Dell PowerEdge M420, Reference Manual

Page 1: ...Dell PowerConnect PCM6220 PCM6348 PCM8024 PCM8024 k CLI Reference Guide Regulatory Model PCM6220 PCM6348 PCM8024 PCM8024 k ...

Page 2: ...S is a registered trademark of Broadcom Corp sFlow is a registered trademark of InMon Corporation Cisco is a registered trademark of Cisco Systems Inc and or its affiliates in the United States and certain other countries Microsoft and Windows are registered trademarks of Microsoft Corporation in the United States and or other countries Other trademarks and trade names may beused in this publicati...

Page 3: ...on 73 Command Groups 74 Mode Types 77 Layer 2 Commands 79 Layer 3 Commands 113 Utility Commands 140 2 Using the CLI 163 Introduction 163 Entering and Editing CLI Commands 163 CLI Command Modes 172 Starting the CLI 185 Using CLI Functions and Tools 193 ...

Page 4: ...a authorization network default radius 223 aaa ias user username 224 clear IAS 225 enable authentication 225 enable password 226 ip http authentication 227 ip https authentication 228 login authentication 229 password aaa IAS User Configuration 230 password Line Configuration 231 password User EXEC 232 show aaa ias users 233 show authentication methods 234 show users accounts 235 ...

Page 5: ...apter 244 access list 244 deny permit IP ACL 246 deny permit Mac Access List Configuration 247 ip access group 250 mac access group 251 mac access list extended 252 mac access list extended rename 253 service acl input 254 show service acl interface 255 show ip access lists 256 show mac access list 257 6 Address Table Commands 259 Commands in this Chapter 259 ...

Page 6: ...st forward all 265 mac address table multicast forward unregistered 266 mac address table multicast static 267 mac address table static 268 port security 269 port security max 270 show mac address table multicast 271 show mac address table filtering 273 show mac address table 274 show mac address table address 275 show mac address table count 276 show mac address table dynamic 277 show mac address...

Page 7: ...er 285 show switchport voice 285 switchport voice detect auto 288 8 CDP Interoperability Commands 291 Commands in this Chapter 291 clear isdp counters 291 clear isdp table 292 isdp advertise v2 292 isdp enable 293 isdp holdtime 294 isdp timer 295 show isdp 295 show isdp entry 296 show isdp interface 298 show isdp neighbors 299 show isdp traffic 301 ...

Page 8: ...aces datacenter bridging 306 10 DHCP Layer 2 Relay Commands 311 Commands in this Chapter 311 dhcp l2relay Global Configuration 311 dhcp l2relay Interface Configuration 312 dhcp l2relay circuit id 313 dhcp l2relay remote id 313 dhcp l2relay trust 314 dhcp l2relay vlan 315 11 DHCP Management Interface Commands 317 Commands in this Chapter 317 release dhcp 318 renew dhcp 319 debug dhcp packet 320 ...

Page 9: ...ooping database 329 ip dhcp snooping database write delay 330 ip dhcp snooping limit 331 ip dhcp snooping log invalid 332 ip dhcp snooping trust 332 ip dhcp snooping verify mac address 333 show ip dhcp snooping 334 show ip dhcp snooping binding 335 show ip dhcp snooping database 336 show ip dhcp snooping interfaces 337 show ip dhcp snooping statistics 338 13 Dynamic ARP Inspection Commands 341 Com...

Page 10: ...lan 346 permit ip host mac host 347 show arp access list 348 show ip arp inspection 348 show ip arp inspection vlan 351 14 Email Alerting Commands 355 Commands in this Chapter 355 logging email 356 logging email urgent 358 logging traps 359 logging email message type to addr 360 logging email from addr 361 logging email message type subject 361 logging email logtime 362 logging email test message ...

Page 11: ...ver Configuration Mode 367 password Mail Server Configuration Mode 368 show mail server 369 15 Ethernet Configuration Commands 371 Commands in this Chapter 372 clear counters 372 description 373 duplex 374 flowcontrol 375 interface 375 interface range 376 mtu 378 show interfaces advertise 379 show interfaces configuration 380 show interfaces counters 382 show interfaces description 385 ...

Page 12: ...ontrol multicast 400 storm control unicast 401 switchport protected 402 switchport protected name 403 show switchport protected 404 16 Ethernet CFM Commands 407 Commands in this Chapter 407 ethernet cfm domain 408 service 409 ethernet cfm cc level 410 ethernet cfm mep level 411 ethernet cfm mep enable 412 ethernet cfm mep active 413 ethernet cfm mep archive hold time 414 ...

Page 13: ...ocal 419 show ethernet cfm maintenance points remote 420 show ethernet cfm statistics 422 debug cfm 423 17 GVRP Commands 427 Commands in this Chapter 427 clear gvrp statistics 427 garp timer 428 gvrp enable global 429 gvrp enable interface 430 gvrp registration forbid 431 gvrp vlan creation forbid 432 show gvrp configuration 432 show gvrp error statistics 434 show gvrp statistics 435 ...

Page 14: ... ip igmp snooping 442 show ip igmp snooping groups 443 show ip igmp snooping interface 444 show ip igmp snooping mrouter 445 ip igmp snooping VLAN 445 ip igmp snooping fast leave 446 ip igmp snooping groupmembership interval 447 ip igmp snooping maxresponse 448 ip igmp snooping mcrtrexpiretime 449 19 IGMP Snooping Querier Commands 451 Commands in this Chapter 451 ip igmp snooping querier 451 ip ig...

Page 15: ...Commands 459 Commands in this Chapter 459 clear host 460 clear ip address conflict detect 460 interface out of band 461 ip address Out of Band 462 ip address conflict detect run 463 ip address dhcp Interface Config 464 ip default gateway 465 ip domain lookup 466 ip domain name 467 ip host 468 ip name server 469 ipv6 address 469 ipv6 address dhcp 471 ipv6 enable 472 show arp switch 473 ...

Page 16: ...s list rename 481 ipv6 traffic filter 482 show ipv6 access lists 483 22 IPv6 MLD Snooping Commands 487 Commands in this Chapter 487 ipv6 mld snooping immediate leave 488 ipv6 mld snooping groupmembership interval 489 ipv6 mld snooping maxresponse 489 ipv6 mld snooping mcrtexpiretime 490 ipv6 mld snooping Global 491 ipv6 mld snooping Interface 492 ipv6 mld snooping VLAN 493 show ipv6 mld snooping 4...

Page 17: ...ddress 501 ipv6 mld snooping querier election participate 502 ipv6 mld snooping querier query interval 502 ipv6 mld snooping querier timer expiry 503 show ipv6 mld snooping querier 504 24 IP Source Guard Commands 507 Commands in this Chapter 507 ip verify source 507 ip verify source port security 508 ip verify binding 509 show ip verify interface 509 show ip verify source interface 510 show ip sou...

Page 18: ...get port 518 show iscsi 519 show iscsi sessions 521 26 Link Dependency Commands 525 Commands in this Chapter 525 action 525 link dependency group 526 add gigabitethernet 527 add tengigabitethernet 527 add port channel 528 depends on 529 show link dependency 530 27 LLDP Commands 533 Commands in this Chapter 534 clear lldp remote data 534 ...

Page 19: ...38 lldp transmit 539 lldp transmit mgmt 540 lldp transmit tlv 540 show lldp 541 show lldp interface 542 show lldp local device 543 show lldp remote device 545 show lldp statistics 546 28 Multicast VLAN Registration Commands 549 Commands in this Chapter 550 mvr 550 mvr group 551 mvr mode 552 mvr querytime 552 mvr vlan 554 ...

Page 20: ...r interface 561 show mvr traffic 563 29 Port Aggregator Commands 565 add ethernet 565 duplex 566 minimum active uplinks 567 mtu disable 567 negotiation 568 port aggregator group 569 show bridge address table 570 speed 571 30 Port Channel Commands 573 Static LAGS 573 VLANs and LAGs 574 LAG Thresholds 574 ...

Page 21: ...r 577 channel group 577 interface port channel 578 interface range port channel 579 hashing mode 580 lacp auto 581 lacp off 581 lacp port priority 582 lacp static 583 lacp system priority 583 lacp timeout 584 no lacp 585 port channel min links 586 show interfaces port channel 586 show lacp 587 show statistics port channel 589 ...

Page 22: ... Access Control Lists 597 Layer 2 ACLs 598 Layer 3 4 IPv4 ACLs 598 Class of Service CoS 598 Queue Mapping 599 PCM6220 Limitations 600 Commands in this Chapter 600 assign queue 601 class 602 class map 603 class map rename 603 classofservice dot1p mapping 604 classofservice ip dscp mapping 605 classofservice trust 606 conform color 607 ...

Page 23: ... cos 612 mark ip dscp 613 mark ip precedence 614 match class map 614 match cos 616 match destination address mac 616 match dstip 617 match dstip6 618 match dstl4port 619 match ethertype 620 match ip6flowlbl 620 match ip dscp 621 match ip precedence 622 match ip tos 623 match protocol 624 match source address mac 625 ...

Page 24: ...s map 634 show classofservice dot1p mapping 635 show classofservice ip dscp mapping 637 show classofservice trust 640 show diffserv 641 show diffserv service interface 642 show diffserv service interface port channel 643 show diffserv service brief 644 show interfaces cos queue 644 show interfaces random detect 647 show policy map 648 show policy map interface 648 ...

Page 25: ...network default start stop group radius 654 acct port 655 auth port 655 deadtime 656 key 657 msgauth 658 name RADIUS server 658 primary 660 priority 660 radius server deadtime 661 radius server host 662 radius server key 663 radius server retransmit 664 radius server source ip 665 radius server timeout 665 retransmit 666 ...

Page 26: ...8 clear spanning tree detected protocols 679 exit mst 679 instance mst 680 name mst 682 revision mst 683 show spanning tree 683 show spanning tree summary 687 spanning tree 689 spanning tree auto portfast 690 spanning tree bpdu flooding 690 spanning tree bpdu protection 691 spanning tree cost 692 spanning tree disable 693 spanning tree forward time 694 ...

Page 27: ...st cost 699 spanning tree mst port priority 700 spanning tree mst priority 701 spanning tree portfast 702 spanning tree portfast bpdufilter default 703 spanning tree portfast default 704 spanning tree port priority 705 spanning tree priority 706 spanning tree tcnguard 706 spanning tree transmit hold count 707 35 TACACS Commands 709 Commands in this Chapter 710 key 710 port 711 priority 711 ...

Page 28: ...e 717 Independent VLAN Learning 718 Protocol Based VLANs 718 IP Subnet Based VLANs 719 MAC Based VLANs 719 Commands in this Chapter 719 dvlan tunnel ethertype 720 interface vlan 721 interface range vlan 722 mode dvlan tunnel 723 name VLAN Configuration 724 protocol group 725 protocol vlan group 726 protocol vlan group all 727 show dvlan tunnel 728 ...

Page 29: ...ort access vlan 738 switchport forbidden vlan 739 switchport general acceptable frame type tagged only 740 switchport general allowed vlan 740 switchport general ingress filtering disable 741 switchport general pvid 742 switchport mode 743 switchport trunk 744 vlan 746 vlan Global Config 747 vlan association mac 748 vlan association subnet 748 vlan database 749 vlan makestatic 750 ...

Page 30: ... 757 Commands in this Chapter 757 voice vlan 758 voice vlan Interface 758 voice vlan data priority 760 show voice vlan 760 38 802 1x Commands 763 Local 802 1X Authentication Server 763 MAC Authentication Bypass 764 Guest VLAN 765 802 1x Monitor Mode 765 RADIUS based Dynamic VLAN Assignment 766 Commands in this Chapter 766 dot1x dynamic vlan enable 767 dot1x initialize 768 ...

Page 31: ...1x timeout guest vlan period 774 dot1x timeout quiet period 775 dot1x timeout re authperiod 776 dot1x timeout server timeout 777 dot1x timeout supp timeout 778 dot1x timeout tx period 779 show dot1x 780 show dot1x authentication history 781 show dot1x clients 783 show dot1x interface 785 show dot1x statistics 787 show dot1x users 789 clear dot1x authentication history 790 dot1x guest vlan 791 ...

Page 32: ...yer 3 Commands 797 40 ARP Commands 799 ARP Aging 800 Commands in this Chapter 800 arp 800 arp cachesize 801 arp dynamicrenew 802 arp purge 803 arp resptime 804 arp retries 805 arp timeout 805 clear arp cache 806 clear arp cache management 807 ip local proxy arp 808 ip proxy arp 808 show arp 809 ...

Page 33: ...hcp conflict 817 client identifier 817 client name 818 default router 819 dns server IP DHCP Pool Config 820 domain name IP DHCP Pool Config 821 hardware address 822 host 823 ip dhcp bootp automatic 824 ip dhcp conflict logging 824 ip dhcp excluded address 825 ip dhcp ping packets 826 lease 827 netbios name server 828 netbios node type 829 network 830 ...

Page 34: ...ow ip dhcp pool 839 show ip dhcp server statistics 840 42 DHCPv6 Commands 843 clear ipv6 dhcp 843 dns server IPv6 DHCP Pool Config 844 domain name IPv6 DHCP Pool Config 844 ipv6 dhcp pool 845 ipv6 dhcp relay 846 ipv6 dhcp server 847 prefix delegation 848 service dhcpv6 850 show ipv6 dhcp 851 show ipv6 dhcp binding 851 show ipv6 dhcp interface User EXEC 852 ...

Page 35: ...in this Chapter 861 ip dvmrp 861 ip dvmrp metric 862 show ip dvmrp 863 show ip dvmrp interface 864 show ip dvmrp neighbor 864 show ip dvmrp nexthop 865 show ip dvmrp prune 866 show ip dvmrp route 867 44 GMRP Commands 869 Commands in this Chapter 870 gmrp enable 870 show gmrp configuration 871 45 IGMP Commands 873 Commands in this Chapter 874 ...

Page 36: ...ery count 879 ip igmp startup query interval 880 ip igmp version 881 show ip igmp 882 show ip igmp groups 883 show ip igmp interface 884 show ip igmp membership 885 show ip igmp interface stats 886 ip igmp router alert optional 887 46 IGMP Proxy Commands 889 Commands in this Chapter 889 ip igmp proxy 889 ip igmp proxy reset status 890 ip igmp proxy unsolicited report interval 891 show ip igmp prox...

Page 37: ...lear ip helper statistics 901 ip dhcp relay information check 901 ip dhcp relay information check reply 902 ip dhcp relay information option 903 ip dhcp relay information option insert 904 ip helper address global configuration 905 ip helper address interface configuration 907 ip helper enable 909 show ip helper address 910 show ip dhcp relay 911 show ip helper statistics 912 48 IP Routing Command...

Page 38: ...7 ip address 917 ip mtu 919 ip netdirbcast 920 ip route 921 ip route default 922 ip route distance 923 ip routing 924 routing 925 show ip brief 925 show ip interface 926 show ip protocols 929 show ip route 930 show ip route preferences 932 show ip route summary 933 show ip traffic 934 show ip vlan 936 ...

Page 39: ... dr priority 943 ipv6 pim hello interval 943 ipv6 pim join prune interval 944 ipv6 pim register rate limit 945 ipv6 pim rp address 946 ipv6 pim rp candidate 947 ipv6 pim spt threshold 948 ipv6 pim ssm 948 show ipv6 pimsm 949 show ipv6 pim bsr router 950 show ipv6 pim interface 952 show ipv6 pim neighbor 954 show ipv6 pim rp hash 955 show ipv6 pim rp mapping 956 ...

Page 40: ...963 ipv6 hop limit 964 ipv6 host 965 ipv6 mld last member query count 965 ipv6 mld last member query interval 966 ipv6 mld proxy 967 ipv6 mld proxy reset status 967 ipv6 mld proxy unsolicit rprt interval 968 ipv6 mld query interval 969 ipv6 mld query max response time 970 ipv6 mld router 970 ipv6 mtu 971 ipv6 nd dad attempts 972 ipv6 nd managed config flag 973 ipv6 nd ns interval 974 ...

Page 41: ... route distance 981 ipv6 unicast routing 982 ping ipv6 983 ping ipv6 interface 984 show ipv6 brief 985 show ipv6 interface 986 show ipv6 interface management statistics 988 show ipv6 mld groups 990 show ipv6 mld interface 993 show ipv6 mld proxy 995 show ipv6 mld proxy groups 997 show ipv6 mld proxy groups detail 998 show ipv6 mld proxy interface 1000 show ipv6 mld traffic 1001 ...

Page 42: ...lan 1010 traceroute ipv6 1010 51 Loopback Interface Commands 1013 Commands in this Chapter 1013 interface loopback 1013 show interfaces loopback 1014 52 Multicast Commands 1017 Commands in this Chapter 1018 ip mcast boundary 1019 ip mroute 1019 ip multicast 1020 ip multicast ttl threshold 1021 ip pim 1022 ip pim bsr border 1023 ip pim bsr candidate 1023 ...

Page 43: ...p pim sparse 1030 ip pim ssm 1031 ip pim spt threshold 1032 show bridge multicast address table count 1033 show ip multicast 1034 show ip mcast boundary 1035 show ip multicast interface 1036 show ip mcast mroute 1036 show ip mcast mroute group 1037 show ip mcast mroute source 1038 show ip mcast mroute static 1039 show ip pim bsr router 1040 show ip pim interface 1041 show ip pim neighbor 1043 ...

Page 44: ...idate 1051 ipv6 pimsm dr priority 1052 ipv6 pimsm hello interval 1053 ipv6 pimsm join prune interval 1053 ipv6 pimsm register threshold 1054 ipv6 pimsm rp address 1055 ipv6 pimsm rp candidate 1056 ipv6 pimsm spt threshold 1056 ipv6 pimsm ssm 1057 show ipv6 pimsm 1058 show ipv6 pimsm bsr 1059 show ipv6 pimsm interface 1060 show ipv6 pimsm neighbor 1061 show ipv6 pimsm rphash 1062 show ipv6 pimsm rp...

Page 45: ...this Chapter 1068 area default cost Router OSPF 1069 area nssa Router OSPF 1070 area nssa default info originate 1072 area nssa no redistribute 1073 area nssa no summary 1073 area nssa translator role 1074 area nssa translator stab intv 1075 area range Router OSPF 1076 area stub 1077 area stub no summary 1078 area virtual link 1079 area virtual link authentication 1081 area virtual link dead inter...

Page 46: ...ility opaque 1088 clear ip ospf 1088 compatible rfc1583 1089 default information originate 1090 default metric 1091 distance ospf 1092 distribute list out 1093 enable 1094 exit overflow interval 1095 external lsdb limit 1096 ip ospf area 1097 ip ospf authentication 1098 ip ospf cost 1099 ip ospf dead interval 1099 ip ospf hello interval 1100 ip ospf mtu ignore 1101 ...

Page 47: ...106 nsf 1107 nsf helper 1108 nsf helper strict lsa checking 1109 nsf restart interval 1110 passive interface default 1111 passive interface 1111 redistribute 1112 router id 1113 router ospf 1114 show ip ospf 1115 show ip ospf abr 1120 show ip ospf area 1121 show ip ospf asbr 1123 show ip ospf database 1124 show ip ospf database database summary 1127 ...

Page 48: ... 1137 show ip ospf virtual link 1138 show ip ospf virtual links brief 1139 timers spf 1140 55 OSPFv3 Commands 1143 area default cost Router OSPFv3 1144 area nssa Router OSPFv3 1145 area nssa default info originate 1146 area nssa no redistribute 1147 area nssa no summary 1148 area nssa translator role 1149 area nssa translator stab intv 1150 area range Router OSPFv3 1151 area stub 1152 area stub no...

Page 49: ... default information originate 1159 default metric 1160 distance ospf 1161 enable 1162 exit overflow interval 1163 external lsdb limit 1163 ipv6 ospf 1164 ipv6 ospf area 1165 ipv6 ospf cost 1166 ipv6 ospf dead interval 1167 ipv6 ospf hello interval 1167 ipv6 ospf mtu ignore 1168 ipv6 ospf network 1169 ipv6 ospf priority 1170 ipv6 ospf retransmit interval 1171 ipv6 ospf transmit delay 1172 ...

Page 50: ...fault 1178 redistribute 1179 router id 1179 show ipv6 ospf 1180 show ipv6 ospf abr 1184 show ipv6 ospf area 1185 show ipv6 ospf asbr 1186 show ipv6 ospf border routers 1187 show ipv6 ospf database 1187 show ipv6 ospf database database summary 1190 show ipv6 ospf interface 1191 show ipv6 ospf interface brief 1193 show ipv6 ospf interface stats 1194 show ipv6 ospf interface vlan 1195 ...

Page 51: ...ter Discovery Protocol Commands 1203 Commands in this Chapter 1203 ip irdp 1203 ip irdp address 1205 ip irdp holdtime 1206 ip irdp maxadvertinterval 1207 ip irdp minadvertinterval 1208 ip irdp multicast 1209 ip irdp preference 1210 show ip irdp 1210 57 Routing Information Protocol Commands 1213 Commands in this Chapter 1213 auto summary 1213 default information originate 1214 ...

Page 52: ...19 ip rip receive version 1220 ip rip send version 1221 redistribute 1222 router rip 1223 show ip rip 1224 show ip rip interface 1225 show ip rip interface brief 1226 split horizon 1227 58 Tunnel Interface Commands 1229 Commands in this Chapter 1229 interface tunnel 1230 show interfaces tunnel 1230 tunnel destination 1231 tunnel mode ipv6ip 1232 ...

Page 53: ... 1236 Interface Tracking 1237 Route Tracking 1237 Commands in this Chapter 1237 ip vrrp 1238 vrrp accept mode 1238 vrrp authentication 1239 vrrp description 1240 vrrp ip 1241 vrrp mode 1242 vrrp preempt 1243 vrrp priority 1244 vrrp timers advertise 1245 vrrp timers learn 1246 vrrp track interface 1247 vrrp track ip route 1248 show vrrp 1250 ...

Page 54: ...ty Commands 1259 61 Auto Install Commands 1261 Commands in this Chapter 1262 boot auto copy sw 1262 boot auto copy sw allow downgrade 1263 boot host autoreboot 1264 boot host autosave 1265 boot host dhcp 1265 boot host retrycount 1266 show auto copy sw 1267 show boot 1268 62 Captive Portal Commands 1271 Commands in this Chapter 1271 authentication timeout 1273 ...

Page 55: ...1277 block 1278 configuration 1279 enable 1279 group 1280 interface 1281 locale 1281 name Captive Portal 1282 protocol 1283 redirect 1283 redirect url 1284 session timeout 1284 verification 1285 captive portal client deauthenticate 1286 show captive portal client status 1286 show captive portal configuration client status 1287 ...

Page 56: ...up 1293 user logout 1294 user name 1295 user password 1295 user session timeout 1296 show captive portal configuration 1297 show captive portal configuration interface 1298 show captive portal configuration locales 1299 show captive portal configuration status 1300 user group 1301 user group moveusers 1302 user group name 1302 63 CLI Macro Commands 1305 Commands in this Chapter 1306 macro name 130...

