for an interface Syntax routing no routing Default Configuration Disabled is the default configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example enables IPv4 and IPv6 routing ...

Page 728: ...eged EXEC mode User Guidelines This command has no user guidelines Example The following example displays IP summary information console show ip brief Default Time to Live 30 Routing Mode Disabled IP Forwarding Mode Enabled Maximum Next Hops 2 show ip interface Use the show ip interface command in Privileged EXEC mode to display all pertinent information about one or more IP interfaces Syntax show...

Page 729: ... no user guidelines Examples The following examples display all IP information and information specific to VLAN 15 console show ip interface Management Interface IP Address 10 240 4 125 Subnet Mask 255 255 255 0 Default Gateway 10 240 4 1 Burned In MAC Address 00 10 18 82 04 35 Network Configuration Protocol Current None Management VLAN ID 1 Routing Interfaces Netdir Multi Interface IP Address IP ...

Page 730: ...able console show ip interface vlan 15 Primary IP Address 192 168 10 10 255 255 255 0 Secondary IP Address es 192 168 20 20 255 255 255 0 Routing Mode Disable Administrative Mode Disable Forward Net Directed Broadcasts Disable Proxy ARP Enable Local Proxy ARP Disable Active State Inactive Link Speed Data Rate Inactive MAC Address 00 00 00 01 00 02 ...

Page 731: ... This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays parameters and current state of active routing protocols console show ip protocols Routing Protocol is rip Sending updates every 30 seconds Invalid after 180 seconds hold down 120 flushed after 300 Redistributing RIP Static OSPF Def...

Page 732: ...edistributing OSPF External direct Static RIP Interfaces Interface Metric Key chain 176 1 1 1 10 flowers 176 2 1 1 1 Routing Information Sources Gateway State 176 1 1 2 Full External Preference 60 Internal Preference 20 show ip route Use the show ip route command in Privileged EXEC mode to display the routing table Syntax show ip route protocol address ip address subnet mask prefix length longer p...

Page 733: ...r prefixes Indicates that the ip address and subnet mask pair becomes the prefix and the command displays the routes to the addresses that match that prefix Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the routing table console show ip route Route Codes R ...

Page 734: ...eference values are preferred over higher router preference values Syntax show ip route preferences Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays IP route preferences console show ip route preferences Local 0 Static 1 OSPF Intra area routes 110 OSPF Inter a...

Page 735: ...he number of best routes do not use this optional parameter Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the IP route summary console show ip route summary Connected Routes 0 Static Routes 0 RIP Routes 0 OSPF Routes 0 Intra Area Routes 0 Inter Area Routes ...

Page 736: ... ip stats Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays IP route preferences console show ip stats IpInReceives 24002 IpInHdrErrors 1 IpInAddrErrors 925 IpForwDatagrams 0 IpInUnknownProtos 0 IpInDiscards 0 IpInDelivers 18467 IpOutRequests 295 IpOutDiscards 0 IpOu...

Page 737: ...ngDiscards 0 IcmpInMsgs 3 IcmpInErrors 0 IcmpInDestUnreachs 0 IcmpInTimeExcds 0 IcmpInParmProbs 0 IcmpInSrcQuenchs 0 IcmpInRedirects 0 IcmpInEchos 3 IcmpInEchoReps 0 IcmpInTimestamps 0 IcmpInTimestampReps 0 IcmpInAddrMasks 0 IcmpInAddrMaskReps 0 IcmpOutMsgs 3 IcmpOutErrors 0 IcmpOutDestUnreachs 0 IcmpOutTimeExcds 0 IcmpOutParmProbs 0 ...

Page 738: ... VLAN Syntax vlan routing vlanid index no vlan routing vlanid vlanid Valid VLAN ID Range 1 4093 index Internal interface ID This parameter is for NSF use only Default Configuration Routing is not enabled on any VLANs by default Command Mode VLAN Database mode User Guidelines The user is not required to use this command Routing can still be enabled using the routing command in VLAN Interface Config...

Page 739: ... following commands ipv6 mld snooping immediate leave ipv6 mld snooping groupmembership interval ipv6 mld snooping maxresponse ipv6 mld snooping mcrtexpiretime ipv6 mld snooping Global ipv6 mld snooping Interface ipv6 mld snooping VLAN show ipv6 mld snooping show ipv6 mld snooping groups ...

Page 740: ...only one host is connected to each layer 2 LAN port This prevents the inadvertent dropping of the other hosts that were connected to the same layer 2 LAN port but were still interested in receiving multicast traffic directed to that group Also fast leave processing is supported only with MLD version 1 hosts Syntax ipv6 mld snooping immediate leave vlan id no ipv6 mld snooping immediate leave vlan ...

Page 741: ...embership interval vlan id seconds no ipv6 mld snooping groupmembership interval vlan id vlan_id Specifies a VLAN ID value in VLAN Database mode seconds MLD group membership interval time in seconds Range 2 3600 Default Configuration The default group membership interval time is 260 seconds Command Mode Interface Configuration mode VLAN Database mode User Guidelines This command has no user guidel...

Page 742: ...response time is 10 seconds Command Mode Interface Configuration mode VLAN Database mode User Guidelines This command has no user guidelines Example console config if 4 g1 ipv6 mld snooping maxresponse 33 ipv6 mld snooping mcrtexpiretime The ipv6 mld snooping mcrtexpiretime command sets the Multicast Router Present Expiration time The time is set for a particular interface or VLAN This is the amou...

Page 743: ...nt expiration time is 300 seconds Command Mode Interface Configuration mode VLAN Database mode User Guidelines This command has no user guidelines Example console config if 4 g1 ipv6 mld snooping mcrtrexpiretime 60 ipv6 mld snooping Global The ipv6 mld snooping Global command enables MLD Snooping on the system Global Config Mode Syntax ipv6 mld snooping no ipv6 mld snooping Default Configuration M...

Page 744: ...s disabled on that interface MLD Snooping functionality is re enabled if the interface is removed from a port channel LAG Syntax ipv6 mld snooping no ipv6 mld snooping Default Configuration MLD Snooping is disabled Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example console config if 4 g1 ipv6 mld snooping ipv6 mld s...

Page 745: ...idelines for this command Example console config vlan ipv6 mld snooping 1 show ipv6 mld snooping The show ipv6 mld snooping command displays MLD Snooping information Configured information is displayed whether or not MLD Snooping is enabled Syntax show ipv6 mld snooping interface ethernet interface port channel port channel number vlan vlan id Default Configuration This command has no default conf...

Page 746: ... Fast Leave Mode Indicates whether MLD Snooping Fast leave is active on the VLAN Group Membership Interval Shows the amount of time in seconds that a switch will wait for a report from a particular group on a particular interface which is participating in the VLAN before deleting the interface from the entry This value may be configured Max Response Time Displays the amount of time the switch wait...

Page 747: ...dress Specifies an IPv6 Multicast address Default configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines To see the full Multicast address table including static addresses use the show bridge address table command Example console show ipv6 mld snooping groups Vlan Ipv6 Address Type Ports 1 3333 0000 0003 Dynamic 1 g1 1 g3 2 3333 0000 0004 Dynamic ...

Page 748: ...lan Ipv6 Address Ports console show ipv6 mld snooping groups vlan 2 Vlan Ipv6 Address Type Ports 2 3333 0000 0004 Dynamic 1 g1 1 g3 2 3333 0000 0005 Dynamic 1 g1 1 g3 MLD Reporters that are forbidden statically Vlan Ipv6 Address Ports ...

Page 749: ... bsr border ipv6 pimsm bsr candidate ipv6 pimsm dr priority ipv6 pimsm hello interval ipv6 pimsm join prune interval ipv6 pimsm register threshold ipv6 pimsm rp address ipv6 pimsm rp candidate ipv6 pimsm spt threshold ipv6 pimsm ssm show ipv6 pimsm show ipv6 pimsm bsr show ipv6 pimsm interface show ipv6 pimsm neighbor show ipv6 pimsm rphash show ipv6 pimsm rp mapping ...

Page 750: ...er by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ipv6 pimsm ipv6 pimsm VLAN Interface config Use the ipv6 pimsm command in VLAN Interface configuration mode to administratively enable PIM SM multicast routing mode on a particular IPv6 router interface Use the no form of this command to disable PIM SM on an int...

Page 751: ... prevent bootstrap router BSR messages from being sent or received through an interface Use the no form of this command to disable the interface from being the BSR border Syntax ipv6 pimsm bsr border no ipv6 pimsm bsr border Default Configuration BSR border is disabled by default Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example co...

Page 752: ...n is called All groups with the same seed hash correspond to the same RP For example if this value is 24 only the first 24 bits of the group addresses matter This allows you to get one RP for multiple groups Range 0 128 bits priority The priority of the candidate BSR The BSR with the higher priority is preferred If the priority values are the same the router with the higher IP address is the BSR R...

Page 753: ...47 Default Configuration The default election priority is 1 Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan3 ipv6 pimsm dr priority 10 ipv6 pimsm hello interval Use the ipv6 pimsm hello interval command to configure the PIM SM Hello Interval for the specified interface Use the no form of this command to set...

Page 754: ...e ipv6 pimsm join prune interval command to configure the interface join prune interval for the PIM SM router Use the no form of this command to set the join prune interval to the default Syntax ipv6 pimsm join prune interval interval no ipv6 pimsm join prune interval interval The join prune interval Range 0 18000 seconds Default Configuration The default join prune interval is 60 seconds Command ...

Page 755: ...d threshold The threshold rate Range 0 2000 Kbps Default Configuration The default threshold rate is 0 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ipv6 pimsm register threshold 250 ipv6 pimsm rp address Use the ipv6 pimsm rp address command to statically configure the RP address for one or more multicast groups The opt...

Page 756: ...er Guidelines There are no user guidelines for this command Example console config ipv6 pimsm rp address 2001 1 ff1e 64 ipv6 pimsm rp candidate Use the ipv6 pimsm rp candidate command to configure the router to advertise itself as a PIM candidate rendezvous point RP to the bootstrap router BSR Use the no form of this command to disable the router from advertising itself as a PIM candidate rendezvo...

Page 757: ...nes for this command Example console config ipv6 pimsm rp candidate vlan 6 ff1e 64 ipv6 pimsm spt threshold Use the ipv6 pimsm spt threshold command to configure the Data Threshold rate for the last hop router to switch to the shortest path Use the no form of this command to set the data threshold to the default Syntax ipv6 pimsm spt threshold threshold no ipv6 pimsm spt threshold threshold The th...

Page 758: ...t Defines the SSM range access list to 232 8 group address Group IP address supported by RP prefixlength This parameter specifies the prefix length of the IP address for the media gateway Range 1 32 Default Configuration There is no SSM range defined by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ipv6 pimsm ssm...

Page 759: ...ivileged EXEC mode User Guidelines There are no user guidelines for this command Example console show ipv6 pimsm Admin Mode Enabled Data Threshold Rate Kbps 1000 Register Threshold Rate Kbps 250 SSM RANGE TABLE Group Address Prefix Length FF1E 64 PIM SM INTERFACE STATUS Interface Interface Mode Operational Status vlan 3 Enabled Operational ...

Page 760: ...ut the locally configured candidate rendezvous point RP advertisement Syntax show ipv6 pimsm bsr Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show ipv6 pimsm bsr BSR Address 3001 1 BSR Priority 23 BSR Hash Mask Length 10 Next bootstrap message hh mm ss 00 00 1...

Page 761: ...n vlan id vlan id A valid VLAN ID value Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show ipv6 pimsm interface vlan 6 Slot Port vlan 6 IP Address FE80 2FF EDFF FED0 2 128 Hello Interval secs 30 Join Prune Interval secs 60 Neighbor Count 0 Designated Router FE8...

Page 762: ... neighbor all interface vlan vlan id vlan id A valid VLAN ID value Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show ipv6 pimsm neighbor all Slot Port vlan 6 Neighbor Address FE80 200 FF FE00 33 Up Time hh mm ss 00 00 12 Expiry Time hh mm ss 00 01 34 DR Priori...

Page 763: ...uration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show ipv6 pimsm rphash ff1e 64 RP Type Address 3001 1 BSR show ipv6 pimsm rp mapping Use the show ipv6 pimsm rp mapping command to display all group to RP mappings of which the router is aware either configured or learned from th...

Page 764: ... Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show ipv6 pimsm rp mapping Group Address FF1E 64 RP Address 2001 1 origin Static Group Address FF1E 64 RP Address 3001 1 origin BSR ...

Page 765: ...uery count ipv6 mld last member query interval ipv6 mld proxy ipv6 mld proxy reset status ipv6 mld proxy unsolicit rprt interval ipv6 mld query interval ipv6 mld query max response time ipv6 mld router ipv6 mtu ipv6 nd dad attempts ipv6 nd managed config flag ipv6 nd ns interval ipv6 nd other config flag ipv6 nd prefix ipv6 nd ra interval ipv6 nd ra lifetime ipv6 nd reachable time ipv6 nd suppress...

Page 766: ...ps show ipv6 mld interface show ipv6 mld proxy show ipv6 mld proxy groups show ipv6 mld proxy groups detail show ipv6 mld proxy interface show ipv6 mld traffic show ipv6 neighbors show ipv6 pimdm show ipv6 pimdm interface show ipv6 pimdm neighbor show ipv6 route show ipv6 route preferences show ipv6 route summary show ipv6 traffic show ipv6 vlan traceroute ipv6 ...

Page 767: ...has no user guidelines Example The following example clears all entries in the IPv6 neighbor table console config clear ipv6 neighbors clear ipv6 statistics Use the clear ipv6 statistics command in Privileged EXEC mode to clear IPv6 statistics for all interfaces or for a specific interface including loopback and tunnel interfaces IPv6 statistics display in the output of the show ipv6 traffic comma...

Page 768: ...ress by using this command since one is automatically created IPv6 addresses can be expressed in eight blocks Also of note is that instead of a period a colon separates each block For simplification leading zeros of each 16 bit block can be omitted One sequence of 16 bit blocks containing only zeros can be replaced with a double colon but not more than one at a time otherwise it is no longer a uni...

Page 769: ... Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example configures an IPv6 address and enables IPv6 processing console config interface vlan 15 console config if vlan15 ipv6 address 2020 1 1 64 ipv6 enable Use the ipv6 enable command in Interface Configuration mode to enable IPv6 routing on an interface including tun...

Page 770: ... routing which has not been configured with an explicit IPv6 address console config interface vlan 15 console config if vlan15 ipv6 enable ipv6 forwarding Use the ipv6 forwarding command in Global Configuration mode to enable IPv6 forwarding on a router Syntax ipv6 forwarding no ipv6 forwarding Default Configuration Enabled is the default configuration Command Mode Global Configuration mode User G...

Page 771: ...pv6 host command is used to define static host name to ipv6 address mapping in the host cache Syntax ipv6 host name ipv6 address no ipv6 host name name Host name ipv6 address IPv6 address of the host Default Configuration No IPv6 hosts are defined Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console config ipv6 host Dell 2001 DB8 32 ...

Page 772: ...1 20 Default Configuration The default last member query count is 2 Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan3 ipv6 mld last member query count 5 ipv6 mld last member query interval The ipv6 mld last member query interval command sets the last member query interval for the MLD interface which is the v...

Page 773: ...his command Example console config if vlan3 ipv6 mld last member query interval 5000 ipv6 mld proxy Use the ipv6 mld proxy command to enable MLD Proxy on the router To enable MLD Proxy on the router you must also enable multicast forwarding Also ensure that there are no other multicast routing protocols enabled on the router Use the no form of this command to disable MLD Proxy Syntax ipv6 mld prox...

Page 774: ... Command Mode Interface Configuration VLAN mode Default Configuration There is no default configuration for this command User Guidelines There are no user guidelines for this command Example console config if vlan3 ipv6 mld proxy reset status ipv6 mld proxy unsolicit rprt interval Use the ipv6 mld proxy unsolicit rprt interval command to set the unsolicited report interval for the MLD Proxy router...

Page 775: ...idelines Example console config if vlan3 ipv6 mld proxy unsolicit rprt interval 10 ipv6 mld query interval The ipv6 mld query interval command sets the MLD router s query interval for the interface The query interval is the amount of time between the general queries sent when the router is querying on that interface Use the no form of this command to set the query interval to the default Syntax ip...

Page 776: ...e time in the query messages that are sent on that interface Use the no form of this command to set the maximum query response time to the default Syntax ipv6 mld query max response time query max response time no ipv6 mld query max response time query max response time Maximum query response time Range 1 65535 milliseconds Default Configuration The default query maximum response time is 10 second...

Page 777: ...ault Command Mode Global Configuration mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan3 ipv6 mld router ipv6 mtu Use the ipv6 mtu command in Interface Configuration mode to set the maximum transmission unit MTU size in bytes of IPv6 packets on an interface When the ipv6 mtu is at its default value 1500 and has not ...

Page 778: ...g interface vlan 15 console config if vlan15 ipv6 mtu 1300 ipv6 nd dad attempts Use the ipv6 nd dad attempts command in Interface Configuration mode to set the number of duplicate address detection probes transmitted while doing neighbor discovery Duplicate address detection verifies that an IPv6 address on an interface is unique Syntax ipv6 nd dad attempts attempts no ipv6 nd dad attempts attempt...

Page 779: ...lag command in Interface Configuration mode to set the managed address configuration flag in router advertisements When the value is true end nodes use DHCPv6 When the value is false end nodes automatically configure addresses Syntax ipv6 nd managed config flag no ipv6 nd managed config flag Default Configuration False is the default configuration Command Mode Interface Configuration VLAN Tunnel L...

Page 780: ...on Range 0 1000 4294967295 Default Configuration 0 is the default value for milliseconds Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example sets the interval between router advertisements for advertised neighbor solicitations at 5000 ms console config interface vlan 15 console config if vlan15 ipv6 nd ns ...

Page 781: ...nsole config interface vlan 15 console config if vlan15 ipv6 nd other config flag ipv6 nd prefix Use the ipv6 nd prefix command to configure parameters associated with prefixes that the router advertises in its router advertisements Syntax ipv6 nd prefix prefix prefix length valid lifetime infinite preferred lifetime infinite no autoconfig off link no ipv6 nd prefix prefix prefix length prefix IPv...

Page 782: ... configuration command Each prefix advertisement includes information about the prefix such as its lifetime values and whether hosts should use the prefix for on link determination or address auto configuration Use the ipv6 nd prefix command to configure these values The ipv6 nd prefix command will allow you to preconfigure RA prefix values before you configure the associated interface address In ...

Page 783: ...uration 600 is the default value for seconds Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines The minimum interval cannot be larger than 75 of the maximum interval Example The following example sets the transmission interval between router advertisements at 1000 seconds console config interface vlan 15 console config if vlan15 ipv6 nd ra interval 1000 ipv6 nd ra lifet...

Page 784: ...Guidelines This command has no user guidelines Example The following example sets at 1000 seconds the value that is placed in the Router Lifetime field of the router advertisements console config interface vlan 15 console config if vlan15 ipv6 nd ra lifetime 1000 ipv6 nd reachable time Use the ipv6 nd reachable time command in Interface Configuration mode to set the router advertisement time to co...

Page 785: ...consider a neighbor reachable after neighbor discovery confirmation console config interface vlan 15 console config if vlan15 ipv6 nd reachable time 5000 ipv6 nd suppress ra Use the ipv6 nd suppress ra command in Interface Configuration mode to suppress router advertisement transmission on an interface Syntax ipv6 nd suppress ra no ipv6 nd suppress ra Default Configuration Disabled is the default ...

Page 786: ...m of this command to disable PIM DM Syntax ipv6 pimdm no ipv6 pimdm Default Configuration IPv6 PIM DM is disabled by default Command Mode Global Configuration mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan3 ipv6 pimdm ipv6 pimdm hello interval The ipv6 pimdm hello interval command is used to configure the PIM DM H...

Page 787: ...e ipv6 route command in Global Configuration mode to configure an IPv6 static route Syntax ipv6 route ipv6 prefix prefix length Null interface tunnel tunnel id vlan vlan id next hop address preference no ipv6 route ipv6 prefix prefix length Null interface tunnel tunnel id vlan vlan id next hop address ipv6 prefix Is the IPv6 network that is the destination of the static route prefix length Is the ...

Page 788: ...lines This command has no user guidelines Example The following example configure an IPv6 static route console config ipv6 route 2020 1 1 64 2030 1 2 ipv6 route distance Use the ipv6 route distance command in Global Configuration mode to set the default distance preference for static routes Lower route preference values are preferred when determining the best route The ipv6 route and ipv6 route de...

Page 789: ...r Guidelines Lower route distance values are preferred when determining the best route Example The following example sets the default distance to 80 console config ipv6 route distance 80 ipv6 unicast routing Use the ipv6 unicast routing command in Global Configuration mode to enable forwarding of IPv6 unicast datagrams Syntax ipv6 unicast routing no ipv6 unicast routing Default Configuration Disab...

Page 790: ...have the ping utility enabled and running on top of TCP IP The switch can be pinged from any IP workstation with which the switch is connected through the default VLAN VLAN 1 as long as there is a physical path between the switch and the workstation The terminal interface sends three pings to the target station Syntax ping ipv6 ip address hostname size size ipv6 address Target IPv6 address to ping...

Page 791: ...ation with which the switch is connected through the default VLAN VLAN 1 as long as there is a physical path between the switch and the workstation The terminal interface sends three pings to the target station Use the interface keyword to ping an interface by using the link local address or the global IPv6 address of the interface The source can be a loopback tunnel or logical interface Syntax pi...

Page 792: ...0 202 BCFF FE00 3068 128 Average round trip time 0 00 ms show ipv6 brief Use the show ipv6 brief command in Privileged EXEC mode to display the IPv6 status of forwarding mode and IPv6 unicast routing mode Syntax show ipv6 brief Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following ...

Page 793: ...nnel tunnel id vlan vlan id prefix loopback id Valid loopback interface ID tunnel id Valid tunnel interface ID vlan id Valid VLAN ID Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Examples The following examples show the usability status of a IPv6 VLAN interface individually and all IPv6 interfac...

Page 794: ...ter Duplicate Address Detection Transmits 1 Router Advertisement NS Interval 0 Router Lifetime Interval 1800 Router Advertisement Reachable Time 0 Router Advertisement Interval 600 Router Advertisement Managed Config Flag Disabled Router Advertisement Other Config Flag Disabled Router Advertisement Suppress Flag Disabled Prefix 3FF0 1236 C261 1 64 Preferred Lifetime 10000 Valid Lifetime 100000 Onl...

Page 795: ...ipv6 mld groups The show ipv6 mld groups command is used to display information about multicast groups that MLD reported The information is displayed only when MLD is enabled on at least one interface If MLD was not enabled on any interfaces there is no group information to be displayed Syntax show ipv6 mld groups group address vlan vlan id group address The group address to display vlan id A vali...

Page 796: ... Time Time left in seconds before the entry is removed from the MLD membership table Group Address The address of the multicast group Interface Interface through which the multicast group is reachable Uptime Time elapsed in seconds since the multicast group has been known Expiry Time Time left in seconds before the entry is removed from the MLD membership table of this interface Last Reporter The ...

Page 797: ...3 43 Expiry Time hh mm ss Filter Mode Include Version1 Host Timer Group compat mode v2 Source Address ExpiryTime 4001 6 00 03 15 4001 7 00 03 15 4001 8 00 03 15 console show ipv6 mld groups vlan 6 Source Address The IP address of the source Uptime Time elapsed in seconds since the source has been known Expiry Time Time left in seconds before the entry is removed ...

Page 798: ...erface vlan 6 Up Time hh mm ss 00 04 23 Expiry Time hh mm ss Group Address FF1E 2 Interface vlan 6 Up Time hh mm ss 00 04 23 Expiry Time hh mm ss Group Address FF1E 3 Interface vlan 6 Up Time hh mm ss 00 04 23 Expiry Time hh mm ss Group Address FF1E 4 ...

Page 799: ...tion for this command Command Mode Privileged EXEC mode User Guidelines The following information is displayed for the specified interface Interface The interface number in unit slot port format MLD Global Admin Mode This field displays the configured global administrative status of MLD MLD Interface Admin Mode This field displays the configured interface administrative status of MLD MLD Operation...

Page 800: ...nserted into Group Specific Queries sent in response to Leave Group messages Last Member Query Count This value indicates the configured number of Group Specific Queries sent before the router assumes that there are no local members Querier Status This value indicates whether the interface is a MLD querier or non querier on the subnet with which it is associated Querier Address The IP address of t...

Page 801: ...D Version 2 Query Interval secs 100 Query Max Response Time milli secs 1111 Robustness 2 Startup Query Interval secs 31 Startup Query Count 2 Last Member Query Interval milli secs 1111 Last Member Query Count 2 show ipv6 mld proxy Use the show ipv6 mld proxy command to display a summary of the host interface status parameters Syntax show ipv6 mld proxy Command Mode Privileged EXEC mode ...

Page 802: ...y is operationally enabled or disabled This is a status parameter Version The present MLD host version that is operational on the proxy interface Number of Multicast Groups The number of multicast groups that are associated with the MLD Proxy interface UnsolicitedReport Interval The time interval at which the MLD Proxy interface sends unsolicited group membership reports Querier IP Address on Prox...

Page 803: ...roxy reported Syntax show ipv6 mld proxy groups Default Configuration There is no default configuration for this command Command Mode Privileged EXEC User Guidelines The following parameters are displayed by this command Interface The MLD Proxy interface Group Address The IP address of the multicast group Last Reporter The IP address of the host that last sent a membership report for the current g...

Page 804: ...l Use the show ipv6 mld proxy groups detail command to display information about multicast groups that MLD Proxy reported Syntax show ipv6 mld proxy groups detail Default Configuration There is no default configuration for this command Member State Possible values are Idle_Member The interface has responded to the latest group membership query for this group Delay_Member The interface is going to ...

Page 805: ...nt group on the network attached to the MLD Proxy interface upstream interface Up Time in secs The time elapsed in seconds since last created Member State Possible values are Idle_Member The interface has responded to the latest group membership query for this group Delay_Member The interface is going to send a group membership report to respond to a group membership query for this group Filter Mo...

Page 806: ...me 3001 1 00 03 32 3002 2 00 03 32 FF1E 3 FE80 100 2 3 328 DELAY_MEMBER Exclude 0 FF1E 4 FE80 100 2 3 255 DELAY_MEMBER Include 4 Group Source List Expiry Time 4001 1 00 03 40 5002 2 00 03 40 4001 2 00 03 40 5002 2 00 03 40 show ipv6 mld proxy interface Use the show ipv6 mld proxy interface command to display a detailed list of the host interface status parameters Syntax show ipv6 mld proxy interfa...

Page 807: ...e as follows Example console show ipv6 mld proxy interface Interface vlan 10 Ver Query Rcvd Report Rcvd Report Sent Leave Rcvd Leave Sent 1 2 0 0 0 2 Interface The MLD Proxy interface Ver The MLD version Query Rcvd Number of MLD queries received Report Rcvd Number of MLD reports received Report Sent Number of MLD reports sent Leaves Rcvd Number of MLD leaves received Valid for version 2 only Leave...

Page 808: ...ackets Sent The number of valid MLD packets sent by the router Queries Received The number of valid MLD queries received by the router Queries Sent The number of valid MLD queries sent by the router Reports Received The number of valid MLD reports received by the router Reports Sent The number of valid MLD reports sent by the router Leaves Received The number of valid MLD leaves received by the ro...

Page 809: ...ived 0 Leaves Sent 0 show ipv6 neighbors Use the show ipv6 neighbors command in Privileged EXEC mode to display information about the IPv6 neighbors Syntax show ipv6 neighbors Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays information about the IPv6 neighbor...

Page 810: ...mdm command is used to display PIM DM Global Configuration parameters and PIM DM interface status Syntax show ipv6 pimdm Command Mode Privileged EXEC mode Default Configuration There is no default configuration for this command User Guidelines There are no user guidelines for this command Example console show ipv6 pimdm Admin Mode Enable PIM DM INTERFACE STATUS ...

Page 811: ...e If no interface is specified Configuration of all interfaces is displayed Syntax show ipv6 pimdm interface vlan vlan id all vlan vlan id A valid VLAN ID all To show configuration information for all valid interfaces Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example conso...

Page 812: ...30 show ipv6 pimdm neighbor The show ipv6 pimdm neighbor command is used to display PIM DM Neighbor information including Neighbor Address Uptime and Expiry time for all interfaces or for the specified interface Syntax show ipv6 pimdm neighbor interface vlan vlan id all vlan vlan id A valid VLAN ID all To show neighbor information for all valid interfaces Default Configuration There is no default ...

Page 813: ...matching route would be displayed protocol Specifies the protocol that installed the routes Is one of the following keywords connected ospf static ipv6 prefix ipv6 prefix length Specifies a IPv6 network for which the matching route would be displayed interface Valid IPv6 interface Specifies that the routes with next hops on the selected interface be displayed all Specifies that all routes includin...

Page 814: ...I OSPF Inter OE1 OSPF Ext 1 OE2 OSPF Ext 2 ON1 OSPF NSSA Ext Type 1 ON2 OSPF NSSA Ext Type 2 show ipv6 route preferences Use the show ipv6 route preferences command in Privileged EXEC mode to show the preference value associated with the type of route Lower numbers have a greater preference Syntax show ipv6 route preferences Default Configuration This command has no default configuration Command M...

Page 815: ...oute summary command in Privileged EXEC mode to display a summary of the routing table Use all to display the count summary for all routes including best and non best routes Use the command without parameters to display the count summary for only the best routes Syntax show ipv6 route summary all all Displays the count summary for all routes Default Configuration This command has no default config...

Page 816: ... 0 Number of Prefixes show ipv6 traffic Use the show ipv6 traffic command in User EXEC mode to show traffic and statistics for IPv6 and ICMPv6 Syntax show ipv6 traffic vlan vlan id tunnel tunnel id loopback loopback id vlan id Valid VLAN ID shows information about traffic on a specific interface or without the optional parameter shows information about traffic on all interfaces tunnel Tunnel ident...

Page 817: ...affic IPv6 STATISTICS Total Datagrams Received 0 Received Datagrams Locally Delivered 0 Received Datagrams Discarded Due To Header Errors 0 Received Datagrams Discarded Due To MTU 0 Received Datagrams Discarded Due To No Route 0 Received Datagrams With Unknown Protocol 0 Received Datagrams Discarded Due To Invalid Address 0 Received Datagrams Discarded Due To Truncated Data 0 Received Datagrams Di...

Page 818: ...grams Transmit Failed 0 Datagrams Successfully Fragmented 0 Datagrams Failed To Fragment 0 Fragments Created 0 Multicast Datagrams Received 0 Multicast Datagrams Transmitted 0 console show ipv6 traffic vlan 11 Interface 11 IPv6 STATISTICS Total Datagrams Received 0 Received Datagrams Locally Delivered 0 Received Datagrams Discarded Due To Header Errors 0 ...

Page 819: ... To Invalid Address 0 Received Datagrams Discarded Due To Truncated Data 0 Received Datagrams Discarded Other 0 Received Datagrams Reassembly Required 0 Datagrams Successfully Reassembled 0 Datagrams Failed To Reassemble 0 Datagrams Forwarded 0 Datagrams Locally Transmitted 0 Datagrams Transmit Failed 0 Datagrams Successfully Fragmented 0 Datagrams Failed To Fragment 0 Fragments Created 0 ...

Page 820: ...uting interface addresses Syntax show ipv6 vlan Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays IPv6 VLAN routing interface addresses console show ipv6 vlan MAC Address used by Routing VLANs 00 02 BC 00 30 68 VLAN ID IPv6 Address Prefix Length 1 ...

Page 821: ... hostname Hostname to ping contact Range 1 158 characters port UDP port used as the destination of packets sent as part of the traceroute This port should be an unused port on the destination system Range 0 65535 Default Configuration 33434 is the default port value Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example discovers the pac...

Page 822: ...822 IPv6 Routing Commands ...

Page 823: ...Loopback Interface Commands 823 41 Loopback Interface Commands This chapter explains the following commands interface loopback show interfaces loopback ...

Page 824: ...nd has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enters the Interface Loopback 1 configuration mode console config interface loopback 1 console config if loopback1 show interfaces loopback Use the show interfaces loopback command in Privileged EXEC mode to display information about one or all co...

Page 825: ...is command has no user guidelines Examples The following examples display information about configured loopback interfaces console show interfaces loopback Loopback Id Interface IP Address Received Packets Sent Packets 1 loopback 1 0 0 0 0 0 0 console show interfaces loopback 1 Interface Link Status Up IP Address 0 0 0 0 0 0 0 0 MTU size 1500 bytes ...

Page 826: ...826 Loopback Interface Commands ...

Page 827: ... dr priority ip pimsm hello interval ip pimsm join prune interval ip pimsm register threshold ip pimsm rp address ip pimsm rp candidate ip pimsm spt threshold ip pimsm ssm show bridge multicast address table count show ip mcast show ip mcast boundary show ip mcast interface show ip mcast mroute show ip mcast mroute group show ip mcast mroute source show ip mcast mroute static show ip pimsm bsr sho...

Page 828: ...828 Multicast Commands show ip pimsm rphash show ip pimsm rp mapping ...

Page 829: ...r IP address of multicast group Valid range is 239 0 0 0 to 239 255 255 255 mask IP mask of multicast group Default Configuration This command has no default configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example adds an administrative scope multicast boundary console config interface vlan 15 console config if ...

Page 830: ...figuration mode Usage Guidelines There are no user guidelines for this command Example console config console config ip mroute 1 1 1 1 255 255 0 0 192 168 20 1 34 ip multicast Use the ip multicast command in Global Configuration mode to set the administrative mode of the IP multicast forwarder in the router to active For multicast routing to become operational IGMP must be currently enabled An err...

Page 831: ...sole config no ip multicast ip multicast ttl threshold Use the ip multicast ttl threshold command in Interface Configuration mode to apply a ttlvalue to a routing interface ttlvalue is the TTL threshold which is applied to the multicast Data packets forwarded through the interface Syntax ip multicast ttl threshold ttlvalue no ip multicast ttl threshold ttlvalue Specifies TTL threshold Range 0 255 ...

Page 832: ...e ip pimsm command is used to administratively enable PIM SM multicast routing mode on a particular router interface Use the no form of this command to disable PIM SM on an interface This command deprecates the ip pimsm mode command Syntax ip pimsm no ip pimsm Default Configuration PIM SM is disabled by default Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidel...

Page 833: ...face Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan3 ip pimsm bsr border ip pimsm bsr candidate The ip pimsm bsr candidate command is used to configure the router to announce its candidacy as a bootstrap router BSR Use the no form of this command to stop the router from announcing its candidacy as a bootstrap router This command...

Page 834: ... with the higher IP address is the BSR Range 0 255 Default Configuration The router will not announce its candidacy by default The default hash mask length is 32 bits The default priority is 0 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ip pimsm bsr candidate interface vlan 3 12 255 ip pimsm dr priority The ip pimsm dr...

Page 835: ...mand is used to configure the PIM SM Hello Interval for the specified interface Use the no form of this command to set the hello interval to the default This command deprecates the ip pimsm query interval command Syntax ip pimsm hello interval interval no ip pimsm hello interval interval The hello interval Range 0 65535 seconds Default Configuration The default hello interval is 30 seconds Command...

Page 836: ...oin prune interval interval The join prune interval Range 0 18000 seconds Default Configuration The default join prune interval is 60 seconds Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan3 ip pimsm join prune interval 125 ip pimsm register threshold The ip pimsm register threshold command is used to confi...

Page 837: ...ically configure the RP address for one or more multicast groups The optional keyword override indicates that if there is a conflict the RP configured with this command prevails over the RP learned by BSR Use the no form of this command to remove the RP address for one or more multicast groups This command deprecates the ip pimsm staticrp command Syntax ip pimsm rp address rp address group address...

Page 838: ...rendezvous point RP to the bootstrap router BSR Use the no form of this command to disable the router to advertise itself as a PIM candidate rendezvous point RP to the bootstrap router BSR This command deprecates the ip pimsm crppreference command Syntax ip pimsm rp candidate vlan vlanid group address group mask ip pimsm rp candidate vlan vlanid vlanid A valid VLAN ID group address Group IP addres...

Page 839: ...is command to set the data threshold to the default Syntax ip pimsm spt threshold threshold no ip pimsm spt threshold threshold The threshold rate Range 0 2000 Kbps Default Configuration The default data threshold is 0 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ip pimsm spt threshold 1000 ip pimsm ssm The ip pimsm ssm...

Page 840: ...mode User Guidelines There are no user guidelines for this command Example console config ip pimsm ssm default console config ip pimsm ssm 224 1 0 0 255 255 0 0 show bridge multicast address table count Use the show bridge multicast address table count command to view statistical information about the entries in the multicast address table Syntax show bridge multicast address table count Default C...

Page 841: ... the show ip mcast command in Privileged EXEC mode to display the system wide multicast information Field Description Capacity The maximum number of addresses that can be stored in the multicast address table Used The total number of addresses in the multicast address table Static addresses The number of addresses in the multicast address table that are static IP addresses Dynamic addresses The nu...

Page 842: ...ple displays system wide multicast information console show ip mcast Admin Mode Enabled Protocol State Non Operational Table Max Size 256 Protocol PIMDM Multicast Forwarding Cache Entry Count 0 show ip mcast boundary Use the show ip mcast boundary command in Privileged EXEC mode to display all the configured administrative scoped multicast boundaries Syntax show ip mcast boundary vlan vlan id all ...

Page 843: ...trative scoped multicast boundaries console show ip mcast boundary all MULTICAST BOUNDARY Interface Group Ip Mask show ip mcast interface Use the show ip mcast interface command in Privileged EXEC mode to display the multicast information for the specified interface Syntax show ip mcast interface vlan vlan id all vlan id Valid Ethernet port Default Configuration This command has no default configu...

Page 844: ...mand in Privileged EXEC mode to display a summary or all the details of the multicast table Syntax show ip mcast mroute detail summary Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays a summary or all the details of the multicast table console show ip mcast mr...

Page 845: ...e to display the multicast configuration settings such as flags timer settings incoming and outgoing interfaces RPF neighboring routers and expiration times of all the entries in the multicast mroute table containing the groupipaddr value Syntax show ip mcast mroute group groupipaddr detail summary groupipaddr IP address of the multicast group Default Configuration This command has no default conf...

Page 846: ...Table Expiry Up Time Source Ip Group Ip Time secs secs RPF Neighbor Flags show ip mcast mroute source Use the show ip mcast mroute source command in Privileged EXEC mode to display the multicast configuration settings such as flags timer settings incoming and outgoing interfaces RPF neighboring routers and expiration times of all the entries in the multicast mroute table containing the sourceipadd...

Page 847: ...s Example The following example displays multicast configuration settings console show ip mcast mroute source 10 1 1 1 summary Multicast Route Table Summary Incoming Outgoi ng Source IP Group IP Protocol Interface Interface List console show ip mcast mroute source 10 1 1 1 224 5 5 5 Multicast Route Table Expiry Up Time Source IP Group IP Time secs secs RPF Neighbor Flags ...

Page 848: ...ceipaddr Syntax show ip mcast mroute static sourceipaddr sourceipaddr IP address of source Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the static routes configured in the static mcast table console show ip mcast mroute static MULTICAST STATIC ROUTES Sourc...

Page 849: ...information is displayed BSR address IP address of the BSR Uptime Length of time that this router has been up in hours minutes and seconds BSR Priority Priority as configured in the ip pimsm bsr candidate command Hash mask length Length of a mask 32 bits maximum that is to be ANDed with the group address before the hash function is called This value is configured in the ip pimsm bsr candidate comm...

Page 850: ...face command displays interface config parameters If no interface is specified all interfaces are displayed This command deprecates the show ip pimsm interface stats command Syntax show ip pimsm interface vlan vlan id vlan id A valid VLAN ID Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for th...

Page 851: ...er 1 1 1 1 DR Priority 1 BSR Border Disabled show ip pimsm rphash The show ip pimsm rphash command displays which rendezvous point RP is being selected for a specified group Syntax show ip pimsm rphash group address group address Group IP address supported by RP Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode ...

Page 852: ...is used to display all group to RP mappings of which the router is aware either configured or learned from the bootstrap router BSR If no RP is specified all active RPs are displayed This command deprecates the show ip pimsm rp candidate show ip pimsm staticrp and show ip pimsm rp commands Syntax show ip pimsm rp mapping rp address rp address An RP address Default configuration There is no default...

Page 853: ...ommands 853 Example console show ip pimsm rp mapping Group Address 225 1 0 0 Group Mask 255 255 255 0 RP Address 1 1 1 1 origin Static Group Address 225 2 0 0 Group Mask 255 255 255 0 RP Address 2 2 2 2 origin BSR ...

Page 854: ...854 Multicast Commands ...

Page 855: ...tor role area nssa translator stab intv area range area stub area stub no summary area virtual link area virtual link authentication area virtual link dead interval area virtual link hello interval area virtual link retransmit interval area virtual link transmit delay auto cost bandwidth capability opaque clear ip ospf default information originate default metric distance ospf distribute list out ...

Page 856: ...twork ip ospf priority ip ospf retransmit interval ip ospf transmit delay maximum paths passive interface default nsf nsf helper nsf helper strict lsa checking nsf restart interval passive interface default passive interface redistribute router id router ospf show ip ospf show ip ospf abr show ip ospf area show ip ospf asbr show ip ospf database show ip ospf database database summary ...

Page 857: ...face show ip ospf interface brief show ip ospf interface stats show ip ospf neighbor show ip ospf range show ip ospf statistics show ip ospf stub table show ip ospf virtual link show ip ospf virtual link brief timers spf 1583compatibility ...

Page 858: ...294967295 integer The default cost for the stub area Range 1 16777215 Default Configuration 10 is the default configuration for integer Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Example The following example identifies a stub area of 10 and default cost of 100 console config router ospf console config router area 10 default cost 100 area nssa U...

Page 859: ...uter area 10 nssa area nssa default info originate Use the area nssa default info originate command in Router OSPF Configuration mode to configure the metric value and type for the default route advertised into the NSSA The metric type can be comparable nssa external 1 or non comparable nssa external 2 Use the no form of the command to return the metric value and type to the default value Syntax a...

Page 860: ...onfigures the metric value and type for the default route advertised into the NSSA console config router area 20 nssa default info originate 250 non comparable area nssa no redistribute Use the area nssa no redistribute command in Router OSPF Configuration mode to configure the NSSA Area Border router ABR so that learned external routes are not redistributed to the NSSA Syntax area area id nssa no...

Page 861: ...configure the NSSA so that summary LSAs are not advertised into the NSSA Syntax area area id nssa no summary no area area id nssa no summary area id Identifies the OSPF NSSA to configure Range 0 4294967295 Default Configuration This command has no default configuration Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Example The following example conf...

Page 862: ...anslator when it becomes a border router candidate The router to participate in the translator election process when it attains border router status Default Configuration The default role is candidate Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Example The following example configures the translator role of the NSSA console config router area 20 ...

Page 863: ...er Guidelines This command has no user guidelines Example The following example configures the translator stability interval of the area 20 NSSA console config router area 20 nssa translator stab intv 2000 area range Use the area range command in Router OSPF Configuration mode to configure a summary prefix for routes learned in a given area There are two types of area ranges An area range can be c...

Page 864: ...LSDB type advertise Advertisement of the area range not advertise Suppresses advertisement of the area range Default Configuration This command has no default configuration Command Mode Router OSPF Configuration mode User Guidelines Use this command with Area Border Routers ABRs Example The following example defines an area range for the area 20 console config router area 20 range 192 168 6 0 255 ...

Page 865: ...ommand has no default configuration Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Examples The following examples define area 3 for the stub and then removes the stub area console config router area 3 stub console config router no area 3 stub area stub no summary Use the area stub no summary command in Router OSPF Configuration mode to prevent Summ...

Page 866: ...g advertised into the area 3 NSSA console config router area 3 stub no summary area virtual link Use the area virtual link command in Router OSPF Configuration mode to create the OSPF virtual interface for the specified area id and neighbor router To remove the link use the no form of the command Syntax area area id virtual link neighbor id no area area id virtual link neighbor id area id Identifi...

Page 867: ...ighbor ID Use the no form of the command to return the authentication type to the default value Syntax area area id virtual link neighbor id authentication none simple key encrypt key key id no area area id virtual link neighbor id authentication area id Identifies the OSPF area to configure Range IP address or decimal from 0 4294967295 neighbor id Identifies the Router identifier of the neighbor ...

Page 868: ...n Router OSPF Configuration mode to configure the dead interval for the OSPF virtual interface on the virtual interface identified by area id and neighbor router Use the no form of the command to return the dead interval to the default value Syntax area area id virtual link neighbor id dead interval seconds no area area id virtual link neighbor id dead interval area id Identifies the OSPF area to ...

Page 869: ...o interval for the OSPF virtual interface on the virtual interface identified by the area ID and neighbor ID Use the no form of the command to return the hello interval to the default value Syntax area area id virtual link neighbor id hello interval seconds no area area id virtual link neighbor id hello interval area id Identifies the OSPF area to configure Range IP address or decimal from 0 42949...

Page 870: ...ID and neighbor ID Use the no form of the command to return the retransmit interval to the default value Syntax area area id virtual link neighbor id retransmit interval seconds no area area id virtual link neighbor id retransmit interval area id Identifies the OSPF area to configure Range IP address or decimal from 0 4294967295 neighbor id Identifies the Router ID of the neighbor seconds The numb...

Page 871: ...fault value Syntax area area id virtual link neighbor id transmit delay seconds no area area id virtual link neighbor id transmit delay area id Identifies the OSPF area to configure Range IP address or decimal from 0 4294967295 neighbor id Identifies the Router ID of the neighbor seconds Number of seconds to increment the age of the LSA before sending based on the estimated time it takes to transm...

Page 872: ...terfaces whose bandwidth is 100 Mbps or greater To change the reference bandwidth use the auto cost command specifying the reference bandwidth in megabits per second The different reference bandwidth can be independently configured for OSPFv2 and OSPFv3 Syntax auto cost reference bandwidth ref_bw ref_bw The reference bandwidth in Mbps Range 1 4294967 Default Configuration The default reference ban...

Page 873: ...d routing interfaces and to 10 Mbps for VLAN routing interfaces This command does not affect the actual speed of an interface Syntax bandwidth bw bw Interface bandwidth in Kbps Range 1 10000000 Default Configuration The default reference bandwidth is 10 Mbps Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example The following example co...

Page 874: ...guration redistribution counters neighbor interface vlan vlan id neighbor id configuration Reset the OSPF configuration to factory defaults redistribution Flush all self originated external LSAs Reapply the redistribution configuration and re originate prefixes as necessary counters Reset global and interface statistics neighbor Drop the adjacency with all OSPF neighbors On each neighbor s interfa...

Page 875: ...Restore OSPF configuration to defaults counters Clear OSPF counters neighbor Bounce all OSPF neighbors redistribution Flush and reoriginate external LSAs default information originate Use the default information originate command in Router OSPF Configuration mode to control the advertisement of default routes Use the no form of the command to return the default route advertisement settings to the ...

Page 876: ...es Example The following example always advertises default routes console config router default information originate always metric 100 metric type 1 default metric Use the default metric command in Router OSPF Configuration mode to set a default for the metric of distributed routes Use the no form of the command to remove the metric from the distributed routes Syntax default metric integer no def...

Page 877: ...an be intra inter external All the external type routes are given the same preference value Use the no form of this command to reset the preference values to the default Syntax distance ospf external inter area intra area distance no distance ospf external inter area intra area distance distance Used to select the best path when there are two or more routes to the same destination from two differe...

Page 878: ...from the access list Syntax distribute list accesslistname out rip static connected no distribute list accesslistname out rip static connected accesslistname The name used to identify an existing ACL The range is 1 31 characters rip Apply the specified access list when RIP is the source protocol static Apply the specified access list when packets come through the static route connected Apply the s...

Page 879: ...Default Configuration Enabled is the default configuration Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Example The following example enables OSPF router mode console config router enable exit overflow interval Use the exit overflow interval command in Router OSPF Configuration mode to configure the exit overflow interval for OSPF When a router le...

Page 880: ...w interval for OSPF at 10 seconds console config router exit overflow interval 10 external lsdb limit Use the external lsdb limit command in Router OSPF Configuration mode to configure the external LSDB limit for OSPF If the value is 1 then there is no limit When the number of non default AS external LSAs in a router s link state database reaches the external LSDB limit the router enters overflow ...

Page 881: ...t for OSPF with the number of non default ASexternal LSAs set at 20 console config router external lsdb limit 20 ip ospf area The ip ospf area command enables OSPFv2 and sets the area ID of an interface This command supersedes the effects of network area command It can also configure the advertisability of the secondary addresses on this interface into OSPFv2 domain Use the no form of this command...