Page 57: ...12 64 Clock Commands 1315 Real time Clock 1315 Simple Network Time Protocol 1315 Commands in this Chapter 1316 show sntp configuration 1316 show sntp server 1317 show sntp status 1319 sntp authenticate 1320 sntp authentication key 1321 sntp broadcast client enable 1322 sntp client poll timer 1322 sntp server 1323 sntp trusted key 1324 sntp unicast client enable 1325 ...

Page 58: ...clock 1330 65 Command Line Configuration Scripting Commands 1333 Commands in this Chapter 1333 script apply 1333 script delete 1334 script list 1335 script show 1335 script validate 1336 66 Configuration and Image File Commands 1339 File System Commands 1339 Command Line Interface Scripting 1339 Commands in this Chapter 1339 boot system 1340 clear config 1341 ...

Page 59: ...erase 1351 filedescr 1351 rename 1352 show backup config 1353 show bootvar 1354 show running config 1355 show startup config 1356 update bootcode 1358 write 1359 67 Denial of Service Commands 1361 Commands in this Chapter 1362 dos control firstfrag 1363 dos control icmp 1363 dos control l4port 1364 dos control sipdip 1365 ...

Page 60: ...chables 1369 ip redirects 1369 ipv6 icmp error interval 1370 ipv6 unreachables 1371 show dos control 1371 68 Line Commands 1373 exec timeout 1373 history 1374 history size 1374 line 1375 show line 1376 speed 1377 69 Management ACL Commands 1379 Commands in this Chapter 1379 deny management 1380 management access class 1381 ...

Page 61: ...87 configure terminal 1387 do 1387 71 Password Management Commands 1389 Configurable Minimum Password Length 1389 Password History 1389 Password Aging 1389 User Lockout 1389 Password Strength 1390 Commands in this Chapter 1391 passwords aging 1392 passwords history 1393 passwords lock out 1394 passwords min length 1395 passwords strength check 1395 ...

Page 62: ...sswords strength max limit consecutive characters 1400 passwords strength max limit repeated characters 1401 passwords strength minimum character classes 1401 passwords strength exclude keyword 1402 enable password encrypted 1403 show passwords configuration 1404 show passwords result 1406 72 PHY Diagnostics Commands 1409 show copper ports tdr 1409 show fiber ports optical transceiver 1410 test co...

Page 63: ... 1418 show rmon alarms 1420 show rmon collection history 1421 show rmon events 1422 show rmon history 1423 show rmon log 1427 show rmon statistics 1428 74 SDM Templates Commands 1433 Commands in this Chapter 1433 sdm prefer 1433 show sdm prefer 1435 75 Serviceability Tracing Packet Commands 1439 Commands in this Chapter 1439 debug arp 1440 ...

Page 64: ...bug ip acl 1444 debug ip dvmrp 1444 debug ip igmp 1445 debug ip mcache 1446 debug ip pimdm 1447 debug ip pimsm 1447 debug ip vrrp 1448 debug ipv6 dhcp 1449 debug ipv6 mcache 1450 debug ipv6 mld 1450 debug ipv6 pimdm 1451 debug ipv6 pimsm 1452 debug isdp 1453 debug lacp 1453 debug mldsnooping 1454 debug ospf 1455 ...

Page 65: ...59 76 Sflow Commands 1461 Commands in this Chapter 1461 sflow destination 1461 sflow polling 1463 sflow polling Interface Mode 1464 sflow sampling 1465 sflow sampling Interface Mode 1466 show sflow agent 1467 show sflow destination 1468 show sflow polling 1469 show sflow sampling 1470 77 SNMP Commands 1473 Commands in this Chapter 1473 ...

Page 66: ...mp server community 1483 snmp server community group 1485 snmp server contact 1486 snmp server enable traps 1486 snmp server engineID local 1489 snmp server filter 1490 snmp server group 1492 snmp server host 1493 snmp server location 1495 snmp server user 1496 snmp server view 1497 snmp server v3 host 1499 78 SSH Commands 1501 Commands in this Chapter 1501 ...

Page 67: ...rver 1505 key string 1506 show crypto key mypubkey 1508 show crypto key pubkey chain ssh 1509 show ip ssh 1510 user key 1511 79 Syslog Commands 1513 CLI Logged to Local File and Syslog Server 1513 Commands in this Chapter 1514 clear logging 1515 clear logging file 1515 description 1516 level 1517 logging cli command 1517 logging 1519 logging audit 1521 ...

Page 68: ...session 1526 port 1527 show logging 1528 show logging file 1529 show syslog servers 1530 80 System Management Commands 1533 asset tag 1534 banner exec 1534 banner login 1535 banner motd 1536 banner motd acknowledge 1537 clear checkpoint statistics 1538 cut through mode 1539 exec banner 1539 hostname 1540 ip address 1542 ...

Page 69: ...48 reload 1550 set description 1551 slot 1551 show banner 1553 show boot version 1554 show checkpoint statistics 1555 show cut through mode 1556 show interfaces advanced firmware 1556 show ip interface out of band 1557 show memory cpu 1558 show power usage history 1560 show process cpu 1561 show sessions 1563 show slot 1564 ...

Page 70: ...show system power 1580 show system temperature 1581 show tech support 1582 show users 1584 show version 1585 stack 1586 console config stack stack port 1587 standby 1588 telnet 1589 traceroute 1592 81 Telnet Server Commands 1595 Commands in this Chapter 1595 ip telnet server disable 1595 ip telnet port 1596 show ip telnet 1597 ...

Page 71: ... 1601 time range 1601 absolute 1602 periodic 1603 show time range 1605 84 User Interface Commands 1609 enable 1609 end 1610 exit 1610 mode simple 1611 mode change confirm 1612 quit 1612 85 Web Server Commands 1615 Web Sessions 1615 Commands in this Chapter 1616 common name 1616 country 1617 ...

Page 72: ...p http port 1622 ip http server 1623 ip http secure certificate 1624 ip http secure port 1625 ip http secure server 1625 key generate 1626 location 1627 organization unit 1628 show crypto certificate mycertificate 1628 show ip http server status 1630 show ip http server secure status 1630 state 1632 A List of Commands 1635 ...

Page 73: ...the CLI which is based solely on textual input and output with commands being entered by a terminal keyboard and the output displayed as text via a terminal monitor The CLI can be accessed from a console terminal connected to an EIA TIA 232 port or through a Telnet SSH session This guide describes how the CLI is structured describes the command syntax and describes the command functionality This g...

Page 74: ... physical link DHCP l2 Relay Enables the Layer 2 DHCP Relay agent for an interface DHCP Management Interface Configures DHCP snooping and whether an interface is trusted for filtering Dynamic ARP Inspection Configures for rejection of invalid and malicious ARP packets Ethernet Configuration Configures all port configuration options for example ports storm control port speed and auto negotiation Et...

Page 75: ... Spanning Tree protocol TACACS Configures and displays TACACS information VLAN Configures VLANs and displays VLAN information 802 1x Configures and displays commands related to 802 1x security protocol Layer 3 Commands ARP IPv4 Manages Address Resolution Protocol functions DHCP Server and Relay Agent IPv4 Manages DHCP BOOTP operations on the system DHCPv6 Configures IPv6 DHCP functions DVMRP Mcast...

Page 76: ...r redundancy on the system Utility Commands Auto Install Automatically configures switch when a configuration file is not found Captive Portal Blocks clients from accessing network until user verification is established Clock Configures the system clock Command Line Configuration Scripting Manages the switch configuration files Denial of Service Provides several Denial of Service options Line Conf...

Page 77: ...h the CLI and displays RMON information Serviceability Tracing Controls display of debug output to serial port or telnet console sFlow Configures sFlow monitoring SNMP Configures SNMP communities traps and displays SNMP information SSH Configures SSH authentication Syslog Manages and displays syslog messages System Management Configures the switch clock name and authorized users Telnet Server Conf...

Page 78: ...gregator PE Privileged EXEC PM Policy Map Configuration PCGC Policy Map Global Configuration PCMC Policy Class Map Configuration R Radius RIP Router RIP Configuration RC Router Configuration ROSPF Router Open Shortest Path First ROSV3 Router Open Shortest Path First Version 3 SG Stack Global Configuration SP SSH Public Key SK SSH Public Key chain TC TACACS Configuration TRC Time Range Configuratio...

Page 79: ... and their attributes Also changes the mode to aa user config mode GC clear aaa ias users Deletes all IAS users PE enable authentication Specifies the authentication method list when accessing a higher privilege level from a remote telnet or console LC enable password Sets a local password to control access to the normal level GC ip http authentication Specifies authentication methods for http GC ...

Page 80: ...ntrol List ACL that is identified by the parameter accesslistnumber GC deny permit The deny command denies traffic if the conditions defined in the deny statement are matched The permit command allows traffic if the conditions defined in the permit statement are matched ML ip access group Attaches a specified access control list to an interface GC or IC mac access group Attaches a specific MAC Acc...

Page 81: ...cast filtering Enables filtering of Multicast addresses GC mac address table multicast forbidden address Forbids adding a specific Multicast address to specific ports IC mac address table multicast forbidden forward unregistered Forbids a port to be a forwarding unregistered multicast addresses port IC mac address table multicast forward all Enables forwarding of all Multicast packets on a port IC...

Page 82: ...ow mac address table interface Displays the mac forwarding table entries for a specific interface UE or PE show mac address table multicast Displays Multicast MAC address table information PE show mac address table static Displays statically created entries in the bridge forwarding database PE show mac address table vlan Displays all entries in the bridge forwarding database for the specified VLAN...

Page 83: ...bles the sending of ISDP version 2 packets from the device GC isdp enable Enables ISDP on the switch GC or IC isdp holdtime Configures the hold time for ISDP packets that the switch transmits GC isdp timer Sets period of time between sending new ISDP packets GC show isdp Displays global ISDP settings PE show isdp interface Displays ISDP settings for the specified interface PE show isdp entry Displ...

Page 84: ...s datacenter bridging Displays the datacenter bridging configuration status and counters for a given interface PE Command Description Modea a For the meaning of each Mode abbreviation see Mode Types on page 77 dhcp l2relay Enables the Layer 2 DHCP Relay agent for an interface or globally GC or IC dhcp l2relay circuit id Enables user to set the DHCP Option 82 Circuit ID for a VLAN GC dhcp l2relay r...

Page 85: ...HCP snooping globally or on a specific VLAN GC or IC ip dhcp snooping binding Configures a static DHCP Snooping binding GC ip dhcp snooping database Configures the persistent location of the DHCP snooping database GC ip dhcp snooping database write delay Configures the interval in seconds at which the DHCP Snooping database will be stored in persistent storage GC ip dhcp snooping limit Controls th...

Page 86: ...spection statistics Resets the statistics for Dynamic ARP Inspection on all VLANs PE ip arp inspection filter Configures the ARP ACL to be used for a single VLAN or a range of VLANs to filter invalid ARP packets GC ip arp inspection limit Configures the rate limit and burst interval values for an interface IC ip arp inspection trust Configures an interface as trusted for Dynamic ARP Inspection IC ...

Page 87: ...dea logging email Enables email alerting and sets the lowest severity level for which log messages are emailed GC logging email urgent Sets the lowest severity level at which log messages are emailed in an urgent manner GC logging traps Sets the lowest severity level at which SNMP traps are logged GC logging email message type to addr Configures the To address field of the email GC logging email f...

Page 88: ...the SMTP servers MSC username Mail Server Configuration Mode Configures the username required by the authentication MSC password Mail Server Configuration Mode Configures the password required to authenticate to the email server MSC show mail server Displays the configuration of all the mail servers or a particular mail server PE a For the meaning of each Mode abbreviation see Mode Types on page 7...

Page 89: ...us for all configured interfaces UE show statistics Displays statistics for one port or for the entire switch PE show statistics switchport Displays detailed statistics for a specific port or for the entire switch PE show storm control Displays the storm control configuration PE shutdown Disables interfaces IC speed Configures the speed of a given Ethernet interface when not using auto negotiation...

Page 90: ...net cfm mep active Activates a MEP at the specified level and direction IC ethernet cfm mep archive hold time Maintains internal information on a missing MEP IC ethernet cfm mip level Creates a Maintenance Intermediate Point MIP at the specified level IC ping ethernet cfm Generates a loopback message LBM from the configured MEP PE traceroute ethernet cfm Generates a link trace message LTM from the...

Page 91: ...ion on the port IC gvrp vlan creation forbid Enables or disables dynamic VLAN creation IC show gvrp configuration Displays GVRP configuration information including timer values whether GVRP and dynamic VLAN creation is enabled and which ports are running GVRP PE show gvrp error statistics Displays GVRP error statistics UE show gvrp statistics Displays GVRP statistics UE Command Description Modea i...

Page 92: ...l Sets the IGMP Group Membership Interval time on a VLAN VLAN ip igmp snooping maxresponse Sets the IGMP Maximum Response time on a particular VLAN VLAN ip igmp snooping mcrtrexpiretime Sets the Multicast Router Present Expiration time VLAN a For the meaning of each Mode abbreviation see Mode Types on page 77 Command Description Modea ip igmp snooping querier Enables disables IGMP Snooping Querier...

Page 93: ... detect run Triggers the switch to run active address conflict detection by sending gratuitous ARP packets for IPv4 addresses on the switch GC ip address dhcp Acquires an IP address on an interface from the DHCP server IC ip default gateway Defines a default gateway router GC ip domain lookup Enables IP DNS based host name to address translation GC ip domain name Defines a default domain name to c...

Page 94: ... 77 deny permit Creates a new rule for the current IPv6 access list v6ACL ipv6 access list Creates an IPv6 Access Control List ACL consisting of classification fields defined for the IP header of an IPv6 frame GC ipv6 access list rename Changes the name of an IPv6 ACL GC ipv6 traffic filter Attaches a specific IPv6 ACL to an interface or associates it with a VLAN ID in a given direction GC IC show...

Page 95: ...E a For the meaning of each Mode abbreviation see Mode Types on page 77 Command Description Modea a For the meaning of each Mode abbreviation see Mode Types on page 77 ipv6 mld snooping querier Enables MLD Snooping Querier on the system or on a VLAN GC or VLAN ipv6 mld snooping querier address Sets the global MLD Snooping Querier address on the system or on a VLAN GC or VLAN ipv6 mld snooping quer...

Page 96: ...ss IC ip verify source port security Enables filtering of IP packets matching the source IP address and the source MAC address IC ip verify binding Configures static bindings GC show ip verify interface Displays the IPSG interface configuration PE show ip verify source interface Displays the bindings configured on a particular interface PE show ip source binding Displays all bindings static and dy...

Page 97: ...sessions Displays the iSCSI sessions PE Command Description Modea a For the meaning of each Mode abbreviation see Mode Types on page 77 action Indicates if the link dependency group should mirror or invert the status of the depended on interfaces LD link dependency group Enters the link dependency mode to configure a link dependency group GC add gigabitethernet Adds member gigabit Ethernet port s ...

Page 98: ...for LLDP GC lldp transmit Enables the LLDP advertise capability IC lldp transmit mgmt Specifies that transmission of the local system management address information in the LLDPDUs is included IC lldp transmit tlv Specifies which optional TLVs in the 802 1AB basic management set will be transmitted in the LLDPDUs IC show lldp Displays the current LLDP configuration summary PE show lldp interface Di...

Page 99: ...iation see Mode Types on page 77 Command Description Modea channel group Associates a port with a port channel IC interface port channel Enters the interface configuration mode of a specific port channel GC interface range port channel Enters the interface configuration mode to configure multiple port channels GC hashing mode Sets the hashing algorithm on trunk ports IC port channel lacp auto Sets...

Page 100: ...hannel Displays port channel statistics PE a For the meaning of each Mode abbreviation see Mode Types on page 77 Command Description Modea add ethernet Adds member Ethernet port s to the Aggregator Group PA duplex Configures the full half duplex operation of all member ports in the aggregator group zone PA minimum active uplinks Sets the minimum number of uplinks to be active for the Group PA mtu ...

Page 101: ...D to which the associated traffic stream is assigned PCMC class Creates an instance of a class definition within the specified policy for the purpose of defining treatment of the traffic class through subsequent policy attribute statements PMC class map Defines a new DiffServ class of type match all match any or match access group For now only match all is available in the CLI GC class map rename ...

Page 102: ...ks all packets for the associated traffic stream with the specified class of service value in the priority field of the 802 1p header PCMC mark ip dscp Marks all packets for the associated traffic stream with the specified IP DSCP value PCMC mark ip precedence Marks all packets for the associated traffic stream with the specified IP precedence value PCMC match class map Adds add to the specified c...

Page 103: ... Code Point DSCP field in a packet CMC match ip precedence Adds to the specified class definition a match condition based on the value of the IP CMC match ip tos Adds to the specified class definition a match condition based on the value of the IP TOS field in a packet CMC match protocol Adds to the specified class definition a match condition based on the value of the IP Protocol field in a packe...

Page 104: ...ic egress interface physical port or port channel PCMC service policy Attaches a policy to an interface in a particular direction GC or IC show class map Displays all configuration information for the specified class PE show classofservice dotlp mapping Displays the current Dot1p 802 1p priority mapping to internal traffic classes for a specific interface PE show classofservice ip dscp mapping Dis...

Page 105: ...iented statistics information for all interfaces PE traffic shape Specifies the maximum transmission bandwidth limit for the interface as a whole GC or IC a For the meaning of each Mode abbreviation see Mode Types on page 77 Command Description Modea aaa accounting network default start stop group radius Enables RADIUS accounting on the switch GC acct port Sets the port that connects to the RADIUS...

Page 106: ...s between the switch and the RADIUS daemon GC radius server retransmit Specifies the number of times the software searches the list of RADIUS server hosts GC radius server source ip Specifies the source IP address used for communication with RADIUS servers GC radius server timeout Sets the interval for which a switch waits for a server host to reply GC retransmit Specifies the number of times the ...

Page 107: ...er MC show spanning tree Displays spanning tree configuration PE show spanning tree summary Displays spanning tree settings and parameters for the switch PE spanning tree Enables spanning tree functionality GC spanning tree auto portfast Sets the port to auto portfast mode IC spanning tree bpdu flooding Allows flooding of BPDUs received on nonspanning tree ports to all other non spanning tree port...

Page 108: ...rt priority IC spanning tree mst priority Configures the switch priority for the specified spanning tree instance GC spanning tree portfast Enables PortFast mode IC spanning tree portfast bpdufilter default Discards BPDUs received on spanningtree ports in portfast mode GC spanning tree portfast default Enables Portfast mode on all ports GC spanning tree port priority Configures port priority IC sp...

Page 109: ... between the switch and the TACACS daemon GC tacacs server timeout Sets the interval for which the switch waits for a server host to reply GC timeout Specifies the timeout value in seconds TC Command Description Modea dvlan tunnel ethertype Configures the EtherType for the interface GC interface vlan Enters the interface configuration VLAN mode GC interface range vlan Enters the interface configur...

Page 110: ...how vlan association mac Displays the VLAN associated with a specific configured MAC address PE show vlan association subnet Displays the VLAN associated with a specific configured IP subnet PE switchport access vlan Configures the VLAN ID when the interface is in access mode IC switchport forbidden vlan Forbids adding specific VLANs to a port IC switchport general acceptable frame type tagged onl...

Page 111: ...ame Adds a group name to the protocol based VLAN identified by groupid GC vlan protocol group remove Removes the protocol base VLAN group identified by groupid GC vlan routing Enable routing on a VLAN PE a For the meaning of each Mode abbreviation see Mode Types on page 77 Command Description Modea dot1x dynamic vlan enable Enables the capability of creating VLANs dynamically when a RADIUS assigne...

Page 112: ... switch remains in the quiet state following a failed authentication attempt IC dot1x timeout re authperiod Sets the number of seconds between re authentication attempts IC dot1x timeout server timeout Sets the number of seconds the switch waits for a response from the authentication server before resending the request IC dot1x timeout supp timeout Sets the number of seconds the switch waits for a...

Page 113: ...ful authentication PE dot1x guest vlan Sets the guest VLAN on a port IC dot1x unauth vlan Specifies the unauthenticated VLAN on a port IC dot1x guest vlan Defines a guest VLAN IC show dot1x advanced Displays 802 1X advanced features for the switch or specified interface PE radius server attribute 4 Sets the network access server NAS IP address for the RADIUS server GC a For the meaning of each Mod...

Page 114: ...terface IC show arp Displays the Address Resolution Protocol ARP cache PE show arp brief Displays the brief Address Resolution Protocol ARP table information PE a For the meaning of each Mode abbreviation see Mode Types on page 77 Command Description Modea ip dhcp pool Defines a DHCP address pool that can be used to supply addressing information to DHCP client This command puts the user into DHCP ...

Page 115: ...GC ip dhcp excluded address Excludes one or more DHCP addresses from automatic assignment GC ip dhcp ping packets Configures the number of pings sent to detect if an address is in use prior to assigning an address from the DHCP pool GC lease Sets the period for which a dynamically assigned DHCP address is valid DP netbios name server Configures the IPv4 address of the Windows Internet Naming Servi...

Page 116: ...and Description Modea clear ipv6 dhcp Clears DHCPv6 statistics for all interfaces or for a specific interface PE dns server Sets the IPv6 DNS server address which is provided to a DHCPv6 client by the DHCPv6 server v6DP domain name Sets the DNS domain name which is provided to a DHCPv6 client by the DHCPv6 server v6DP ipv6 dhcp pool Enters IPv6 DHCP Pool Configuration mode GC ipv6 dhcp relay Confi...

Page 117: ...e mode of DVMRP in the router to active GC IC ip dvmrp metric Configures the metric for an interface IC show ip dvmrp Displays the system wide information for DVMRP PE show ip dvmrp interface Displays the interface information for DVMRP on the specified interface PE show ip dvmrp neighbor Displays the neighbor information for DVMRP PE show ip dvmrp nexthop Displays the next hop information on outg...

Page 118: ...ry interval for the specified interface The query interval determines how fast IGMP Host Query packets are transmitted on this interface IC ip igmp query max response time Configures the maximum response time interval for the specified interface IC ip igmp robustness Configures the robustness that allows tuning of the interface IC ip igmp startup query count Sets the number of queries sent out on ...

Page 119: ...the IGMP Proxy on the router IC ip igmp proxy reset status Resets the host interface status parameters of the IGMP Proxy router IC ip igmp proxy unsolicited report interval Sets the unsolicited report interval for the IGMP Proxy router IC show ip igmp proxy Displays a summary of the host interface status parameters PE show ip igmp proxy interface Displays a detailed list of the host interface stat...

Page 120: ...y information option insert Enables the circuit ID option and remote agent ID mode for BootP DHCP Relay on the circuit ID option and remote agent ID mode for BootP DHCP Relay on the interface also called option 82 GC ip helper address global configuration Configures the relay of certain UDP broadcast packets received on any interface GC ip helper address interface configuration Configures the rela...

Page 121: ...e GC ip route distance Sets the default distance preference for static routes GC ip routing Globally enables IPv4 routing on the router GC routing Enables IPv4 and IPv6 routing for an interface IC show ip brief Displays all the summary information of the IP PE show ip interface Displays all pertinent information about the IP interface PE show ip protocols Displays the parameters and current state ...