Page 882: ...he no form of the command to return the authentication type to the default value Syntax ip ospf authentication none simple key encrypt key key id no ip ospf authentication encrypt MD5 encrypted authentication key key Authentication key for the specified interface Range 8 bytes or less if the authentication type is simple and 16 bytes or less if the type is encrypt key id Authentication key identif...

Page 883: ...ation mode to configure the cost on an OSPF interface Use the no form of the command to return the cost to the default value Syntax ip ospf cost integer no ip ospf cost integer Specifies the cost link state metric of the OSPF interface Range 1 65535 Default Configuration 10 is the default link state metric configuration Command Mode Interface Configuration VLAN mode User Guidelines This command ha...

Page 884: ...Range 1 65535 Default Configuration 40 is the default number of seconds Command Mode Interface Configuration VLAN mode User Guidelines The value for the length of time must be the same for all routers attached to a common network This value should be some multiple of the Hello Interval i e 4 Example The following example sets the dead interval at 30 seconds console config if vlan15 ip ospf dead in...

Page 885: ...pf hello interval 30 ip ospf mtu ignore Use the ip ospf mtu ignore command in Interface Configuration mode to disable OSPF maximum transmission unit MTU mismatch detection OSPF Database Description packets specify the size of the largest IP packet that can be sent without fragmentation on the interface When a router receives a Database Description packet it examines the MTU advertised by the neigh...

Page 886: ...spf mtu ignore ip ospf network Use the ip ospf network command to configure OSPF to treat an interface as a point to point rather than broadcast interface To return to the default value use the no form of this command Syntax ip ospf network broadcast point to point no ip ospf network broadcast Set the network type to broadcast point to point Set the network type to point to point Default Configura...

Page 887: ...to point mode Example The following example shows the options for the ip ospf network command console config if vlan1 ip ospf network broadcast Set the OSPF network type to Broadcast point to point Set the OSPF network type to Point to Point ip ospf priority Use the ip ospf priority command in Interface Configuration mode to set the OSPF priority for the specified router interface Use the no form ...

Page 888: ...return the interval to the default value Syntax ip ospf retransmit interval seconds no ip ospf retransmit interval seconds Number of seconds between link state advertisement retransmissions for adjacencies belonging to this router interface This value is also used when retransmitting database description and link state request packets Range 0 3600 seconds Default Configuration 5 is the default num...

Page 889: ...nds it takes to transmit a link state update packet over this interface Range 1 3600 seconds Default Configuration 1 is the default number of seconds Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example sets the OSPF Transit Delay for VLAN 15 at 20 seconds console config if vlan15 ip ospf transmit delay 20 maximum paths Us...

Page 890: ...ospf area command is given for an interface it overrides any matching network area command OSPF only advertises IP subnets for secondary IP addresses if the secondary address is within the range of a network area command for the same area as the primary address on the same interface When a network area command is deleted matching interfaces are reevaluated against all remaining network area comman...

Page 891: ...attached to a single area If an interface address matches multiple network area ranges the interface is assigned to the area for the first matching range If the ip ospf area command is given for an interface it overrides any matching network area command OSPF only advertises IP subnets for secondary IP addresses if the secondary address is within the range of a network area command for the same ar...

Page 892: ...he hardware to continue forwarding IPv4 packets using OSPFv2 routes while a backup unit takes over management unit responsibility When OSPF executes a graceful restart it informs its neighbors that the OSPF control plane is restarting but that it will be back shortly Helpful neighbors continue to advertise to the rest of the network that they have full adjacencies with the restarting router avoidi...

Page 893: ...tion mode User Guidelines The grace LSA announcing the graceful restart includes a restart reason Reasons 1 software restart and 2 software reload upgrade are considered planned restarts Reasons 0 unknown and 3 switch to redundant control processor are considered unplanned restarts nsf ietf helper disable is functionally equivalent to no nsf helper and is supported solely for IS CLI compatibility ...

Page 894: ...t immediately update its forwarding table therefore a topology change may introduce forwarding loops or black holes that persist until the graceful restart completes By exiting the graceful restart on a topology change a router tries to eliminate the loops or black holes as quickly as possible by routing around the restarting router A helpful neighbor considers a link down with the restarting rout...

Page 895: ...nd Mode Router OSPF User Guidelines The grace period must be set long enough to allow the restarting router to reestablish all of its adjacencies and complete a full database exchange with each of those neighbors Example passive interface default The passive interface default command enables the global passive mode by default for all interfaces It overrides any interface level passive mode Use the...

Page 896: ...ides the global passive mode that is currently effective on the interface Use the no form of this command to set the interface as non passive Syntax passive interface vlan vlan id no passive interface vlan vlan id vlan id The vlan number Default Configuration Passive interface mode is disabled by default Command Mode Router OSPF Configuration mode User Guidelines There are no user guidelines for t...

Page 897: ... 1 2 tag integer subnets rip Specifies RIP as the source protocol static Specifies that the source is a static route connected Specifies that the source is a directly connected route metric Specifies the metric to use when redistributing the route Range 0 16777214 metric type 1 Type 1 external route metric type 2 Type 2 external route tag Value attached to each external route which might be used t...

Page 898: ... number uniquely identifying the router OSPF ID Syntax router id ip address ip address IP address that uniquely identifies the router OSPF ID Default Configuration This command has no default configuration Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Example The following example defines the router OSPF ID as 5 5 5 5 console config router ospf con...

Page 899: ...ode console config router ospf console config router show ip ospf Use the show ip ospf command to display information relevant to the OSPF router This command has been modified to show additional fields Syntax show ip ospf Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines Some of the information below displays only if you ena...

Page 900: ...seconds that after entering OverflowState as defined by RFC 1765 a router will attempt to leave OverflowState Spf Delay Time The number of seconds to wait before running a routing table calculation after a topology change Spf Hold Time The minimum number of seconds between routing table calculations Opaque Capability Shows whether router is capable of sending Opaque LSAs AutoCost Ref BW The config...

Page 901: ...limitation that prevents it from computing a complete routing table In this state OSPF sets the link metrics of non stub links in its own router LSAs to the largest possible value discouraging other routers from computing paths through the stub router but allowing other routers to compute routes to destinations attached to the stub router To restore OSPF to normal operation resolve the condition t...

Page 902: ...at one time NSF Support Whether graceful restart is administratively enabled Possible values are Support Always Disabled or Planned NSF Restart Interval The number of seconds a helpful neighbor allows a restarting router to complete its graceful restart NSF Restart Status Whether the router is currently performing a graceful restart NSF Restart Age The number of seconds until a graceful restart ex...

Page 903: ...pf Hold Time 10 Opaque Capability Disable AutoCost Ref BW 100 Mbps Default Passive Setting Disabled Maximum Paths 4 Source Shows source protocol routes that are being redistributed Possible values are static connected or RIP Tag Shows the decimal value attached to each external route Subnets When this option is not configured OSPF will only redistribute classful prefixes Distribute List Shows the ...

Page 904: ...ype External Type 2 Number of Active Areas 1 1 normal 0 stub 0 nssa ABR Status Disable ASBR Status Disable Stub Router FALSE External LSDB Overflow FALSE External LSA Count 0 External LSA Checksum 0 AS_OPAQUE LSA Count 0 AS_OPAQUE LSA Checksum 0 New LSAs Originated 25 LSAs Received 7 LSA Count 4 Maximum Number of LSAs 18200 ...

Page 905: ...t Restarting NSF Restart Age 0 seconds NSF Restart Exit Reason Not Attempted NSF Helper Support Always NSF Helper Strict LSA Checking Enabled show ip ospf abr The show ip ospf abr command displays the internal OSPF routing table entries to Area Border Routers ABR This command takes no options Syntax show ip ospf abr Default Configuration This command has no default configuration Command Mode Privi...

Page 906: ...3 v lan11 INTRA 4 4 4 4 10 0 0 0 1 10 1 24 4 v lan12 show ip ospf area Use the show ip ospf area command in Privileged EXEC mode to display information about the identified OSPF area Syntax show ip ospf area area id area id Identifies the OSPF area whose ranges are being displayed Range 0 4294967295 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode ...

Page 907: ...AreaID 0 0 0 10 External Routing Import External LSAs Spf Runs 0 Area Border Router Count 0 Area LSA Count 0 Area LSA Checksum 0 Import Summary LSAs Enable console show ip ospf area 20 AreaID 0 0 0 20 External Routing Import NSSAs Spf Runs 0 Area Border Router Count 0 Area LSA Count 0 Area LSA Checksum 0 OSPF NSSA Specific Information Import Summary LSAs Enable ...

Page 908: ...anslator State Disabled show ip ospf asbr The show ip ospf asbr command displays the internal OSPF routing table entries to Autonomous System Boundary Routes ASBR This command takes no options Syntax show ip ospf asbr Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console show ip ospf asb...

Page 909: ...tate advertisements to display Syntax show ip ospf area id database asbr summary external network nssa external router summary ls id adv router ip address self originate area id Identifies a specific OSPF area for which link state database information will be displayed asbr summary Display the autonomous system boundary router ASBR summary LSAs external Display the external LSAs network Display th...

Page 910: ...on Command Mode Privileged EXEC mode User Guidelines Information is only displayed if OSPF is enabled Example The following example displays information about the link state database when OSPF is enabled console show ip ospf database Router Link States Area 0 0 0 0 Link Id Adv Router Age Sequence Chksm Options Rtr Opt 5 2 0 0 0 0 0 0 1360 80000006 3a1f 5 2 0 0 5 2 0 0 1360 80000009 a47e E 20 20 20...

Page 911: ... 80000005 f86d E O Network Summary States Area 0 0 0 0 Link Id Adv Router Age Sequence Chksm Options Rtr Opt 5 2 0 0 0 0 0 0 1360 80000007 242e Summary ASBR States Area 0 0 0 0 Link Id Adv Router Age Sequence Chksm Options Rtr Opt 5 2 0 0 0 0 0 0 1361 80000006 183a Link Opaque States Area 0 0 0 0 ...

Page 912: ...ef59 Area Opaque States Area 0 0 0 0 Link Id Adv Router Age Sequence Chksm Options Rtr Opt 5 2 0 0 0 0 0 0 1362 80000005 e166 AS External States Link Id Adv Router Age Sequence Chksm Options Rtr Opt 6 0 0 0 5 2 0 0 1364 80000008 e35d AS Opaque States Link Id Adv Router Age Sequence Chksm Options Rtr Opt ...

Page 913: ... Mode Privileged EXEC mode User Guidelines The following fields are displayed Router Shows Total number of router LSAs in the OSPF link state database Network Shows Total number of network LSAs in the OSPF link state database Summary Net Shows Total number of summary network LSAs in the database Summary ASBR Shows Number of summary ASBR LSAs in the database Type 7 Ext Shows Total number of Type 7 ...

Page 914: ...tabase summary Router 0 Network 0 Summary Net 0 Summary ASBR 0 Type 7 Ext 0 Self Originated Type 7 0 Opaque Link 0 Opaque Area 0 Subtotal 0 Area 0 0 0 10 database summary Router 0 Network 0 Summary Net 0 Summary ASBR 0 Type 7 Ext 0 Self Originated Type 7 0 Opaque Link 0 Subtotal Shows Number of entries for the identified area Opaque AS Shows Number of opaque AS LSAs in the database Total Shows Num...

Page 915: ...xt 0 Opaque AS 0 Total 0 show ip ospf interface Use the show ip ospf interface command in Privileged EXEC mode to display the information for the VLAN or loopback interface Syntax show ip ospf interface vlan vlan id loopback loopback id vlan id Valid VLAN ID loopback id Shows information the specified loopback interface Range 0 7 Default Configuration This command has no default configuration ...

Page 916: ...th VLAN 3 console show ip ospf interface vlan 10 IP Address 1 1 1 1 Subnet Mask 255 255 255 0 Secondary IP Address es OSPF Admin Mode Enable OSPF Area ID 0 0 0 0 OSPF Network Type Broadcast Router Priority 1 Retransmit Interval 5 Hello Interval 10 Dead Interval 40 LSA Ack Interval 1 Iftransit Delay Interval 1 Authentication Type None Metric Cost 10 computed Passive Status Non passive interface OSP...

Page 917: ...erface tables Syntax show ip ospf interface brief Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays brief information for the IFO object or virtual interface tables console show ip ospf interface brief Router Hello Dead Retrax Retrax LSAAck Interface AdminMode ...

Page 918: ...specific interface The information is only displayed if OSPF is enabled Syntax show ip ospf interface stats vlan vlan id vlan id Valid VLAN ID Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the ospf statistics for VLAN 15 console show ip ospf interface stats...

Page 919: ...f neighbor command in Privileged EXEC mode to display information about OSPF neighbors The information below only displays if OSPF is enabled and the interface has a neighbor Syntax show ip ospf neighbor interface vlan vlan id ip address vlan id Valid VLAN ID ip address Valid IP address of the neighbor Default Configuration This command has no default configuration Command Mode Privileged EXEC mod...

Page 920: ... 0 0 1 Options 0x42 Router Priority 1 Dead timer due in secs 33 Up Time 4 days 12 hrs 56 mins 6 secs State Full DR Events 13 Retransmission Queue Length 0 Restart Helper Status Helping Restart Reason Software Restart 1 Remaining Grace Time 10 sec Restart Helper Exit Reason In Progress Field Descriptions Interface The name of the interface on which the adjacency is formed Neighbor IP Address The IP...

Page 921: ...as a helpful neighbor to this neighbor A helpful neighbor does not report an adjacency change during graceful restart but continues to advertise the restarting router as a FULL adjacency A helpful neighbor continues to forward data packets to the restarting router trusting that the restarting router s forwarding table is maintained during the restart Not Helping This router is not a helpful neighb...

Page 922: ... as a restart helper for the neighbor Restart Exit Reason One of the following None graceful restart has not been attempted In Progress restart is in progress Completed the previous graceful restart completed successfully Timed Out the previous graceful restart timed out Topology Changed The previous graceful restart terminated prematurely because of a topology change A helpful neighbor declares a...

Page 923: ...on Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays information about the area ranges for the specified area id console show ip ospf range 20 Area ID IP Address Subnet Mask Lsdb Type Advertisement 0 0 0 20 192 168 6 0 255 255 255 0 Summary Link Enabled show ip ospf statistics This command displays information about recent ...

Page 924: ...on Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console show ip ospf statistics Area 0 0 0 0 SPF algorithm executed 0 times Delta T SPF Duration msec Reason 26 01 45 0 23 15 05 0 R 23 14 22 0 R N 23 14 12 0 R 23 10 04 0 show ip ospf stub table Use the show ip ospf stub table command in Privileged EXEC mode to display the OSPF stub table The informat...

Page 925: ...ble console config show ip ospf stub table AreaId TypeofService Metric Val Import SummaryLSA 0 0 0 1 Normal 1 Enable show ip ospf virtual link Use the show ip ospf virtual link command in Privileged EXEC mode to display the OSPF Virtual Interface information for a specific area and neighbor Syntax show ip ospf virtual link area id neighbor id area id Identifies the OSPF area whose ranges are being...

Page 926: ...no user guidelines Example The following example displays the OSPF Virtual Interface information for area 10 and its neighbor console show ip ospf virtual link 10 192 168 2 2 Area ID 10 Neighbor Router ID 192 168 2 2 Hello Interval 10 Dead Interval 655555 Iftransit Delay Interval 1 Retransmit Interval 5 State down Metric 0 Neighbor State down Authentication Type MD5 Authentication Key test123 Auth...

Page 927: ... ospf virtual link brief Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the OSPF Virtual Interface information in the system console show ipv6 ospf virtual link brief Hello Dead Retransmit T ransit Area ID Neighbor Interval Interval Interval Delay 0 0 0 2 5 ...

Page 928: ...ay time hold time no timers spf delay time SPF delay time Range 0 65535 seconds hold time SPF hold time Range 0 65535 seconds Default Configuration The default value for delay time is 5 The default value for hold time is 10 Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Example The following example configures the SPF delay and hold time console con...

Page 929: ...1583compatibility no 1583compatibility Default Configuration Enabled is the default configuration Command Mode Router OSPF Configuration mode User Guidelines If all OSPF routers in the routing domain are capable of operating according to RFC 2328 OSPF 1583 compatibility mode should be disabled Example The following example enables 1583 compatibility console config router 1583compatibility ...

Page 930: ...930 OSPF Commands ...

Page 931: ...tor role area nssa translator stab intv area range area stub area stub no summary area virtual link area virtual link dead interval area virtual link hello interval area virtual link retransmit interval area virtual link transmit delay default information originate default metric distance ospf enable exit overflow interval external lsdb limit ipv6 ospf ipv6 ospf areaid ipv6 ospf cost ipv6 ospf dea...

Page 932: ...a checking nsf restart interval passive interface passive interface default redistribute router id show ipv6 ospf show ipv6 ospf abr show ipv6 ospf area show ipv6 ospf asbr show ipv6 ospf database show ipv6 ospf database database summary show ipv6 ospf interface show ipv6 ospf interface brief show ipv6 ospf interface stats show ipv6 ospf interface vlan show ipv6 ospf neighbor show ipv6 ospf range ...

Page 933: ...OSPFv3 Commands 933 show ipv6 ospf virtual link show ipv6 ospf virtual link brief ...

Page 934: ...st no area areaid default cost areaid Valid area identifier cost Default cost Range 1 16777215 Default Configuration This command has no default configuration Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example configures the monetary default cost at 100 for stub area 1 console config ipv6 router ospf console config rtr ar...

Page 935: ...e Use the area nssa default info originate command in Router OSPFv3 Configuration mode to configure the metric value and type for the default route advertised into the NSSA The optional metric parameter specifies the metric of the default route The metric type can be comparable nssa external 1 or noncomparable nssa external 2 Use the no form of the command to return the metric value and type to th...

Page 936: ...fault route advertised into the NSSA console config ipv6 router ospf console config rtr area 1 nssa default info originate area nssa no redistribute Use the area nssa no redistribute command in Router OSPFv3 Configuration mode to configure the NSSA ABR so that learned external routes will not be redistributed to the NSSA Use the no form of the command to remove the configuration Syntax area areaid...

Page 937: ...sa no redistribute area nssa no summary Use the area nssa no summary command in Router OSPFv3 Configuration mode to configure the NSSA so that summary LSAs are not advertised into the NSSA Use the no form of the command to remove the configuration Syntax area areaid nssa no summary no area area id nssa no summary areaid Valid OSPF area identifier Default Configuration This command has no default c...

Page 938: ...ax area areaid nssa translator role always candidate no area areaid nssa translator role areaid Valid OSPF area identifier always Causes the router to assume the role of the translator the instant it becomes a border router candidate Causes the router to participate in the translator election process when it attains border router status Default Configuration This command has no default configurati...

Page 939: ...tus has been deposed by another router Syntax area areaid nssa translator stab intv seconds no area areaid nssa translator stab intv areaid Valid OSPF area identifier seconds Translator stability interval of the NSSA Range 0 3600 seconds Default Configuration This command has no default configuration Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines ...

Page 940: ...e the summary prefix configuration for routes learned in the specified area Syntax area areaid range ipv6 prefix prefix length summarylink nssaexternallink advertise not advertise no area areaid range ipv6 prefix prefix length summarylink nssaexternallink areaid Valid OSPF area identifier ipv6 prefix prefix length Valid route prefix summarylink LSDB type nssaexternallink LSDB type advertise Allows...

Page 941: ...hat AS External LSAs are not propagated into the area Removing AS External LSAs and Summary LSAs can significantly reduce the link state database of routers within the stub area Syntax area areaid stub no area areaid stub areaid Valid OSPFv3 area identifier Default Configuration This command has no default configuration Command Mode Router OSPFv3 Configuration mode User Guidelines This command has...

Page 942: ... Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example prevents Summary LSAs from being advertised into the area 1 NSSA console config ipv6 router ospf console config rtr area 1 stub no summary area virtual link Use the area virtual link command in Router OSPFv3 Configuration mode to create the OSPF virtual interface for the...

Page 943: ...le creates the OSPF virtual interface for area 1 and its neighbor router console config ipv6 router ospf console config rtr area 1 virtual link 2 area virtual link dead interval Use the area virtual link dead interval command in Router OSPFv3 Configuration mode to configure the dead interval for the OSPF virtual interface on the virtual interface identified by areaid and neighbor Syntax area areai...

Page 944: ... virtual link 2 dead interval 20 area virtual link hello interval Use the area virtual link hello interval command in Router OSPFv3 Configuration mode to configure the hello interval for the OSPF virtual interface on the virtual interface identified by areaid and neighbor Syntax area areaid virtual link neighbor hello interval seconds no area areaid virtual link neighbor hello interval areaid Vali...

Page 945: ...al link retransmit interval command in Router OSPFv3 Configuration mode to configure the retransmit interval for the OSPF virtual interface on the virtual interface identified by areaid and neighbor Syntax area areaid virtual link neighbor retransmit interval seconds no area areaid virtual link neighbor retransmit interval areaid Valid OSPFv3 area identifier neighbor Router ID of neighbor seconds ...

Page 946: ...interface on the virtual interface identified by areaid and neighbor Syntax area areaid virtual link neighbor transmit delay seconds no area areaid virtual link neighbor transmit delay areaid Valid OSPFv3 area identifier neighbor Router ID of neighbor seconds Transmit delay interval Range 0 3600 Default Configuration 1 is the default value for seconds Command Mode Router OSPFv3 Configuration mode ...

Page 947: ...lt information originate metric metric type always Always advertise default routes integer The metric or preference value of the default route Range 1 16777214 1 External type 1 route 2 External type 2 route metric Specify the metric of the default route metric type Specify metric type of the default route Default Configuration 2 is the default value for metric type Command Mode Router OSPFv3 Conf...

Page 948: ...Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example sets a default of 100 for the metric of distributed routes console config ipv6 router ospf console config rtr default metric 100 distance ospf The distance ospf command sets the preference values of OSPF route types in the router Lower route preference values are preferred when determ...

Page 949: ...nce value is 110 Command Mode Router OSPF Configuration mode Router OSPFv3 Configuration mode User Guidelines There are no user guidelines for this command Example The following example sets a route preference value of 100 for intra OSPF in the router console config ipv6 router ospf console config rtr distance ospf intra 100 enable Use the enable command in Router OSPFv3 Configuration mode to enab...

Page 950: ...t overflow interval for OSPF It describes the number of seconds after entering Overflow state that a router will wait before attempting to leave the Overflow State This allows the router to originate non default AS external LSAs again When set to 0 the router will not leave Overflow State until restarted Syntax exit overflow interval seconds no exit overflow interval seconds Exit overflow interval...

Page 951: ...aches the external LSDB limit the router enters overflow state The router never holds more than the external LSDB limit non default ASexternal LSAs in it database The external LSDB limit MUST be set identically in all routers attached to the OSPF backbone and or any regular OSPF area Syntax external lsdb limit limit no external lsdb limit limit External LSDB limit for OSPF Range 1 2147483647 Defau...

Page 952: ...ult configuration Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example enables OSPF on VLAN 15 console config interface vlan 15 console config if vlan15 ipv6 ospf ipv6 ospf areaid Use the ipv6 ospf areaid command in Interface Configuration mode to set the OSPF area to which the specified router interface be...

Page 953: ...nterface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example defines the OSPF area to which VLAN 15 belongs console config interface vlan 15 console config if vlan15 ipv6 ospf areaid 100 ipv6 ospf cost Use the ipv6 ospf cost command in Interface Configuration mode to configure the cost on an OSPF interface Syntax ipv6 ospf cost ...

Page 954: ...erval seconds A valid positive integer which represents the length of time in seconds that a router s Hello packets have not been seen before its neighbor routers declare that the router is down The value for the length of time must be the same for all routers attached to a common network This value should be some multiple of the Hello Interval i e 4 Range 1 65535 Default Configuration 40 seconds ...

Page 955: ...ed to a network Range 1 65535 seconds Default Configuration 10 seconds is the default value of seconds Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example sets the OSPF hello interval at 15 seconds console config interface vlan 15 console config if vlan15 ipv6 ospf hello interval 15 ipv6 ospf mtu ignore Us...

Page 956: ...detection console config interface vlan 15 console config if vlan15 ipv6 ospf mtu ignore ipv6 ospf network Use the ipv6 ospf network command in Interface Configuration mode to change the default OSPF network type for the interface Normally the network type is determined from the physical IP network type By default all Ethernet networks are OSPF type broadcast Similarly tunnel interfaces default to...