Page 122: ...ified interface IC ipv6 pimsm join prune interval Administratively configures the interface join prune interval for the PIM SM router IC ipv6 pimsm register threshold Configures the Register Threshold rate for the RP router to switch to the shortest path GC ipv6 pimsm rp address Statically configures the Rendezvous Point RP address of a PIM for one or more multicast groups GC ipv6 pimsm rp candida...

Page 123: ...hbor table or an entry on a specific interface PE clear ipv6 statistics Clears IPv6 statistics for all interfaces or for a specific interface including loopback and tunnel interfaces PE ipv6 address Configures an IPv6 address on an interface including tunnel and loopback interfaces IC ipv6 enable Enables IPv6 routing on an interface including tunnel and loopback interfaces that has not been config...

Page 124: ...ld router Enables MLD in the router in global configuration mode and for a specific interface in interface configuration mode GC or IC ipv6 mtu Sets the maximum transmission unit MTU size in bytes of IPv6 packets on an interface IC ipv6 nd dad attempts Sets the number of duplicate address detection probes transmitted while doing neighbor discovery IC ipv6 nt managed config flag Sets the managed ad...

Page 125: ...g ipv6 interface Determines whether another computer is on the network using Interface keyword PE show ipv6 brief Displays the IPv6 status of forwarding mode and IPv6 unicast routing mode PE show ipv6 interface Shows the usability status of IPv6 interfaces PE show ipv6 mld groups Displays information about multicast groups that MLD reported PE show ipv6 mld interface Displays MLD related informati...

Page 126: ... IPv6 VLAN routing interface addresses PE traceroute ipv6 Discovers the routes that packets actually take when traveling to their destination through the network on a hop by hop basis PE a For the meaning of each Mode abbreviation see Mode Types on page 77 Command Description Modea a For the meaning of each Mode abbreviation see Mode Types on page 77 interface loopback Enters the Interface Loopbac...

Page 127: ...r DR priority value IC ip pim hello interval Administratively configures the PIM Hello messages on the specified interface IC ip pim join prune interval Administratively configures the frequency of join prune messages on the specified interface IC ip pim register rate limit Sets a limit on the maximum number of PIM register messages sent per second for each S G entry GC ip pim rp address Defines t...

Page 128: ...rce Displays the multicast configuration settings of entries in the multicast mroute table PE show ip mcast mroute static Displays all the static routes configured in the static mcast table PE show ip pim bsr router Displays the bootstrap router BSR information PE show ip pim interface Displays PIM interface status parameters If no interface is specified the command displays the status parameters ...

Page 129: ...tv Configures the translator stability interval of the NSSA ROSPF area range Creates a specified area range for a specified NSSA ROSPF area stub Creates a stub area for the specified area ID ROSPF area stub no summary Prevents Summary LSAs from being advertised into the NSSA ROSPF area virtual link Creates the OSPF virtual interface for the specified area id and neighbor router ROSPF area virtual ...

Page 130: ...OSPF default information originate Controls the advertisement of default routes ROSPF default metric Sets a default for the metric of distributed routes ROSPF distance ospf Sets the route preference value of OSPF in the router ROSPF distribute list out Specifies the access list to filter routes received from the source protocol ROSPF enable Resets the default administrative mode of OSPF in the rou...

Page 131: ...nables OSPF graceful restart ROSPF nsf helper Allow OSPF to act as a helpful neighbor for a restarting router ROSPF nsf helper strict lsa checking Set an OSPF helpful neighbor exit helper mode whenever a topology change occurs ROSPF nsf restart interval Configures the length of the grace period on the restarting router ROSPF network area Enables OSPFv2 on an interface and sets its area ID if the I...

Page 132: ...abase for each area and for the router PE show ip ospf interface Displays the information for the IFO object or virtual interface tables PE show ip ospf interface brief Displays brief information for the IFO object or virtual interface tables PE show ip ospf interface stats Displays the statistics for a specific interface PE show ip ospf neighbor Displays information about OSPF neighbors PE show i...

Page 133: ...sed into the NSSA ROSV3 area nssa translator role Configures the translator role of the NSSA ROSV3 area nssa translator stab intv Configures the translator stability interval of the NSSA ROSV3 area range Creates an area range for a specified NSSA ROSV3 area stub Creates a stub area for the specified area ID ROSV3 area stub no summary Disables the import of Summary LSAs for the stub area identified...

Page 134: ...erval Configures the exit overflow interval for OSPF ROSV3 external lsdb limit Configures the external LSDB limit for OSPF ROSV3 ipv6 ospf Enables OSPF on a router interface or loopback interface IC ipv6 ospf area Sets the OSPF area to which the specified router interface belongs IC ipv6 ospf cost Configures the cost on an OSPF interface IC ipv6 ospf dead interval Sets the OSPF dead interval for t...

Page 135: ...nables the global passive mode by default for all interfaces ROSV3 redistribute Configures the OSPFv3 protocol to allow redistribution of routes from the specified source protocol routers ROSV3 router id Sets a 4 digit dotted decimal number uniquely identifying the Router OSPF ID ROSV3 show ipv6 ospf Displays information relevant to the OSPF router PE show ipv6 ospf abr Displays the internal OSPFv...

Page 136: ...ation about the area ranges for the specified area identifier PE show ipv6 ospf stub table Displays the OSPF stub table PE show ipv6 ospf virtual links Displays the OSPF Virtual Interface information for a specific area and neighbor PE show ipv6 ospf virtual link brief Displays the OSPFV3 Virtual Interface information for all areas in the system PE a For the meaning of each Mode abbreviation see M...

Page 137: ... summary Enables the RIP auto summarization mode RIP default information originate Controls the advertisement of default routes RIP default metric Sets a default for the metric of distributed routes RIP distance rip Sets the route preference value of RIP in the router RIP distribute list out Specifies the access list to filter routes received from the source protocol RIP enable Resets the default ...

Page 138: ...interface PE split horizon Sets the RIP split horizon mode RIP a For the meaning of each Mode abbreviation see Mode Types on page 77 Command Description Modea a For the meaning of each Mode abbreviation see Mode Types on page 77 interface tunnel Enables the interface configuration mode for a tunnel GC show interfaces tunnel Displays the parameters related to tunnel such as tunnel mode tunnel sourc...

Page 139: ...s a virtual router IC vrrp preempt Sets the preemption mode value for the virtual router configured on a specified interface IC vrrp priority Sets the priority value for the virtual router configured on a specified interface IC vrrp timers advertise Sets the frequency in seconds that an interface on the specified virtual router sends a virtual router advertisement IC vrrp timers learn Configures t...

Page 140: ... IC show ip vrrp interface Displays the configured value for Accept Mode UE or PE a For the meaning of each Mode abbreviation see Mode Types on page 77 Command Description Modea boot auto copy sw Enables or disables Stack Firmware Synchronization GC boot auto copy sw allow downgrade Enables downgrading the firmware version on the stack member if the firmware version on the manager is older than th...

Page 141: ... http port Configures an additional HTTP port for captive portal to monitor CP https port Configures an additional HTTPS port for captive portal to monitor CP show captive portal Displays the status of captive portal PE show captive portal status Reports the status of all captive portal instances in the system PE block Blocks all traffic for a captive portal configuration CPI configuration Enables...

Page 142: ...nected captive portal users PE show captive portal configuration client status Displays the clients authenticated to all captive portal configurations or a to specific configuration PE show captive portal interface client status Displays information about clients authenticated on all interfaces or a specific interface PE show captive portal interface configuration status Displays the clients authe...

Page 143: ...associated with a specific captive portal configuration PE show captive portal configuration status Displays information about all configured captive portal configurations or a specific captive portal configuration PE user group Creates a user group CP user group moveusers Moves a group s users to a different group CP user group name Configures a group name CP a For the meaning of each Mode abbrev...

Page 144: ... authentication key for SNTP GC sntp broadcast client enable Enables SNTP Broadcast clients GC sntp client poll timer Defines polling time for the SNTP client GC sntp server Configures the SNTP server to use SNTP to request and accept NTP traffic from it GC sntp trusted key Authenticates the identity of a system to which Simple Network Time Protocol SNTP will synchronize GC sntp unicast client ena...

Page 145: ...ation PE copy Copies files from a source to a destination PE delete backup image Deletes a file from a flash memory PE delete backup config Deletes the backup configuration file PE delete startup config Deletes the startup configuration file PE dir Prints the contents of the flash file system PE erase Erases the startup configuration the backup configuration or the backup image PE filedescr Adds a...

Page 146: ...Source IP Address Destination IP Address SIP DIP Denial of Service protection GC dos control tcpflag Enables TCP Flag Denial of Service protections GC dos control tcpfrag Enables TCP Fragment Denial of Service protection GC ip icmp echo reply Enables or disables the generation of ICMP Echo Reply messages GC ip icmp error interval Limits the rate at which IPv4 ICMP error messages are sent GC ip unr...

Page 147: ...e Identifies a specific line for configuration and enters the line configuration command mode GC show line Displays line parameters UE speed Sets the line baud rate LC Command Description Modea a For the meaning of each Mode abbreviation see Mode Types on page 77 deny management Defines a deny rule MA management access class Defines which management access list is used GC management access list De...

Page 148: ...do not reuse their passwords too frequently GC passwords lock out Enables the administrator to strengthen the security of the switch by enabling the user lockout feature When a lockout count is configured a user who is logging in must enter the correct password within that count GC passwords min length Enables the administrator to enforce a minimum length required for a password GC passwords stren...

Page 149: ...enable password encrypted Used by an Administrator to transfer the enable password between devices without having to know the password PE show passwords configuration Displays the configuration parameters for password configuration PE show passwords result Displays the last password set result information PE a For the meaning of each Mode abbreviation see Mode Types on page 77 Command Description ...

Page 150: ...he requested group of statistics UE show rmon events Displays the RMON event table UE show rmon history Displays RMON Ethernet Statistics history UE show rmon log Displays the RMON logging table UE show rmon statistics Displays RMON Ethernet Statistics UE Command Description Modea a For the meaning of each Mode abbreviation see Mode Types on page 77 sdm prefer Changes the template that will be act...

Page 151: ...ransmission PE debug ip pimdm Traces PIMDM packet reception and transmission PE debug ip pimsm Traces PIMSM packet reception and transmission PE debug ip vrrp Enables VRRP debug protocol messages PE debug ipv6 dhcp Displays debug information about DHCPv6 client activities and to trace DHCPv6 packets to and from the local DHCPv6 client PE debug ipv6 mcache Traces MDATAv6 packet reception and transm...

Page 152: ...g configurations PE a For the meaning of each Mode abbreviation see Mode Types on page 77 Command Description Modea sflow destination Configures sFlow collector parameters owner string receiver timeout ip address and port GC sflow polling Enables a new sflow poller instance for the data source if rcvr_idx is valid GC sflow polling Interface Mode Enable a new sflow poller instance for this data sou...

Page 153: ...ays SNMP traps globally or displays specific SNMP traps PE snmp server community Sets up the community access string to permit access to SNMP protocol GC snmp server community group Maps SNMP v1 and v2 security models to the group name GC snmp server contact Sets up a system contact sysContact string GC snmp server enable traps Enables SNMP traps globally or enables specific SNMP traps GC snmp ser...

Page 154: ...tes RSA key pairs for the switch GC crypto key pubkey chain ssh Enters SSH Public Key chain configuration mode GC ip ssh port Specifies the port to be used by the SSH server GC ip ssh pubkey auth Enables public key authentication for incoming SSH sessions GC ip ssh server Enables the switch to be configured from a SSH server connection GC key string Manually specifies a SSH public key SK show cryp...

Page 155: ... displayed from an internal buffer based on severity GC logging console Limits messages logged to the console based on severity GC logging file Limits syslog messages sent to the logging file based on severity GC logging on Controls error messages logging GC logging snmp Enables SNMP Set command logging GC logging web session Enables web session logging GC port Specifies the port number of syslog ...

Page 156: ...es or modifies the switch host name GC initiate failover Forces failover of management unit GC ip address Sets a static OOB port IP address IC out of band ip address none Disables DHCP BOOTP on the OOB port IC out of band ip address dhcp bootp Enables DHCP BOOTP on the OOB port IC out of band login banner Enables login banner on the console telnet or SSH connection LC member Configures the switch ...

Page 157: ...ch PE show nsf Shows non stop forwarding status PE show power usage history Shows the history of unit power consumption for the unit specified in the command and total stack power consumption PE show process cpu Checks the CPU utilization for each process currently running on the switch PE show sessions Displays a list of the open telnet sessions to remote hosts PE show slot Displays information a...

Page 158: ...ports All of the stack port commands in Stack Configuration mode are not supported by the PCM8024 and PCM8024 k switches GC standby Configures the standby in the stack SG switch renumber Changes the identifier for a switch in the stack GC telnet Logs into a host that supports Telnet PE traceroute Discovers the IP routes that packets actually take when travelling to their destinations PE a For the ...

Page 159: ... time range TRC show time range Displays a time range and all the absolute periodic time entries that are defined for the time range PE Command Description Modea a For the meaning of each Mode abbreviation see Mode Types on page 77 enable Enters the privileged EXEC mode UE end Gets the CLI user control back to the privileged execution mode or user execution mode Any exit configuration Exits any co...

Page 160: ...rver Enables the switch to be configured from a browser GC ip http secure certificate Configures the active certificate for HTTPS GC ip http secure port Configures a TCP port for use by a secure web browser to configure the switch GC ip http secure server Enables the switch to be configured monitored or modified securely from a browser GC key generate Specifies the key generate CC location Specifi...

Page 161: ...Command Groups 161 ...

Page 162: ...162 Command Groups ...

Page 163: ...ow interfaces status gigabitethernet 1 0 5 show interfaces and status are keywords gigabitethernet is an argument that specifies the interface type and 1 0 5 specifies the unit slot port When working with the CLI the command options are not displayed The command is not selected by a menu but is entered manually To see what commands are available in each mode or within an Interface Configuration th...

Page 164: ...mmand Command Completion Short Form Commands Keyboard Shortcuts Operating on Multiple Objects Range Command Scripting CLI Command Notation Conventions Interface Naming Conventions History Buffer Every time a command is entered in the CLI it is recorded in an internally managed Command History buffer Commands are stored in the buffer which operates on a First In First Out FIFO basis These commands ...

Page 165: ...ve EXEC and Privileged Executive EXEC modes Command Completion CLI can complete partially entered commands when the user presses the tab or space key If a command entered is not complete is not valid or if some parameters of the command are not valid or missing an error message is displayed to assist in entering the correct command By pressing the tab key an incomplete command is changed into a co...

Page 166: ...usly the CLI accepts the short form of the command as if the user typed the full command Keyboard Shortcuts The CLI has a range of keyboard shortcuts to assist in editing the CLI commands The help command when used in the User EXEC and Privileged EXEC modes displays the keyboard short cuts Table 2 2 contains the CLI shortcuts displayed by the help command ...

Page 167: ...e Ctrl F Go forward one character Ctrl B Go backward one character Ctrl D Delete current character Ctrl U X Delete to beginning of line Ctrl K Delete to the end of the line Ctrl W Delete previous word Ctrl T Transpose previous character Ctrl P Go to previous line history buffer Ctrl R Rewrites or pastes the line Ctrl N Go to next line in history buffer Ctrl Y Print last deleted character Ctrl Q En...

Page 168: ...ot port See Interface Naming Conventions on page 169 To specify a range of LAGs use the following command interface range port channel 1 48 No spaces are allowed anywhere in a range parameter e g gi1 0 1 2 is not accepted nor is gi1 0 2 gi1 0 4 Use gi1 0 1 2 and gi 1 0 2 gi1 0 4 respectively When operating on a range of objects the CLI implementation hides the parameters that may not be configured...

Page 169: ...n CLI commands are as follows Ethernet Interfaces The gigabit Ethernet and ten gigabit Ethernet ports are identified in the CLI by the variable unit slot port where Convention Description In a command line square brackets indicate an optional entry In a command line inclusive brackets indicate a selection of compulsory parameters separated by the character One option must be selected For example f...

Page 170: ...signed to the physical port on the switch and corresponds to the lexan printed next to the port on the front or back panel Ports are numbered from 1 to the maximum number of ports available on the switch typically 24 or 48 Within this document the tag interface id refers to an interface identifier that follows the naming convention above Table 2 4 Interface Identifiers When listed in command line ...

Page 171: ... interfaces are represented in the CLI by the variable loopback id which can assume values from 0 7 VLAN Interfaces VLAN interfaces are represented in the CLI by the variable vlan id which can can assume values from 1 4093 Tunnel Interfaces VLAN interfaces are represented in the CLI by the variable tunnel id which can can assume values from 0 7 Examples Example 1 gigabitethernet 1 0 1 gigabitether...

Page 172: ...g of Ethernet packets Layer 3 Network Layer describes how a series of exchanges over various data links can deliver data between any two nodes in a network This layer defines the addressing and routing structure of the Internet Utility describes commands used to manage the switch Commands that cause specific actions to be taken immediately by the system and do not directly affect the system config...

Page 173: ...d order to access the modes is as follows User EXEC mode Privileged EXEC mode Global Configuration mode and Interface Configuration and other specific configuration modes User EXEC Mode After logging into the switch the user is automatically in the User EXEC command mode unless the user is defined as a privileged user In general the User EXEC commands allow the user to perform basic tests and list...

Page 174: ...onfiguration is used to enter into the Multiple Spanning Tree configuration mode Line Interface Contains commands to configure the management connections These include commands such as line speed and timeout settings The Global Configuration mode command line is used to enter the Line Interface mode VLAN Database Contains commands to create a VLAN as a whole The Global Configuration mode command v...

Page 175: ...net port configuration The Global Configuration mode command interface enters the Interface Configuration mode to configure an Ethernet interface Port Channel Contains commands to configure port channels i e assigning ports to a port channel Most of these commands are the same as the commands in the Ethernet interface mode and are used to manage the member ports as a single entity The Global Confi...

Page 176: ...e Logging Configures the parameters for syslog log server Datacenter Bridging Contains priority flow control commands The datacenter bridging command for an ethernt or port channel interface is used to enter the DataCenterBridging mode Identifying the Switch and Command Mode from the System Prompt The system prompt provides the user with the name of the switch hostname and identifies the command m...

Page 177: ...in the Privileged EXEC mode The symbol indicates that the system is in the User EXEC mode which is a read only mode in which the system does not allow configuration Navigating CLI Command Modes Table 2 5 describes how to navigate through the CLI Command Mode hierarchy ...

Page 178: ... return to the User EXEC mode Global Configuration From Privileged EXEC mode use the configure command console config Use the exit command or press Ctrl Z to return to the PrivilegedEXEC mode Line Interface From Global Configuration mode use the line command console config line To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode Management Access List ...

Page 179: ...e the exit command or press Ctrl Z to Privileged EXEC mode MAC Access List From Global Configuration mode use the mac access list command console config mac access list To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode SSH Public Key Chain From Global Configuration mode use the crypto key pubkey chain ssh command console config pubkey chain To exit t...

Page 180: ...lobal Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode Radius From Global Configuration mode use the radius server host command console config radius To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode SNMP Host Configuration From Global Configuration mode use the snmp server command console config snmp To exit to Global ...

Page 181: ...tion mode use the exit command or press Ctrl Z to Privileged EXEC mode Crypto Certificate Generation From Global Configuration mode use the crypto certificate number generate command console config crypto cert To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode Crypto Certificate Request From Privileged EXEC mode use the crypto certificate number reque...

Page 182: ...se the exit command or press Ctrl Z to Privileged EXEC mode MST From Global Configuration mode use the spanning tree mst configuration command console config mst To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode VLAN Config From Global Configuration mode use the vlan database command console config vlan To exit to Global Configuration mode use the ex...

Page 183: ...it command or press Ctrl Z to Privileged EXEC mode Router OSPFv3 Config From Global Configuration mode use the ipv6 router ospf command console config rtr To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode IPv6 DHCP Pool Mode From Global Configuration mode use the ipv6 dhcp pool command console config dhcp6s pool To exit to Global Configuration mode u...

Page 184: ...eunit slot port To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode Port Channel From Global Configuration mode use the interface port channel command Or use the abbreviation interface po console config if poport channel number To exit to Global Configuration mode use the exit command or Ctrl Z to Privileged EXEC mode VLAN From Global Configuration mod...

Page 185: ...e managed over a direct connection to the switch console port or through a Telnet connection If access is through a Telnet connection the switch must have a defined IP address corresponding management access granted and a connection to the network Tunnel From Global Configuration mode use the interface tunnel command Or use the abbreviation interface tu console config tunneltunnel id To exit to Gl...

Page 186: ...ogin and HTTP access to use the local authentication setting only which allows user account access via these management interfaces The user may return later to configure Radius or TACACS Sets the IP address for VLAN 1 or enables support for DHCP to configure the IP address dynamically Sets up the SNMP community string to be used by the SNMP manager The user may choose to skip this step if SNMP man...

Page 187: ...ooses to restart the wizard any configuration the user saved previously automatically is offered for the user to accept The user may elect to correct only a few items instead of re entering all the data Since a switch may be powered on in the field without a serial connection the switch waits 60 seconds for the user to respond to the setup wizard question in instances where no configuration files ...

Page 188: ...the user want to use setup wizard No Transfer to CLI mode No Did the user previously save a startup configuration Yes Transfer to CLI mode Yes Is SNMP Management Required Yes Yes Save Setup Discard Changes and Restart Wizard Request IP Address Network Mask Default Gateway IP Request SNMP Community String Server IP Address No No ...

Page 189: ...the community string is set up as defined above SNMPv3 is disabled The admin user account is set up as defined The address of the network management station is configured From this management station the user can access the SNMP HTTP and CLI interfaces The user may also choose to allow all IP addresses to access switch management by choosing the 0 0 0 0 IP address An IP address is configured for t...

Page 190: ...h normal operation using the default system configuration Note You can exit the setup wizard at any point by entering ctrl z Would you like to run the setup wizard you must answer this question within 60 seconds Y N y Step 1 The system is not setup for SNMP management by default To manage the switch using SNMP required for Dell Network Manager you can o Set up the initial SNMP version 2 account no...

Page 191: ... Step 2 Now we need to setup your initial privilege Level 15 user account This account is used to login to the CLI and Web interface You may setup other accounts and change privilege levels later For more information on setting up user accounts and changing privilege levels see the user documentation To setup a user account Please enter the user name admin Enter Please enter the user password Ente...

Page 192: ... IP subnet mask A B C D or nn 255 255 255 0 Enter Step 4 Finally set up the gateway Please enter the IP address of the gateway from which this network is reachable 192 168 1 1 Enter This is the configuration information that has been collected SNMP Interface public 192 168 2 1 User Account setup admin Password Management IP address 192 168 2 1 255 255 255 0 Gateway 0 0 0 0 Step 5 If the informatio...

Page 193: ...es may be stored on the system but only one of them is active The other one is a backup image The same is true for configuration images which store the configuration parameters for the switch The system has three configuration images One image is a memory only image and is the current configuration image for the switch The second image is the one that is loaded by the system when it reboots There ...

Page 194: ...en If there is not enough space on the local file system to accommodate the file an error is flagged Refer to the copy command description on page 1341 in the Layer 2 commands section of the guide for command details Referencing External Internal File systems Configuration or software images are copied to or retrieved from remote file systems using TFTP and XMODEM protocols tftp server name path f...

Page 195: ...particular configuration image1 image2 These files refer to software images One of these will be loaded when the system next reboots Either image1 or image2 can be chosen for the next reboot using the command boot system CLI prevents the user from accidentally copying a configuration image onto a software image and vice versa Management Interface Security This section describes the minimum set of ...

Page 196: ...e user is able to delete the user accounts but the user will not be able to delete the last level 15 account The user password is saved internally in encrypted format and never appears in clear text anywhere on the CLI The CLI supports TACACS and Radius authentication servers The CLI allows the user to configure primary and secondary authentication servers If the primary authentication server fail...

Page 197: ...x and Dell Radius VSA user group x TACACS provides the appropriate level of access The following rules and specifications apply The user determines whether remote authentication servers or locally defined user authentication accounts are used If authentication servers are used the user can identify at least two remote servers the user may choose to configure only one server and what protocol to us...

Page 198: ... In this case less important events are not recorded Security Logs Security logs are maintained to record all security events including the following User login User logout Denied login attempts User attempt to exceed security access level Denied attempts by external management system to access the system The security log record contains the following information The user name if available or the ...

Page 199: ...s protocol For each of these management profiles the user defines the list of hosts or subnets from which the management profiles may be used Other CLI Tools and Capabilities The CLI has several other capabilities associated with its primary functions Terminal Paging The terminal width and length for CLI displays is 79 characters and 25 lines respectively The length setting is used to control the ...

Page 200: ...sk check in progress DskVol Volume is OK total of clusters 15 147 of free clusters 5 299 of bad clusters 0 total free space 10 598 Kb max contiguous free space 8 345 600 bytes of files 30 of folders 1 total bytes in files 19 656 Kb of lost chains 0 total bytes in lost chains 0 volume descriptor ptr pVolDesc 0x38ff9d0 XBD device block I O handle 0x10001 auto disk check on mount DOS_CHK_REPAIR DOS_C...

Page 201: ... Id 0x1b19 total number of sectors 60 716 bytes per sector 512 of sectors per cluster 4 of reserved sectors 1 FAT entry size FAT16 of sectors per FAT copy 60 of FAT table copies 2 of hidden sectors 4 first cluster is in sector 136 Update last access date for open read close FALSE directory structure VFAT file name format 8 bit extended ASCII root dir start sector 121 of sectors per root 15 max of ...

Page 202: ... Start operational code 2 Start Boot Menu Select 1 2 Operational Code Date Mon Jan 4 04 26 56 2010 Uncompressing Adding 0 symbols for standalone CPU Motorola E500 Unknown system version Processor 0 Memory Size 0x10000000 BSP version 1 2 0 Created Jan 4 2010 03 59 27 ED R Policy Mode deployed DskVol disk check in progress dosChkLib CLOCK_REALTIME is being reset to TUE JUN 28 14 29 04 2005 ...

Page 203: ...usters 0 total free space 10 598 Kb max contiguous free space 8 345 600 bytes of files 30 of folders 1 total bytes in files 19 656 Kb of lost chains 0 total bytes in lost chains 0 volume descriptor ptr pVolDesc 0x348ef70 XBD device block I O handle 0x10001 auto disk check on mount DOS_CHK_REPAIR DOS_CHK_VERB_2 volume write mode copyback DOS_WRITE max of simultaneously open files 52 file descriptor...

Page 204: ...d sectors 1 FAT entry size FAT16 of sectors per FAT copy 60 of FAT table copies 2 of hidden sectors 4 first cluster is in sector 136 Update last access date for open read close FALSE directory structure VFAT file name format 8 bit extended ASCII root dir start sector 121 of sectors per root 15 max of entries in root 240 FAT handler information allocation group size 2 clusters free space on volume ...

Page 205: ...ANS RX Instantiating download as rawFs device 0x20001 Formatting download for DOSFS Instantiating download as rawFs device 0x20001 Formatting download file system is marked clean skipping check OK 186 JUN 28 14 29 09 0 0 0 0 1 UNKN 268434720 bootos c 222 1 Event 0xaaaaaaaa Instantiating RamCP as rawFs device 0x30001 Formatting RamCP for DOSFS Instantiating RamCP as rawFs device 0x30001 RamCP disk ...

Page 206: ...asy Setup Wizard The Setup Wizard guides you through the initial switch configuration and gets you up and running as quickly as possible You can skip the setup wizard and enter CLI mode to manually configure the switch You must respond to the next question to run the setup wizard within 60 seconds otherwise the system will continue with normal operation using the default system configuration Note ...

Page 207: ...ent Preconfig Plugged in Switch Code Switch Status Model ID Model ID Status Version 1 Mgmt Switch PC6224 PC6224 OK 3 2 0 1 console Boot Utility Menu If a user is connected through the serial interface during the boot sequence pressing the esc key interrupts the boot process and displays a Boot Utility Menu Selecting item 2 displays the menu and may be typed only during the initial boot up sequence...

Page 208: ...Operational Code Offset 0x74 116 Operational Code FLASH flag 1 Operational Code CRC 0x9EBE Operational Compression flag 2 lzma Boot Code Version 1 Boot Code Size 0x100000 1048576 Boot Code Offset 0x79027c 7930492 Boot Code FLASH flag 0 Boot Code CRC 0x2C8B VPD rel 3 ver 2 maint_lvl 0 build_num 1 Timestamp Mon Jan 4 04 26 56 2010 ...

Page 209: ...Code y n y Validating image2 OK Extracting boot code from image CRC valid Erasing Boot Flash Done Wrote 0x10000 bytes Wrote 0x20000 bytes Wrote 0x30000 bytes Wrote 0x40000 bytes Wrote 0x50000 bytes Wrote 0x60000 bytes Wrote 0x70000 bytes Wrote 0x80000 bytes Wrote 0x90000 bytes Wrote 0xa0000 bytes Wrote 0xb0000 bytes Wrote 0xc0000 bytes Wrote 0xd0000 bytes Wrote 0xe0000 bytes Wrote 0xf0000 bytes ...

Page 210: ...e After the system bootup is complete then typing the escape sequence does not have any consequence and does not put the user into the boot utility menu PCM6220 PCM6348 PCM8024 PCM8024 k supports a utility with which users can write FRU EEPROM data The following is the typical bootup sequence on the PCM6220 PCM6348 PCM8024 PCM8024 k switch box with PC7000 image Reloading all switches Boot code SDR...

Page 211: ... This is a secret option and is not displayed in the main menu Users can bring up the secret menu using option 30 The password for the secret menu is pc62xxkinnick Option 14 under the secret menu brings up a submenu for the FRU utility The FRU utility submenu provides options to download and set FRU save to flash update RU with the data saved in flash upload FRU data and dump FRU data Service tag ...

Page 212: ... image 9 Reset the system 10 Restore configuration to factory defaults delete config files 11 Activate Backup Image 12 Password Recovery Procedure Boot Menu 30 Password Boot code utilities menu Options are 1 Read Write memory 2 Display PCI bus 3 Display PCI bus details 4 Display core info and bus speeds 5 Display file system details 6 RAM test 7 File system directory listing 8 CPLD diagnostics 9 S...

Page 213: ... Download data through X Modem and store into FRU 2 Download data through X Modem and store into FLASH 3 Update FRU with data stored in FLASH 4 Upload FRU data through X Modem 5 Dump FRU data 0 Return to previous menu Select option 0 5 CLI command output for the show system id command console show system id Service Tag 89788978 Serial Number Asset Tag none Unit Service tag Serial number Asset tag ...

Page 214: ...alent to the alarm monitoring window in a typical network management system The user enables events or monitor traps from the CLI by entering the command logging console Traps generated by the system are dumped to all CLI sessions that have requested monitoring mode to be enabled The no logging console command disables trap monitoring for the session By default console logging is enabled ...

Page 215: ...Ethernet Configuration Commands IPv6 MLD Snooping Querier Commands QoS Commands Address Table Commands Ethernet CFM Commands IP Source Guard Commands RADIUS Commands Auto VoIP Commands iSCSI Optimization Commands Spanning Tree Commands CDP Interoperability Commands GVRP Commands Link Dependency Commands TACACS Commands DHCP Layer 2 Relay Commands IGMP Snooping Commands LLDP Commands VLAN Commands ...

Page 216: ...216 Layer 2 Commands ...

Page 217: ... The user s ID and password are authenticated using the RADIUS server TACACS The user s ID and password are authenticated using the TACACS server None No authentication is used Enable Uses the enable password for authentication Line Uses the line password for authentication Authentication Preference Lists APLs An Authentication Preference List is an ordered list of authentication methods To authen...

Page 218: ...sis see above Commands in this Chapter This chapter explains the following commands aaa authentication dot1x default Use the aaa authentication dot1x default command in Global Configuration mode to specify an authentication method for 802 1x clients Use the no form of the command to return the authentication method to its default settings Syntax aaa authentication dot1x default radius ias local no...

Page 219: ...e following example configures 802 1x authentication to use no authentication Absent any other configuration this command allows all 802 1x users to pass traffic through the switch console config aaa authentication dot1x default none The following example configures 802 1x authentication to use a RADIUS server A RADIUS server must be configured using the radius server host auth command for the rad...

Page 220: ...entication methods activated when using access higher privilege levels Range 1 15 characters method1 method2 Specify at least one from the following table Default Configuration The default enable list is enableList It is used by console telnet and SSH and only contains the method none Command Mode Global Configuration mode User Guidelines The default and optional list names created with the aaa au...

Page 221: ...specified as an authentication method after radius no authentication is used if the RADIUS server is down NOTE Requests sent by the switch to a RADIUS server include the username enabx where x is the requested privilege level For enable to be authenticated on Radius servers add enabx users to them The login user ID is also sent to TACACS servers for enable authentication Example The following exam...

Page 222: ... character string used to name this list The method argument identifies the list of methods that the authentication algorithm tries in the given sequence The additional methods of authentication are used only if the previous method returns an error not if there is an authentication failure Only the RADIUS or TACACS methods can return an error To ensure that the authentication succeeds even if all ...

Page 223: ...ADIUS server Syntax aaa authorization network default radius no aaa authorization network default radius Default Configuration By default the switch does not accept VLAN assignments by the RADIUS server Command Mode Global Configuration mode User Guidelines The RADIUS server can place a port in a particular VLAN based on the result of the authentication VLAN assignment must be configured on the ex...

Page 224: ...se the no form of this command to remove the user from the internal user database Syntax aaa ias user username user no aaa ias user username user Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines This command has no user guidelines Examples console configure c...

Page 225: ... are no user guidelines for this command Example console clear aaa ias users enable authentication Use the enable authentication command in Line Configuration mode to specify the authentication method list when accessing a higher privilege level from a remote telnet or console To return to the default specified by the enable authentication command use the no form of this command Syntax enable auth...

Page 226: ...ing a higher privilege level console console config line console console config line enable authentication default enable password Use the enable password command in Global Configuration mode to set a local password to control access to the privileged EXEC mode To remove the password requirement use the no form of this command Syntax enable password password encrypted no enable password password P...

Page 227: ... http server users To return to the default use the no form of this command Syntax ip http authentication method1 method2 no ip http authentication method1 method2 Specify at least one from the following table Default Configuration The local user database is checked This action has the same effect as the command ip http authentication local Keyword Source or destination local Uses the local userna...

Page 228: ... http authentication console config ip http authentication radius local ip https authentication Use the ip https authentication command in Global Configuration mode to specify authentication methods for https server users To return to the default configuration use the no form of this command Syntax ip https authentication method1 method2 no ip https authentication Parameter Description method1 met...

Page 229: ...sed if the RADIUS server is down Example The following example configures https authentication console config ip https authentication radius local login authentication Use the login authentication command in Line Configuration mode to specify the login authentication method list for a line console telnet or SSH To return to the default specified by the authentication login command use the no form ...

Page 230: ... aaa IAS User Configuration mode to configure a password for a user The password is composed of up to 64 alphanumeric characters An optional parameter encrypted is provided to indicate that the password given to the command is already pre encrypted To clear the user s password use the no form of this command Syntax password password encrypted no password Parameter Description This command does not...

Page 231: ...b1157 console Config IAS User password 1f3ccb1157 console Config IAS User exit console config password Line Configuration Use the password command in Line Configuration mode to specify a password on a line To remove the password use the no form of this command NOTE For commands that configure password properties see Password Management Commands on page 1389 Syntax password password encrypted no pa...

Page 232: ...ode to allow a currently logged in user to change the password for only that user without having read write privileges This command should be used after the password has aged The user is prompted to enter the old password and the new password NOTE For commands that configure password properties see Password Management Commands Syntax password Parameter Description This command does not require a p...

Page 233: ...w aaa ias users Use the show aaa ias users command in Privileged EXEC mode to display configured IAS users and their attributes Passwords configured are not shown in the show command output Syntax show aaa ias users username Parameter Description This command does not require a parameter description Default Behavior This command has no default configuration Command Mode Privileged EXEC User Guidel...

Page 234: ...user username client 1 password a45c74fdf50a558a2b5cf05573cd633bac2c6c598d54497ad4c46 104918f2c encrypted exit show authentication methods Use the show authentication methods command in Privileged EXEC mode to display information about the authentication methods Syntax show authentication methods Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User...

Page 235: ...ble Authentication Method Lists enableList local Line Login Method List Enable Method List Console defaultList enableList Telnet defaultList enableList SSH defaultList enableList HTTPS local HTTP local DOT1X none show users accounts Use the show users accounts command in Privileged EXEC mode to display the local user status with respect to user account lockout and password aging ...

Page 236: ...e following example displays information about the local user database console show users accounts UserName Privilege Password Password Lockout Aging Expiry date Parameter Description User Name Local user account s user name Privilege User s access level read only or read write Lockout Status Indicates whether the user account is locked out or not Password Expiration Date Current password expirati...

Page 237: ...gin history command in Global Configuration mode to display information about the login history of users Syntax show users login history long name name of user Range 1 20 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example show user login history outputs ...

Page 238: ...count for an already existing user Use the no form of this command to remove the username from the local user database Syntax username name password password privilege level encrypted no username name Parameter Description Parameter Description name The name of the user Range 1 32 printable characters The special characters allowed in the password include _ User names can contain blanks if the nam...

Page 239: ... in the password include _ console config username bob password xxxyyymmm privilege 15 username password encrypted The Administrator uses the username password encrypted command in Global Configuration mode to transfer local user passwords between devices without having to know the passwords The password parameter must be exactly 128 hexadecimal characters The user represented by the username leve...

Page 240: ...yntax username name password password level level encrypted Parameter Description This command does not require a parameter description Default Behavior This command has no default configuration Command Modes Global Configuration mode User Guidelines The following table lists the completion messages Message Type Message Description Successful Completion Message Message Error Completion Message Cou...

Page 241: ...ad write access can re activate a locked user account Reason behind the failure 1 Exceeds Minimum Length of a Password Password should be in the range of 8 64 characters in length Set minimum password length to 0 by using the passwords min length 0 command 2 Password should contain Minimum number uppercase letters number lowercase letters number numeric numbers number specialcharactersand number c...

Page 242: ...me unlock Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines ...

Page 243: ...work ACLs are normally used in firewall routers that are positioned between the internal network and an external network such as the Internet They can also be used on a router positioned between two parts of the network to control the traffic entering or exiting a specific part of the internal network The PowerConnect ACL feature allows classification of packets based upon Layer 2 through Layer 4 ...

Page 244: ...ss list command in Global Configuration mode to create an Access Control List ACL that is identified by the parameter list name The command specifies the queue identifier to which packets matching this rule are assigned The command may also specify the mirror or redirect interface unit slot port to which packets matching this rule are copied or forwarded respectively The time range parameter allow...

Page 245: ...ength deny permit Specifies whether the IP ACL rule permits or denies an action every Allows all protocols eq Equal Refers to the Layer 4 port number being used as match criteria The first reference is source match criteria the second is destination match criteria number Standard protocol number Protocol keywords icmp igmp ip tcp udp srcip Source IP address srcmask Source IP mask dstip Destination...

Page 246: ...rmit IP ACL Use this command in Ipv4 Access List Configuration mode to create a new rule for the current IP access list Each rule is appended to the list of configured rules for the list The command is enhanced to accept the optional time range parameter The time range parameter allows imposing a time limitation on the IP ACL rule as defined by the parameter time range name If a time range with th...

Page 247: ...or redirect interface id deny permit every icmp igmp ip tcp udp number srcip srcmask eq portkey 0 65535 dstip dstmask eq portkey 0 65535 precedence precedence tos tos tosmask dscp dscp log time range time range name assign queue queue id mirror redirect interface id Parameter Description This command does not require a parameter description Default Configuration This command has no default configu...

Page 248: ... time range with a specified name becomes active The ACL rule is removed when the time range with a specified name becomes inactive Syntax deny permit any srcmac srcmacmask any bpdu dstmac dstmacmask ethertypekey 0x0600 0xFFFF vlan eq 0 4095 cos 0 7 log time range time range name assign queue queue id mirror redirect interface id Parameter Description Parameter Description srcmac Valid source MAC ...

Page 249: ...mber Range 0 4095 cos Class of service Range 0 7 log Specifies that this rule is to be logged time range name Use the time range parameter to impose a time limitation on the MAC ACL rule as defined by the parameter time range name assign queue Specifies particular hardware queue for handling traffic that matches the rule queue id 0 6 where n is number of user configurable queues available for that...

Page 250: ...ith the same name specified in this command Use the no ip access group command to disable an IP based ACL on an Ethernet interface or a group of interfaces Syntax ip access group name direction seqnum no ip access group name direction seqnum name Access list name Range Valid IP access list name up to 31 characters in length direction Direction of the ACL Range in or out Default is in seqnum Preced...

Page 251: ...s group command in Global Configuration or Interface Configuration mode to attach a specific MAC Access Control List ACL to an interface in the in bound direction Syntax mac access group name direction sequence no mac access group name name Name of the existing MAC access list Range 1 31 characters direction Only the in bound direction is supported sequence Order of access list relative to other a...

Page 252: ...n the highest sequence number currently in use for this interface and direction This command specified in Interface Configuration mode only affects a single interface Example The following example assigns a MAC access group to port 1 0 1 with the name DELL123 console config interface 1 0 1 console config if 1 0 1 mac access group DELL123 mac access list extended Use the mac access list extended co...

Page 253: ...st extended rename Use the mac access list extended rename command in Global Configuration mode to rename the existing MAC Access Control List ACL Syntax mac access list extended rename name newname name Existing name of the access list Range 1 31 characters newname New name of the access list Range 1 31 characters Default Configuration This command has no default configuration Command Mode Global...

Page 254: ...p blockall no service acl input Parameter Description Default Configuration This command has no default configuration Command Mode Interface Configuration Ethernet Port channel Parameter Description blockcdp To block CDP PDU s from being forwarded blockvtp To block VTP PDU s from being forwarded blockdtp To block DTP PDU s from being forwarded blockudld To block UDLD PDU s from being forwarded blo...

Page 255: ... status of LLPF rules configured on a particular port or on all the ports Syntax show service acl interface interface id all Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console show service acl interface gi1 0 1 Block CDP Enable Block VTP Enable Parameter Descript...

Page 256: ...w ip access lists accesslistnumber Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays IP ACLs configured on a device console show ip access lists Current number of ACLs 2 Maximum number of ACLs 100 Parameter Description accesslis...

Page 257: ...ACL to display Syntax show mac access list name Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays a MAC access list and all associated rules console show mac access list DELL123 The command output provides the following information Paramet...

Page 258: ... access list Rules The number of user configured rules defined for the MAC ACL The implicit deny all rule defined at the end of every MAC ACL is not included Interfaces Displays the list of interfaces unit slot port to which the MAC ACL is attached in a given direction ...

Page 259: ... the table then it is checked to see if it has been defined as a filter If the MAC address is not defined as a filter then the packet is forwarded If the specific destination MAC address is defined as a filter then the ingress port number is compared to the set of source ports listed for the address If the port of ingress is not in the set of source ports then the packet is immediately discarded I...

Page 260: ...dress show mac address table multicast show mac address table static mac address table multicast forbidden forward unregistered show mac address table filtering show mac address table vlan mac address table multicast forward all show mac address table show ports security mac address table multicast forward unregistered show mac address table address show ports security addresses mac address table ...

Page 261: ...ss table aging time Use the mac address table aging time command in Global Configuration mode to set the aging time of the address To restore the default use the no form of the mac address table aging time command Syntax mac address table aging time 0 10 1000000 no mac address table aging time Parameter Description Default Configuration 300 seconds Parameter Description 0 Disable aging time for th...

Page 262: ...ation mode to enable filtering of Multicast addresses To disable filtering of Multicast addresses use the no form of the command Syntax mac address table multicast filtering no mac address table multicast filtering Parameter Description This command has no arguments or keywords Default Configuration Disabled All Multicast addresses are flooded to all ports of the relevant VLAN Command Mode Global ...

Page 263: ... use the no form of this command If routers exist on the VLAN do not change the unregistered multicast addresses state to drop on the routers ports Syntax mac address table multicast forbidden address vlan vlan id mac multicast address ip multicast address add remove interface gigabitethernet port channel tengigabitethernet interface list no mac address table multicast forbidden address vlan vlan ...

Page 264: ...ress table multicast forbidden forward unregistered Use the mac address table multicast forbidden forward unregistered command in Global Configuration mode to forbid forwarding unregistered multicast addresses Use the no form of this command to return to the default Syntax mac address table multicast forbidden forward unregistered vlan vlan id no mac address table multicast forbidden forward unreg...

Page 265: ...ward unregistered vlan 8 mac address table multicast forward all Use the mac address table multicast forward all command in Interface Configuration mode to enable forwarding of all Multicast packets To restore the default use the no form of the mac address table multicast forward all command Syntax mac address table multicast forward all vlan vlan id no mac address table multicast forward all vlan...

Page 266: ...icast forward all vlan 1 mac address table multicast forward unregistered Use the mac address table multicast forward unregistered command in Global Configuration mode to enable the forwarding of unregistered multicast addresses Syntax mac address table multicast forward unregistered vlan vlan id Parameter Description Default Configuration Forward unregistered Command Mode Global Configuration mod...

Page 267: ...able multicast static command in Global Configuration mode to register MAC layer Multicast addresses to the bridge table and to add ports to the group statically To deregister the MAC address use the no form of the mac address table multicast static command Syntax mac address table multicast static vlan vlan id mac multicast address ip multicast address add remove interface gigabitethernet port ch...

Page 268: ...ess and adds ports statically console config interface vlan 8 console config mac address table vlan 8 multicast static 0100 5e02 0203 add interface gigabitethernet 1 0 1 9 1 0 2 mac address table static Use the mac address table static command in Global Configuration mode to add a static MAC layer station source address to the bridge table To delete the MAC address use the no form of the mac addre...

Page 269: ...nes This command has no user guidelines Example The following example adds a permanent static MAC layer station source address 3aa2 64b3 a245 to the MAC address table console config mac address table static 3AA2 64B3 A245 vlan 1 interface gigabitethernet 1 0 8 port security Use the port security command in Interface Configuration mode to disable the learning of new addresses on an interface To ena...