Page 957: ...ines Example The following example changes the default OSPF network type to point to point console config interface vlan 15 console config if vlan15 ipv6 ospf network point to point ipv6 ospf priority Use the ipv6 ospf priority command in Interface Configuration mode to set the OSPF priority for the specified router interface Syntax ipv6 ospf priority priority no ipv6 ospf priority priority OSPF p...

Page 958: ...al Use the ipv6 ospf retransmit interval command in Interface Configuration mode to set the OSPF retransmit interval for the specified interface Syntax ipv6 ospf retransmit interval seconds no ipv6 ospf retransmit interval seconds The number of seconds between link state advertisement retransmissions for adjacencies belonging to this router interface This value is also used when retransmitting dat...

Page 959: ...ay for the specified interface Syntax ipv6 ospf transmit delay seconds no ipv6 ospf transmit delay seconds OSPF transmit delay for the specified interface In addition it sets the estimated number of seconds it takes to transmit a link state update packet over this interface Range 1 to 3600 seconds Default Configuration No default value Command Mode Interface Configuration VLAN Tunnel Loopback mode...

Page 960: ...as no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example Use the following command to enable OSPFv3 console config ipv6 router ospf maximum paths Use the maximum paths command in Router OSPFv3 Configuration mode to set the number of paths that OSPF can report for a given destination Syntax maximum paths maxpaths no maximum paths...

Page 961: ...able OSPF graceful restart Use the no form of this command to disable graceful restart Syntax nsf ietf planned only no nsf ietf ietf This keyword is used to distinguish the IETF standard implementation of graceful restart from other implementations Since the IETF implementation is the only one supported this keyword is optional planned only This keyword indicates that OSPF should only perform a gr...

Page 962: ... goes with that i e flooding of LSAs SPF runs Helpful neighbors continue to forward packets through the restarting router The restarting router relearns the network topology from its helpful neighbors This implementation of graceful restart restarting router behavior is only useful with a router stack Graceful restart does not work on a standalone single unit router Example nsf helper Use the nsf ...

Page 963: ...t lsa checking Use the nsf helper strict lsa checking command to require that an OSPF helpful neighbor exit helper mode whenever a topology change occurs Use the no form of this command to allow OSPF to continue as a helpful neighbor in spite of topology changes Syntax nsf ietf helper strict lsa checking no nsf ietf helper strict lsa checking ietf This keyword is used to distinguish the IETF stand...

Page 964: ...onfiguration Example nsf restart interval Use the nsf restart interval command to configure the length of the grace period on the restarting router Use the no form of this command to revert the grace period to its default Syntax nsf ietf restart interval seconds no nsf ietf restart interval ietf This keyword is used to distinguish the IETF standard implementation of graceful restart from other imp...

Page 965: ...ssive mode that is currently effective on the interface or tunnel Use the no form of this command to set the interface or tunnel as non passive Syntax passive interface vlan vlan id tunnel tunnel id no passive interface vlan vlan id tunnel tunnel id vlan id The vlan number tunnel id Tunnel identifier Range 0 7 Default Configuration Passive interface mode is disabled by default Command Mode Router ...

Page 966: ...face default Default Configuration Global passive mode is disabled by default Command Mode Router OSPFv3 Configuration mode User Guidelines There are no user guidelines for this command Example console config rtr passive interface default redistribute Use the redistribute command in Router OSPFv3 Configuration mode to configure the OSPFv3 protocol to allow redistribution of routes from the specifi...

Page 967: ...s from the specified source protocol routers console config ipv6 router ospf console config rtr redistribute connected router id Use the router id command in Router OSPFv3 Configuration mode to set a 4 digit dotted decimal number uniquely identifying the Router OSPF ID Syntax router id router id router id Router OSPF identifier Range 0 4294967295 Default Configuration This command has no default c...

Page 968: ...ser Guidelines Some of the information below displays only if you enable OSPF and configure certain features The following fields may be displayed Router ID A 32 bit integer in dotted decimal format identifying the router about which information is displayed This is a configured value OSPF Admin Mode Shows whether OSPF is administratively enabled or disabled External LSDB Limit Shows the maximum n...

Page 969: ...mber of Active Areas The number of OSPF areas to which the router is attached on interfaces that are up ABR Status Shows whether the router is an OSPF Area Border Router ASBR Status Indicates whether the router is an autonomous system border router Router automatically becomes an ASBR when it is configured to redistribute routes learned from another protocol The possible values for the ASBR status...

Page 970: ... of entries on all neighbors retransmit lists MaximumNumber of Retransmit Entries The maximum number of entries that can be on neighbors retransmit lists at any given time This is the sum for all neighbors When OSPF receives an LSA and cannot allocate a new retransmit list entry the router does not acknowledge the LSA expecting the sender to retransmit Retransmit Entries High Water Mark The maximu...

Page 971: ...t LSA Checking As a graceful restart helpful neighbor whether to terminate the helper relationship if a topology change occurs during a neighbor s graceful restart Redistributing This field is a heading and appears only if you configure the system to take routes learned from a non OSPF source and advertise them to its peers Source Shows source protocol routes that are being redistributed Possible ...

Page 972: ...it Default Metric Not Configured Maximum Paths 2 Default Route Advertise Disabled Always FALSE Metric Metric Type External Type 2 NSF Support Disabled NSF Restart Interval 120 seconds NSF Helper Support Always NSF Helper Strict LSA Checking Enabled ...

Page 973: ...show ipv6 ospf abr Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example console show ipv6 ospf abr Type Router Id Cost Area ID Next Hop Next Hop Intf INTRA 3 3 3 3 10 0 0 0 1 FE80 211 88FF FE2A 3CB3 vlan11 INTRA 4 4 4 4 10 0 0 0 1 FE80 210 18FF FE82 8E1 vlan12 ...

Page 974: ...ayed Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays information about area 1 console show ipv6 ospf area 1 AreaID 0 0 0 1 External Routing Import External LSAs Spf Runs 0 Area Border Router Count 0 Area LSA Count 0 Area LSA Checksum 0 Stub Mode Disable Impor...

Page 975: ...ptions Syntax show ipv6 ospf asbr Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console show ipv6 ospf asbr Type Router Id Cost Area ID Next Hop Next Hop Intf INTRA 1 1 1 1 10 0 0 0 1 FE80 213 C4FF FEDB 6C41 vlan10 INTRA 4 4 4 4 10 0 0 0 1 FE80 210 18FF FE82 8E1 vlan12 ...

Page 976: ...trid self originate areaid Identifies a specific OSPF area for which link state database information will be displayed external Displays the external LSAs inter area Displays the inter area LSAs link Displays the link LSAs network Displays the network LSAs nssa external Displays NSSA external LSAs prefix Displays intra area Prefix LSA router Displays router LSAs unknown Displays unknown area AS or...

Page 977: ...how ipv6 ospf database Router Link States Area 0 0 0 0 Adv Router Link Id Age Sequence Csum Options Rtr Opt 1 1 1 1 0 4 80000034 54BD V 6E R B 2 2 2 2 0 2 80000044 95A5 V 6E R B Network Link States Area 0 0 0 0 Adv Router Link Id Age Sequence Csum Options Rtr Opt 2 2 2 2 636 636 80000001 8B0D V 6E R Inter Network States Area 0 0 0 0 Adv Router Link Id Age Sequence Csum Options Rtr Opt ...

Page 978: ...k Id Age Sequence Csum Options Rtr Opt 1 1 1 1 634 700 80000008 2D89 V6 E R 2 2 2 2 634 689 8000000A 6F82 V6 E R 2 2 2 2 635 590 80000001 7782 V6 E R Intra Prefix States Area 0 0 0 0 Adv Router Link Id Age Sequence Csum Options Rtr Opt 1 1 1 1 0 1 8000003C 9F31 2 2 2 2 0 2 8000004D 9126 Router Link States Area 0 0 0 1 Adv Router Link Id Age Sequence Csum Options Rtr Opt ...

Page 979: ...r Link Id Age Sequence Csum Options Rtr Opt 1 1 1 1 634 621 80000001 B9E2 V 6E R Inter Network States Area 0 0 0 1 Adv Router Link Id Age Sequence Csum Options Rtr Opt 1 1 1 1 16 4 80000001 CA7C 2 2 2 2 18 3 80000001 B28D Link States Area 0 0 0 1 Adv Router Link Id Age Sequence Csum Options Rtr Opt 1 1 1 1 634 441 80000003 B877 V 6E R ...

Page 980: ...0A show ipv6 ospf database database summary Use the show ipv6 ospf database database summary command in Privileged EXEC mode to display the number of each type of LSA in the database and the total number of LSAs in the database Syntax show ipv6 ospf database database summary Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This comma...

Page 981: ...ter 0 Network 0 Inter area Prefix 0 Inter area Router 0 Type 7 Ext 0 Link 0 Intra area Prefix 0 Link Unknown 0 Area Unknown 0 AS Unknown 0 Type 5 Ext 0 Self Originated Type 5 Ext 0 Total 0 show ipv6 ospf interface Use the show ipv6 ospf interface command in Privileged EXEC mode to display the information for the IFO object or virtual interface tables Syntax show ipv6 ospf interface vlan vlan id tu...

Page 982: ...User Guidelines This command has no user guidelines Example The following example displays the information in VLAN 11 s virtual interface tables console show ipv6 ospf interface vlan 11 IP Address Err ifIndex 1 OSPF Admin Mode Enable OSPF Area ID 0 0 0 0 Router Priority 1 Retransmit Interval 5 Hello Interval 10 Dead Interval 40 LSA Ack Interval 1 Iftransit Delay Interval 1 Authentication Type None...

Page 983: ...IFO object or virtual interface tables Syntax show ipv6 ospf interface brief Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays brief ospf interface information console show ipv6 ospf interface brief Hello Dead Retrax LSA Admin Router Int Int Int Retrax Ack Inte...

Page 984: ...tats vlan vlan id vlan id Valid VLAN ID Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays the interface statistics for VLAN 5 console show ipv6 ospf interface stats vlan 5 OSPFv3 Area ID 0 0 0 1 Spf Runs 265 Area Border Router Count 1 AS Border Router Count 0 Area LS...

Page 985: ...w LSAs 853 Sent Packets 1013 Received Packets 893 Discards 48 Bad Version 0 Virtual Link Not Found 9 Area Mismatch 39 Invalid Destination Address 0 No Neighbor at Source Address 0 Invalid OSPF Packet Type 0 Packet Type Sent Received Hello 295 219 Database Description 10 14 LS Request 4 4 LS Update 521 398 LS Acknowledgement 209 282 ...

Page 986: ...093 brief Displays a snapshot of configured interfaces Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays ospf interface vlan information console show ipv6 ospf interface vlan 10 IPv6 Address FE80 2FC E3FF FE90 44 ifIndex 634 OSPF Admin Mode Enable OSPF Area ID ...

Page 987: ...n about OSPF neighbors If a neighbor IP address is not specified the output displays summary information in a table If an interface or tunnel is specified only the information for that interface or tunnel displays The information below only displays if OSPF is enabled and the interface has a neighbor Syntax show ipv6 ospf neighbor interface vlan vlan id tunnel tunnel id ip address vlan id Valid VL...

Page 988: ... in a summary table and in the second in a table specific to tunnel 1 console show ipv6 ospf neighbor Router ID Priority Intf Interface State Dead ID Ti me console show ipv6 ospf neighbor interface tunnel 1 IP Address Err ifIndex 619 OSPF Admin Mode Enable OSPF Area ID 0 0 0 0 Router Priority 1 Retransmit Interval 5 Hello Interval 10 Dead Interval 40 LSA Ack Interval 1 Iftransit Delay Interval 1 ...

Page 989: ...nges for the specified area identifier Syntax show ipv6 ospf range areaid areaid Identifies the OSPF area whose ranges are being displayed Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays information about the area ranges for area 1 console show ipv6 ospf rang...

Page 990: ...ion This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the OSPF stub table console show ipv6 ospf stub table AreaId TypeofService Metric Val Import SummaryLSA 0 0 0 10 Normal 1 Enable show ipv6 ospf virtual link Use the show ipv6 ospf virtual link command in Privileged EXEC mode to d...

Page 991: ... default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the OSPF Virtual Interface information for area 1 and its neighbor console show ipv6 ospf virtual link 1 1 1 1 1 Area ID 1 Neighbor Router ID 1 1 1 1 Hello Interval 10 Dead Interval 40 Iftransit Delay Interval 1 Retransmit Interval 5 State point to poi...

Page 992: ... in the system Syntax show ipv6 ospf virtual link brief Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the OSPF stub table console config show ipv6 ospf virtual link brief Hello Dead Retrans mit Transit Area ID Neighbor Interval Interval Interval D elay ...

Page 993: ...PIM DM Commands 993 45 PIM DM Commands This chapter explains the following commands ip pimdm show ip pimdm show ip pimdm interface show ip pimdm neighbor ...

Page 994: ...t state Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enables PIM DM in the router console config ip pimdm show ip pimdm Use the show ip pimdm command in Privileged EXEC mode to display system wide information for PIM DM Syntax show ip pimdm Default Configuration This command has no default configuration Command Mode Privil...

Page 995: ...e Use the show ip pimdm interface command in Privileged EXEC mode to display interface information for PIM DM on the specified interface Syntax show ip pimdm interface vlan vlan id vlan id A valid VLAN ID Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays interf...

Page 996: ... Syntax show ip pimdm neighbor interface vlan vlan id all vlan id A valid VLAN ID Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example display the neighbor information for PIM DM on all interfaces console config show ip pimdm neighbor all Up Time Expiry Time Neighbor Addr ...

Page 997: ... Commands 997 46 PIM SM Commands This chapter explains the following commands ip pimsm ip pimsm spt threshold ip pim trapflags show ip pimsm show ip pimsm interface show ip pimsm neighbor show ip pimsm rphash ...

Page 998: ...lobal Configuration mode User Guidelines This command has no user guidelines Example The following example enables PIM SM on the router console config ip pimsm ip pimsm spt threshold Use the ip pimsm spt threshold command in Global Configuration mode to configure the Data Threshold rate for the last hop or leaf router to switch to the shortest path The rate is specified in kilobits per second Synt...

Page 999: ...e config ip pimsm spt threshold 100 ip pim trapflags Use the ip pim trapflags command in Global Configuration mode to enable the PIM trap mode for both Sparse Mode SM and Dense Mode DM Syntax ip pim trapflags no ip pim trapflags Default Configuration Disabled is the default state Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following exampl...

Page 1000: ...ines This command has no user guidelines Example The following example displays the system wide information for PIM SM console show ip pimsm Admin Mode Disable Join Prune Interval secs 60 Data Threshold Rate Kbps 50 Register Threshold Rate Kbps 50 PIM SM INTERFACE STATUS Interface Interface Mode Protocol State show ip pimsm interface Use the show ip pimsm interface command in Privileged EXEC mode ...

Page 1001: ...mand Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays interface information for VLAN 11 PIM SM console show ip pimsm interface vlan 11 Interface 11 IP Address 0 0 0 0 Subnet Mask 0 0 0 0 Mode Disable Hello Interval secs 30 secs CBSR Preference 0 CRP Preference 0 CBSR Hash Mask Length 30 ...

Page 1002: ...uration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays neighbor information for PIM SM on all interfaces console show ip pimsm neighbor all NEIGHBOR TABLE Interface IP Address Up Time Expiry Time hh mm ss hh mm ss show ip pimsm rphash Use the show ip pimsm rphash command in Privileged EXEC mode to display the RP router b...

Page 1003: ...s command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the RP router being selected from the set of active RP routers console show ip pimsm rphash 224 5 5 5 There are no static RPs for that group on the router ...

Page 1004: ...1004 PIM SM Commands ...

Page 1005: ...nd a router solicitation message asking any router that receives the message to immediately send a router advertisement so that the host does not have to wait for the next periodic message Router discovery enables hosts to select from among multiple default gateways and switch to a different default gateway if an initially designated gateway goes down This chapter explains the following commands i...

Page 1006: ...Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example enables router discovery on the selected interface console config interface vlan 15 console config if vlan15 ip irdp ip irdp address Use the ip irdp address command in Interface Configuration mode to configure the address that the interface uses to send the router discovery advertisements Use ...

Page 1007: ...t command If you issue this command the configuration will show the ip irdp multicast command instead Example The following example sets the limited broadcast address as the IP address for router discovery advertisements console config interface vlan 15 console config if vlan15 ip irdp address 255 255 255 255 ip irdp holdtime Use the ip irdp holdtime command in Interface Configuration mode to conf...

Page 1008: ...ost will no longer use the router as its default gateway Example The following example sets hold time at 2000 seconds for VLAN 15 console config interface vlan 15 console config if vlan15 ip irdp holdtime 2000 ip irdp maxadvertinterval Use the ip irdp maxadvertinterval command in Interface Configuration mode to configure the maximum time in seconds allowed between sending router advertisements fro...

Page 1009: ...imum advertisement interval cannot be configured to a lower value than the minimum advertisement interval If the holdtime has been configured to a non default value the maximum advertisement interval cannot be configured to a value larger than the holdtime Example The following example sets maximum advertisement interval at 600 seconds for VLAN 15 console config interface vlan 15 console config if...

Page 1010: ...xample The following example sets minimum advertisement interval at 100 seconds for VLAN 15 console config interface vlan 15 console config if vlan15 ip irdp minadvertinterval 100 ip irdp multicast To send router advertisements as IP multicast packets use the ip irdp multicast command in Interface Configuration mode To send router advertisements to the limited broadcast address 255 255 255 255 use...

Page 1011: ...d e l l com console config if vlan15 no ip irdp multicast ip irdp preference Use the ip irdp preference command in Interface Configuration mode to configure the preference of the address as a default router address relative to other router addresses on the same subnet Use the no form of the command to set the preference to the default value Syntax ip irdp preference integer no ip irdp preference i...

Page 1012: ...p irdp preference 1000 show ip irdp Use the show ip irdp command in Privileged EXEC mode to display the router discovery information for all interfaces or for a specified interface Syntax show ip irdp vlan vlan id all vlan id Valid VLAN ID all Shows information for all interfaces Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This ...

Page 1013: ...mmands 1013 Example The following example shows router discovery information for VLAN 15 console show ip irdp vlan 15 Interface Ad Mode Advertise Address Max Int Min Int Hold Time Preference vlan15 Enable 224 0 0 1 600 450 1800 0 ...

Page 1014: ...1014 Router Discovery Protocol Commands ...

Page 1015: ...he following commands auto summary default information originate default metric distance rip distribute list out enable hostroutesaccept ip rip ip rip authentication ip rip receive version ip rip send version redistribute router rip show ip rip show ip rip interface show ip rip interface brief split horizon ...

Page 1016: ...iguration Disabled is the default configuration Command Mode Router RIP Configuration mode User Guidelines This command has no user guidelines Example console config router auto summary default information originate Use the default information originate command in Router RIP Configuration mode to control the advertisement of default routes Syntax default information originate no default informatio...

Page 1017: ...r the metric of distributed routes Use the no form of the command to return the metric to the default value Syntax default metric integer no default metric integer Metric for the distributed routes Range 1 15 Default Configuration Default metric is not configured by default Command Mode Router RIP Configuration mode User Guidelines This command has no user guidelines Example The following example ...

Page 1018: ...1 255 Default Configuration 15 is the default configuration Command Mode Router RIP Configuration mode User Guidelines This command has no user guidelines Example The following example sets the route preference value of RIP in the router at 100 console config router distance rip 100 distribute list out Use the distribute list out command in Router RIP Configuration mode to specify the access list ...

Page 1019: ...kets come from a directly connected route Default Configuration This command has no default configuration Command Mode Router RIP Configuration mode User Guidelines This command has no user guidelines Example The following example elects access list ACL40 to filter routes received from the source protocol console config router distribute list ACL40 out static enable Use the enable command in Route...

Page 1020: ...stroutesaccept Use the hostroutesaccept command in Router RIP Configuration mode to enable the RIP hostroutesaccept mode Use the no form of the command to disable the RIP hostroutesaccept mode Syntax hostroutesaccept no hostroutesaccept Default Configuration Enabled is the default configuration Command Mode Router RIP Configuration mode User Guidelines This command has no user guidelines Example c...

Page 1021: ...er Guidelines This command has no user guidelines Example console config if vlan2 ip rip console config if vlan2 no ip rip ip rip authentication Use the ip rip authentication command in Interface Configuration Mode to set the RIP Version 2 Authentication Type and Key for the specified interface Use the no form of the command to return the authentication to the default value Syntax ip rip authentic...

Page 1022: ...on Type and Key for VLAN 11 console config if vlan11 ip rip authentication encrypt pass123 35 ip rip receive version Use the ip rip receive version command in Interface Configuration mode to configure the interface to allow RIP control packets of the specified version s to be received Use the no form of the command to return the version to the default value Syntax ip rip receive version rip1 rip2 ...

Page 1023: ... version command in Interface Configuration mode to configure the interface to allow RIP control packets of the specified version to be sent Use the no form of the command to return the version to the default value Syntax ip rip send version rip1 rip1c rip2 none no ip rip send version rip1 Send RIP version 1 formatted packets rip1c Send RIP version 1 compatibility mode which sends RIP version 2 fo...

Page 1024: ...edistribute ospf redistribute static connected metric integer metric integer Specifies the metric to use when redistributing the route Range 0 15 match internal Adds internal matches to any match types presently being redistributed match external 1 Adds routes imported into OSPF as Type 1 external routes into any match types presently being redistributed match external 2 Adds routes imported into ...

Page 1025: ...mmand has no user guidelines Example console config router redistribute ospf metric 10 match nssa external 1 console config router redistribute connected metric 1 router rip Use the router rip command in Global Configuration mode to enter Router RIP mode Syntax router rip Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This com...

Page 1026: ... EXEC mode to display information relevant to the RIP router Syntax show ip rip Default Configuration The command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays information relevant to the RIP router console show ip rip RIP Admin Mode Enable Split Horizon Mode Simple Auto Summary Mode Enable ...

Page 1027: ... Distribute List Not configured Redistributing Source ospf Metric 10 Match Value nssa external 1 Distribute List Not configured show ip rip interface Use the show ip rip interface command in Privileged EXEC mode to display information related to a particular RIP interface Syntax show ip rip interface vlan vlan id vlan id Valid VLAN ID Default Configuration This command has no default configuration...

Page 1028: ...e 15 IP Address Send version RIP 2 Receive version Both RIP Admin Mode Disable Link State Authentication Type MD5 Authentication Key pass123 Authentication Key ID 35 Bad Packets Received Bad Routes Received Updates Sent show ip rip interface brief Use the show ip rip interface brief command in Privileged EXEC mode to display general information for each RIP interface For this command to display su...

Page 1029: ...The following example displays general information for each RIP interface console show ip rip interface brief Send Receive RIP Link Interface IP Address Version Version Mode State vlan1 0 0 0 0 RIP 2 Both Disable Down vlan2 0 0 0 0 RIP 2 Both Disable Down split horizon Use the split horizon command in Router RIP Configuration mode to set the RIP split horizon mode Use the no form of the command to...

Page 1030: ... split horizon to avoid routing loops poison RIP uses split horizon with poison reverse increases routing packet update size Default Configuration Simple is the default configuration Command Mode Router RIP Configuration mode User Guidelines This command has no user guidelines Example The following example does not use split horizon console config router split horizon none ...

Page 1031: ...Tunnel Interface Commands 1031 49 Tunnel Interface Commands This chapter explains the following commands interface tunnel show interfaces tunnel tunnel destination tunnel mode ipv6ip tunnel source ...

Page 1032: ...guration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enables the interface configuration mode for tunnel 1 console config interface tunnel 1 console config if tunnel1 show interfaces tunnel Use the show interfaces tunnel command in Privileged EXEC mode to display the parameters related to tunnel such as tunnel mode tunnel...

Page 1033: ... tunnel interfaces console show interfaces tunnel 1 Interface Link Status down MTU size 1480 bytes console show interfaces tunnel TunnelId Interface TunnelMode SourceAddress Desti nationAddress 1 tunnel 1 IPv6OVER4 10 254 25 14 10 254 25 10 2 tunnel 2 IPv6OVER4 10 254 20 10 tunnel destination Use the tunnel destination command in Interface Configuration mode to specify the destination transport ad...