Page 270: ...es can be learned only to the limit set by the port security max command The default limit is 100 dynamic MAC addresses Example In this example frame forwarding is enabled without learning and with traps sent every 100 seconds on port gi1 0 1 console config interface gigabitethernet 1 0 1 console config if 1 0 1 port security trap 100 port security max Use the port security max command in Interfac...

Page 271: ...rface Configuration mode console config if 1 0 3 port security max 80 show mac address table multicast Use the show mac address table multicast command in Privileged EXEC mode to display Multicast MAC address table information Syntax show mac address table multicast vlan vlan id address mac multicast address ip multicast address format ip mac vlan_id A valid VLAN ID value mac multicast address A v...

Page 272: ...272 Address Table Commands Command Mode Privileged EXEC mode User Guidelines A MAC address can be displayed in IP format only if it is in the range 01 00 5e 00 00 00 through 01 00 5e 7f ff ff ...

Page 273: ...n MAC Address Ports 1 0100 5E05 0505 NOTE A multicast MAC address maps to multiple IP addresses as shown above show mac address table filtering Use the show mac address table filtering command in Privileged EXEC mode to display the Multicast filtering configuration Syntax show mac address table filtering vlan id vlan_id A valid VLAN ID value Default Configuration This command has no default config...

Page 274: ...Forward Unregistered show mac address table Use the show mac address table command in User EXEC or Privileged EXEC mode to display all entries in the bridge forwarding database Syntax show mac address table Parameter Description This command has no arguments or keywords Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC mode User Guidelines This ...

Page 275: ...gement Vl1 10 001E C9AA AE1B Management Vl10 90 001E C9AA AE1B Management Vl90 Total MAC Addresses in use 5 show mac address table address Use the show mac address table address command in User EXEC or Privileged EXEC mode to display all entries in the bridge forwarding database for the specified MAC address Syntax show mac address table address mac address interface interface id vlan vlan id Para...

Page 276: ...A Vlan Mac Address Type Port 1 0000 E26D 2C2A Dynamic 1 0 1 show mac address table count Use the show mac address table count command in User EXEC or Privileged EXEC mode to display the number of addresses present in the Forwarding Database Syntax show mac address table count vlan vlan id interface interface id interface id Display information for a specific interface Valid interfaces include phys...

Page 277: ...ase console show mac address table count Capacity 8192 Used 109 Static addresses 2 Secure addresses 1 Dynamic addresses 97 Internal addresses 9 show mac address table dynamic Use the show mac address table command in User EXEC or Privileged EXEC mode to display all dynamic entries in the bridge forwarding database Parameter Description interface id Specify an interface type valid interfaces includ...

Page 278: ...ic entries in the mac address table are displayed console show mac address table dynamic Aging time is 300 Sec Vlan Mac Address Type Port 1 0000 0001 0000 Dynamic gi1 0 1 1 0000 8420 5010 Dynamic gi1 0 1 1 0000 E26D 2C2A Dynamic gi1 0 1 1 0000 E89A 596E Dynamic gi1 0 1 Parameter Description mac address A MAC address with the format xxxx xxxx xxxx interface id Display information for a specific int...

Page 279: ... has no default configuration Command Mode User EXEC Privileged EXEC mode User Guidelines This command has no user guidelines Example In this example all classes of entries in the bridge forwarding database for gigabit Ethernet interface 1 0 1 are displayed console show mac address table interface gigabitethernet 1 0 1 Aging time is 300 Sec Vlan Mac Address Type Port Parameter Description interfac...

Page 280: ... the bridge forwarding database Syntax show mac address table static address mac address interface interface id vlan vlan id Parameter Description Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC mode User Guidelines This command has no user guidelines Parameter Description mac address A MAC address with the format xxxx xxxx xxxx interface id S...

Page 281: ... show mac address table vlan command in User EXEC or Privileged EXEC mode to display all entries in the bridge forwarding database for the specified VLAN Syntax show mac address table vlan vlan id Parameter Description Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC mode User Guidelines This command has no user guidelines Parameter Description...

Page 282: ...1 0000 E26D 2C2A Dynamic gi1 0 1 1 0000 E89A 596E Dynamic gi1 0 1 1 0001 02F1 0B33 Dynamic gi1 0 1 Total Mac Addresses for this criterion 5 show ports security Use the show ports security command in Privileged EXEC mode to display the port lock status Syntax show ports security gigabitethernet unit slot port port channel port channel number tengigabitethernet unit slot port Default Configuration T...

Page 283: ...scribes the fields in this example show ports security addresses Use the show ports security addresses command in Privileged EXEC mode to display current dynamic addresses in locked ports Field Description Port The port number Status The status can be one of the following Locked or Unlocked Actions Action on violations Maximum The maximum addresses that can be associated on this port in Static Lea...

Page 284: ...rt Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Examples The following example displays dynamic addresses for port channel number 1 0 1 console show ports security addresses gigabitethernet 1 0 1 Dynamic addresses 83 Maximum addresses 100 Learned addresses ...

Page 285: ...ets in order to provide better QoS The Auto VoIP feature explicitly matches VoIP streams in Ethernet switches and provides them with a better class of service than ordinary traffic The Auto VoIP module provides the capability to assign the highest priority for the following VoIP packets Session Initiation Protocol SIP H 323 Skinny Client Control Protocol SCCP Commands in this Chapter This chapter ...

Page 286: ...xamples The following example shows command output when a port is specified console show switchport voice Interface Auto VoIP Mode Traffic Class Gi1 0 1 Disabled 6 Gi1 0 2 Disabled 6 Gi1 0 3 Disabled 6 Gi1 0 4 Disabled 6 Gi1 0 5 Disabled 6 Gi1 0 6 Disabled 6 Gi1 0 7 Disabled 6 Gi1 0 8 Disabled 6 Gi1 0 9 Disabled 6 Gi1 0 10 Disabled 6 Gi1 0 11 Disabled 6 Gi1 0 12 Disabled 6 Gi1 0 13 Disabled 6 ...

Page 287: ...bled 6 Gi1 0 20 Disabled 6 Gi1 0 21 Disabled 6 Gi1 0 22 Disabled 6 Gi1 0 23 Disabled 6 Gi1 0 24 Disabled 6 Po1 Disabled 6 Po2 Disabled 6 Po3 Disabled 6 Po4 Disabled 6 Po5 Disabled 6 Po6 Disabled 6 Po7 Disabled 6 Po8 Disabled 6 Po9 Disabled 6 Po10 Disabled 6 Po11 Disabled 6 Po12 Disabled 6 Po13 Disabled 6 Po14 Disabled 6 Po15 Disabled 6 ...

Page 288: ...ic Class to which all VoIP traffic is mapped This is not configurable and defaults to the highest COS queue available in the system for data traffic switchport voice detect auto The switchport voice detect auto command is used to enable the VoIP Profile on all the interfaces of the switch global configuration mode or for a specific interface interface configuration mode Use the no form of the comm...

Page 289: ...uration mode Interface gigabitethernet port channel tengigabitethernet Configuration mode User Guidelines This command has no user guidelines Example console config interface gigabitethernet 1 0 1 console config if Gi1 0 1 switchport voice detect auto ...

Page 290: ...290 Auto VoIP Commands ...

Page 291: ... by devices that support the Cisco Discovery Protocol CDP ISDP is based on CDP which is a precursor to LLDP Commands in this Chapter This chapter explains the following commands clear isdp counters The clear isdp counters command clears the ISDP counters Syntax clear isdp counters Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode clear isdp ...

Page 292: ...le Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console clear isdp table isdp advertise v2 The isdp advertise v2 command enables the sending of ISDP version 2 packets from the device Use the no form of this command to disable sending ISDP version 2 packets Syntax isdp...

Page 293: ...mmand enables ISDP on the switch User the no form of this command to disable ISDP Use this command in global configuration mode to enable the ISDP function on the switch Use this command in interface mode to enable sending ISDP packets on a specific interface Syntax isdp enable no isdp enable Default Configuration ISDP is enabled Command Mode Global Configuration mode Interface Ethernet configurat...

Page 294: ...store information sent in the ISDP packet before discarding it The range is given in seconds Use the no form of this command to reset the holdtime to the default Syntax isdp holdtime time no isdp holdtime Parameter Description Default Configuration The default holdtime is 180 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The fo...

Page 295: ...me no isdp timer Parameter Description Default Configuration The default timer is 30 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example sets the isdp timer value to 40 seconds console config isdp timer 40 show isdp The show isdp command displays global ISDP settings Syntax show isdp Parameter Description time T...

Page 296: ...ments Enabled Neighbors table last time changed 0 days 00 06 01 Device ID QTFMPW82400020 Device ID format capability Serial Number Device ID format Serial Number show isdp entry The show isdp entry command displays ISDP entries If a device id specified then only the entry about that device is displayed Syntax show isdp entry all deviceid Parameter Description Parameter Description all Show ISDP se...

Page 297: ...ice ID Switch Address es IP Address 172 20 1 18 IP Address 172 20 1 18 Capability Router IGMP Platform cisco WS C4948 Interface 1 0 1 Port ID GigabitEthernet1 1 Holdtime 64 Advertisement Version 2 Entry last changed time 0 days 00 13 50 Version Cisco IOS Software Catalyst 4000 L3 Switch Software cat4000 I9K91S M Version 12 2 25 EWA9 RELEASE SOFTWARE fc3 Technical Support http www cisco com techsup...

Page 298: ...terface all gigabitethernet unit slot port tengigabitethernet unit slot port Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show isdp interface all Interface Mode 1 0 1 Enabled 1 0 2 Enabled 1 0 3 Enabled 1 0 4 Enabled 1 0 5 Enabled 1 0 6 Enabled 1 0 7 Enabled ...

Page 299: ... Enabled 1 0 15 Enabled 1 0 16 Enabled 1 0 17 Enabled 1 0 18 Enabled 1 0 19 Enabled 1 0 20 Enabled 1 0 21 Enabled 1 0 22 Enabled 1 0 23 Enabled 1 0 24 Enabled console show isdp interface gigabitethernet 1 0 1 Interface Mode 1 0 1 Enabled show isdp neighbors The show isdp neighbors command displays the list of neighboring devices ...

Page 300: ...e User Guidelines There are no user guidelines for this command Example console show isdp neighbors Capability Codes R Router T Trans Bridge B Source Route S Switch H Host I IGMP r Repeater Device ID Intf Hold Cap Platform Port ID Switch 1 0 1 165 RI cisco WS C4948 GigabitEthernet1 1 console show isdp neighbors detail Device ID Switch Address es IP Address 172 20 1 18 IP Address 172 20 1 18 Capabi...

Page 301: ...RE fc3 Technical Support http www cisco com techsupport Copyright c 1986 2007 by Cisco Systems Inc Compiled Wed 21 Mar 07 12 20 by tinhuang show isdp traffic The show isdp traffic command displays ISDP statistics Syntax show isdp traffic Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this c...

Page 302: ...127 ISDPv1 Packets Received 0 ISDPv1 Packets Transmitted 0 ISDPv2 Packets Received 4253 ISDPv2 Packets Transmitted 4351 ISDP Bad Header 0 ISDP Checksum Error 0 ISDP Transmission Failure 0 ISDP Invalid Format 0 ISDP Table Full 392 ISDP Ip Address Table Full 737 ...

Page 303: ...statistics command to clear all or interface Priority Flow Control statistics Syntax clear priority flow control statistics ethernet interface port channel port channel number interface A valid Ethernet port port channel number A valid port channel index Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example 1 console clear priority flow control statistics et...

Page 304: ...e Priority Flow Control is configurable from within the DataCenterBridging mode Syntax datacenter bridging Default Configuration This command has no default configuration Command Mode Interface Configuration Ethernet Port channel mode User Guidelines This command has no user guidelines Example console config console config interface range ethernet all console config if datacenter bridging console ...

Page 305: ...nes When you disable priority flow control the interface will default to the 802 3x flow control setting for the interface When enabling PFC the interface will not pause until there is at least one no drop priority Example The following example enables PFC console config if dcb priority flow control mode on priority flow control priority Use the priority flow control priority command in Datacenter...

Page 306: ...et all console config if datacenter bridging console config if dcb priority flow control mode on console config if dcb priority flow control priority 5 no drop show interfaces datacenter bridging Use the show interfaces datacenter bridging command in Privileged EXEC mode to display the datacenter bridging configuration status and counters for a given interface Syntax show interfaces datacenter bri...

Page 307: ...interfaces datacenter bridging ethernet 1 xg1 Port Drop No Drop PFC PFC Priorities Priorities State State 1 xg1 1 4 7 5 6 Enabled Active Priority Received PFC frames 0 0 1 0 2 0 3 0 4 0 5 0 6 0 7 0 Received PFC Frames 0 Transmit PFC Frames 0 Example 2 console show interfaces datacenter bridging port channel 1 ...

Page 308: ... 6 2 7 Enabled Active Priority Received PFC frames 0 0 1 0 2 0 3 0 4 0 5 0 6 0 7 0 Received PFC Frames 0 Transmit PFC Frames 0 Example 3 console show interfaces datacenter bridging Port Drop No Drop PFC PFC Priorities Priorities State State 1 g1 1 4 7 5 6 Enabled Active 1 g2 1 4 6 7 5 Disabled Inactive ...

Page 309: ...Data Center Bridging Commands 309 1 g48 1 4 7 5 6 Enabled Active ch1 1 4 7 5 6 Enabled Active ch2 1 4 7 5 6 Enabled Active ch48 1 4 7 5 6 Enabled Active ...

Page 310: ...310 Data Center Bridging Commands ...

Page 311: ...router which switches IP packets transparently a DHCP relay agent processes DHCP messages and generates new DHCP messages as a result The PowerConnect DHCP Relay supports DHCP relay Option 82 circuit id and remote id for a VLAN Commands in this Chapter This chapter explains the following commands dhcp l2relay Global Configuration Use the dhcp l2relay command to enable layer 2 DHCP relay functional...

Page 312: ...rface Configuration Use the dhcp l2relay command to enable DHCP L2 Relay for an interface Use the no form of this command to disable DHCP L2 Relay for an interface Syntax dhcp l2relay no dhcp l2relay Default Configuration DHCP L2Relay is disabled on all interfaces by default Command Mode Interface Configuration Ethernet Port channel User Guidelines There are no user guidelines for this command Exa...

Page 313: ...n range Parameter Description Default Configuration Setting the DHCP Option 82 Circuit ID is disabled by default Command Mode Global Configuration User Guidelines There are no user guidelines for this command Example console config dhcp l2relay circuit id vlan 340 350 dhcp l2relay remote id Use the dhcp l2relay remote id command to enable setting the DHCP Option 82 Remote ID for a VLAN When enable...

Page 314: ... User Guidelines There are no user guidelines for this command Example console config dhcp l2relay remote id dslforum vlan 10 20 30 dhcp l2relay trust Use the dhcp l2relay trust command to configure an interface to mandate Option 82 on receiving DHCP packets Syntax dhcp l2relay trust no dhcp l2relay trust Default Configuration DHCP Option 82 is discarded by default Parameter Description remoteId T...

Page 315: ...t of VLANs All DHCP packets which arrive on interfaces in the configured VLAN are subject to L2 Relay processing Use the no form of this command to disable L2 DHCP Relay for a set of VLANs Syntax dhcp l2relay vlan vlan range no dhcp l2relay vlan vlan range Parameter Description Default Configuration DHCP L2 Relay is disabled on all VLANs by default Command Mode Global Configuration mode User Guide...

Page 316: ...316 DHCP Layer 2 Relay Commands Example console config dhcp l2relay vlan 10 340 345 ...

Page 317: ...CPv6 and configure IPv6 addresses on the same interface Only a single in band interface can be configured as a DHCPv6 client DHCP is disabled by default on all in band interfaces The DHCP client retains an IP address even if the IP interface goes down The client does not attempt to renew its IP address until the lease expires regardless of changes in link state The operator may renew or release an...

Page 318: ...will still be DHCP even after issuing this command To lease an IP address again issue either the renew dhcp interface id command below or ip address dhcp Interface Config command on page 464 in interface mode If the IPv4 address on the interface was not assigned by DHCP then the command fails and displays the following error message Interface does not have a DHCP originated address The release dhc...

Page 319: ...REQUEST message telling the DHCP server that it wants to continue using the IP address If DHCP is enabled on the interface but the interface does not currently have an IPv4 address for example if the address was previously released then the DHCP client sends a DISCOVER to acquire a new address If DHCP is not enabled on the interface then the command fails and displays the following error message D...

Page 320: ...o and from the local DHCPv4 client To disable debugging use the no form of this command Syntax debug dhcp packet transmit receive no debug dhcp packet transmit receive Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines DHCP client already has packet tracing This com...

Page 321: ...tion Command Mode Privileged EXEC User Guidelines This command lists all IPv4 addresses currently leased from a DHCP server on a routing interface This command only applies to routing interfaces To see the IPv4 address leased on the out of band interface use the command show ip interface out of band on page 1557 This command output provides the following information Parameter Description interface...

Page 322: ...ion id 0x11EB Lease 86400 secs Renewal 43200 secs Rebind 75600 secs Retry count 0 console show dhcp lease interface vl10 IP address 10 1 20 1 on interface VLAN10 DHCP Lease server The IPv4 address of the DHCP server that leased the address State State of the DHCPv4 Client on this interface DHCP transaction id The transaction ID of the DHCPv4 Client Lease The time in seconds that the IP address was...

Page 323: ...DHCP Management Interface Commands 323 Subnet mask 255 255 255 0 DHCP Lease server 10 1 20 3 state 5 Bound DHCP transaction id 0x7AD Lease 86400 secs Renewal 43200 secs Rebind 75600 secs Retry count 0 ...

Page 324: ...324 DHCP Management Interface Commands ...

Page 325: ...d or DHCP Server coexist with DHCP Snooping the DHCP client message is sent to the DHCP Relay or and DHCP Server for further processing The DHCP Snooping application uses DHCP messages to build and maintain the binding s database The binding s database only includes data for clients on untrusted ports DHCP Snooping creates a tentative binding from DHCP DISCOVER and REQUEST messages Tentative bindi...

Page 326: ...e no user guidelines for this command clear ip dhcp snooping binding ip dhcp snooping trust clear ip dhcp snooping statistics ip dhcp snooping verify mac address ip dhcp snooping show ip dhcp snooping ip dhcp snooping binding show ip dhcp snooping binding ip dhcp snooping database show ip dhcp snooping database ip dhcp snooping database write delay show ip dhcp snooping interfaces ip dhcp snooping...

Page 327: ...s command Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command Example console clear ip dhcp snooping statistics ip dhcp snooping Use the ip dhcp snooping command to enable DHCP snooping globally or on a specific VLAN Use the no form of this command to disable DHCP snooping Syntax ip dhcp snooping no ip dhcp snooping Default Configuration DHCP Snooping is disa...

Page 328: ...remove a static binding Syntax ip dhcp snooping binding mac address vlan vlan id ip address interface gigabitethernet unit slot port tengigabitethernet unit slot port no ip dhcp snooping binding mac address Parameter Description Default Configuration There are no static DHCP snooping bindings by default Parameter Description mac address The client s MAC address vlan id The number of the VLAN the c...

Page 329: ...nt storage location of the DHCP snooping database This can be local to the switch or on a remote machine Syntax ip dhcp snooping database local tftp hostIP filename Parameter Description Default Configuration The database is stored locally by default Configuration Mode Global Configuration mode Parameter Description hostIP The IP address of the remote host filename The name of the file for the dat...

Page 330: ... 11 1 db txt ip dhcp snooping database write delay Use the ip dhcp snooping database write delay command to configure the interval in seconds at which the DHCP Snooping database will be stored in persistent storage Use the no form of this command to reset the write delay to the default Syntax ip dhcp snooping database write delay seconds no ip dhcp snooping database write delay Parameter Descripti...

Page 331: ...ping limit none rate rate burst interval seconds no ip dhcp snooping limit pps The maximum number of packets per second allowed Range 0 300 pps seconds The time allowed for a burst Range 1 15 seconds Default Configuration DHCP snooping rate limiting is disabled Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines There are no user guidelines for...

Page 332: ... of filtered messages is disabled by default Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines There are no user guidelines for this command Example console config if 1 0 1 ip dhcp snooping log invalid console config if 1 0 1 no ip dhcp snooping log invalid ip dhcp snooping trust Use the ip dhcp snooping trust command to configure a port as t...

Page 333: ...ip dhcp snooping verify mac address Use the ip dhcp snooping verify mac address command to enable the verification of the source MAC address with the client MAC address in the received DHCP message Use the no form of this command to disable verification of the source MAC address Syntax ip dhcp snooping verify mac address no ip dhcp snooping verify mac address Default Configuration Source MAC addre...

Page 334: ...scription This command has no arguments or keywords Default Configuration There is no default configuration for this command Command Mode User EXEC Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show ip dhcp snooping DHCP snooping is Disabled DHCP snooping source MAC verification is enabled DHCP snooping is enabled on the following VLANs 11 30 40...

Page 335: ...rface interface id vlan vlan id static dynamic Use these keywords to filter by static or dynamic bindings interface id The interface for which to show bindings vlan id The number of the VLAN for which to show bindings Default Configuration There is no default configuration for this command Command Mode User EXEC Privileged EXEC mode User Guidelines There are no user guidelines for this command Exa...

Page 336: ...to display the DHCP snooping configuration related to the database persistence Syntax show ip dhcp snooping database Syntax Description This command has no arguments or keywords Default Configuration There is no default configuration for this command Command Mode User EXEC Privileged EXEC User Guidelines There are no user guidelines for this command Example console show ip dhcp snooping database a...

Page 337: ...face Default Configuration There is no default configuration for this command Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command Example console show ip dhcp snooping interfaces Interface Trust State Rate Limit Burst Interval pps seconds 1 0 1 No 15 1 1 0 2 No 15 1 1 0 3 No 15 1 console show ip dhcp snooping interfaces gigabitethernet 1 0 15 Interface Trust ...

Page 338: ...is command Command Mode User EXEC Privileged EXEC User Guidelines The following fields are displayed by this command Example console show ip dhcp snooping statistics Fields Description MAC Verify Failures The number of DHCP messages that were filtered on an untrusted interface because of source MAC address and client MAC address mismatch Client Ifc Mismatch The number of DHCP release and Deny mess...

Page 339: ...er Failures Mismatch Msgs Rec d 1 0 2 0 0 0 1 0 3 0 0 0 1 0 4 0 0 0 1 0 5 0 0 0 1 0 6 0 0 0 1 0 7 0 0 0 1 0 8 0 0 0 1 0 9 0 0 0 1 0 10 0 0 0 1 0 11 0 0 0 1 0 12 0 0 0 1 0 13 0 0 0 1 0 14 0 0 0 1 0 15 0 0 0 1 0 16 0 0 0 1 0 17 0 0 0 1 0 18 0 0 0 1 0 19 0 0 0 1 0 20 0 0 0 ...

Page 340: ...340 DHCP Snooping Commands ...

Page 341: ... IP address do not match an entry in the DHCP Snooping bindings database Commands in this Chapter This chapter explains the following commands arp access list Use the arp access list command to create an ARP ACL It will place the user in ARP ACL Configuration mode Use the no form of this command to delete an ARP ACL Syntax arp access list acl name no arp access list acl name acl name A valid ARP A...

Page 342: ...pection statistics Use the clear ip arp inspection statistics command in Privileged EXEC mode to reset the statistics for Dynamic Address Resolution Protocol ARP inspection on all VLANs Syntax clear ip arp inspection statistics Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Privileged EXEC mod...

Page 343: ...e the ARP ACL Syntax ip arp inspection filter acl name vlan vlan range static no ip arp inspection filter acl name vlan vlan range static acl name The name of a valid ARP ACL Range 1 31 characters vlan range A valid VLAN range Default Configuration No ARP ACL is configured Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ip...

Page 344: ...te limit is 15 packets per second The default burst interval is 1 second Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines There are no user guidelines for this command Example console config if 1 0 1 ip arp inspection limit none console config if 1 0 1 ip arp inspection limit rate 100 burst interval 2 ip arp inspection trust The ip arp inspe...

Page 345: ...IP address validation on the received ARP packets Each command overrides the configuration of the previous command For example if a command enables source MAC address and destination MAC address validations and a second command enables IP address validation only the source MAC address and destination MAC address validations are disabled as a result of the second command Use the no form of this com...

Page 346: ... ip console config ip arp inspection validate ip ip arp inspection vlan Use the ip arp inspection vlan command to enable Dynamic ARP Inspection on a single VLAN or a range of VLANs Use the no form of this command to disable Dynamic ARP Inspection on a single VLAN or a range of VLANs Syntax ip arp inspection vlan vlan range logging no ip arp inspection vlan vlan range logging vlan range A valid ran...

Page 347: ...validation Use the no form of this command to delete an ARP ACL rule Syntax permit ip host sender ip mac host sender mac no permit ip host sender ip mac host sender mac sender ip Valid IP address used by a host sender mac Valid MAC address in combination with the above sender ip used by a host Default Configuration There are no ARP ACL rules created by default Command Mode ARP Access list Configur...

Page 348: ...iguration There is no default configuration for this command Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command Example console show arp access list ARP access list H2 permit ip host 1 1 1 1 mac host 00 01 02 03 04 05 permit ip host 1 1 1 2 mac host 00 03 04 05 06 07 ARP access list H3 ARP access list H4 permit ip host 2 1 1 2 mac host 00 03 04 05 06 08 show...

Page 349: ...ues for that interface statistics vlan vlan range Display the statistics of the ARP packets processed by Dynamic ARP Inspection Given vlan range argument it displays the statistics on all DAI enabled VLANs in that range In the case of no argument it lists the summary of the forwarded and dropped ARP packets vlan vlan range Display the Dynamic ARP Inspection configuration on all the VLANs in the gi...

Page 350: ...on interfaces Interface Trust State Rate Limit Burst Interval DHCP Drops The number of packets dropped due to DHCP Snooping binding database match failure ACL Drops The number of packets dropped due to ARP ACL rule match failure DHCP Permits The number of packets permitted due to DHCP snooping binding database match ACL Permits The number of packets permitted due to ARP ACL rule match Bad Src MAC ...

Page 351: ...tistics vlan 10 20 VLAN DHCP ACL DHCP ACL Bad Src Bad Dest Invalid Drops Drops Permits Permits MAC MAC IP 10 11 1 65 25 1 1 0 20 1 0 8 2 0 1 1 show ip arp inspection vlan Use the show ip arp inspection vlan command to display the Dynamic ARP Inspection configuration on all the VLANs in the given VLAN range It also displays the global configuration values for source MAC validation destination MAC v...

Page 352: ...A valid VLAN range Parameter Description Source Mac Validation If Source Mac validation of ARP frame is enabled Destination Mac Validation If Destination Mac validation of ARP Response frame is enabled IP Address Validation If IP address validation of ARP frame is enabled Field Description VLAN The VLAN ID for each displayed row Configuration Whether DAI is enabled on the VLAN Log Invalid Whether ...

Page 353: ...ands 353 Source Mac Validation Disabled Destination Mac Validation Disabled IP Address Validation Disabled Vlan Configuration Log Invalid ACL Name Static flag 10 Enabled Enabled H2 Enabled 11 Disabled Enabled 12 Enabled Disabled ...

Page 354: ...354 Dynamic ARP Inspection Commands ...

Page 355: ... sent immediately to SMTP server with each log message in a separate mail Log messages in the non urgent group are batched into a single email message and after a configurable delay Only the minimum part MUA functionality of RFC 4409 required by the switch or router to send the messages to the SMTP server is supported Some SMTP servers insist on authentication before the messages may be received b...

Page 356: ...ng email severity no logging email logging email show logging email statistics logging email urgent clear logging email statistics logging traps security logging email message type to addr mail server ip address hostname logging email from addr port Mail Server Configuration Mode logging email message type subject username Mail Server Configuration Mode logging email logtime password Mail Server C...

Page 357: ... time expires the time specified in the logging email logtime command and then emailed in a single email message If you set the non urgent severity level to the same value as the urgent severity level then no log messages are emailed non urgently See the logging email urgent command to specify the urgent severity level The command no logging email disables all email alerting Parameter Description ...

Page 358: ...Default Configuration The default severity level is alert Parameter Description severity Log messages at or above this severity level are emailed immediately The severity level may either be specified by keyword or as an integer from 0 to 7 The accepted keywords and the numeric severity level each represents are as follows emergency 0 alert 1 critical 2 error 3 warning 4 notice 5 info 6 debug 7 no...

Page 359: ...ail command logging traps Use the logging traps command in Global Configuration mode to set the lowest severity level at which SNMP traps are logged To revert the urgent severity level to its default value use the no form of this command Syntax logging traps severity no logging traps Parameter Description Parameter Description severity The severity level at which SNMP traps are logged The severity...

Page 360: ...gging email message type to addr Use the logging email message type to addr command in Global Configuration mode to configure the To address field of the email The message types supported now are urgent non urgent and both For each supported severity level multiple email addresses can be configured For example for urgent type of messages there could be multiple addresses configured Syntax logging ...

Page 361: ...logging email from addr from email addr no logging email from addr Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines There are no user guidelines for this command logging email message type subject Use the logging email message type subject command in Global C...

Page 362: ...ration User Guidelines The user must enter the message type parameter manually as tab and space bar completion do not work for this parameter logging email logtime Use the logging email logtime command in Global Configuration mode to configure the value of how frequently the queued messages are sent Syntax logging email logtime time duration no logging email logtime Parameter Description Default C...

Page 363: ...an e mail is being sent to an SMTP server Syntax logging email test message type message type message body message body Parameter Description Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines This command has no user guidelines Parameter Description message type Urgent non urgent or both message body The message to log Enclose the mes...

Page 364: ... since the email changed to disabled mode Syntax show logging email statistics Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines This command has no user guidelines clear logging email statistics Use the clear logging email statistics command in Privileged EXEC mod...

Page 365: ...ecurity protocol This enables and disables the switch to use TLS authentication with the SMTP Server If the administrator sets the TLS mode and if the SMTP sever does not support TLS mode then no email goes to the SMTP server Syntax security tls none Parameter Description This command does not require a parameter description Default Configuration The default value is disabled Command Mode Mail Ser...

Page 366: ...d SMTP server address Syntax mail server ip address ip address hostname hostname no mail server ip address hostname Parameter Description Default Configuration The default configuration for a mail server is shown in the table below Command Mode Global Configuration User Guidelines This command has no user guidelines Parameter Description ip address An IPv4 or IPv6 address hostname The DNS name of ...

Page 367: ...t require a parameter description Default Configuration The default value is 25 Command Mode Mail Server Configuration User Guidelines Port 25 is the standard SMTP port for cleartext messages Port 465 is the standard port for messages sent using TLSv1 Messages are always sent in plain text mode username Mail Server Configuration Mode Use the username command in Mail Server Configuration mode to co...

Page 368: ...guration Mode Use the password command in Mail Server Configuration mode to configure the password required to authenticate to the email server Use the no form of the command to revert the password to the default value Syntax password password no password Parameter Description This command does not require a parameter description Default Configuration The default value for password is admin Comman...

Page 369: ...rameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines This command has no user guidelines Example console show mail server all Mail Servers configuration No of mail servers configured 2 Mail Serqy ver1 configuration SMTP server IP Address 10 131 1 11 SMTP server Port 465...

Page 370: ...r IP Address 10 131 1 31 SMTP server Port 465 SMTP server security protocol tls SMTP server authentication details Username admin console show mail server ip address 10 131 1 11 SMTP server IP Address 10 131 1 11 SMTP server Port 465 SMTP server security protocol tls SMTP server authentication details Username admin ...

Page 371: ...ure extends the standard ethernet MTU Max Frame Size from 1518 1522 with VLAN header bytes to 9216 bytes However any device connecting to the same broadcast domain should support the same or larger MTU Flow control is a mechanism or protocol used to temporarily suspend transmission of data to a device to avoid overloading the device receive path PowerConnect switching implements the flow control m...

Page 372: ...lex over half duplex Commands in this Chapter This chapter explains the following commands clear counters Use the clear counters command in Privileged EXEC mode to clear statistics on an interface Syntax clear counters gigabitethernet unit slot port port channel port channel number switchport tengigabitethernet unit slot port Default Configuration This command has no default configuration clear co...

Page 373: ...add a description to an interface To remove the description use the no form of this command Syntax description string no description string Comment or a description of the port attached to this interface Range 1 to 64 characters Default Configuration By default the interface does not have a description Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User G...

Page 374: ...f this command Syntax duplex auto half full no duplex Parameter Description Default Configuration Auto is enabled by default Command Mode Interface Configuration Ethernet mode User Guidelines When duplex is configured to auto auto negotiation is enabled for the port This configuration cannot be done on SFP module ports as they operate only in full duplex mode Parameter Description auto Auto negoti...

Page 375: ... Syntax flowcontrol no flowcontrol Default Configuration Flow Control is enabled by default Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example In the following example flow control is enabled console config flowcontrol interface Use this command to configure parameters for the gigabit Ethernet and ten gigabit Ethernet ports and for port channels Whil...

Page 376: ...ration Command Mode Global Configuration Interface Configuration User Guidelines It is possible to enter interface configuration mode from global configuration mode or from interface configuration mode Example The following example enables gigabit port 2 on stack member 1 for configuration console config interface gigabitethernet 1 0 2 console config if interface range Use the interface range comm...

Page 377: ...to 3 0 24 are ranged to receive the same command console config interface range gigabitethernet 5 0 18 20 3 0 1 24 console config if range The following example shows how all gigabitethernet ports can be configured at once console config interface range gigabitethernet all console config if range The following examples demonstrate various valid interface ranges console config interface range gigab...

Page 378: ...e to enable jumbo frames on an interface by adjusting the maximum size of a packet To return to the default setting use the no form of this command Syntax mtu bytes no mtu bytes Number of bytes Range 1518 9216 Default Configuration The default number of bytes is 1518 1522 bytes of VLAN tagged frames Command Mode Interface Configuration Ethernet mode User Guidelines The value set allows an addition...

Page 379: ...d has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following examples display information about auto negotiation advertisement console show interfaces advertise Port Type Neg Operational Link Advertisement 1 0 2 1G Copper Enable 1000f 100f 100h 10f 10h 1 0 2 1G Copper Enable 1000f console show interfaces advertise gigabi...

Page 380: ...r tengigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no use guidelines Example The following example displays the configuration for all configured interfaces console show interfaces configuration Port Type Duplex Speed Neg Admin State 1 0 1 Gigabit Level Full 100 Auto Up 1 0 2 Gigabit Level ...

Page 381: ...nknown Auto Up 1 0 16 Gigabit Level N A Unknown Auto Up 1 0 17 Gigabit Level N A Unknown Auto Up 1 0 18 Gigabit Level N A Unknown Auto Up 1 0 19 Gigabit Level N A Unknown Auto Up More or q uit The displayed port configuration information includes the following Field Description Port The port number Port Type The port designated IEEE shorthand identifier For example 1000Base T refers to 1000 Mbps b...

Page 382: ...a given ethernet or port channel interface Syntax show interfaces counters gigabitethernet unit slot port port channel port channel number tengigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode User EXEC mode and Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays traffic seen by the...

Page 383: ...tUcastPkts 1 23739 882 The following example displays counters for Ethernet port 1 0 1 console show interfaces counters gigabitethernet 1 0 1 Port InOctets InUcastPkts 1 0 1 183892 1289 Port OutOctets OutUcastPkts 1 0 1 9188 9 Alignment Errors 17 FCS Errors 8 Single Collision Frames 0 Multiple Collision Frames 0 ...

Page 384: ...t packets OutMcastPkts Counted transmitted Multicast packets OutBcastPkts Counted transmitted Broadcast packets Alignment Errors A count of frames received that are not an integral number of octets in length and do not pass the FCS check FCS Errors Counted frames received that are an integral number of octets in length but do not pass the FCS check Single Collision Frames Counted frames that are i...

Page 385: ...s the description for all interfaces Late Collisions Counted times that a collision is detected later than one slot time into the transmission of a packet Excessive Collisions Counted frames for which transmission fails due to excessive collisions Oversize Packets Counted frames received that exceed the maximum permitted frame size Internal MAC Rx Errors A count of frames for which reception fails...

Page 386: ...ot port port channel port channel number tengigabitethernet unit slot port The displayed port status information includes the following Field Description Port The port or port channel number Oob means Out of Band Management Interface Type The port designated IEEE shorthand identifier For example 1000Base T refers to 1000 Mbps baseband signaling including both Tx and Rx transmissions Duplex Display...

Page 387: ...Unknown Auto Down Inactive Gi1 0 7 Gigabit Level N A Unknown Auto Down Inactive Gi1 0 8 Gigabit Level N A Unknown Auto Down Inactive Gi1 0 9 Gigabit Level N A Unknown Auto Down Inactive Gi1 0 10 Gigabit Level N A Unknown Auto Down Inactive Gi1 0 11 Gigabit Level N A Unknown Auto Down Inactive Gi1 0 12 Gigabit Level N A Unknown Auto Down Inactive Gi1 0 13 Gigabit Level N A Unknown Auto Down Inactiv...

Page 388: ...gate Down Po6 Link Aggregate Down Po7 Link Aggregate Down More or q uit Po8 Link Aggregate Down Po9 Link Aggregate Down Po10 Link Aggregate Down Po11 Link Aggregate Down Po12 Link Aggregate Down Po13 Link Aggregate Down Po14 Link Aggregate Down Po15 Link Aggregate Down Po16 Link Aggregate Down Po17 Link Aggregate Down Po18 Link Aggregate Down Po19 Link Aggregate Down Po20 Link Aggregate Down Po21 ...

Page 389: ...ggregate Down Po43 Link Aggregate Down Po44 Link Aggregate Down Po45 Link Aggregate Down Po46 Link Aggregate Down Po47 Link Aggregate Down Po48 Link Aggregate Down Flow Control Enabled The displayed port status information includes the following Field Description Port The port or port channel number Type The port designated IEEE shorthand identifier For example 1000Base T refers to 1000 Mbps baseb...

Page 390: ...no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Examples The following example shows statistics for port 1 0 1 console show statistics gigabitethernet 1 0 1 Total Packets Received Octets 779533115 Packets Received 64 Octets 48950 Packets Received 65 127 Octets 482426 Packets Received 128 255 Octets 101084 Packets Received 256 511 Octet...

Page 391: ...s RX and TX 1519 1522 Octets 0 Packets RX and TX 1523 2047 Octets 0 Packets RX and TX 2048 4095 Octets 0 Packets RX and TX 4096 9216 Octets 0 Total Packets Received Without Errors 1280498 Unicast Packets Received 1155457 Multicast Packets Received 48339 More or q uit Broadcast Packets Received 76702 Total Packets Received with MAC Errors 0 Jabbers Received 0 Fragments Undersize Received 0 Alignmen...

Page 392: ...5 Packets Transmitted 512 1023 Octets 158 Packets Transmitted 1024 1518 Octets 302 Max Frame Size 1518 Total Packets Transmitted Successfully 47182 Unicast Packets Transmitted 2746 Multicast Packets Transmitted 44432 Broadcast Packets Transmitted 4 Total Transmit Errors 0 FCS Errors 0 Tx Oversized 0 Underrun Errors 0 Total Transmit Packets Discarded 0 Single Collision Frames 0 Multiple Collision F...

Page 393: ...tal Packets Received Octets 16877295 Unicast Packets Received 1608 Multicast Packets Received 48339 Broadcast Packets Received 69535 Receive Packets Discarded 0 Octets Transmitted 6451988 Packets Transmitted Without Errors 91652 Unicast Packets Transmitted 2746 Multicast Packets Transmitted 88892 Broadcast Packets Transmitted 14 Transmit Packets Discarded 0 More or q uit Most Address Entries Ever ...

Page 394: ... Error 0 Unicast Packets Received 0 Multicast Packets Received 0 Broadcast Packets Received 0 Receive Packets Discarded 0 Octets Transmitted 0 Packets Transmitted Without Errors 0 Unicast Packets Transmitted 0 Multicast Packets Transmitted 0 Broadcast Packets Transmitted 0 Transmit Packets Discarded 0 Most Address Entries Ever Used 3 Address Entries Currently in Use 3 Maximum VLAN Entries 1024 Mos...

Page 395: ...uration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines It is possible to enter interface configuration mode from global configuration mode or from interface configuration mode Example The following example shows statistics for the entire switch console show statistics switchport Total Packets Received Octets 0 Packets Received Without Error 0 Parameter ...

Page 396: ...tted Without Errors 0 Unicast Packets Transmitted 0 Multicast Packets Transmitted 0 Broadcast Packets Transmitted 0 Transmit Packets Discarded 0 Most Address Entries Ever Used 3 Address Entries Currently in Use 3 Maximum VLAN Entries 1024 Most VLAN Entries Ever Used 2 Static VLAN Entries 2 Dynamic VLAN Entries 0 VLAN Deletes 0 Time Since Counters Last Cleared 0 day 18 hr 1 min 59 sec ...

Page 397: ...ode Privileged EXEC mode User Guidelines This command has no user guidelines Examples The following example shows storm control configurations for all valid Ethernet ports The second example shows flow control mode status console show storm control all Bcast Bcast Mcast Mcast Ucast Ucast Intf Mode Level Mode Level Mode Level 1 0 1 Disable 5 Disable 5 Disable 5 1 0 2 Disable 5 Disable 5 Disable 5 1...

Page 398: ...and has no user guidelines Examples The following example disables gigabit Ethernet port 1 0 5 console config interface gigabitethernet 1 0 5 console config if 1 0 5 shutdown The following example re enables gigabit ethernet port 1 0 5 console config interface gigabitethernet 1 0 5 console config if 1 0 5 no shutdown speed Use the speed command in Interface Configuration mode to configure the spee...

Page 399: ...tiation mode only Example The following example configures the speed operation of Ethernet port 1 0 5 to force 100 Mbps operation console config interface gigabitethernet 1 0 5 console config if speed 100 Parameter Description 10 Configures the port to 10 Mbps operation 100 Configures the port to 100 Mbps operation 1000 Configures the port to 1000 Mbps operation 10000 Configures the port to 10 Gbp...

Page 400: ... configured rate as a percentage of link speed rate The configured rate in kilobits per second kbps Range 0 100 Default Configuration The default value is 5 Command Mode Interface Configuration Ethernet mode User Guidelines This command has no user guidelines Example console config if 1 0 1 storm control broadcast level 5 storm control multicast Use the storm control multicast command in Interface...

Page 401: ... has no user guidelines Example console config if 1 0 1 storm control multicast level 5 storm control unicast Use the storm control unicast command in Interface Configuration mode to enable unknown unicast storm control for an interface If the mode is enabled unicast storm recovery is active and if the rate of unknown L2 unicast destination lookup failure traffic ingressing on an interface increas...

Page 402: ...rt protected command in Interface Configuration mode to configure a protected port The groupid parameter identifies the set of protected ports to which this interface is assigned You can only configure an interface as protected in one group You are required to remove an interface from one group before adding it to another group Port protection occurs within a single switch Protected port configura...

Page 403: ...ected group 1 console config interface gigabitethernet 1 0 1 console config if 1 0 1 switchport protected 1 switchport protected name Use the switchport protected name command in Global Configuration mode to adds the port to the protected group 1 and also sets the group name to protected Syntax switchport protected groupid name name no switchport protected groupid name groupid Identifies which gro...

Page 404: ...ort protected command in Privileged EXEC mode to display the status of all the interfaces including protected and unprotected interfaces Syntax show switchport protected groupid groupid Identifies which group the port is to be protected in Range 0 2 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines ...

Page 405: ...Ethernet Configuration Commands 405 Name test ...

Page 406: ...406 Ethernet Configuration Commands ...

Page 407: ...ith the fault diagnosis at service layer across networks comprising multiple LANs including LANs other than 802 3 media PowerConnect CFM supports the following functionality Path discovery linktrace message Fault detection continuity check message Fault verification and isolation loopback and linktrace messages Fault notification alarm indication signal or SNMP trap Commands in this Chapter This c...

Page 408: ...can be configured Use the no form of the command to delete a maintenance domain Syntax ethernet cfm domain domain name level 0 7 Parameter Description Default Configuration No CFM domains are pre configured Command Mode Global Configuration mode ethernet cfm mep archive hold time show ethernet cfm statistics ethernet cfm mip level debug cfm Parameter Description Range Default Access Maintenance do...

Page 409: ...onsole config cfm mdomain service Use the service command in maintenance domain config mode to associate a VLAN with a maintenance domain Use the no form of the command to remove the association Syntax service service name vlan vlanid Parameter Description Default Configuration No VLANs are associated with a maintenance domain by default Parameter Description Range Default Access service Unique se...

Page 410: ...Ms at the specified interval and level on a VLAN monitored by an existing domain Use the no form of the command to cease send CCMs Syntax ethernet cfm cc level 0 7 vlan vlan list interval secs Parameter Description Parameter Description Range Default Access Maintenance association VLAN ID VLAN ID representing a serviceinstance that is monitored by this maintenance association 1 4093 0 Read write C...

Page 411: ...EP on an interface at the specified level and direction MEPs are configured per Maintenance Association per Maintenance Domain Use the no form of the command to delete a MEP Syntax ethernet cfm mep level 0 7 direction up down mpid 1 8191 vlan 1 4093 Parameter Description Default Configuration No MEPs are preconfigured Parameter Description level Maintenance association level direction Up indicates...

Page 412: ...thernet cfm mep enable Use the ethernet cfm mep enable command in Interface Configuration mode to enable a MEP at the specified level and direction Use the no form of the command to disable the MEP Syntax ethernet cfm mep enable level 0 7 vlan 1 4093 mpid 1 8191 Parameter Description Default Configuration No MEPs are preconfigured Command Mode Interface Configuration Parameter Description level Ma...

Page 413: ...fm mep active command in Interface Configuration mode to activate a MEP at the specified level and direction Use the no form of the command to deactivate the MEP Syntax ethernet cfm mep active level 0 7 vlan 1 4093 mpid 1 8191 Parameter Description Default Configuration No MEPs are preconfigured Command Mode Interface Configuration User Guidelines This command has no user guidelines Parameter Desc...