Page 1034: ...cifies the destination transport address of tunnel 1 console config interface tunnel 1 console config if tunnel1 tunnel destination 10 1 1 1 tunnel mode ipv6ip Use the tunnel mode ipv6ip command in Interface Configuration mode to specify the mode of the tunnel Syntax tunnel mode ipv6ip 6to4 no tunnel mode 6to4 Sets the tunnel mode to automatic Default Configuration This command has no default conf...

Page 1035: ... command in Interface Configuration mode to specify the source transport address of the tunnel either explicitly or by reference to an interface Syntax tunnel source ipv4addr vlan vlan id no tunnel source ipv4addr Valid ipv4 address vlan id Valid VLAN ID Default Configuration This command has no default configuration Command Mode Interface Configuration Tunnel mode User Guidelines This command has...

Page 1036: ...1036 Tunnel Interface Commands console config interface tunnel 1 console config if tunnel1 tunnel source vlan 11 ...

Page 1037: ...Virtual LAN Routing Commands 1037 50 Virtual LAN Routing Commands This chapter explains the following command show ip vlan ...

Page 1038: ... Syntax show ip vlan Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays VLAN routing information console show ip vlan MAC Address used by Routing VLANs 00 00 00 01 00 02 VLAN ID IP Address Subnet Mask 10 0 0 0 0 0 0 0 0 20 0 0 0 0 0 0 0 0 ...

Page 1039: ...er explains the following Virtual LAN routing commands ip vrrp ip vrrp authentication ip vrrp ip ip vrrp mode ip vrrp preempt ip vrrp priority ip vrrp timers advertise ip vrrp track interface ip vrrp track ip route show ip vrrp show ip vrrp interface show ip vrrp interface brief show ip vrrp interface stats ...

Page 1040: ...de ip vrrp no ip vrrp Syntax Interface Config Mode ip vrrp vr id no ip vrrp vr id vr id Virtual router identification Range 1 255 Default Configuration This command has no default configuration Command Mode Global Configuration or Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example enables VRRP protocol on the router console config ip...

Page 1041: ...ple key no ip vrrp vr id authentication vr id The virtual router identifier Range 1 255 none Indicates authentication type is none simple Authentication type is a simple text password key The key for simple authentication Range String values Default Configuration None is the default configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Exa...

Page 1042: ...n error message Syntax ip vrrp vr id ip ip address secondary no ip vrrp vr id ip ip address secondary vr id The virtual router identifier Range 1 255 ip address The IP address of the virtual router secondary Designates the virtual router IP address as a secondary IP address on an interface Default Configuration This command has no default configuration Command Mode Interface Configuration VLAN mod...

Page 1043: ...5 Default Configuration Disabled is the default configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example enables the virtual router for VLAN 15 console config interface vlan 15 console config if vlan15 ip vrrp 5 mode ip vrrp preempt Use the ip vrrp preempt command in Interface Configuration mode to set the preemp...

Page 1044: ...erface vlan 15 console config if vlan15 ip vrrp 5 preempt ip vrrp priority Use the ip vrrp priority command in Interface Configuration mode to set the priority value for the virtual router configured on a specified interface Use the no form of the command to return the priority to the default value Syntax ip vrrp vr id priority priority no ip vrrp vr id priority vr id The virtual router identifier...

Page 1045: ...uter advertisement Use the no form of the command to return the advertisement frequency to the default value Syntax ip vrrp vr id timers advertise seconds no ip vrrp vr id priority vr id The virtual router identifier Range 1 255 seconds The frequency at which an interface on the specified virtual router sends a virtual router advertisement Range 1 255 seconds Default Configuration seconds has a de...

Page 1046: ...When a tracked interface goes down then the priority of the router will be decreased by 10 default priority decrement for each downed interface The default priority decrement is changed using the priority argument The default priority of the virtual router is 100 and the default decrement priority is 10 By default no interfaces are tracked If we specify just the interface to be tracked without giv...

Page 1047: ...ame A VRRP configured interface can track more than one route When a tracked route goes down the priority of the router is decreased by 10 default priority decrement for each downed route By default no routes are tracked If we specify just the route to be tracked without giving the priority which is optional then the default priority will be set Use the no form of this command to remove the route ...

Page 1048: ...l router tracked list with a priority decrement value of 20 console config if vlan10 ip vrrp 1 track ip route 2 2 2 0 24 decrement 20 show ip vrrp Use the show ip vrrp command in Privileged EXEC mode to display whether VRRP functionality is enabled or disabled on the switch The command also displays some global parameters which are required for monitoring Syntax show ip vrrp Default Configuration ...

Page 1049: ...l configuration information and VRRP router statistics of a virtual router configured on a specific interface Syntax show ip vrrp interface vlan vlan id vr id vlan id Valid VLAN ID vr id The virtual router identifier Range 1 255 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following...

Page 1050: ...ble Administrative Mode Enable State Initialized Track Interface State DecrementPriority vlan 3 Down 20 Track Route pfx len Reachable DecrementPriority 10 10 10 0 24 False 20 show ip vrrp interface brief Use the show ip vrrp interface brief command in Privileged EXEC mode to display information about each virtual router configured on the switch It displays information about each virtual router ...

Page 1051: ...selected interface console show ip vrrp interface brief Interface VRID IP Address Mode State vlan1 2 0 0 0 0 Disable Initialize vlan2 5 192 168 5 55 Enable Initialize show ip vrrp interface stats Use the show ip vrrp interface stats command in User EXEC mode to display the statistical information about each virtual router configured on the switch Syntax show ip vrrp interface stats vlan vlan id vr...

Page 1052: ... router console show ip vrrp interface stats vlan 15 5 UpTime 0 days 0 hrs 0 mins 0 secs Protocol IP State Transitioned to Master 0 Advertisement Received 0 Advertisement Interval Errors 0 Authentication Failure 0 IP TTL Errors 0 Zero Priority Packets Received 0 Zero Priority Packets Sent 0 Invalid Type Packets Received 0 Address List Errors 0 Invalid Authentication Type 0 Authentication Type Mism...

Page 1053: ...ervice Commands Line Commands Management ACL Commands Password Management Commands PHY Diagnostics Commands Power Over Ethernet Commands RMON Commands Serviceability Tracing Packet Commands Sflow Commands SNMP Commands SSH Commands Syslog Commands System Management Commands Telnet Server Commands User Interface Commands Web Server Commands Autoconfig Commands This chapter explains the following co...

Page 1054: ...1054 Autoconfig Commands boot host dhcp boot host retry count show boot ...

Page 1055: ... boot host auto save Default Configuration The downloaded configuration is not automatically saved by default Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console no boot host auto save boot host dhcp The boot host dhcp command is used to enable disable Auto Config on the switch Syntax boot host dhcp no boot host dhcp Default Configuration Auto...

Page 1056: ...download a configuration Use the no form of this command to reset the number to the default Syntax boot host retry count retry no boot host retry count retry The number of attempts to download a configuration Range 1 6 Default Configuration The default number of configuration download attempts is three Command Mode Global Configuration mode User Guidelines This command has no user guidelines Examp...

Page 1057: ...ntax show boot Default Configuration Not applicable Command Mode Privileged EXEC User Guidelines This command has no user guidelines Example console show boot Config Download via DHCP enabled Auto Config State Waiting for boot options Auto Config State Resolving switch hostname Auto Config State Downloading file boot cfg ...

Page 1058: ...1058 Autoconfig Commands ...

Page 1059: ...ttp port https port show captive portal show captive portal status Captive Portal Configuration Commands block configuration enable group interface locale name protocol redirect redirect url session timeout verification Captive Portal Client Connection Commands captive portal client deauthenticate show captive portal client status show captive portal configuration client status ...

Page 1060: ... clear captive portal users no user show captive portal user user group user name user password user session timeout Captive Portal Status Commands show captive portal configuration show captive portal configuration interface show captive portal configuration locales show captive portal configuration status show trapflags captive portal Captive Portal User Group Commands user group user group move...

Page 1061: ...this command to reset the authentication timeout to the default Syntax authentication timeout timeout no authentication timeout timeout The authentication timeout Range 60 600 seconds Default Configuration The default authentication timeout is 300 seconds Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config CP authentic...

Page 1062: ...elines for this command Example console config captive portal console config CP enable Use the enable command to globally enable captive portal Use the no form of this command to globally disable captive portal Syntax enable no enable Default Configuration Captive Portal is disabled by default Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this comm...

Page 1063: ...port number to monitor Range 1 65535 Default Configuration Captive portal only monitors port 80 by default Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config CP http port 81 console config CP no http port https port Use the https port command to configure an additional HTTPS port for captive portal to monitor Use the ...

Page 1064: ...es There are no user guidelines for this command Example console config CP https port 1443 console config CP no https port show captive portal Use the show captive portal command to display the status of the captive portal feature Syntax show captive portal Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user g...

Page 1065: ...rtal status command to report the status of all captive portal instances in the system Syntax show captive portal status Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show captive portal status Additional HTTP Port 81 Additional HTTP Secure Port 1443 Authentica...

Page 1066: ...The commands in this section are related to captive portal configurations block Use the block command to block all traffic for a captive portal configuration Use the no form of this command to unblock traffic Syntax block no block Default Configuration Traffic is not blocked by default Command Mode Captive Portal Instance mode User Guidelines There are no user guidelines for this command Example c...

Page 1067: ...fault configuration cannot be deleted Syntax configuration cp id no configuration cp id cp id Captive Portal ID Range 1 10 Default Configuration There is no default configuration for this command Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config CP configuration 2 console config CP 2 enable Use the enable command to ...

Page 1068: ...ration If a group number is configured the user entry Local or RADIUS must be configured with the same name and the group to authenticate to this captive portal instance Use the no form of this command to reset the group number to the default Syntax group group number no group group number The number of the group to associate with this configuration Range 1 10 Default Configuration The default gro...

Page 1069: ...rfaces are associated with a configuration by default Command Mode Captive Portal Instance Config mode User Guidelines There are no user guidelines for this command Example console config CP 2 interface 1 g2 locale The locale command is not intended to be a user command The administrator must use the Web UI to create and customize captive portal web content This command is primarily used by the sh...

Page 1070: ...command to configure the name for a captive portal configuration Use the no form of this command to remove a configuration name Syntax name cp name no name cp name CP configuration name Range 1 32 characters Default Configuration Configuration 1 has the name Default by default All other configurations have no name by default Command Mode Captive Portal Instance mode User Guidelines There are no us...

Page 1071: ...d Mode Captive Portal Instance mode User Guidelines There are no user guidelines for this command Example console config CP 2 protocol http redirect Use the redirect command to enable the redirect mode for a captive portal configuration Use the no form of this command to disable redirect mode Syntax redirect no redirect Default Configuration Redirect mode is disabled by default Command Mode Captiv...

Page 1072: ...rection Range 1 512 characters Default Configuration There is no redirect URL configured by default Command Mode Captive Portal Instance mode User Guidelines There are no user guidelines for this command Example console config CP 2 redirect url www dell com session timeout Use the session timeout command to configure the session timeout for a captive portal configuration Use the no form of this co...

Page 1073: ...n timeout 86400 console config CP 2 no session timeout verification Use the verification command to configure the verification mode for a captive portal configuration Syntax verification guest local radius guest Allows access for unauthenticated users users that do not have assigned user names and passwords local Authenticates users against a local user database radius Authenticates users against ...

Page 1074: ...portal client Syntax captive portal client deauthenticate macaddr macaddr Client MAC address Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console captive portal client deauthenticate 0002 BC00 1290 show captive portal client status Use the show captive portal client s...

Page 1075: ...his command Example console show captive portal client status Client MAC Address Client IP Address Protocol Verification Session Time 0002 BC00 1290 10 254 96 47 https Local 0d 00 01 20 0002 BC00 1291 10 254 96 48 https Local 0d 00 05 20 0002 BC00 1292 10 254 96 49 https Radius 0d 00 00 20 console show captive portal client 0002 BC00 1290 status Client MAC Address 0002 BC00 1290 Client IP Address ...

Page 1076: ...henticated to all captive portal configurations or a to specific configuration Syntax show captive portal configuration cp id client status cp id Captive Portal ID Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show captive portal configuration client status CP ...

Page 1077: ...00 1290 10 254 96 47 1 g1 Unit 1 Slot 0 Port 1 Gigabit 0002 BC00 1291 10 254 96 48 1 g2 Unit 1 Slot 0 Port 2 Gigabit show captive portal interface client status Use the show captive portal interface client status command to display information about clients authenticated on all interfaces or a specific interface Syntax show captive portal interface interface client status interface A valid interfa...

Page 1078: ...igabit 0002 BC00 1290 10 254 96 47 0002 BC00 1291 10 254 96 48 1 g2 Unit 1 Slot 0 Port 2 Gigabit 0002 BC00 1292 10 254 96 49 1 g3 Unit 1 Slot 0 Port 3 Gigabit 0002 BC00 1293 10 254 96 50 console show captive portal interface 1 g1 client status Interface 1 g1 Interface Description Unit 1 Slot 0 Port 1 Gigabit Client Client MAC Address IP Address CP ID CP Name Protocol Verification 0002 BC00 1290 10...

Page 1079: ...yntax show captive portal interface configuration cp id status cp id Captive Portal ID Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show captive portal interface configuration status CP ID CP Name Interface Interface Description Type 1 Default 1 g1 Unit 1 Slot...

Page 1080: ... user entries Syntax clear captive portal users Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console clear captive portal users no user Use the no user command to delete a user from the local user database If the user has an existing session it is disconnected Syntax ...

Page 1081: ...1 show captive portal user Use the show captive portal user command to display all configured users or a specific user in the captive portal local user database Syntax show captive portal user user id user id User ID Range 1 128 Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Ex...

Page 1082: ...l user 1 User ID 1 User Name user123 Password Configured Yes Session Timeout 0 Group ID Group Name 1 Default 2 group2 user group Use the user group command to associate a group with a captive portal user Use the no form of this command to disassociate a group and user A user must be associated with at least one group so the last group cannot be disassociated ...

Page 1083: ... Configuration mode User Guidelines There are no user guidelines for this command Example console config CP user 1 group 3 user name Use the user name command to modify the user name for a local captive portal user Syntax user user id name name user id User ID Range 1 128 name user name Range 1 32 characters Default Configuration There is no name for a user by default Command Mode Captive Portal C...

Page 1084: ...x user user id password password encrypted enc password user id User ID Range 1 128 password User password Range 8 64 characters enc password User password in encrypted form Default Configuration There are no users configured by default Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console Config CP user 1 password Enter passwo...

Page 1085: ...Session timeout 0 indicates use global configuration Range 0 86400 seconds Default Configuration The global session timeout is used by default Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config CP user 1 session timeout 86400 console config CP no user 1 session timeout Captive Portal Status Commands show captive porta...

Page 1086: ...ptive portal configuration 1 CP ID 1 CP Name cp1 Operational Status Disabled Disable Reason Administrator Disabled Blocked Status Not Blocked Authenticated Users 0 show captive portal configuration interface Use the show captive portal configuration interface command to display information about all interfaces assigned to a captive portal configuration or about a specific interface assigned to a c...

Page 1087: ...here are no user guidelines for this command Example console show captive portal configuration 1 interface CP ID 1 CP Name cp1 Operational Block Interface Interface Description Status Status 1 g1 Unit 1 Slot 0 Port 1 Gigabit Level Disabled Blocked console show captive portal configuration 1 interface 1 g1 CP ID 1 CP Name cp1 Interface 1 g1 Interface Description Unit 1 Slot 0 Port 1 Gigab Operation...

Page 1088: ...d to display locales associated with a specific captive portal configuration Syntax show captive portal configuration cp id locales cp id Captive Portal Configuration ID Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show captive portal configuration 1 locales L...

Page 1089: ... portal configuration cp id status cp id Captive Portal ID Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show captive portal configuration status CP ID CP Name Mode Protocol Verification 1 cp1 Enable https Guest 2 cp2 Enable http Local 3 cp3 Disable https Guest...

Page 1090: ...86400 show trapflags captive portal Use the show trapflags captive portal command to display which captive portal traps are enabled Syntax show trapflags captive portal Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show trapflags captive portal ...

Page 1091: ...oup command to create a user group Use the no form of this command to delete a user group The default user group 1 cannot be deleted Syntax user group group id no user group group id group id Group ID Range 1 10 Default Configuration User group 1 is created by default and cannot be deleted Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command ...

Page 1092: ...e 1 10 new group id Group ID Range 1 10 Default Configuration There is no default configuration for this command Command Mode Captive Portal Configuration mode User Guidelines The new group id must already exist Example console config CP user group 2 moveusers 3 user group name Use the user group name command to configure a group name Syntax user group group id name name group id Group ID Range 1 ...

Page 1093: ... 1093 Default Configuration User groups have no names by default Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config CP user group 2 name group2 ...

Page 1094: ...1094 Captive Portal Commands ...

Page 1095: ...t enable sntp client poll timer sntp server sntp trusted key sntp unicast client enable clock timezone hours offset no clock timezone clock summer time recurring clock summer time date no clock summer time show clock show clock Use the show clock command in User EXEC mode to display the time and date from the system clock Syntax show clock Default Configuration This command has no default setting ...

Page 1096: ...sntp configuration Use the show sntp configuration command in Privileged EXEC mode to show the configuration of the Simple Network Time Protocol SNTP Syntax show sntp configuration Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the current SNTP configuration...

Page 1097: ...cast servers Server Key Polling Priority 10 27 128 21 Disabled Enabled 1 show sntp status Use the show sntp status command in Privileged EXEC mode to show the status of the Simple Network Time Protocol SNTP Syntax show sntp status Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines ...

Page 1098: ...1 20 Mar 30 2009 sntp authenticate Use the sntp authenticate command in Global Configuration mode to require server authentication for received Network Time Protocol NTP traffic To disable the feature use the no form of this command Syntax sntp authenticate no sntp authenticate Default Configuration No authentication Command Mode Global Configuration mode User Guidelines The command is relevant fo...

Page 1099: ...ey for Simple Network Time Protocol SNTP To remove the authentication key for SNTP use the no form of this command Syntax sntp authentication key key number md5 value no sntp authentication key number key number number Range 1 4294967295 value value Range 1 8 characters Default value No authentication is defined Command Mode Global Configuration mode User Guidelines This command has no user guidel...

Page 1100: ...figuration The SNTP Broadcast client is disabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enables a Simple Network Time Protocol SNTP Broadcast client console config sntp broadcast client enable sntp client poll timer Use the sntp client poll timer command in Global Configuration mode to set the polling time for the Si...

Page 1101: ...sole config sntp client poll timer 1024 sntp server Use the sntp server command in Global Configuration mode to configure the device to use Simple Network Time Protocol SNTP to request and accept SNTP traffic from a specified server To remove a server from the list of SNTP servers use the no form of this command Syntax sntp server ip address hostname priority priority poll key key number no sntp s...

Page 1102: ...mand Example The following example configures the device to accept Simple Network Time Protocol SNTP traffic from the server at IP address 192 1 1 1 console config sntp server 192 1 1 1 sntp trusted key Use the sntp trusted key command in Global Configuration mode to authenticate the identity of a system to which Simple Network Time Protocol SNTP will synchronize To disable authentication of the i...

Page 1103: ...8 console config sntp authenticate sntp unicast client enable Use the sntp unicast client enable command in Global Configuration mode to enable a client to use Simple Network Time Protocol SNTP predefined Unicast clients To disable an SNTP Unicast client use the no form of this command Syntax sntp unicast client enable no sntp unicast client enable Default Configuration The SNTP Unicast client is ...

Page 1104: ...al parameters are not specified they will be read as either 0 or 0 as appropriate Syntax clock timezone hours offset minutes minutes offset zone acronym hours offset Hours difference from UTC Range 12 to 13 minutes offset Minutes difference from UTC Range 0 59 acronym The acronym for the time zone Range Up to four characters Command Mode Global Configuration Default Value No default setting User G...

Page 1105: ...mmand to set the summertime offset to UTC recursively every year If the optional parameters are not specified they are read as either 0 or 0 as appropriate Syntax clock summer time recurring usa eu week day month hh mm week day month hh mm offset offset zone acronym week Week of the month Range 1 5 first last day Day of the week Range The first three letters by name sun for example month Month Ran...

Page 1106: ... month date year hh mm date month month date year hh mm offset offset zone acronym command to set the summertime offset to UTC If the optional parameters are not specified they are read as either 0 or 0 as appropriate Syntax clock summer time date date month month date year hh mm date month month date year hh mm offset offset zone acronym date Day of the month Range 1 31 month Month Range The firs...

Page 1107: ...es No specific guidelines Examples console config clock summer time date 1 Apr 2007 02 00 28 Oct 2007 offset 90 zone EST or console config clock summer time date Apr 1 2007 02 00 Oct 28 2007 offset 90 zone EST no clock summer time Use the no clock summer time command to reset the summertime configuration Syntax Description no clock summer time Default Configuration This command has no default conf...

Page 1108: ...mertime configuration Syntax Description show clock detail Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines No specific guidelines Example The following example shows the time and date only console show clock 15 29 03 PDT UTC 7 Jun 17 2005 Time source is SNTP The following example shows the time date timezone and summertime configuration ...

Page 1109: ...s 1109 Time source is SNTP Time zone Acronym is PST Offset is UTC 7 Summertime Acronym is PDT Recurring every year Begins at first Sunday of April at 2 00 Ends at last Sunday of October at 2 00 Offset is 60 minutes ...

Page 1110: ...1110 Clock Commands ...

Page 1111: ...explains the following commands boot system clear config copy delete backup config delete backup image delete startup config filedescr script apply script delete script list script show script validate show backup config show bootvar show dir show running config show startup config update bootcode ...

Page 1112: ...has no default configuration Command Mode Privileged EXEC mode User Guidelines Use the show bootvar command to find out which image is the active image Example The following example loads system image image1 for the next device startup console boot system image1 clear config Use the clear config command in Privileged EXEC mode to restore the switch to the default configuration Syntax clear config ...

Page 1113: ...name copy ftp ftp ipaddr filepath filename image source url The location URL or reserved keyword of the source file being copied Range 1 160 characters destination url The URL or reserved keyword of the destination file Range 1 160 characters ipaddr The IPv4 or IPv6 address of the server hostname Hostname of the server Range 1 158 characters filepath The path to the file on the server filename The...

Page 1114: ...le When image is the target of a copy command it refers to the backup image When image is the source of a copy command it refers to the active image If this is destination the file will be distributed to all units in the stack ftp Source or destination URL for an FTP network server The syntax for this alias is ftp ipaddr filepath filename image tftp Source or destination URL for a TFTP network ser...

Page 1115: ...to the Running Configuration Use the copy source url running config command to load a configuration file from a network server to the device running configuration The configuration is added to the running configuration as if the commands were typed in the command line interface CLI The resulting configuration file is a combination of the previous running configuration and the loaded configuration ...

Page 1116: ...n image to another unit This means that a copy command allows the management node to distribute its existing code to other nodes The command syntax is copy image unit all 1 12 NOTE The copy command can accept the unit all 1 12 only as the destination url In this case only image can be the source url NOTE The copy image unit all command does not copy the active image to the backup image on the mana...

Page 1117: ...ample The following example deletes the backup config file console delete backup config Delete backup config Y N y delete backup image Use the delete backup image command in Privileged EXEC mode to delete a file from a flash memory device Syntax delete backup image Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines Note that the active...

Page 1118: ...ig Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines If the startup config file is not present when system reboots it reboots with default settings Example The following example deletes the startup config file console delete startup config Delete startup config y n filedescr Use the filedescr command in Privileged EXEC mode to add a d...

Page 1119: ... EXEC mode User Guidelines This command has no user guidelines Example The following example attaches a file description to image2 console filedescr image2 backedup on 03 22 05 script apply Use the script apply command in Privileged EXEC mode to apply the commands in the script to the switch Syntax script apply scriptname scriptname Name of the script file to apply Range 1 31 characters Default Co...

Page 1120: ...t Syntax script delete scriptname all scriptname Script name of the file being deleted Range 1 31 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example deletes all scripts from the switch console script delete all script list Use the script list command in Privil...

Page 1121: ...ing example displays all scripts present on the switch console script list Configuration Script Name Size Bytes 0 configuration script s found 2048 Kbytes free script show Use the script show command in Privileged EXEC mode to display the contents of a script file Syntax script show scriptname scriptname Name of the script file to be displayed Range 1 31 characters Default Configuration This comma...

Page 1122: ...ipt validate command in Privileged EXEC mode to validate a script file by parsing each line in the script file The validate option is intended for use as a tool in script development Validation identifies potential problems though it may not identify all problems with a given script Syntax script validate scriptname scriptname Name of the script file being validated Range 1 31 characters Default C...

Page 1123: ... display the contents of the backup configuration file Syntax show backup config Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example shows backup config data console show backup config software version 1 1 hostname device interface ethernet 1 g1 ip address 176 242 100 100...

Page 1124: ...active system image file that the device loads at startup Syntax show bootvar unit unit Unit number Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays the active system image file that the device loads at startup console show bootvar Image Descriptions image1 default ...

Page 1125: ...Use the show dir command to list all the files available on the flash file system TrueFlashFileSystem The user can view the file names and the size of each file Syntax Description show dir Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines No specific guidelines Example console show dir File name Size in bytes ...

Page 1126: ...show running config command In addition please note that this non readable data is contained and displayed at the end of the script files Syntax show running config all scriptname all To display or capture the commands with settings and configuration that are equal to the default value include the all option scriptname If the optional scriptname is provided the output is redirected to a script fil...

Page 1127: ...is command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the contents of the startup config file console show startup config 1 Current Configuration 2 System Description PowerConnect M8024 1 0 0 0 VxWorks6 5 3 System Software Version 1 0 0 0 4 5 configure 6 vlan database 7 vlan 3 1000 1001 8...

Page 1128: ...terface ethernet 1 g17 20 switchport mode general 21 switchport general pvid 1001 22 no switchport general acceptable frame type tagged only 23 switchport general allowed vlan add 1000 1001 24 switchport general allowed vlan remove 1 25 exit 26 27 interface ethernet 1 xg3 28 channel group 1 mode auto 29 exit 30 31 interface ethernet 1 xg4 32 channel group 1 mode auto 33 exit 34 snmp server communi...

Page 1129: ... switch the bootcode is extracted from the active image and programmed to flash Syntax update bootcode unit unit Unit number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines If unit is not specified all units are updated Example The following example updates the bootcode on unit 2 console update bootcode 2 ...

Page 1130: ...1130 Configuration and Image File Commands ...

Page 1131: ...xplains the following commands dos control firstfrag dos control icmp dos control l4port dos control sipdip dos control tcpflag dos control tcpfrag ip icmp echo reply ip icmp error interval ip unreachables ip redirects ipv6 icmp error interval ipv6 unreachables show dos control ...

Page 1132: ... size is 20 ICMP packet size is 512 Default Configuration Denial of Service is disabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example defines a minimum TCP header size of 20 Packets entering with a smaller header size are dropped console config dos control firstfrag 20 dos control icmp Use the dos control icmp command in Gl...

Page 1133: ...aximum ICMP Packet Denial of Service protection with a maximum packet size of 1023 console config dos control icmp 1023 dos control l4port Use the dos control l4port command in Global Configuration mode to enable L4 Port Denial of Service protection If the mode is enabled Denial of Service prevention is active for this type of attack If packets ingress having Source TCP UDP Port Number equal to De...

Page 1134: ...IP Address Destination IP Address SIP DIP Denial of Service protection If the mode is enabled Denial of Service prevention is active for this type of attack If packets ingress with SIP DIP the packets is dropped if the mode is enabled Syntax dos control sipdip no dos control sipdip Default Configuration Denial of Service is disabled Command Mode Global Configuration mode User Guidelines This comma...

Page 1135: ... SYN and FIN both set the packets are dropped Syntax dos control tcpflag no dos control tcpflag Default Configuration Denial of Service is disabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example activates TCP Flag Denial of Service protections console config dos control tcpflag dos control tcpfrag Use the dos control tcpfrag...

Page 1136: ...vice protection console config dos control tcpfrag ip icmp echo reply Use the ip icmp echo reply command to enable or disable the generation of ICMP Echo Reply messages Use the no form of this command to prevent the generation of ICMP Echo Replies Syntax ip icmp echo reply no ip icmp echo reply Default Configuration ICMP Echo Reply messages are enabled by default Command Mode Global Configuration ...

Page 1137: ...interval and burst size to their default values Syntax ip icmp error interval burst interval burst size no ip icmp error interval burst interval How often the token bucket is initialized Range 0 2147483647 milliseconds burst size The maximum number of messages that can be sent during a burst interval Range 1 200 Default Configuration Rate limiting is enabled by default The default burst interval i...

Page 1138: ...eachable messages are enabled Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan10 ip icmp unreachables ip redirects Use the ip redirects command to enable the generation of ICMP Redirect messages Use the no form of this command to prevent the sending of ICMP Redirect Messages In global configuration mode this...

Page 1139: ...two configurable parameters Burst size and burst interval Use the no form of this command to return burst interval and burst size to their default values To disable ICMP rate limiting set burst interval to zero Syntax ipv6 icmp error interval burst interval burst size no ipv6 icmp error interval burst interval How often the token bucket is initialized Range 0 2147483647 milliseconds burst size The...

Page 1140: ...he no form of this command to prevent the generation of ICMPv6 Destination Unreachable messages Syntax ipv6 unreachables no ipv6 unreachables Default Configuration ICMPv6 Destination Unreachable messages are enabled by default Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan10 ipv6 unreachables show dos cont...

Page 1141: ...EXEC mode User Guidelines This command has no user guidelines Example The following example displays Denial of Service configuration information console show dos control SIPDIP Mode Disable First Fragment Mode Disable Min TCP Hdr Size 20 TCP Fragment Mode Disable TCP Flag Mode Disable L4 Port Mode Disable ICMP Mode Disable Max ICMP Pkt Size 512 ...

Page 1142: ...1142 Denial of Service Commands ...

Page 1143: ...Line Commands 1143 57 Line Commands This chapter explains the following commands exec timeout history history size line show line speed ...

Page 1144: ...l time intervals in seconds Range 0 59 Default Configuration The default configuration is 10 minutes Command Mode Line Configuration mode User Guidelines To specify no timeout enter the exec timeout 0 command Example The following example configures the interval that the system waits until user input is detected to 20 minutes console config line console console config line exec timeout 20 history ...

Page 1145: ... console config line no history history size Use the history size command in Line Configuration mode to change the command history buffer size for a particular line To reset the command history buffer size to the default setting use the no form of this command Syntax history size number of commands no history size number of commands Specifies the number of commands the system may record in its com...

Page 1146: ...entify a specific line for configuration and enter the line configuration command mode Syntax line console telnet ssh console Console terminal line telnet Virtual terminal for remote console access Telnet ssh Virtual terminal for secured remote console access SSH Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has ...

Page 1147: ...ote console access Telnet ssh Virtual terminal for secured remote console access SSH Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays the line configuration console show line Console configuration Interactive timeout Disabled History 10 Baudrate 9600 Databits 8 Pari...

Page 1148: ...e Use the no form of the command to restore the default settings Syntax speed bps no speed bps Baud rate in bits per second bps The options are 2400 9600 19200 38400 57600 and 115200 Default Configuration This default speed is 9600 Command Mode Line Interface console mode User Guidelines This configuration applies only to the current session Example The following example configures the console bau...

Page 1149: ...mands 1149 58 Management ACL Commands This chapter explains the following commands deny management management access class management access list permit management show management access class show management access list ...

Page 1150: ... routed port channel number ip address Source IP address mask mask Specifies the network mask of the source IP address mask prefix length Specifies the number of bits that comprise the source IP address prefix The prefix length must be preceded by a forward slash Range 0 32 service service Indicates service type Can be one of the following telnet ssh http https tftp or snmp priority priority Prior...

Page 1151: ... restriction use the no form of this command Syntax management access class console only name no management access class name A valid access list name Range 1 32 characters console only The switch can be managed only from the console Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The...

Page 1152: ...rs Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command enters the access list configuration mode where the denied or permitted access conditions with the deny and permit commands must be defined If no match criteria are defined the default is deny If reentering to an access list context the new rules are entered at the...

Page 1153: ...cal deny ethernet 2 g9 priority 1 64 console config macal permit priority 1 64 console config macal exit console config management access class mlist permit management Use the permit command in Management Access List configuration mode to set conditions for the management access list Syntax permit ip source ip address mask mask prefix length ethernet interface number vlan vlan id port channel numb...

Page 1154: ...alue Priority for the rule Range 1 64 Default Configuration This command has no default configuration Command Mode Management Access list Configuration mode User Guidelines Rules with ethernet vlan and port channel parameters are valid only if an IP address is defined on the appropriate interface Ensure that each rule has a unique priority Examples The following example shows how to configure two ...

Page 1155: ...permit priority 1 64 console config macal exit console config management access class mlist show management access class Use the show management access class command in Privileged EXEC mode to display information about the active management access list Syntax show management access class Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelin...

Page 1156: ...nt access list name name A valid access list name Range 1 32 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the active management access list console show management access list mlist permit priority 1 ethernet 1 g1 permit priority 2 ethernet 2 g1...

Page 1157: ...rd Management Commands 1157 59 Password Management Commands This chapter explains the following commands passwords aging passwords history passwords lock out passwords min length show passwords configuration ...

Page 1158: ...ng is disabled Command Mode Global Configuration mode User Guidelines The passwords aging feature functions only if the switch clock is synchronized to an SNTP server See Clock Commands on page 1095 for additional information Example The following example sets the password age limit to 100 days console config passwords aging 100 passwords history As administrator use the passwords history command ...

Page 1159: ...by the system at 10 console config passwords history 10 passwords lock out As the administrator use the passwords lock out command in Global Configuration mode to strengthen the security of the switch by enabling the user lockout feature When a lockout count is configured a user who is logging in must enter the correct password within that count Otherwise that user will be locked out from further ...

Page 1160: ... length command in Global Configuration mode to configure the minimum length required for passwords in the local database Use the no version of this command to disable any minimum password length limitation If the password length requirement is disabled users can be created with no password In other words when you issue the no passwords min length command the minimum password length is zero Syntax...

Page 1161: ...vileged EXEC mode to show the parameters for password configuration Syntax show passwords configuration Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the command output console show passwords configuration passwords configuration Minimum password length dis...

Page 1162: ...1162 Password Management Commands aging enabled aging value 30 days User lockout enabled User lockout attempts 3 ...

Page 1163: ...agnostics Commands 1163 60 PHY Diagnostics Commands This chapter explains the following commands show copper ports cable length show copper ports tdr show fiber ports optical transceiver test copper port tdr ...

Page 1164: ...tion This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The port must be active and working in a 100M or 1000M mode Example The following example displays the estimated copper cable length attached to all ports console show copper ports cable length Port Length meters 1 g1 50 1 g2 Copper not active 1 g3 110 140 1 g4 Fiber show copper ports tdr Use the show ...

Page 1165: ...er related commands do not apply to the stacking CX 4 or 10GBaseT ports associated with these plug in modules The maximum length of the cable for the Time Domain Reflectometry TDR test is 120 meters Example The following example displays the last TDR tests on all ports console show copper ports tdr Port Result Length meters Date 1 g1 OK 1 g2 Short 50 13 32 00 23 July 2004 1 g3 Test has not been pr...

Page 1166: ...s unit port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The show fiber ports command is only applicable to the SFP combo ports and XFP ports not the ports on the SFP plug in module Examples The following examples display the optical transceiver diagnostics console show fiber ports optical transceiver Port Temp Voltage Current Ou...

Page 1167: ...in Reflectometry TDR technology the quality and characteristics of a copper cable attached to a port Syntax test copper port tdr interface interface A valid Ethernet port The full syntax is unit port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines During the test shut down the port under test unless it is a combo port with an active...

Page 1168: ...1168 PHY Diagnostics Commands The following example results in a failure to report on the cable attached to port 2 g3 console test copper port tdr 2 g3 Can t perform the test on fiber ports ...

Page 1169: ...t Commands This chapter explains the following commands power inline power inline legacy power inline powered device power inline priority power inline traps power inline usage threshold show poe firmware version show power inline show power inline ethernet ...

Page 1170: ...ever Disables the device discovery protocol and stops supplying power to the device Command Mode Interface Configuration Ethernet Usage Guidelines No specific guidelines Default Value auto Examples console config interface ethernet 1 g1 console config if 1 g1 power inline auto power inline legacy The power inline legacy command enables disables the ability of the switch to support legacy Ethernet ...

Page 1171: ... inline powered device Interface Configuration Ethernet mode command adds a comment or description of the powered device type to enable the user to remember what is attached to the interface To remove the description use the no form of this command Syntax Description power inline powered device pd type no power inline powered device pd type Specifies the type of powered device attached to the inte...

Page 1172: ...r capacity is not available for all enabled ports For ports that have the same priority level the lower numbered port has higher priority For a system delivering peak power to a certain number of devices if a new device is attached on a high priority port power will be shut down to a device on a low priority port and the new device will get powered up Syntax Description power inline priority criti...

Page 1173: ...The power inline usage threshold command configures the system power usage threshold level at which a trap is generated The threshold is configured as a percentage of the total available system power As specified in the Serial Communication Manual for PD63000 from PowerDSine 06 0032 056 UG PD63000 Serial Communication Protocol v5 2 Section 4 5 8 the power limit beyond which lower priority ports ar...

Page 1174: ... Command Mode Global Configuration Usage Guidelines No specific guidelines Default Value 95 Examples console config power inline usage threshold 90 show poe firmware version The show poe firmware version command displays the version of the PoE controller firmware present on the switch file system Syntax Description show poe firmware version Command Mode Privileged EXEC Usage Guidelines No specific...

Page 1175: ...ays the total available power the total power consumed in the system and the globally set usage threshold Syntax Description show power inline Parameter Ranges None Command Mode Privileged EXEC Usage Guidelines No specific guidelines Example console show power inline Unit Status Unit1 Power On Nominal Power 150 watt Consumed Power 120 watts 80 Unit2 ...

Page 1176: ...iorityStatusClassification w 1 g1IP Phone Model AAutoHighOn0 44 12 95 1 g2Wireless AP ModelAutoLowOn0 44 3 84 show power inline ethernet The show power inline ethernet command displays the inline power summary for the interface Syntax Description show power inline ethernet interface interface A valid slot port in the system Command Mode Privileged EXEC Usage Guidelines No specific guidelines ...

Page 1177: ...les console show power inline ethernet 1 g13 Port Powered Device State Priority Status Class W Power mW 1 g13 auto Low On 3 84 6 49 5000 Overload Counter 0 Short Counter 0 Denied Counter 0 Absent Counter 0 Invalid Signature Counter 0 console ...

Page 1178: ...1178 Power Over Ethernet Commands ...

Page 1179: ...ands This chapter explains the following commands rmon alarm rmon collection history rmon event show rmon alarm show rmon alarm table show rmon collection history show rmon events show rmon history show rmon log show rmon statistics ...

Page 1180: ...ndex used when a falling threshold is crossed Range 1 65535 type type The sampling method for the selected variable and calculating the value to be compared against the thresholds If the method is absolute the value of the selected variable is compared directly with the thresholds at the end of the sampling interval If the method is delta the selected variable value at the last sample is subtracte...

Page 1181: ...itions Alarm index 1 Variable identifier 1 3 6 1 2 1 2 2 1 10 5 Sample interval 10 seconds Rising threshold 500000 Falling threshold 10 Rising threshold event index 1 Falling threshold event index 1 console config rmon alarm 1 1 3 6 1 2 1 2 2 1 1 10 5 10 50000 10 1 1 rmon collection history Use the rmon collection history command in Interface Configuration mode to enable a Remote Monitoring RMON M...

Page 1182: ...Range 1 65535 interval seconds The number of seconds in each polling cycle If unspecified defaults to 1800 Range 1 3600 Default Configuration The buckets configuration is 50 The interval configuration is 1800 seconds Command Mode Interface Configuration Ethernet Port Channel mode User Guidelines This command cannot be executed on multiple ports using the interface range ethernet command Example Th...

Page 1183: ...de in the log table for each event In the case of trap an SNMP trap is sent to one or more management stations community text If an SNMP trap is to be sent it is sent to the SNMP community specified by this octet string Range 0 127 characters description text A comment describing this event Range 0 127 characters owner name Enter a name that specifies who configured this event If unspecified the n...

Page 1184: ... 1 65535 Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays RMON 1 alarms console show rmon alarm 1 Alarm 1 OID 1 3 6 1 2 1 2 2 1 10 1 Last sample Value 878128 Interval 30 Sample Type delta Startup Alarm rising Rising Threshold 8700000 Falling Threshold 78 Rising Even...

Page 1185: ... sample is subtracted from the current value and the difference compared with the thresholds Startup Alarm The alarm that may be sent when this entry is first set If the first sample is greater than or equal to the rising threshold and startup alarm is equal to rising or rising and falling then a single rising alarm is generated If the first sample is less than or equal to the falling threshold an...

Page 1186: ...mand Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays the alarms summary table console show rmon alarm table Index OID Owner 1 1 3 6 1 2 1 2 2 1 10 1 CLI 2 1 3 6 1 2 1 2 2 1 10 1 Manager 3 1 3 6 1 2 1 2 2 1 10 9 CLI The following table describes the significant fields shown in the display Owner The entity that configured this entry Fiel...

Page 1187: ...ernet port The full syntax is unit port port channel number Valid trunk index Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays all RMON group statistics console show rmon collection history Index Interface Interval Requested Granted Ow ner Samples Samples Index An i...

Page 1188: ...show rmon events Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Field Description Index An index that uniquely identifies the entry Interface The sampled Ethernet interface Interval The interval in seconds between samples Requested Samples The requested number of samples to be saved Granted Samples The...

Page 1189: ...story index throughput errors other period seconds Field Description Index An index that uniquely identifies the event Description A comment describing this event Type The type of notification that the device generates about this event Can have the following values none log trap log trap In the case of log an entry is made in the log table for each event In the case of trap an SNMP trap is sent to...

Page 1190: ...o default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Examples The following example displays RMON Ethernet Statistics history for throughput on index number 1 console show rmon history 1 throughput Sample Set 1 Owner CLI Interface 1 g1 interval 1800 Requested samples 50 Granted samples 50 Maximum table size 270 Time Octets Packets Broadcast Multic...

Page 1191: ...Requested samples 50 Granted samples 50 Maximum table size 270 Time Dropped Collisions 10 Mar 2005 22 06 00 3 0 10 Mar 2005 22 06 20 3 0 The following table describes the significant fields shown in the display console show rmon history 1 errors Sample Set 1 Owner Me Interface 1 g1 interval 1800 Requested samples 50 Granted samples 50 Maximum table size 500 800 after reset Time CRC Align Undersize...

Page 1192: ...ing framing bits but including FCS octets between 64 and 1518 octets inclusive but had either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets Alignment Error Undersize The number of packets received during this sampling interval that were less than 64 octets long excluding framing bits but including FCS octets and were ot...

Page 1193: ... or a bad FCS with a non integral number of octets Alignment Error Dropped The total number of events in which packets were dropped by the probe due to lack of resources during this sampling interval This number is not necessarily the number of packets dropped It is just the number of times this condition has been detected Collisions The best estimate of the total number of collisions on this Ethe...

Page 1194: ...o default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following examples display the RMON logging table console show rmon log Maximum table size 100 Event Description Time 1 Errors Jan 18 2005 23 48 19 1 Errors Jan 18 2005 23 58 17 2 High Broadcast Jan 18 2005 23 59 48 console show rmon log Maximum table size 100 100 after reset Event D...

Page 1195: ... statistics ethernet interface port channel port channel number interface Valid Ethernet unit port port channel number Valid port channel trunk index Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays RMON Ethernet Statistics for port 1 g1 Field Description Event An i...

Page 1196: ... by the probe due to lack of resources This number is not always the number of packets dropped it is the number of times this condition has been detected Octets The total number of octets of data including those in bad packets received on the network excluding framing bits but including FCS octets Packets The total number of packets including bad packets Broadcast packets and Multicast packets rec...

Page 1197: ...f octets Alignment Error Jabbers The total number of packets received longer than 1518 octets excluding framing bits but including FCS octets and either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets Alignment Error Collisions The best estimate of the total number of collisions on this Ethernet segment 64 Octets The tota...

Page 1198: ... are between 512 and 1023 octets in length inclusive excluding framing bits but including FCS octets 1024 to 1518 Octets The total number of packets including bad packets received that are between 1024 and 1518 octets in length inclusive excluding framing bits but including FCS octets Field Description ...

Page 1199: ...ds debug arp debug auto voip debug clear debug console debug dot1x debug igmpsnooping debug ip acl debug ip dvmrp debug ip igmp debug ip mcache debug ip pimdm debug ip pimsm debug ip vrrp debug ipv6 mcache debug ipv6 mld debug ipv6 pimdm debug ipv6 pimsm debug isdp debug lacp debug mldsnooping debug ospf debug ospfv3 debug ping ...

Page 1200: ...1200 Serviceability Tracing Packet Commands debug rip debug sflow debug spanning tree show debugging NOTE Debug commands are not persistent across resets ...

Page 1201: ...mand Mode Privileged EXEC mode User Guidelines There are no usage guidelines for this command Example console debug arp debug auto voip Use the debug auto voip command to enable Auto VOIP debug messages Use the optional parameters to trace H323 SCCP or SIP packets respectively Use the no form of this command to disable Auto VOIP debug messages Syntax debug auto voip H323 SCCP SIP no debug auto voi...

Page 1202: ...tax debug clear Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no usage guidelines for this command Example console debug clear debug console Use the debug console to enable the display of debug trace output on the login session in which it is executed Debug console display must be enabled in order to view any tr...

Page 1203: ...ation Display of debug traces is disabled by default Command Mode Privileged EXEC mode User Guidelines There are no usage guidelines for this command Example console debug console debug dot1x Use the debug dot1x command to enable dot1x packet tracing Use the no form of this command to disable dot1x packet tracing Syntax debug dot1x packet receive transmit no debug dot1x packet receive transmit Def...

Page 1204: ...ce in order to monitor packets for a particular interface Syntax debug igmpsnooping packet receive transmit no debug igmpsnooping packet receive transmit Default Configuration Display of IGMP Snooping traces is disabled by default Command Mode Privileged EXEC mode User Guidelines There are no usage guidelines for this command Example console debug igmpsnooping packet debug ip acl Use the debug ip ...

Page 1205: ...RP packet reception and transmission The receive option traces only received DVMRP packets and the transmit option traces only transmitted DVMRP packets When neither keyword is used in the command all DVMRP packet traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitted is displ...

Page 1206: ...keyword is used in the command then all IGMP packet traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitted is displayed on the console Use the no form of this command to disable IGMP traces Syntax debug ip igmp packet receive transmit no debug ip igmp packet receive transmit D...

Page 1207: ...eive transmit no debug ip mcache packet receive transmit Default Configuration Display of MDATA traces is disabled by default Command Mode Privileged EXEC mode User Guidelines There are no usage guidelines for this command Example console debug ip mcache packet debug ip pimdm Use the debug ip pimdm command to trace PIMDM packet reception and transmission The receive option traces only received PIM...

Page 1208: ...nd transmission The receive option traces only received PIMSM packets and the transmit option traces only transmitted PIMSM packets When neither keyword is used in the command then all PIMSM packet traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitted is displayed on the cons...

Page 1209: ...t debug ip vrrp Use the debug ip vrrp command to enable VRRP debug protocol messages Use the no form of this command to disable VRRP debug protocol messages Syntax debug ip vrrp no debug ip vrrp Default Configuration Display of VRRP traces is disabled by default Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console debug ip vrrp ...

Page 1210: ...ebug ipv6 mcache packet receive transmit Default Configuration Display of MDATA traces is disabled by default Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console debug ipv6 mcache packet debug ipv6 mld Use the debug ipv6 mld command to trace MLD packet reception and transmission The receive option traces only received MLD packets and the transmit o...

Page 1211: ...ansmission The receive option traces only received PIMDMv6 packets and the transmit option traces only transmitted PIMDMv6 packets When neither keyword is used in the command then all PIMDMv6 packet traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitted is displayed on the con...

Page 1212: ...eyword is used in the command then all PIMSMv6 packet traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitted is displayed on the console Use the no form of this command to disable PIMSMv6 tracing Syntax debug ipv6 pimsm packet receive transmit no debug ipv6 pimsm packet receiv...

Page 1213: ...ace on which the packet is received or transmitted is displayed on the console Use the no form of this command to disable ISDP tracing Syntax debug isdp packet receive transmit no debug isdp packet receive transmit Default Configuration Display of ISDP traces is disabled by default Command Mode Privileged EXEC mode Usage Guidelines There are no usage guidelines for this command Example console deb...