Page 414: ...hold time should generally be less than the CCM message interval Example The following example sets the hold time for maintaining internal information regarding a missing MEP console config ethernet cfm mep archive hold time 1200 ethernet cfm mip level Use the ethernet cfm mip level command in Interface Configuration mode to create a Maintenance Intermediate Point MIP at the specified level The ME...

Page 415: ...onfig if gi1 0 1 ethernet cfm mip level 7 ping ethernet cfm Use the ping ethernet cfm command in Privileged EXEC mode to generate a loopback message LBM from the configured MEP Syntax ping ethernet cfm mac mac addr remote mpid 1 8191 domain domain name level 0 7 vlan vlan id mpid 1 8191 count 1 255 Parameter Description Parameter Description level Maintenance association level Parameter Descriptio...

Page 416: ...te a link trace message LTM from the configured MEP mac addr The destination MAC address for which the connectivity needs to be verified Either MEP ID or the MAC address option can be used remote mpid The MEP ID for which connectivity is to be verified i e the destination MEP ID domain Name of the maintenance domain an alphanumeric string of up to 43 characters in length vlan id A VLAN associated ...

Page 417: ...ep 400 ttl 64 Parameter Description level Maintenance association level mac addr The destination MAC address for which the route needs to be traced Either MEP ID or the MAC address option can be used remote mpid The MEP ID for which connectivity needs to be verified i e the destination MEP ID domain Name of the maintenance domain an alphanumeric string of up to 43 characters in length vlan id A VL...

Page 418: ...nd Mode Privileged EXEC User Guidelines This command has no user guidelines Example console show ethernet cfm errors Level SVID MPID DefRDICcm DefMACStatus DefRemoteCCM DefErrorCCM DefXconCCM show ethernet cfm domain Use the show ethernet cfm domain command in Privileged EXEC mode to display the configured parameters in a maintenance domain Parameter Description domain Name of the maintenance doma...

Page 419: ...lines Example console show Ethernet cfm domain domain1 Domain Name domain1 Level 1 Total Services 1 VLAN ServiceName CC Interval secs 10 serv1 1 show ethernet cfm maintenance points local Use the show ethernet cfm maintenance points local command in Privileged EXEC mode to display the configured local maintenance points Parameter Description domain Name of the maintenance domain an alphanumeric st...

Page 420: ...evel 1 MPID Level Type VLAN Port Dire CC MEP Operational MAC ction Transmit Active Status 1 1 MEP 10 1 0 1 UP Enabled True 00 02 bc 02 02 02 Level Type Port MAC show ethernet cfm maintenance points remote Use the show ethernet cfm maintenance points remote command in Privileged EXEC mode to display the configured remote maintenance points Parameter Description domain Name of the maintenance domain...

Page 421: ...guidelines Example console show ethernet cfm maintenance points remove level 1 MEP Id RMEP Id Level MAC VLAN Expiry Timer sec Service Id 1 2 1 00 11 22 33 44 55 10 25 serv1 Parameter Description domain Name of the maintenance domain an alphanumeric string of up to 43 characters in length level Maintenance association level mac address The destination MAC address for which the information is desire...

Page 422: ...lt configuration Command Mode Privileged EXEC User Guidelines This command has no user guidelines Example show Ethernet cfm statistics domain domain name level 0 7 Console show ethernet cfm statistics Statistics for Domain domain1 Level 1 Vlan 11 MEP Id 1 Out of sequence CCM s received 0 CCM s transmitted 259 In order Loopback Replies received 5 Parameter Description domain name Name of the mainte...

Page 423: ...DU Loopback Replies received 0 Loopback Replies transmitted 0 Unexpected LTR s received 0 Statistics for Domain domain1 Level 1 Vlan 11 MEP Id 3 Out of sequence CCM s received 0 CCM s transmitted 1 In order Loopback Replies received 0 Out of order Loopback Replies received 0 Bad MSDU Loopback Replies received 0 Loopback Replies transmitted 5 Unexpected LTR s received 0 debug cfm Use the debug cfm ...

Page 424: ...ics Statistics for Domain domain1 Level 1 Vlan 11 MEP Id 1 Out of sequence CCM s received 0 CCM s transmitted 259 In order Loopback Replies received 5 Out of order Loopback Replies received 0 Bad MSDU Loopback Replies received 0 Loopback Replies transmitted 5 Parameter Description event CFM events pdu CFM PDUs ccm Continuity check messages ltm Link trace messages lbm Loopback messages tx Transmit ...

Page 425: ...der Loopback Replies received 5 Bad MSDU Loopback Replies received 0 Loopback Replies transmitted 0 Unexpected LTR s received 0 Statistics for Domain domain1 Level 1 Vlan 11 MEP Id 3 Out of sequence CCM s received 0 CCM s transmitted 1 In order Loopback Replies received 0 Out of order Loopback Replies received 0 Bad MSDU Loopback Replies received 0 Loopback Replies transmitted 5 Unexpected LTR s r...

Page 426: ...426 Ethernet CFM Commands ...

Page 427: ...ocol and enable GVRP then process the GPDUs The VLAN registration is made in the context of the port that receives the GPDU The networking device propagates this VLAN membership on all of its other ports in the active topology Thus the end station VLAN ID is propagated throughout the network GVRP is an application defined in the IEEE 802 1p standard that allows for the control of 802 1Q VLANs Comm...

Page 428: ...e garp timer command in Interface Configuration mode to adjust the GARP application join leave and leaveall GARP timer values To reset the timer to default values use the no form of this command Syntax garp timer join leave leaveall timer_value no garp timer join Indicates the time in centiseconds that PDUs are transmitted leave Indicates the time in centiseconds that the device waits before leavi...

Page 429: ...han the leave time Set the same GARP timer values on all Layer 2 connected devices If the GARP timers are set differently on Layer 2 connected devices the GARP application will not operate successfully The timer_value setting must be a multiple of 10 Example The following example sets the leave timer for port 1 0 8 to 90 centiseconds console config interface gigabitethernet 1 0 8 console config if...

Page 430: ...terface Use the gvrp enable command in Interface Configuration mode to enable GVRP on an interface To disable GVRP on an interface use the no form of this command Syntax gvrp enable no gvrp enable Default Configuration GVRP is disabled on all interfaces by default Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines An Access port cannot join dy...

Page 431: ...de to deregister all VLANs on a port and prevent any dynamic registration on the port To allow dynamic registering for VLANs on a port use the no form of this command Syntax gvrp registration forbid no gvrp registration forbid Default Configuration Dynamic registering and deregistering for each VLAN on the port is not forbidden Command Mode Interface Configuration gigabitethernet port channel teng...

Page 432: ...VLAN creation is enabled Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines This command has no user guidelines Example The following example disables dynamic VLAN creation on port 1 0 8 console config interface gigabitethernet 1 0 8 console config if 1 0 8 gvrp vlan creation forbid show gvrp configuration Use the show gvrp configuration comma...

Page 433: ... information console show gvrp configuration Global GVRP Mode Disabled Join Leave LeaveAll Port VLAN Interface Timer Timer Timer GVRP Mode Create Register centisecs centisecs centisecs Forbid Forbid 1 0 1 20 60 1000 Disabled 1 0 2 20 60 1000 Disabled 1 0 3 20 60 1000 Disabled 1 0 4 20 60 1000 Disabled 1 0 5 20 60 1000 Disabled 1 0 6 20 60 1000 Disabled 1 0 7 20 60 1000 Disabled 1 0 8 20 60 1000 Di...

Page 434: ...ation This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays GVRP error statistics information console show gvrp error statistics GVRP error statistics Legend INVPROT Invalid Protocol Id INVATYP Invalid Attribute Type INVALEN Invalid Attribute Length INVAVAL Invalid Attribute Value INVEVENT In...

Page 435: ...ult configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example This example shows output of the show gvrp statistics command console show gvrp statistics GVRP statistics Legend rJE Join Empty Received rJIn Join In Received rEmp Empty Received rLIn Leave In Received rLE Leave Empty Received rLA Leave All Received sJE Join Empty Sent JIn Join In Sent sEmp E...

Page 436: ...0 0 0 0 0 0 0 0 0 0 1 0 2 0 0 0 0 0 0 0 0 0 0 0 0 1 0 3 0 0 0 0 0 0 0 0 0 0 0 0 1 0 4 0 0 0 0 0 0 0 0 0 0 0 0 1 0 5 0 0 0 0 0 0 0 0 0 0 0 0 1 0 6 0 0 0 0 0 0 0 0 0 0 0 0 1 0 7 0 0 0 0 0 0 0 0 0 0 0 0 1 0 8 0 0 0 0 0 0 0 0 0 0 0 0 ...

Page 437: ...Layer 2 multicast protocols such as IGMP Snooping The IGMP Snooping code in the CPU ages out IGMP entries in the MFDB If a report for a particular group on a particular interface is not received within a certain time interval query interval the IGMP Snooping code deletes that interface from the group The value for query interval time is configurable using management If an IGMP Leave Group message ...

Page 438: ...ng command in Global Configuration mode to globally enable Internet Group Management Protocol IGMP snooping Use the no form of this command to disable IGMP snooping globally Syntax ip igmp snooping no ip igmp snooping Default Configuration IGMP snooping is disabled Command Mode Global Configuration mode ip igmp snooping global show ip igmp snooping interface ip igmp snooping interface show ip igmp...

Page 439: ...iguration mode to enable Internet Group Management Protocol IGMP snooping on a specific interface To disable IGMP snooping on an Ethernet interface use the no form of this command Syntax ip igmp snooping no ip igmp snooping Default Configuration IGMP snooping is disabled Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines IGMP snooping can be e...

Page 440: ... time out time out Host timeout in seconds Range 2 3600 Default Configuration The default host time out is 260 seconds Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines The timeout should be more than sum of response time and twice the query interval Example The following example configures the host timeout to 300 seconds console config if 1 ...

Page 441: ...econds Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines The leave timeout should be set greater than the maximum time that a host is allowed to respond to an IGMP Query Use immediate leave only where there is only one host connected to a port Example The following example configures the host leave time out to 15 seconds console config if 1 0...

Page 442: ...ngigabitethernet mode User Guidelines This command has no user guidelines Example The following example configures the mrouter timeout to 200 seconds console config if 1 0 1 ip igmp snooping mrouter time out 200 show ip igmp snooping Use the show ip igmp snooping command in Privileged EXEC mode to display the IGMP snooping configuration Syntax show ip igmp snooping vlan vlan id Parameter Descripti...

Page 443: ...ing Syntax show ip igmp snooping groups vlan vlan id address ip multicast address vlan_id Specifies a VLAN ID value ip multicast address Specifies an IP Multicast address Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines To see the full Multicast address table including static addresses use the show bridge address table command Example The ...

Page 444: ...vileged EXEC mode to display the IGMP snooping configuration Syntax show ip igmp snooping interface interface gigabitethernet unit slot port port channel port channel number tengigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The example displays IGMP snooping...

Page 445: ...ces Syntax show ip igmp snooping mrouter Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC modes User Guidelines This command has no user guidelines Example The following example shows IGMP snooping mrouter information console show ip igmp snooping mrouter Port 1 0 1 ip igmp snooping VLAN Use the ip igmp snooping command in VLAN Configuration mo...

Page 446: ...itch to immediately remove the layer 2 LAN interface from its forwarding table entry upon receiving an IGMP leave message for that multicast group without first sending out MAC based general queries to the interface The no form of this command disables IGMP Snooping fast leave mode on a VLAN You should enable fast leave admin mode only on VLANs where only one host is connected to each layer 2 LAN ...

Page 447: ...the IGMP Group Membership Interval time on a VLAN The Group Membership Interval time is the amount of time in seconds that a switch waits for a report from a particular group on a particular interface before deleting the interface from the entry This value must be greater than the IGMPv3 Maximum Response time value The range is 2 to 3600 seconds The no form of this command sets the IGMPv3 Group Me...

Page 448: ...cular VLAN The Maximum Response time is the amount of time in seconds that a switch will wait after sending a query on an interface because it did not receive a report for a particular group in that interface This value must be less than the IGMP Query Interval time value The range is 1 to 3174 seconds The no form of this command sets the maximum response time on the VLAN to the default value Synt...

Page 449: ... time in seconds that a switch waits for a query to be received on an interface before the interface is removed from the list of interfaces with multicast routers attached The range is 1 2147483647 seconds A value of 0 indicates an infinite time out no expiration The no form of this command sets the Multicast Router Present Expiration time to 0 The time is set for a particular VLAN Syntax ip igmp ...

Page 450: ...r Guidelines The mcrexpiretime should be less than the group membership interval Example The following example sets the multicast router present expiration time on VLAN 2 to 60 seconds console config vlan ip igmp mcrtexpiretime 2 60 ...

Page 451: ... MLD Snooping Querier is enabled the Querier sends out periodic IGMP MLD General Queries that trigger the Multicast listeners member to send their joins so as to receive the Multicast data traffic IGMP MLD Snooping listens to these reports to establish the appropriate L2 forwarding table entries The PowerConnect supports version IGMP V1 and 2 for snooping IGMP queries Commands in this Chapter This...

Page 452: ...ss vlan id A valid VLAN number ip address An IPv4 address used for the source address Default Configuration The IGMP snooping querier feature is globally disabled on the switch When enabled the IGMP snooping querier disables itself if it detects IGMP traffic from a multicast enabled router Command Mode Global Configuration mode User Guidelines When using the command in Global Configuration mode to...

Page 453: ...nding periodic queries If the Snooping Querier wins the election then it continues sending periodic queries The no form of this command sets the snooping querier not to participate in the querier election but to go into a non querier mode as soon in as it discovers the presence of another querier in the same VLAN Syntax ip igmp snooping querier election participate vlan id no ip igmp snooping quer...

Page 454: ...terval time to its default value Syntax ip igmp snooping querier query interval interval count no ip igmp snooping querier query interval interval count Amount of time in seconds that the switch waits before sending another general query Range 1 1800 Default Configuration The query interval default is 60 seconds Command Mode Global Configuration mode User Guidelines The value of this parameter sho...

Page 455: ... The time in seconds that the switch remains in Non Querier mode after it has discovered that there is a multicast querier in the network The range is 60 300 seconds Default Configuration The query interval default is 60 seconds Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example sets the querier timer expiry time to 100 seconds ...

Page 456: ...config ip igmp snooping querier version 1 show ip igmp snooping querier This command displays IGMP Snooping Querier information Configured information is displayed whether or not IGMP Snooping Querier is enabled If a querier is active in the network and IGMP snooping querier is enabled the querier s IP address is shown in the Last Querier Address field Syntax show ip igmp snooping querier detail v...

Page 457: ...rier is active on the VLAN VLAN Operational State Indicates whether IGMP Snooping Querier is in the Querier or Non Querier state When the switch is in Querier state it sends out periodic general queries When in Non Querier state it waits for moving to Querier state and does not send out any queries VLAN Operational Max Response Time Indicates the time to wait before removing a Leave from a host up...

Page 458: ...ows querier information for VLAN 2 console show ip igmp snooping querier vlan 2 Vlan 2 IGMP Snooping querier status IGMP Snooping Querier Vlan Mode Enable Querier Election Participate Mode Disable Querier Vlan Address 0 0 0 0 Operational State Non Querier Last Querier Address 2 2 2 2 Operational version 3 Operational Max Resp Time 11 Elected Querier Indicates the IP address of the Querier that has...

Page 459: ...switch through the network switching routing interfaces Out of band management is always through the dedicated service port In band management interfaces can employ a variety of protection mechanisms including VLAN assignment and Management ACLs The out of band port does not support such protection mechanisms and therefore it is recommended that the service port only be connected to a physically s...

Page 460: ...uration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example deletes all entries from the host name to address cache console clear host clear ip address conflict detect Use the clear ip address conflict detect command in Privileged EXEC mode to clear the address conflict detection status in the...

Page 461: ... console configure console config clear ip address conflict detect interface out of band Use the interface out of band command to bring up the OOB port configuration menu Syntax Description interface out of band Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines No specific guidelines Example console config interface out of band ...

Page 462: ...ngth dhcp no ip address Parameter Description Default Configuration The out of band interface service port obtains an IP address via DHCP by default Command Mode Interface Out of Band Configuration mode Parameter Description ip address Specifies a valid IP address mask Specifies a valid subnet network mask IP address prefix length The number of bits that comprise the IP address prefix The prefix l...

Page 463: ... prefix length of 24 bits console config interface out of band console config if ip address 131 108 1 27 255 255 255 0 console config if ip address 131 108 1 27 24 ip address conflict detect run Use the ip address conflict detect run command in Global Configuration mode to trigger the switch to run active address conflict detection by sending gratuitous ARP packets for IPv4 addresses on the switch...

Page 464: ...er Description This command does not require a parameter description Default Configuration DHCPv4 is disabled by default on routing interfaces Command Mode Interface VLAN Configuration mode User Guidelines This command only applies to routing interfaces When DHCP is enabled on a routing interface the system automatically deletes all manually configured IPv4 addresses on the interface The command n...

Page 465: ...efault route in the routing table with the default gateway s address as the next hop address This default route has a preference of 254 The IPv4 address of a DNS server The DNS client stores each DNS server address in its server list A domain name The DNS client stores each domain name in its domain name list Examples To enable DHCPv4 on vlan 2 console config console config interface vlan 2 consol...

Page 466: ...s preferred than a static route configured via the ip route command which has a route preference of 1 Use the show ip route command to display the active default gateway Only one default gateway can be configured If you invoke this command multiple times each command replaces the previous value Example The following example sets the default gateway to 10 1 1 1 console config console config ip defa...

Page 467: ... mode to define a default domain name used to complete unqualified host names To delete the default domain name use the no form of this command Syntax ip domain name name no ip domain name name Default domain name used to complete an unqualified host name Do not include the initial period that separates the unqualified host name from the domain name Range 1 255 characters Default Configuration Thi...

Page 468: ... host cache To delete the name to address mapping use the no form of this command Syntax ip host name address no ip host name name Host name address IP address of the host Default Configuration No host is defined Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example defines a static host name to address mapping in the host cache co...

Page 469: ...aracters Default Configuration No name server IP addresses are specified Command Mode Global Configuration mode User Guidelines Server preference is determined by entry order Up to eight servers can be defined in one command or by using multiple commands Use the show hosts command on page 473 to display the configured name servers Example The following example sets the available name server consol...

Page 470: ... prefix_length must be 64 bits autoconfig Use this keyword to set the IPv6 address auto configuration mode dhcp Use this keyword to obtain an IPv6 address via DHCP Default Configuration There is no IPv6 address configured by default Command Mode Interface Configuration mode VLAN loopback port channel User Guidelines When setting the prefix length on an IPv6 address no space can be present between ...

Page 471: ...on mode to enable the DHCPv6 client on an IPv6 interface Syntax ipv6 address dhcp no ipv6 address dhcp Parameter Description This command does not require a parameter description Default Configuration DHCPv6 is disabled by default on routing interfaces Command Mode Interface VLAN Configuration mode User Guidelines This command only applies to VLAN routing interfaces When DHCPv6 is enabled on a VLA...

Page 472: ...HCPv6 is enabled on interface vlan2 console config console config interface vlan2 console config if vlan2 ipv6 address dhcp ipv6 enable Use the ipv6 enable command to enable IPv6 on a routing interface Use the no form of this command to reset the IPv6 configuration to the defaults Syntax ipv6 enable no ipv6 enable Default Configuration IPv6 is not enabled by default Command Mode Interface Configur...

Page 473: ...management interface It is logically separate from the ARP table used by the routing interfaces See the show arp command for details on how to view ARP entries for the routing interfaces Example The following example displays ARP table information console show arp switch MAC Address IP Address Interface 0016 9CE1 D800 10 27 6 1 1 0 37 show hosts Use the show hosts command in User EXEC mode to disp...

Page 474: ...ation about IP hosts console show hosts Host name Default domain gm com sales gm com usa sales gm com Name address lookup is enabled Name servers Preference order 176 16 1 18 176 16 1 19 Configured host name to address mapping Host Addresses accounting gm com 176 16 8 8 Cache TTL Hours Host Total Elapsed Type Addresses www stanford edu 72 3 IP 171 64 14 203 show ip address conflict Use the show ip...

Page 475: ...st Conflicting MAC Address 00 01 02 04 5A BC Time Since Conflict Detected 5 days 2 hrs 6 mins 46 secs console show ip address conflict Term Description Address Conflict Detection Status Whether the switch has detected an address conflict on any IP address Set to Conflict Detected if detected No Conflict Detected otherwise Last Conflicting IP Address The IP address that was last detected as conflic...

Page 476: ...ess IP address of a routing interface Range Any valid IP address Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console show ip helper address IP helper is enabled Interface UDP Port Discard Hit Count Server Address vlan 25 domain No 0 192 168 40 2 vlan 25 dhcp No 0 192 168 40 2 vlan 30 d...

Page 477: ... types of traffic are forwarded or blocked and above all provide security for the network ACLs are normally used in firewall routers that are positioned between the internal network and an external network such as the Internet They can also be used on a router positioned between two parts of the network to control the traffic entering or exiting a specific part of the internal network The PowerCon...

Page 478: ...nced to accept the optional time range parameter The time range parameter allows imposing a time limitation on the IPv6 ACL rule as defined by the parameter time range name If a time range with the specified name does not exist and the IPv6 ACL containing this ACL rule is applied to an interface or bound to a VLAN then the ACL rule is applied immediately If a time range with the specified name exi...

Page 479: ...ny destinationipv6 prefix prefixlength any matches any source IP address Or you can specify a source IPv6 addressed expressed as a prefix prefixlength flow label flow label value The value to match in the Flow Label field of the IPv6 header Range 0 1048575 dscp dscp value Specifies the TOS for an IPv6 ACL rule depending on a match of DSCP values using the parameter dscp assign queue queue id Speci...

Page 480: ...rd any HTTP traffic from the 2001 DB8 32 network but allow all other traffic from that network console config ipv6 access list STOP_HTTP console Config ipv6 acl deny ipv6 2001 DB8 32 any eq http console Config ipv6 acl permit ipv6 2001 DB8 32 any console Config ipv6 acl ipv6 access list The ipv6 access list command creates an IPv6 Access Control List ACL consisting of classification fields defined...

Page 481: ...s command Example The following example creates an IPv6 ACL named DELL_IP6 and enters the IPv6 Access List Config mode console config ipv6 access list DELL_IP6 console Config ipv6 acl ipv6 access list rename The ipv6 access list rename command changes the name of an IPv6 Access Control List ACL This command fails if an IPv6 ACL with the new name already exists Syntax ipv6 access list rename name n...

Page 482: ...dy assigned to this interface and direction A lower number indicates higher precedence order If a sequence number is already in use for this interface and direction the specified IPv6 access list replaces the currently attached IPv6 access list using that sequence number If the sequence number is not specified for this command a sequence number that is one greater than the highest sequence number ...

Page 483: ...e setting is applied to all interfaces Example The following example attaches an IPv6 access control list to an interface console config if 1 0 1 ipv6 traffic filter DELL_IP6 in show ipv6 access lists Use the show ipv6 access lists command in User EXEC and Privileged EXEC mode to display an IPv6 access list and all of the rules that are defined for the IPv6 ACL Use the name parameter to identify a...