Page 1214: ...e transmit option traces only transmitted MLD snooping packets When neither keyword is used in the command then all MLD snooping packet traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitted is displayed on the console Use the no form of this command to disable tracing of MLD ...

Page 1215: ...s command to disable tracing of OSPF packets Syntax debug ospf packet no debug ospf packet Default Configuration Display of OSPF traces is disabled by default Command Mode Privileged EXEC mode Usage Guidelines There are no usage guidelines for this command Example console debug ospf packet debug ospfv3 Use the debug ospfv3 command to enable tracing of OSPFv3 packets received and transmitted by the...

Page 1216: ...s command Example console debug ospfv3 packet debug ping Use the debug ping command to enable tracing of ICMP echo requests and responses This command traces pings on the network port and on the routing interfaces Use the no form of this command to disable tracing of ICMP echo requests and responses Syntax debug ping packet no debug ping packet Default Configuration Display of ICMP echo traces is ...

Page 1217: ...se the no form of this command to disable tracing of RIP requests and responses Syntax debug rip packet no debug rip packet Default Configuration Display of RIP traces is disabled by default Command Mode Privileged EXEC mode Usage Guidelines There are no usage guidelines for this command Example console debug rip packet debug sflow Use the debug sflow command to enable sFlow debug packet trace Use...

Page 1218: ... option traces only received spanning tree BPDUs and the transmit option traces only transmitted BPDUs When neither keyword is used in the command all spanning tree BPDU traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitted is displayed on the console Use the no form of this ...

Page 1219: ...ebugging Use the show debugging command to display packet tracing configurations Syntax show debugging no show debugging Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Usage Guidelines Enabled packet tracing configurations are displayed Example console debug arp Arp packet tracing enabled console show debugging Arp packet tracing enabled ...

Page 1220: ...1220 Serviceability Tracing Packet Commands ...

Page 1221: ...ands This chapter explains the following commands sflow destination sflow polling sflow polling Interface Mode sflow sampling sflow sampling Interface Mode show sflow agent show sflow destination show sflow polling show sflow sampling ...

Page 1222: ...e 200 9116 bytes owner_string The identity string for the receiver the entity making use of this sFlowRcvrTable entry The default is an empty string The empty string indicates that the entry is currently unclaimed and the receiver configuration is reset to the default values An entity wishing to claim an sFlowRcvrTable entry must ensure that the entry is unclaimed before trying to claim it The ent...

Page 1223: ...r 1 timeout 2000 console config sflow 1 destination maxdatagram 500 console config sflow 1 destination 30 30 30 1 560 sflow polling Use the sflow polling command to enable a new sflow poller instance for this data source if rcvr_idx is valid Use the no form of this command to reset poller parameters to the defaults Syntax sflow rcvr index polling ethernet interfaces poll interval no sflow rcvr ind...

Page 1224: ...thernet 1 g1 1 g10 200 sflow polling Interface Mode Use the sflow polling command in Interface Mode to enable a new sflow poller instance for this data source if rcvr_idx is valid Use the no form of this command to reset poller parameters to the defaults Syntax sflow rcvr index polling poll interval no sflow polling rcvr index The sFlow Receiver associated with the poller Range 1 8 poll interval T...

Page 1225: ... sFlow Receiver for this sFlow sampler to which flow samples are to be sent If no receiver is configured then no packets will be sampled Only active receivers can be set If a receiver expires then all samplers associated with the receiver will also expire Range 1 8 interfaces The list of interfaces to poll sampling rate The statistical sampling rate for packet sampling from this source A sampling ...

Page 1226: ...e sFlow Receiver for this sFlow sampler to which flow samples are to be sent If no receiver is configured then no packets will be sampled Only active receivers can be set If a receiver expires then all samplers associated with the receiver will also expire Range 1 8 sampling rate The statistical sampling rate for packet sampling from this source A sampling rate of 1 counts all packets A rate of 0 ...

Page 1227: ...x show sflow agent Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The following fields are displayed sFlow Version Uniquely identifies the version and implementation of this MIB The version string must have the following structure MIB Version Organization Software Revision where MIB Version 1 3 the version of this MIB Organization ...

Page 1228: ...nfiguration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The following fields are displayed Receiver Index The sFlow Receiver associated with the sampler poller Owner String The identity string for receiver the entity making use of this sFlowRcvrTable entry Time Out The time in seconds remaining before the receiver is released and stops sending sample...

Page 1229: ...low Receiver associated with the poller Range 1 8 interfaces The list of interfaces to poll Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The following fields are displayed Poller Data Source The sFlowDataSource unit port for this sFlow sampler This agent will support Physical ports only Receiver Index The sFlowReceiver associated...

Page 1230: ...ver associated with the poller Range 1 8 interfaces The list of interfaces on which data is sampled Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The following fields are displayed Sampler Data Source The sFlowDataSource unit port for this sFlow sampler This agent will support Physical ports only Receiver Index The sFlowReceiver c...

Page 1231: ...le console show sflow 1 sampling Sampler Receiver Packet Max Header Data Source Index Sampling Rate Size 1 g1 1 0 128 Max Header Size The maximum number of bytes that should be copied from a sampled packet to form a flow sample ...

Page 1232: ...1232 Sflow Commands ...

Page 1233: ...oups show snmp users show snmp views show trapflags snmp server community snmp server community group snmp server contact snmp server enable traps snmp server enable traps authentication snmp server engineID local snmp server filter snmp server group snmp server host snmp server location snmp server user snmp server view snmp server v3 host ...

Page 1234: ...t configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the SNMP communications status Console show snmp Community String Community Access View name IP address public read only user view All private read write Default 172 16 1 1 private su DefaultSuper 172 17 1 1 Community String Group name IP address ...

Page 1235: ... 2 162 filt1 15 3 192 122 173 42 Inform public 2 162 filt2 15 3 Version 3 notifications Target Address Type Username Security UDP Filter TO Retries Level Port name Sec 192 122 173 42 Inform Bob Priv 162 filt31 15 3 System Contact Robert System Location Marketing show snmp engineID Use the show snmp engineID command in Privileged EXEC mode to display the ID of the local Simple Network Management Pr...

Page 1236: ...MP engine ID console show snmp engineID Local SNMP engineID 08009009020C0B099C075878 show snmp filters Use the show snmp filters command in Privileged EXEC mode to display the configuration of filters Syntax show snmp filters filtername filtername Specifies the name of the filter Range 1 30 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guide...

Page 1237: ...d user filter1 1 3 6 1 2 1 1 7 Excluded user filter2 1 3 6 1 2 1 2 2 1 1 Included console show snmp filters user filter1 Name OID Tree Type user filter1 1 3 6 1 2 1 1 Included user filter1 1 3 6 1 2 1 1 7 Excluded show snmp groups Use the show snmp groups command in Privileged EXEC mode to display the configuration of groups Syntax show snmp groups groupname groupname Specifies the name of the gro...

Page 1238: ...er guidelines Example The following examples display the configuration of views console show snmp groups Name Security Views Model Level Read Write Notify user group V3 Auth Priv Default managers group V3 NoAuth priv Default Default managers group V3 NoAuth priv Default console show snmp groups user group Name Security Views Model Level Read Write Notify ...

Page 1239: ...ption Name Name of the group Security Model SNMP model in use v1 v2 or v3 Security Level Authentication of a packet with encryption Applicable only to SNMP Version 3 security model Views Read A string that is the name of the view that enables you only to view the contents of the agent If unspecified all the objects except the community table and SNMPv3 user and access tables are available Write A ...

Page 1240: ...sers Name Group Name Auth Priv Meth Meth Remote Engine ID bob user group MD5 DES 800002a20300fce3900106 john user group SHA DES 800002a20300fce3900106 Console show snmp users bob Name Group Name Auth Priv Meth Meth Remote Engine ID bob user group MD5 DES 800002a20300fce3900106 show snmp views Use the show snmp views command in Privileged EXEC mode to display the configuration of views ...

Page 1241: ...This command has no user guidelines Example The following examples display the configuration of views with and without a view name specified console show snmp views Name OID Tree Type user view1 1 3 6 1 2 1 1 Included user view1 1 3 6 1 2 1 1 7 Excluded user view2 1 3 6 1 2 1 2 2 1 1 Included console show snmp views user view1 Name OID Tree Type user view1 1 3 6 1 2 1 1 Included user view1 1 3 6 1...

Page 1242: ...ameter to show detailed OSPF trap status information Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show trapflags Authentication Flag Enable Link Up Down Flag Enable Multiple Users Flag Enable Spanning Tree Flag Enable ACL Traps Disable ...

Page 1243: ...aps Disable console show trapflags ospf OSPF Traps errors all Disabled authentication failure Enabled bad packet Enabled config error Enabled virt authentication failure Disabled virt bad packet Disabled virt config error Disabled if rx if rx packet Disabled lsa lsa maxage Disabled lsa originate Disabled ...

Page 1244: ... command in Global Configuration mode to set up the community access string to permit access to the SNMP protocol To remove the specified community string use the no form of this command This Command places the user in SNMP Community Configuration mode Syntax snmp server community community string ro rw su ipaddress ipaddress view viewname no snmp server community community string community string...

Page 1245: ...me to restrict the access rights of a community string When it is specified An internal security name is generated The internal security name for SNMPv1 and SNMPv2 security models is mapped to an internal group name The internal group name for SNMPv1 and SNMPv2 security models is mapped to a view name If ro is specified then read view and notify view are mapped If rw is specified then read view no...

Page 1246: ...of a previously defined group The group defines the objects available to the community Range 1 30 characters ip address Management station IP address Default is all IP addresses Default Configuration No community group is defined Command Mode Global Configuration mode User Guidelines The group name parameter can be used to restrict the access rights of a community string When it is specified the s...

Page 1247: ...ault Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example displays setting up the system contact point as Dell_Technical_Support console config snmp server contact Dell_Technical_Support snmp server enable traps Use the snmp server enable traps command to enable SNMP traps gl...

Page 1248: ... state change all if state change neighbor state change virtif state change virtneighbor state change ospfv3type all errors all bad packet config error virt bad packet virt config error lsa all lsa maxage lsa originate overflow all lsdb overflow lsdb approaching overflow retransmit all packets virt packets state change all if state change neighbor state change virtif state change virtneighbor stat...

Page 1249: ...ple users Enable Disable sending traps when multiple logins active ospf Enable Disable OSPF Traps ospfv3 Enable Disable OSPF Traps pim pim spanning tree Enable Disable sending Spanning Tree traps snmp server enable traps authentication Use the snmp server enable traps authentication command in Global Configuration mode to enable the switch to send Simple Network Management Protocol traps when auth...

Page 1250: ...y the Simple Network Management Protocol SNMP engine ID on the local device To remove the configured engine ID use the no form of this command Syntax snmp server engineID local engineid string default no snmp server engineID local engineid string The character string that identifies the engine ID The engine ID is a concatenated hexadecimal string Each byte in hexadecimal character strings is two h...

Page 1251: ...value of snmpEngineID has important side effects A user s password entered on the command line is converted to an MD5 or SHA security digest This digest is based on both the password and the local engine ID The command line password is then destroyed as required by RFC 2274 Because of this deletion if the local value of engineID changes the security digests of SNMPv3 users will be invalid and the ...

Page 1252: ... Indicates that the filter type is included excluded Indicates that the filter type is excluded Default Configuration No filter entry exists Command Mode Global Configuration mode User Guidelines This command can be entered multiple times for the same filter record Later lines take precedence when an object identifier is included in two or more lines Examples The following example creates a filter...

Page 1253: ... security model noauth Indicates no authentication of a packet Applicable only to the SNMP Version 3 security model auth Indicates authentication of a packet without encrypting it Applicable only to the SNMP Version 3 security model priv Indicates authentication of a packet with encryption Applicable only to the SNMP Version 3 security model contextname Provides different views of the system and p...

Page 1254: ...his command points to first view name in the table Example The following example attaches a group called user group to SNMPv3 and assigns to the group the privacy security level and read access rights to a view called user view console config snmp server group user group v3 priv read user view snmp server host Use the snmp server host command in Global Configuration mode to specify the recipient o...

Page 1255: ...n Range 1 20 characters traps Indicates that SNMP traps are sent to this host v1 Indicates that SNMPv1 traps will be used v2 Indicates that SNMPv2 traps will be used informs Indicates that SNMPv2 informs are sent to this host seconds Number of seconds to wait for an acknowledgment before resending informs The default is 15 seconds Range 1 300 characters retries Maximum number of times to resend an...

Page 1256: ...ver location command in Global Configuration mode to set the system location string To remove the location string use the no form of this command Syntax snmp server location text no snmp server location text Character string describing the system location Range 1 to 255 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines...

Page 1257: ...neid string Specifies the engine ID of the remote SNMP entity to which the user belongs The engine ID is a concatenated hexadecimal string Each byte in the hexadecimal character string is two hexadecimal digits The remote engine id designates the remote management station and should be defined to enable the device to receive acknowledgements to informs Range 5 32 characters auth md5 The HMAC MD5 9...

Page 1258: ...Mode Global Configuration mode User Guidelines If the SNMP local engine ID is changed configured users will no longer be able to connect and will need to be reconfigured Example The following example configures an SNMPv3 user John in group user group console config snmp server user John user group snmp server view Use the snmp server view command in Global Configuration mode to create or update a ...

Page 1259: ...y for example 1 3 4 included Indicates that the view type is included excluded Indicates that the view type is excluded Default Configuration A view entry does not exist Command Mode Global Configuration mode User Guidelines This command can be entered multiple times for the same view record Examples The following example creates a view that includes all objects in the MIB II system group except f...

Page 1260: ...to this host informs Indicates that SNMPv2 informs are sent to this host noauth Specifies sending of a packet without authentication auth Specifies authentication of a packet without encrypting it priv Specifies authentication and encryption of a packet seconds Number of seconds to wait for an acknowledgment before resending informs This is not allowed for hosts configured to send traps The defaul...

Page 1261: ...ommands 1261 Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example identifies an SNMPv3 host console config snmp server v3 host 192 168 0 20 ...

Page 1262: ...1262 SNMP Commands ...

Page 1263: ...er explains the following commands crypto key generate dsa crypto key generate rsa crypto key pubkey chain ssh ip ssh port ip ssh pubkey auth ip ssh server key string show crypto key mypubkey show crypto key pubkey chain ssh show ip ssh user key ...

Page 1264: ...SA key If your switch already has DSA keys when you issue this command you are warned and prompted to replace the existing keys The keys are not saved in the switch configuration they are saved in the file system and the private key is never displayed to the user DSA keys along with other switch credentials are distributed to all units in a stack on a configuration save Example The following examp...

Page 1265: ...splayed to the user RSA keys along with other switch credentials are distributed to all units in a stack on a configuration save Example The following example generates RSA key pairs console config crypto key generate rsa crypto key pubkey chain ssh Use the crypto key pubkey chain ssh command in Global Configuration mode to enter public key configuration mode in order to manually specify public ke...

Page 1266: ...ub8gDjTSqMuSn Wd05iDX2IExQWu08licglk02LYciz Z 4TrEU 9FJxwPiVQOjc KBXuR0juNg5nFYsY0ZCk0N W9a tnkm1sh RE7Di71 w3fNiOA6w9o44t6 AINEICBCCA4YcF6zMzaT1wefWwX6f Rmt5nhhqdAtN 4oJfce166DqVX1gWmNzNR4DYDvSzg0lDnwCAC8Q h console config pubkey key exit ip ssh port Use the ip ssh port command in Global Configuration mode to specify the TCP port to be used by the SSH server To use the default port use the no for...

Page 1267: ...ation mode to enable public key authentication for incoming SSH sessions To disable this function use the no form of this command Syntax ip ssh pubkey auth no ip ssh pubkey auth Default Configuration The function is disabled Command Mode Global Configuration mode User Guidelines AAA authentication is independent from this configuration Example The following example enables public key authenticatio...

Page 1268: ... mode User Guidelines To generate SSH server keys use the commands crypto key generate rsa and crypto key generate dsa Example The following example enables the switch to be configured using SSH console config ip ssh server key string Use the key string SSH Public Key Configuration mode to specify an SSH public key manually Syntax key string key string key string row key string row To specify the ...

Page 1269: ...ring for a user called bob console config crypto key pubkey chain ssh console config pubkey chain user key bob rsa console config pubkey key key string AAAAB3NzaC1yc2EAAAADAQABAAABAQCvTnRwPWl Al4kpqIw9GBRonZQZxjHKcqKL6rMlQ ZNXfZSkvHG QusIZ 76ILmFT34v7u7ChFAE Vu4GRfpSwoQUvV35LqJJk67IOU zfwOl1g kTwml75QR9gHujS6KwGN2QWXgh3ub8gDjTSq muSn Wd05iDX2IExQWu08licglk02LYciz Z4TrEU 9FJxwPiVQOjc KBXuR0juNg5nFY...

Page 1270: ...nd in Privileged EXEC mode to display the SSH public keys of the switch Syntax show crypto key mypubkey rsa dsa rsa RSA key dsa DSA key Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the SSH public keys on the switch console show crypto key mypubkey rsa rsa ...

Page 1271: ... fc Fingerprint bubbleBabble xodob liboh heret tiver dyrib godac pynah muzyt mofim bihog cuxyx show crypto key pubkey chain ssh Use the show crypto key pubkey chain ssh command in Privileged EXEC mode to display SSH public keys stored on the switch Syntax show crypto key pubkey chain ssh username username fingerprint bubble babble hex username Specifies the remote SSH client username Range 1 48 ch...

Page 1272: ... C5 98 59 F 1 86 john 98 F7 6E 28 F2 79 87 C8 18 F8 88 CC F8 89 8 7 C8 The following example displays the SSH public called dana console show crypto key pubkey chain ssh username dana Username dana rsa key data ssh rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAywqRKTRnexccxVUVTeMl Gkh imyUDhcTkgEfssLPMsgoXlTwzCE5 97UIIsSRKQQWR pBNl45tCYd 75LUofV 4LP6Lj1Q5Q0w5lBgiqC2MZ iBHGSsHMAE0lpYtelZprDu4uiZHMuW ezmdQp9 a1PU...

Page 1273: ...guration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the SSH server configuration console show ip ssh SSH server enabled Port 22 RSA key was generated DSA key was generated SSH Public Key Authentication is enabled Active incoming sessions IP Address User Name Idle Time SessionTime 10 240 1 122 John 00 00 00 00 00 08 ...

Page 1274: ... Specifies the remote SSH client username Range 1 48 characters rsa RSA key dsa DSA key Default Configuration By default there are no keys Command Mode SSH Public Key Chain Configuration mode User Guidelines This command has no user guidelines Example The following example enables a SSH public key to be manually configured for the SSH public key chain called bob console config crypto key pubkey ch...

Page 1275: ...is chapter explains the following commands clear logging clear logging file description level logging logging buffered logging console logging facility logging file logging on logging snmp logging web session port show logging show logging file ...

Page 1276: ...Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example clears messages from the internal syslog message logging buffer console clear logging Clear logging buffer y n clear logging file Use the clear logging file command in Privileged EXEC mode to clear messages from the logging file Syntax clear logging file Default Configuration There is no def...

Page 1277: ...gging mode to describe the syslog server Syntax description description description Sets the description of the syslog server Range 1 64 characters Default Configuration This command has no default value Command Mode Logging mode User Guidelines After entering the view corresponding to a specific syslog server the command can be executed to set the description of the server Example The following e...

Page 1278: ...Default Configuration The default value for level is info Command Mode Logging mode User Guidelines After entering the view corresponding to a specific syslog server the command can be executed to set the importance level for syslog messages Example The following example sets the syslog message importance level to alert console config logging level alert logging cli command Use the logging cli com...

Page 1279: ...5 20 27 192 168 2 1 1 UNKN 248900192 cmd_logger_api c 87 2114 CLI EIA 232 ex 189 JAN 13 05 20 28 192 168 2 1 1 UNKN 248900192 cmd_logger_api c 87 2115 CLI EIA 232 189 JAN 13 05 20 39 192 168 2 1 1 UNKN 248900192 cmd_logger_api c 87 2116 CLI EIA 232 show logging file logging Use the logging command in Global Configuration mode to log messages to a syslog server To delete the syslog server with the ...

Page 1280: ...ollowing example places the designated server in logging configuration mode console config logging 192 168 15 1 logging buffered Use the logging buffered command in Global Configuration mode to limit syslog messages displayed from an internal buffer based on severity To cancel the buffer use use the no form of this command Syntax logging buffered level no logging buffered level Limits the message ...

Page 1281: ...ogging console Use the logging console command in Global Configuration mode to limit messages logged to the console based on severity To disable logging to the console terminal use the no form of this command Syntax logging console level no logging console level Limits the logging of messages displayed on the console to a specified level Range emergency alert critical error warning notice info deb...

Page 1282: ...ogging facility facility The facility that will be indicated in the message Range local0 local1 local2 local3 local4 local5 local 6 local7 Default Configuration The default value is local7 Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example sets the logging facility as local3 console config logging facility local3 logging file Us...

Page 1283: ...xample The following example limits syslog messages sent to the logging file based on the severity level warning console config logging file warning logging on Use the logging on command in Global Configuration mode to control error messages logging This command sends debug or error messages to a logging process which logs messages to designated locations asynchronously to the process that generat...

Page 1284: ...commands However if the logging on command is disabled no messages are sent to these destinations Only the console receives messages Example The following example shows how logging is enabled console config logging on logging snmp Use the logging snmp command in Global Configuration mode to enable SNMP Set command logging To disable use the no form of this command Syntax logging snmp no logging sn...

Page 1285: ...es To see web session logs use the show logging command Example console config logging web session 133 MAR 24 07 46 07 10 131 7 165 2 UNKN 83102768 cmd_logger_api c 140 764 WEB 10 131 7 67 UNKNOWN EwaSessionLookup session 0 created 133 MAR 24 07 46 07 10 131 7 165 2 UNKN 83102768 cmd_logger_api c 140 765 WEB 10 131 7 67 admin User admin logged in port Use the port command in Logging mode to specif...

Page 1286: ...executed to set the port number for the server Example The following example sets the syslog message port to 300 console config logging port 300 show logging Use the show logging command in Privileged EXEC mode to display the state of logging and the syslog messages stored in the internal buffer Syntax show logging Default Configuration This command has no default configuration Command Mode Privil...

Page 1287: ...le show logging Console logging level warning Console Messages 2100 Dropped Buffer Logging level info Buffer Messages 2100 Logged 200 Max File Logging level notActive File Messages 0 Dropped CLI Command Logging disabled Web Session Logging disabled SNMP Set Command Logging disabled 366 Messages were not logged Buffer Log 189 JAN 10 10 44 49 192 168 2 1 1 TRAPMGR 232224784 traputil c 910 1901 Spann...

Page 1288: ...te to up 11 Aug 2005 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet g1 changed state to down 11 Aug 2005 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet g1 changed state to down 11 Aug 2005 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet g2 changed state to down 11 Aug 2005 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet 1 3 changed ...

Page 1289: ...JAN 01 00 00 05 0 0 0 0 1 UNKN 268434928 bootos c 382 3 Event 0xaaaaaaaa show syslog servers Use the show syslog servers command in Privileged EXEC mode to display the syslog servers settings Syntax show syslog servers Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example d...

Page 1290: ...1290 Syslog Commands IP address Port Severity Facility Descrip tion 192 180 2 275 14 Info local7 7 192 180 2 285 14 Warning local7 7 ...

Page 1291: ...wledge clear checkpoint statistics cut through mode hostname initiate failover member movemanagement no standby nsf ping reload set description show boot version show checkpoint statistics show cut through mode show memory cpu show nsf show process cpu show sessions show stack port show stack port counters show stack port diag show stack standby ...

Page 1292: ...ystem Management Commands show supported switchtype show switch show system show system id show tech support show users show version stack stack port standby switch priority switch renumber telnet traceroute ...

Page 1293: ... Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example specifies the switch asset tag as 1qwepot Because the unit parameter is not specified the command defaults to the master switch number console config asset tag 1qwepot banner motd Use the banner motd command to control enable or disable the display of message of the day banners...

Page 1294: ...he following displays IMPORTANT There is a power shutdown at 23 00hrs today duration 1 hr 30 minutes banner motd acknowledge The banner displayed on the console must be acknowledged if banner motd acknowledge is executed Enter y or n to continue to the login prompt If n is entered the session is terminated and no further communication is allowed on that session However serial connection will not g...