Page 484: ...for the IPv6 ACLs console show ipv6 access lists Current number of all ACLs 1 Maximum number of all ACLs 100 IPv6 ACL Name Rules Direction Interface s VLAN s STOP_HTTP 2 inbound 1 0 1 console show ipv6 access lists STOP_HTTP ACL Name STOP_HTTP Inbound Interface s 1 0 1 Rule Number 1 Action deny Protocol 255 ipv6 Source IP Address 2001 DB8 32 Destination L4 Port Keyword 80 www http Rule Number 2 Ru...

Page 485: ...s the source IP address for this rule Source L4 Port Keyword This field displays the source port for this rule Destination IP Address This displays the destination IP address for this rule Destination L4 Port Keyword This field displays the destination port for this rule IP DSCP This field indicates the value specified for IP DSCP Flow Label This field indicates the value specified for IPv6 Flow L...

Page 486: ...486 IPv6 Access List Commands ...

Page 487: ... equivalent to IGMPv2 MLD version 2 MLDv2 is equivalent to IGMPv3 MLD is a subprotocol of Internet Control Message Protocol version 6 ICMPv6 and MLD messages are a subset of ICMPv6 messages identified in IPv6 packets by a preceding Next Header value of 58 PowerConnect switches can snoop on both MLDv1 and MLDv2 protocol packets and bridge IPv6 multicast data based on destination IPv6 Multicast MAC ...

Page 488: ... is connected to each layer 2 LAN port This prevents the inadvertent dropping of the other hosts that were connected to the same layer 2 LAN port but were still interested in receiving multicast traffic directed to that group Also fast leave processing is supported only with MLD version 1 hosts Syntax ipv6 mld snooping immediate leave vlan id no ipv6 mld snooping immediate leave vlan id vlan_id Sp...

Page 489: ...embership interval vlan id seconds no ipv6 mld snooping groupmembership interval vlan id vlan_id Specifies a VLAN ID value in VLAN Database mode seconds MLD group membership interval time in seconds Range 2 3600 Default Configuration The default group membership interval time is 260 seconds Command Mode Interface Configuration mode VLAN Database mode User Guidelines This command has no user guidel...

Page 490: ...response time is 10 seconds Command Mode Interface Configuration mode VLAN Database mode User Guidelines This command has no user guidelines Example console config if 4 0 1 ipv6 mld snooping maxresponse 33 ipv6 mld snooping mcrtexpiretime The ipv6 mld snooping mcrtexpiretime command sets the Multicast Router Present Expiration time The time is set for a particular interface or VLAN This is the amo...

Page 491: ...t expiration time is 300 seconds Command Mode Interface Configuration mode VLAN Database mode User Guidelines This command has no user guidelines Example console config if 4 0 1 ipv6 mld snooping mcrtrexpiretime 60 ipv6 mld snooping Global The ipv6 mld snooping Global command enables MLD Snooping on the system Global Config Mode Syntax ipv6 mld snooping no ipv6 mld snooping Default Configuration M...

Page 492: ...6 mld snooping Interface The ipv6 mld snooping Interface command enables MLD Snooping on an interface If an interface has MLD Snooping enabled and it becomes a member of a port channel LAG MLD Snooping functionality is disabled on that interface MLD Snooping functionality is re enabled if the interface is removed from a port channel LAG ...

Page 493: ...re are no user guidelines for this command Example console config if 4 0 1 ipv6 mld snooping ipv6 mld snooping VLAN The ipv6 mld snooping VLAN command enables MLD Snooping on a particular VLAN and enables MLD snooping on all interfaces participating in a VLAN Syntax ipv6 mld snooping vlan id no ipv6 mld snooping vlan id vlan id Specifies a VLAN ID value Default Configuration MLD Snooping is disabl...

Page 494: ...ot port port channel port channel number tengigabitethernet unit slot port vlan vlan id Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example With no optional arguments the command displays the following information Admin Mode Indicates whether or not MLD Snooping is active on the switch Interfa...

Page 495: ...t of time the switch waits after it sends a query on an interface participating in the VLAN because it did not receive a report for a particular group on that interface This value may be configured Multicast Router Present Expiration Time Displays the amount of time to wait before removing an interface that is participating in the VLAN from the list of interfaces with multicast routers attached Th...

Page 496: ...ld snooping groups Vlan Ipv6 Address Type Ports 1 3333 0000 0003 Dynamic 1 0 1 1 0 3 2 3333 0000 0004 Dynamic 1 0 1 1 0 3 2 3333 0000 0005 Dynamic 1 0 1 1 0 3 MLD Reporters that are forbidden statically Vlan Ipv6 Address Ports console show ipv6 mld snooping groups vlan 2 Vlan Ipv6 Address Type Ports 2 3333 0000 0004 Dynamic 1 0 1 1 0 3 2 3333 0000 0005 Dynamic 1 0 1 1 0 3 MLD Reporters that are fo...

Page 497: ...IPv6 MLD Snooping Commands 497 Vlan Ipv6 Address Ports ...

Page 498: ...498 IPv6 MLD Snooping Commands ...

Page 499: ...t traffic in a VLAN be switched the switch can be configured as an IGMP MLD querier When IGMP MLD Snooping Querier is enabled the Querier sends out periodic IGMP MLD General Queries that trigger the Multicast listeners member to send their joins so as to receive the Multicast data traffic IGMP MLD Snooping listens to these reports to establish the appropriate forwarding table entries PowerConnect ...

Page 500: ...mmand Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ipv6 mld snooping querier ipv6 mld snooping querier VLAN mode Use the ipv6 mld snooping querier command in VLAN mode to enable MLD Snooping Querier on a VLAN Use the no form of this command to disable MLD Snooping Querier on a VLAN Syntax ipv6 mld snooping querier vlan id no ip...

Page 501: ...t the global MLD Snooping Querier address to the default Syntax ipv6 mld snooping querier address prefix prefix length no ipv6 mld snooping querier address prefix The bits of the address to be configured prefix length Designates how many of the high order contiguous bits of the address make up the prefix Default Configuration There is no global MLD Snooping Querier address configured by default Co...

Page 502: ...m of this command to disable election participation on a VLAN Syntax ipv6 mld snooping querier election participate vlan id no ipv6 mld snooping querier election participate vlan id vlan id A valid VLAN ID Range 1 4093 Default Configuration Election participation is disabled by default Command Mode VLAN Database mode User Guidelines There are no user guidelines for this command Example console con...

Page 503: ...6 mld snooping querier 120 ipv6 mld snooping querier timer expiry Use the ipv6 mld snooping querier timer expiry command to set the MLD Querier timer expiration period It is the time period that the switch remains in Non Querier mode once it has discovered that there is a Multicast Querier in the network Use the no form of this command to reset the timer expiration period to the default Syntax ipv...

Page 504: ... Use the show ipv6 mld snooping querier command to display MLD Snooping Querier information Configured information is displayed whether or not MLD Snooping Querier is enabled Syntax show ipv6 mld snooping querier detail vlan vlan id vlan id A valid VLAN ID Range 1 4093 Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines When th...

Page 505: ... general query Querier Expiry Interval Displays the amount of time to wait in the Non Querier operational state before moving to a Querier state Parameter Description MLD Snooping Querier VLAN Mode Indicates whether MLD Snooping Querier is active on the VLAN Querier Election Participate Mode Indicates whether the MLD Snooping Querier participates in querier election if it discovers the presence of...

Page 506: ...506 IPv6 MLD Snooping Querier Commands Last Querier Address Indicates the IP address of the most recent Querier from which a Query was received MLD Version Indicates the version of MLD ...

Page 507: ...administrator enables IPSG on a port where DHCP snooping is disabled or where DHCP snooping is enabled but the port is trusted all IP traffic received on that port is dropped depending upon the admin configured IPSG entries IPSG cannot be enabled on a port based routing interface IPSG uses two enforcement mechanisms the L2FDB to enforce the source MAC address and ingress VLAN and an ingress classi...

Page 508: ...nfig if Gi1 0 1 ip verify source ip verify source port security Use the ip verify source port security command in Interface Configuration mode to enable filtering of IP packets matching the source IP address and the source MAC address Syntax ip verify source port security Default Configuration By default IPSG is disabled on all interfaces Command Mode Interface Configuration mode User Guidelines T...

Page 509: ...ding macaddr vlan ipaddr interface Default Configuration By default there will not be any static bindings configured Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console config ip verify binding 00 11 22 33 44 55 vlan 1 1 2 3 4 interface gigabitethernet 1 0 2 show ip verify interface Use the show ip verify interface command in Privileged EXEC m...

Page 510: ... source interface command in Privileged EXEC mode to display the bindings configured on a particular interface Syntax show ip verify source interface Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console show ip verify source interface gigabitethernet 1 0 1 show ip source bindin...

Page 511: ...1 Syntax show ip source binding Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console show ip source binding ...

Page 512: ...512 IP Source Guard Commands ...

Page 513: ...h the system provides optimal throughput when all traffic is assigned to the default queue An example of this situation is a Storage Area Network SAN where the switch is dedicated to interconnecting iSCSI Targets with Initiators Using the default queue for this homogenous traffic provides the best performance in traffic burst handling and the most accurate 802 3x Flow Control Pause Frame generatio...

Page 514: ... is done by enabling remark Remarking packets with priority data provides special QoS treatment as the packets continue through the network Commands in this Chapter This chapter explains the following commands iscsi aging time The iscsi aging time command sets the time out value for iSCSI sessions To reset the aging time to the default value use the no form of this command Syntax iscsi aging time ...

Page 515: ...os The iscsi cos vpt command is supported on the PCM8024 k The iscsi cost vpt command is not supported on the PCM6348 Use the iscsi cos command in Global Configuration mode to set the quality of service profile that will be applied to iSCSI flows To return to the default value use the no form of this command Vpt DSCP values can be configured independently from the application of QoS treatment Synt...

Page 516: ...he egress queue to which the frame is mapped The default setting for egress queues scheduling is Weighted Round Robin WRR You may alter the QoS setting by configuring the relevant ports to work in other scheduling and queue management modes via the Class of Service settings These choices may include strict priority for the queue used for iSCSI traffic The downside of strict priority is that in cer...

Page 517: ...onitoring for the establishment of iSCSI sessions on TCP ports 960 and 3260 Sessions that are established using a PLOGI on these ports are displayed in the iSCSI session table In addition this command modifies the running config to globally set the mtu size to 9216 on all interfaces and port channels and enables flow control on all interfaces Monitoring for EqualLogic Storage arrays via LLDP is al...

Page 518: ...SCSI target s listen to requests Up to 16 TCP ports can be defined in the system in one command or by using multiple commands ip address IP address of the iSCSI target When the no form is used and the tcp port to be deleted is one bound to a specific IP address the address field must be present targetname iSCSI name of the iSCSI target The name can be statically configured however it can be obtain...

Page 519: ...r applications also choose to use these un reserved ports When a port is already defined and not bound to an IP address and you want to bind the port to an IP address first remove the port by using the no form of the command and then add it again this time together with the relevant IP address Target names are only for display when using the show iscsi command These names are not used to match or ...

Page 520: ...nes for this command Example The following example displays the iSCSI configuration console show iscsi iSCSI enabled iSCSI CoS enabled iSCSI vpt is 5 Session aging time 10 min Maximum number of sessions is 192 iSCSI Targets and TCP Ports TCP Port Target IP Address Name 860 3260 30001 172 16 1 1 iqn 1993 11 com disk vendor diskarrays sn 45678 tape sys1 xyz 30033 172 16 1 10 iSCSI Static Rule Table ...

Page 521: ...this option is used Default Configuration If not specified sessions are displayed in short mode not detailed Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following examples show summary and detailed information about the iSCSI sessions console show iscsi sessions Target iqn 1993 11 com disk vendor diskarrays sn 45678 Initiator iqn 1992...

Page 522: ...onsole show iscsi sessions detailed Target iqn 1993 11 com disk vendor diskarrays sn 45678 Session 1 Initiator iqn 1992 04 com os vendor plan9 cdrom 12 storage sys1 xyz Time started 17 Jul 2008 10 04 50 Time for aging out 10 min ISID 11 Initiator Initiator Target Target IP address TCP port IP address IP port 172 16 1 3 49154 172 16 1 20 30001 172 16 1 4 49155 172 16 1 21 30001 172 16 1 5 49156 172...

Page 523: ...1995 05 com os vendor plan9 cdrom 10 Time started 17 Aug 2008 21 04 50 Time for aging out 2 min ISID 22 Initiator Initiator Target Target IP address TCP port IP address IP port 172 16 1 30 49200 172 16 1 20 30001 172 16 1 30 49201 172 16 1 21 30001 ...

Page 524: ...524 iSCSI Optimization Commands ...

Page 525: ...on interface Commands in this Chapter This chapter explains the following commands action Use the action command in Link Dependency mode to indicate if the link dependency group should mirror or invert the status of the depended on interfaces Syntax action down up Parameter Description action add port channel link dependency group depends on add gigabitethernet show link dependency add tengigabite...

Page 526: ... depend 1 action up link dependency group Use the link dependency group command to enter the link dependency mode to configure a link dependency group Syntax link dependency group GroupId no link dependency group GroupId GroupId Link dependency group identifier Range 1 72 Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines The pref...

Page 527: ...rt format Separate nonconsecutive ports with a comma and no spaces Use a hyphen to designate the range of ports Range Valid Ethernet interface list or range Default Configuration This command has no default configuration Command Mode Link Dependency mode User Guidelines No specific guidelines Example console config depend 1 add gigabitethernet 1 0 1 add tengigabitethernet Use this command to add m...

Page 528: ...rnet 1 0 1 add port channel Use this command to add member port channels to the dependency list Syntax add port channel intf list no add port channel port channel list intf list List of port channel numbers Separate nonconsecutive port channels with a comma and no spaces Use a hyphen to designate the range of port channels Range Valid port channel list or range port channel list List of port chann...

Page 529: ... tengigabitethernet intf list no depends on gigabitethernet port channel tengigabitethernet intf list intf list List of ports in unit slot port format or port channel numbers Separate nonconsecutive items with a comma and no spaces Use a hyphen to designate the range of ports or port channel numbers Range Valid Ethernet interface or port channel list or range Default Configuration This command has...

Page 530: ...pecified then all the configured link dependency groups are displayed Syntax show link dependency group GroupId GroupId Link dependency group identifier Range Valid Group Id 1 16 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines No specific guidelines Example The following command shows link dependencies for all groups console show li...

Page 531: ...Link Dependency Commands 531 The following command shows link dependencies for group 2 only console show link dependency group 2 GroupId Member Ports Ports Depended On 2 1 0 1 4 1 0 8 9 ...

Page 532: ...532 Link Dependency Commands ...

Page 533: ...h function can be enabled or disabled separately by the network manager PowerConnect supports both the transmit and receive functions in order to support device discovery The LLDP component transmit and receive functions can be enabled disabled separately per physical port By default both transmit and receive functions are disabled on all ports The application starts each transmit and receive stat...

Page 534: ...stics may be displayed by the user interface and retrieved using SNMP as defined in the MIB definitions Commands in this Chapter This chapter explains the following commands clear lldp remote data Use the clear lldp remote data command in Privileged EXEC mode to delete all LLDP information from the remote data table Syntax clear lldp remote data Default Configuration By default data is removed onl...

Page 535: ...lear lldp statistics Use the clear lldp statistics command in Privileged EXEC mode to reset all LLDP statistics Syntax clear lldp statistics Default Configuration By default the statistics are only cleared on a system reset Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays how to reset all LLDP statistics console clear lldp...

Page 536: ...e Interface Configuration Ethernet mode User Guidelines This command has no user guidelines Example The following example displays how to enable remote data change notifications console config if 1 0 3 lldp notification lldp notification interval Use the lldp notification interval command in Global Configuration mode to limit how frequently remote data change notifications are sent To return the n...

Page 537: ...llowing example displays how to set the interval value to 10 seconds console config lldp notification interval 10 lldp receive Use the lldp receive command in Interface Configuration mode to enable the LLDP receive capability To disable reception of LLDPDUs use the no form of this command Syntax lldp receive no lldp receive Default Configuration The default lldp receive mode is enabled Command Mod...

Page 538: ...rval hold hold multiplier reinit reinit delay no lldp timers interval hold reinit transmit interval The interval in seconds at which to transmit local data LLDPDUs Range 5 32768 seconds hold multiplier Multiplier on the transmit interval used to set the TTL in local data LLDPDUs Range 2 10 reinit delay The delay in seconds before re initialization Range 1 10 seconds Default Configuration The defau...

Page 539: ...s interval 1000 hold 8 reinit 5 lldp transmit Use the lldp transmit command in Interface Configuration mode to enable the LLDP advertise transmit capability To disable local data transmission use the no form of this command Syntax lldp transmit no lldp transmit Default Configuration LLDP is enabled on all supported interfaces Command Mode Interface Configuration Ethernet mode User Guidelines This ...

Page 540: ...de Interface Configuration Ethernet mode User Guidelines This command has no user guidelines Example The following example displays how to include management information in the LLDPDU console config if 1 0 3 lldp transmit mgmt lldp transmit tlv Use the lldp transmit tlv command in Interface Configuration mode to specify which optional type length value settings TLVs in the 802 1AB basic management...

Page 541: ...de Interface Configuration Ethernet mode User Guidelines This command has no user guidelines Example The following example shows how to include the system description TLV in local data transmit console config if 1 0 3 lldp transmit tlv sys desc show lldp Use the show lldp command in Privileged EXEC mode to display the current LLDP configuration summary Syntax show lldp Default Configuration This c...

Page 542: ...tion Interval limited to every 5 seconds console show lldp LLDP transmit and receive disabled on all interfaces show lldp interface Use the show lldp interface command in Privileged EXEC mode to display the current LLDP interface state Syntax show lldp interface gigabitethernet unit slot port tengigabitethernet unit slot port all Default Configuration This command has no default configuration Comm...

Page 543: ...smit Receive Notify TLVs Mgmt 1 0 1 Up Enabled Enabled Enabled 0 1 2 3 Y TLV Codes 0 Port Description 1 System Name 2 System Description 3 System Capability show lldp local device Use the show lldp local device command in Privileged EXEC mode to display the advertised LLDP local data This command can display summary information or detail for each interface Syntax show lldp local device detail inte...

Page 544: ...evels of detail console show lldp local device all LLDP Local Device Summary Interface Port ID Port Description 1 0 1 00 62 48 00 00 02 console show lldp local device detail 1 0 1 LLDP Local Device Detail Interface 1 0 1 Chassis ID Subtype MAC Address Chassis ID 00 62 48 00 00 00 Port ID Subtype MAC Address Port ID 00 62 48 00 00 02 System Name System Description Routing Port Description System Ca...

Page 545: ...x show lldp remote device detail interface interface all detail Includes detailed version of remote data interface Specifies a valid physical interface on the device Substitute gigabitethernet unit slotport or tengigabitethernet unit slotport Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example...

Page 546: ...net1 0 1 Remote ID 01 23 45 67 89 AB System Name system 1 System Description System Capabilities Bridge Port ID 01 23 45 67 89 AC Port Description 1 0 4 Management Address 192 168 112 1 TTL 60 seconds show lldp statistics Use the show lldp statistics command in Privileged EXEC mode to display the current LLDP traffic statistics Syntax show lldp statistics unit slot port all Default Configuration T...

Page 547: ...terface Total Total Discards Errors Ageout Discards Unknowns MED 802 1 802 3 1 0 11 29395 82562 0 0 1 0 0 0 1 4 The following table explains the fields in this example Fields Description Last Update The value of system of time the last time a remote data entry was created modified or deleted Total Inserts The number of times a complete set of information advertised by a remote device has been inse...

Page 548: ...dicated port and discarded for any reason Errors Number of non valid LLDP frames received on the indicated port Ageouts Number of times a remote data entry on the indicated port has been deleted due to TTL expiration TLV Discards Number LLDP TLVs Type Length Value sets received on the indicated port and discarded for any reason by the LLDP agent TLV Unknowns Number of LLDP TLVs received on the ind...

Page 549: ...tening to the join and report messages only for groups configured statically All other groups are managed by IGMP snooping There are two types of MVR ports source and receiver Source port is the port to which the multicast traffic is flowing using the multicast VLAN Receiver port is the port where a listening host is connected to the switch It can utilize any or no VLAN except the multicast VLAN T...

Page 550: ...mand to disable MVR Syntax mvr no mvr Parameter Description This command does not require a parameter description Default Configuration The default value is Disabled Command Mode Global Config Interface Config User Guidelines MVR can only be configured on physical interfaces mvr mvr type mvr group mvr vlan group mvr mode show mvr mvr querytime show mvr members mvr vlan show mvr interface mvr immed...

Page 551: ...and has no default configuration Command Mode Global Config User Guidelines The following table lists the completion messages Example console config mvr Parameter Description A B C D Specify a multicast group count Specifies the number of multicast groups to configure Groups are configured contiguously by incrementing the first group specified Message Type Message Description Successful Completion...

Page 552: ...arameter Description Default Configuration The default mode is compatible Command Mode Global Config User Guidelines This command has no user guidelines mvr querytime Use the mvr querytime command in Global Config mode to set the MVR query response time Use the no form of the command to set the MVR query response time to the default value Parameter Description compatible Do not allow membership jo...

Page 553: ...0 console config if Gi1 0 1 mvr console config if Gi1 0 1 mvr type receiver console config if Gi1 0 1 mvr mode dynamic console config if Gi1 0 1 mvr querytime 10 Parameter Description querytime The query time is a maximum time to wait for an IGMP membership report on a receiver port before removing the port from the multicast group The query time only applies to receiver ports The query time is sp...

Page 554: ...g table lists the completion messages mvr immediate Use the mvr immediate command in Interface Config mode to enable MVR Immediate Leave mode Use the no form of this command to set the MVR multicast VLAN to the default value Parameter Description vlan The VLAN specifies the port on which multicast data is expected to be received Source ports should belong to this VLAN Message Type Message Descript...

Page 555: ...t will leave a group on receipt of a leave message Without immediate leave upon receipt of a leave message the port sends an IGMP query and waits for an IGMP membership report Example console config interface Gi1 0 1 console config if Gi1 0 1 switchport access vlan 10 console config if Gi1 0 1 mvr console config if Gi1 0 1 mvr type receiver console config if Gi1 0 1 mvr mode dynamic console config...

Page 556: ... 0 1 console config if Gi1 0 1 switchport access vlan 10 console config if Gi1 0 1 mvr console config if Gi1 0 1 mvr type receiver Parameter Description receiver Configure the port as a receiver port Receiver ports are ports over which multicast data will be sent but not received source Configure the port as a source port Source ports are ports over which multicast data is received or sent Message...

Page 557: ...oup Use the mvr vlan group command in Interface Config mode to participate in the specific MVR group Use the no form of this command to remove the port participation from the specific MVR group Syntax mvr vlan mVLAN group A B C D no mvr vlan mVLAN group A B C D Parameter Description Default Configuration This command has no default configuration Command Mode Interface Config Parameter Description ...

Page 558: ... 0 24 switchport mode trunk console config if Gi1 0 24 switchport trunk native vlan 2000 console config if Gi1 0 24 switchport trunk allowed vlan add 2000 console config if Gi1 0 24 mvr console config if Gi1 0 24 mvr type source console config if Gi1 0 24 mvr vlan 2000 group 239 1 1 1 show mvr