Page 1295: ...cknowledge When the MOTD banner is executed the following displays IMPORTANT There is a power shutdown at 23 00hrs today duration 1 hr 30 minutes Press y to continue If y is entered the following displays console If n is entered the session will get disconnected unless it is a serial connection clear checkpoint statistics Use the clear checkpoint statistics command to clear the statistics for the ...

Page 1296: ...ckpoint statistics track the amount of data checkpointed from the management unit to the backup unit Example console clear checkpoint statistics cut through mode Use the cut through mode command to enable the cut through mode on the switch The mode takes effect on all ports on next reload of the switch To disable the cut through mode on the switch use the no form of this command Syntax cut through...

Page 1297: ...rm of the command Syntax hostname name no hostname name The name of the host Range 1 255 characters Default Configuration Host name not configured Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example specifies the switch host name console config hostname Dell initiate failover To manually force a failover from the management unit ...

Page 1298: ...ck do not support nonstop forwarding the command fails with a warning message The movemanagement command also transfers control from the current management unit however the hardware is cleared and all units reinitialize Example console config stack initiate failover cr Press enter to execute the command console config stack initiate failover Management unit will be reloaded Are you sure you want t...

Page 1299: ...tack Global Configuration User Guidelines The switch index can be obtained by executing the show supported switchtype command in User Exec mode Example The following example displays how to add to stack switch number 2 with index 1 console config stack console config stack member 2 1 movemanagement Use the movemanagement command in Stack Global Configuration mode to move the Management Switch func...

Page 1300: ...stack move execute the copy configuration command before performing the stack move A stack move causes all routes and layer 2 addresses to be lost This command is executed on the Management Switch The administrator is prompted to confirm the management move Example The following example displays how to move the Management Switch functionality from switch 1 to switch 8 console config stack console ...

Page 1301: ...Management Commands 1301 Command Mode Stack Global Configuration User Guidelines No specific guidelines Example console config stack console config stack no standby Fastpath will automatically select a standby ...

Page 1302: ...s to continue to forward packets while the control and management planes restart as a result of a power failure hardware failure or software fault on the stack management unit Example console config nsf ping Use the ping command in User EXEC mode to check the accessibility of the desired node on the network Syntax ping ip ipv6 ipaddress hostname repeat count timeout interval size size ipaddress IP...

Page 1303: ...elines There are no user guidelines for this command Examples The following example displays a ping to IP address 10 1 1 1 console ping 10 1 1 1 Pinging 10 1 1 1 with 64 bytes of data 64 bytes from 10 1 1 1 icmp_seq 0 time 11 ms 64 bytes from 10 1 1 1 icmp_seq 1 time 8 ms 64 bytes from 10 1 1 1 icmp_seq 2 time 8 ms 64 bytes from 10 1 1 1 icmp_seq 3 time 7 ms 10 1 1 1 PING Statistics 4 packets tran...

Page 1304: ...ms 10 1 1 1 PING Statistics 4 packets transmitted 4 packets received 0 packet loss round trip ms min avg max 7 8 11 reload Use the reload command in Privileged EXEC mode to reload stack members Syntax reload unit unit Unit number to be reloaded Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines If no unit is specified all units are rel...

Page 1305: ...ration mode to associate a text description with a switch in the stack Syntax set description unit description unit The switch identifier Range 1 12 description The text description Range 1 80 alphanumeric characters Default Configuration This command has no default configuration Command Mode Stack Global Configuration mode User Guidelines This command has no user guidelines Example The following ...

Page 1306: ... 12 Default Configuration This command has no default configuration Command Mode User EXEC or Privileged EXEC User Guidelines No specific guidelines Example console show boot version unit Boot Image Version 1 Thu Aug 30 12 01 04 2007 show checkpoint statistics Use the show checkpoint statistics command to display the statistics for the checkpointing process Syntax show checkpoint statistics Defaul...

Page 1307: ...itializing its state Checkpoint statistics track the amount of data checkpointed from the management unit to the backup unit Example console show checkpoint statistics Messages Checkpointed 6708 Bytes Checkpointed 894305 Time Since Counters Cleared 3d 01 05 09 Checkpoint Message Rate 0 025 msg sec Last 10 second Message Rate 0 msg sec Highest 10 second Message Rate 8 msg sec show cut through mode ...

Page 1308: ... Current mode Enable Configured mode Disable This mode is effective on next reload show memory cpu Use the show memory cpu command to check the total and available RAM space on the switch Syntax show memory cpu Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines No specific guidelines Example console show memory cpu ...

Page 1309: ...g Syntax show nsf Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show nsf Administrative Status Enable Operational Status Enable Last Startup Reason Warm Auto Restart Time Since Last Restart 0 days 16 hrs 52 mins 55 secs Restart In Progress No ...

Page 1310: ...2 secs Time Until Next Copy 28 seconds Unit NSF Support 1 Yes 2 Yes 3 Yes show process cpu Use the show process cpu command to check the CPU utilization for each process currently running on the switch Syntax show process cpu Command Mode Privileged EXEC Default Configuration This command has no default configuration User Guidelines No specific guidelines ...

Page 1311: ...port status bytes free 64022608 alloc 151568112 CPU Utilization PID Name 5 Sec 1 Min 5 Min 328bb20 tTffsPTask 0 00 0 00 0 02 3291820 tNetTask 0 00 0 00 0 01 3295410 tXbdService 0 00 0 00 0 03 347dcd0 ipnetd 0 00 0 00 0 01 348a440 osapiTimer 1 20 1 43 1 21 358ee70 bcmL2X 0 0 40 0 30 0 12 ...

Page 1312: ...dbf0 bcmLINK 0 0 00 0 14 0 46 4884e70 tL7Timer0 0 00 0 06 0 02 48a1250 osapiMonTask 0 00 0 32 0 17 4969790 BootP 0 00 0 00 0 01 4d71610 dtlTask 0 00 0 06 0 05 4ed00e0 hapiRxTask 0 00 0 06 0 03 562e810 DHCP snoop 0 00 0 00 0 06 58e9bc0 Dynamic ARP Inspection 0 00 0 06 0 03 62038a0 dot1s_timer_task 0 00 0 00 0 03 687f360 dot1xTimerTask 0 00 0 06 0 07 6e23370 radius_task 0 00 0 00 0 01 ...

Page 1313: ... 0 00 0 01 b1516d0 dnsRxTask 0 00 0 00 0 01 b194d60 tCptvPrtl 0 00 0 06 0 03 b585770 isdpTask 0 00 0 00 0 02 bda6210 RMONTask 0 00 0 11 0 11 bdb24b0 boxs Req 0 00 0 13 0 10 c2d6db0 sshd 0 00 0 00 0 01 More or q uit Total CPU Utilization 2 40 3 62 3 45 show sessions Use the show sessions command in Privileged EXEC mode to display a list of the open telnet sessions to remote hosts ...

Page 1314: ...mple displays a list of open telnet sessions to remote hosts console show sessions Connection Host Address Port 1 Remote switch 172 16 1 1 23 2 172 16 1 2 172 16 1 2 23 The following table describes the significant fields shown in the display Field Description Connection Connection number Host Remote host to which the switch is connected through a Telnet session Address IP address of the remote ho...

Page 1315: ...default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays information about the summary stack port console show stack port Configured Running Stack Stack Link Link Unit Interface Mode Mode Status Speed Gb s 1 xg1 Stack Stack Link Down 12 1 xg2 Stack Stack Link Down 12 1 xg3 Ethernet Ethernet Link Down 10 1 xg4...

Page 1316: ...s Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays information about the summary stack port counters console show stack port counters TX RX Field Description Interface Unit Port Configured Stack Mode Stack or Ethernet Running Stack Mode Stack of Ethernet Link ...

Page 1317: ...cribes the fields in the example Field Description Unit Unit Interface Port Tx Data Rate Transmit data rate in megabits per second on the stacking port Tx Error Rate Platform specific number of transmit errors per second Rx Data Rate Receive data rate in megabits per second on the stacking port Rx Error Rate Platform specific number of receive errors per second Rx Total Errors Platform specific nu...

Page 1318: ...iagnostics for each port Syntax show stack port diag Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays information about the front panel stacking diagnostics console show stack port diag 1 xg1 RBYT 0 RPKT 0 TBYT e38b50 TPKT d1ba RFCS 0 RFRG 0 RJBR 0 RUND 0 ROVR...

Page 1319: ... Received Jabber Errors RUND Received Underrun Errors ROVR Received Overrun Errors TFCS Transmit Frame Check Sequence Errors TERR Transmit Errors 1 xg1 RBYT 148174422 RPKT 528389 TBYT 679827058 TPKT 2977561 RFCS 0 RFRG 0 RJBR 0 RUND 0 ROVR 0 TFCS 0 TERR 0 1 xg2 RBYT 0 RPKT 0 TBYT 419413311 TPKT 620443 RFCS 0 RFRG 0 RJBR 0 RUND 0 ROVR 0 TFCS 0 TERR 0 The following table describes the fields in the ...

Page 1320: ...lt configuration Command Mode Privileged EXEC or User EXEC User Guidelines No specific guidelines Example console show stack standby standby unit 3 show supported switchtype Use the show supported switchtype command in User EXEC mode to display information about all supported switch types Field Description Interface Port Diagnostic Entry 1 80 character string used for diagnostics Diagnostic Entry ...

Page 1321: ...ex is a 32 bit integer Range 0 65535 Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays the information for supported switch types console show supported switchtype Mgmt Cod e SID Switch Model ID Pref Type 1 0x100b000 2 PCT6248 1 0x100b000 The following table describe...

Page 1322: ...ion Switch Index SID This field displays the index into the database of supported switch types This index is used when preconfiguring a member to be added to the stack Model Identifier This field displays the model identifier for the supported switch type Management Preference This field indicates the management preference value of the switch type Code Version This field displays the code load tar...

Page 1323: ...ion This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays stack status information for the switch console show switch 1 Switch 1 Management Status Management Switch Admin Management Preference 4 Switch Type 0x73950001 Preconfigured Model Identifier PCM8024 Plugged in Model Identifier PCM8024 ...

Page 1324: ... Management Preference This field indicates the administrative management preference value assigned to the switch This preference value indicates how likely the switch is to be chosen as the Management Switch Switch Type This field displays the 32 bit numeric switch type Model Identifier This field displays the model identifier for this switch Model Identifier is a 32 character field assigned by t...

Page 1325: ...ation the code version is None Detected Code in Flash This field displays the version of code that is currently stored in FLASH memory on the switch This code will execute after the switch is reset If the switch is not present and the data is from pre configuration then the code version is None Boot Code Version This field displays the version of the boot strapping code Up Time This field displays...

Page 1326: ...l Identifier This field displays the model identifier of the switch in the stack Model Identifier is a 32 character field assigned by the switch manufacturer to identify the switch Switch Status This field indicates the switch status Possible values for this state are OK Unsupported CodeMismatch ConfigMismatch or NotPresent Code Version This field indicates the detected version of code on this swi...

Page 1327: ...ager to the backup manager and was unable to maintain user data traffic This is usually caused by multiple failures occurring close together Power On Administrative Move Warm Auto Restart Cold Auto Restart None Time Since Last Restart Time since the current management card became the active management card For the backup manager the value is set to 0d 00 00 00 Time Stamp 0d 00 00 00 Restart in pro...

Page 1328: ...Unit Status Stale Time Since Last Copy 0 days 4 hrs 53 mins 22 secs Time Until Next Copy 28 seconds Time Since Last Copy When the running configuration was last copied from the management unit to the backup unit Time Stamp Time Until Next Copy The number of seconds until the running configuration will be copied to the backup unit This line only appears when the running configuration on the backup ...

Page 1329: ...d to display system information Syntax show system unit unit The unit number Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays system information console show system Parameter Description Range Default NSF Support Whether a unit supports NSF Yes or No ...

Page 1330: ...ontact System Name System Location Burned In MAC Address 00FF F2A3 8888 System Object ID 1 3 6 1 4 1 674 10895 3011 System Model ID PCT6248 Machine Type Dell 48 Port Gigabit Ethernet Temperature Sensors Unit Temperature Celsius Status 1 25 OK Fans Unit Description Status 1 Fan 1 OK 1 Fan 2 OK 1 Fan 3 OK 1 Fan 4 OK ...

Page 1331: ...stem identity information Syntax show system id unit unit The unit number Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines The tag information is on a switch by switch basis Example The following example displays the system service tag information console show system id Service Tag 89788978 Serial number 8936589782 Asset tag 7843678957 ...

Page 1332: ...on information for use in debugging or contacting technical support The output of the show tech support command combines the output of the following commands show version show sysinfo show port all show isdp neighbors show logging show event log show logging buffered show running config show debugging Syntax show tech support Parameter Ranges Not applicable Command Mode Privileged EXEC mode Usage ...

Page 1333: ...sion Switch 2 System Description Powerconnect 6248P 1 23 0 33 VxWorks 6 5 Machine Type Powerconnect 6248P Machine Model PCT6248P Serial Number CN0PK4632829881C0067 FRU Number 1 Part Number BCM56314 Maintenance Level A Manufacturer 0xbc00 Burned In MAC Address 00 1E 4F 04 5D F4 Software Version 1 23 0 33 ...

Page 1334: ...PATH Multicast FASTPATH Stacking FASTPATH Routing Show SysInfo System Location System Contact System Object ID 1 3 6 1 4 1 674 10895 3013 System Up Time 0 days 0 hrs 11 mins 47 secs 10 100 Ethernet 802 3 interface s 4 Gig Ethernet 802 3 interface s 1 10Gig Ethernet 802 3 interface s 0 Virtual Ethernet 802 3 interface s 0 MIBs Supported ...

Page 1335: ...n about the active users Syntax show users long Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays a list of active users and the information about them console show users Username Protocol Location Bob Serial John SSH 172 16 0 1 Robert HTTP 172 16 0 8 Betty Tel...

Page 1336: ...figuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays a system version this version number is only for demonstration purposes console show version Image Descriptions image1 default image image2 Images currently available on Flash unit image1 image2 current active next active ...

Page 1337: ...tion mode User Guidelines This command has no user guidelines Example The following example sets the mode to Stack Global Config console config stack console config stack stack port Use the stack port command in Stack Configuration mode to configure Stack ports as either Stacking ports or as Ethernet ports This command is used to configure CX 4 ports to be either stacking or Ethernet ports By defa...

Page 1338: ... forced to Ethernet mode upon reboot Example console config stack stack port 1 xg3 ethernet console config stack standby Use the standby command to configure the standby in the stack This unit comes up as the master when the stack failover occurs Use the no form of this command to reset to default in which case FASTPATH automatically selects a standby from the existing stack units if there no prec...

Page 1339: ...ive Management Switch fails Syntax switch unit priority value unit The switch identifier Range 1 12 value The priority of one backup switch over another Range 0 12 Default Configuration The switch priority defaults to the hardware management preference value of 1 Command Mode Global Configuration mode User Guidelines Switches that do not have the hardware capability to become the Management Switch...

Page 1340: ...switch if any is available The old switch configuration information is retained however the old switch will be operationally unplugged Syntax switch oldunit renumber newunit oldunit The current switch identifier Range 1 12 newunit The updated value of the switch identifier Range 1 12 Command Mode Global Configuration mode User Guidelines This command is executed on the Management Switch Example Th...

Page 1341: ...t Table on page 1342 keyword One or more keywords from the keywords table in the user guidelines see Keywords Table on page 1341 Default Configuration port Telnet port decimal 23 on the host Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console telnet 1 1 1 1 Keywords Table Options Description debug Enable telnet debugging mode line Enable telnet lin...

Page 1342: ...le Transfer Protocol 21 ftp data FTP data connections 20 gopher Gopher 70 hostname NIC hostname server 101 ident Ident Protocol 113 irc Internet Relay Chat 194 klogin Kerberos login 543 kshell Kerberos shell 544 login Login 513 lpd Printer service 515 nntp Network News Transport Protocol 119 pim auto rp PIM Auto RP 496 pop2 Post Office Protocol v2 109 pop3 Post Office Protocol v3 110 smtp Simple M...

Page 1343: ...ceroute ipaddress hostname command sets the parameters to their default values You can enter traceroute to without specifying the IP address and hostname and specify values for the traceroute parameters Syntax traceroute ip ipv6 ipaddress hostname initTtl initTtl maxTtl maxTtl maxFail maxFail interval interval count count port port size size ipaddress Valid IP address of the destination host hostn...

Page 1344: ...route does receive a response to a probe then it sends the next probe immediately Range 1 60 seconds count The number of probes to be sent at each TTL level Range 1 10 port The destination UDP port of the probe This should be an unused port on the remote destination system Range 1 65535 size The size in bytes of the payload of the Echo Requests sent Range 0 65507 bytes Default Configuration The de...

Page 1345: ... command parameters and displays the routes that packets actually take when traveling to their destination console traceroute traceroute Enter the ip address hostname 192 168 77 171 traceroute Packet size default 40 bytes 30 traceroute Max ttl value default 20 10 traceroute Number of probes to send at each level default 3 traceroute Timeout default 3 seconds 6 traceroute Source ip address default ...

Page 1346: ...1346 System Management Commands 4 5 ...

Page 1347: ...Telnet Server Commands 1347 69 Telnet Server Commands This chapter explains the following commands ip telnet server disable ip telnet port show ip telnet ...

Page 1348: ...licable Command Mode Global Configuration Usage Guidelines No specific guidelines Default Value This feature is enabled by default Example console configure console config ip telnet server disable console config no ip telnet server disable ip telnet port The ip telnet port command is used to configure the Telnet service port number on the switch Syntax ip telnet port port number port number Telnet...

Page 1349: ...xample console config ip telnet port 45 console config no ip telnet port show ip telnet The show ip telnet command displays the status of the Telnet server and the Telnet service port number Syntax show ip telnet Default Configuration This command has no default configuration Command Mode Privileged EXEC Example console show ip telnet Telnet Server is Enabled Port 23 ...

Page 1350: ...1350 Telnet Server Commands ...

Page 1351: ...User Interface Commands 1351 70 User Interface Commands This chapter explains the following commands enable end exit quit ...

Page 1352: ... Guidelines If there is no authentication method defined for enable then a level 1 user is not allowed to execute this command Example The following example shows how to enter privileged mode console enable console end Use the end command to get the CLI user control back to the privileged execution mode or user execution mode Syntax Description end Default Configuration This command has no default...

Page 1353: ... next lower command prompt Syntax exit Default Configuration This command has no default configuration Command Mode All command modes except User EXEC User Guidelines There are no user guidelines for this command Example The following example changes the configuration mode from Interface Configuration mode to User EXEC mode console config if 1 g1 exit console config exit console exit ...

Page 1354: ...ive terminal session by logging off the switch Syntax quit Default Configuration This command has no default configuration Command Mode User EXEC command mode User Guidelines There are no user guidelines for this command Example The following example closes an active terminal session console quit ...

Page 1355: ...mmon name country crypto certificate generate crypto certificate import crypto certificate request duration ip http port ip http server ip https certificate ip https port ip https server key generate location organization unit show crypto certificate mycertificate show ip http show ip https state ...

Page 1356: ...te is generated Range 1 64 Default Configuration This command has no default configuration Command Mode Crypto Certification mode User Guidelines This command mode is entered using the crypto certificate request or crypto certificate generate command Example The following example displays how to specify the name of router gm com console config crypto cert common name router gm com country Use the ...

Page 1357: ...d Example The following example displays how to specify the country as us console config crypto cert country us crypto certificate generate Use the crypto certificate generate command in Global Configuration mode to generate a self signed HTTPS certificate Syntax crypto certificate number generate number Specifies the certificate number Range 1 2 generate Regenerates the SSL RSA key Default Config...

Page 1358: ...t crypto certificate import Use the crypto certificate import command in Global Configuration mode to import a certificate signed by the Certification Authority for HTTPS Syntax crypto certificate number import number Specifies the certificate number Range 1 2 Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Use this command to ...

Page 1359: ...crypto certificate 1 import BEGIN CERTIFICATE dHmUgUm9vdCBDZXJ0aWZpZXIwXDANBgkqhkiG9w0BAQEFAANLADBI AkEAp4HS nnH xQSGA2ffkRBwU2XIxb7n8VPsTm1xyJ1t11a1GaqchfMqqe0km fhcoHSWr yf1FpD0MWOTgDAwIDAQABo4IBojCCAZ4wEwYJKwYBBAGCNxQCBAYe BABDAEEw CwR0PBAQDAgFGMA8GA1UdEwEB wQFMAMBAf8wHQYDVR0OBBYEFAf4 MT9BRD47 ZvKBAEL9Ggp 6MIIBNgYDVR0fBIIBLTCCASkwgdKggc ggcyGgcls ZGFwOi8v L0VByb3h5JTIwU29mdHdhcmUlMjBSb290JTIwQ2...

Page 1360: ...Authority The certificate request is generated in Base64 encoded X 509 format Before generating a certificate request you must first generate a self signed certificate using the crypto certificate generate command in Global Configuration mode in order to generate the keys Make sure to re enter values in the certificate fields After receiving the certificate from the Certification Authority use the...

Page 1361: ...ys Command Mode Crypto Certificate Generation mode User Guidelines This command mode is entered using the crypto certificate generate command Example The following example displays how specify a duration of 50 days that a certification is valid console config crypto cert duration 50 ip http port Use the ip http port command in Global Configuration mode to specify the TCP port for use by a web brow...

Page 1362: ...the switch Example The following example shows how the http port number is configured to 100 console config ip http port 100 ip http server Use the ip http server command in Global Configuration mode to enable the switch to be configured monitored or modified from a browser To disable this function use the no form of this command Syntax ip http server no ip http server Default Configuration The de...

Page 1363: ... Specifies the certificate number Range 1 2 Default Configuration The default value of the certificate number is 1 Command Mode Global Configuration mode User Guidelines The HTTPS certificate is generated using the crypto certificate generate command in Global Configuration mode Example The following example configures the active certificate for HTTPS console config ip https certificate 1 ip https...

Page 1364: ...user guidelines Example The following example configures the https port number to 100 console config ip https port 100 ip https server Use the ip https server command in Global Configuration mode to enable the switch to be configured monitored or modified securely from a browser To disable this function use the no form of this command Syntax ip https server no ip https server Default Configuration...

Page 1365: ...cify the key generate Syntax key generate length length Specifies the length of the SSL RSA key If left unspecified this parameter defaults to 1024 Range 512 2048 Default Configuration This command has no default configuration Command Mode Crypto Certificate Generation mode User Guidelines This command mode is entered using the crypto certificate request command Example The following example displ...

Page 1366: ...e User Guidelines This command mode is entered using the crypto certificate request or crypto certificate generate command Example The following example displays how to specify the city location of austin console config crypto cert location austin organization unit Use the organization unit command in Crypto Certificate Generation or Crypto Certificate Request mode to specify the organization unit...

Page 1367: ... show crypto certificate mycertificate Use the show crypto certificate mycertificate command in Privileged EXEC mode to view the SSL certificates of your switch Syntax show crypto certificate mycertificate number number Specifies the certificate number Range 1 2 digits Default configuration This command has no default configuration Command Mode Privileged EXEC mode Example The following example di...

Page 1368: ...dHdhcmUlMjBSb290JTIwQ2VydGlmaWVyLENO PXNlcnZl END CERTIFICATE Issued by www verisign com Valid from 8 9 2003 to 8 9 2004 Subject CN router gm com 0 General Motors C US Finger print DC789788 DC88A988 127897BC BB789788 show ip http Use the show ip http command in Privileged EXEC mode to display the HTTP server configuration Syntax show ip http Default Configuration This command has no default config...

Page 1369: ...w ip https Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays an HTTPS server configuration with DH Key exchange enabled console show ip https HTTPS server enabled Port 443 DH Key exchange enabled Certificate 1 is active Issued by www verisign com Valid from 8 9...

Page 1370: ...S server enabled Port 443 DH Key exchange disabled parameters are being generated Certificate 1 is active Issued by www verisign com Valid from 8 9 2003 to 8 9 2004 Subject CN router gm com 0 General Motors C US Finger print DC789788 DC88A988 127897BC BB789788 Certificate 2 is inactive Issued by self signed Valid from 8 9 2003 to 8 9 2004 Subject CN router gm com 0 General Motors C US Finger print...

Page 1371: ...mand has no default configuration Command Mode Crypto Certificate Generation or Crypto Certificate Request mode User Guidelines This command mode is entered using the crypto certificate request or crypto certificate generate command Example The following example shows how to specify the state of texas console config crypto cert state texas ...

Page 1372: ...1372 Web Server Commands ...

Reviews: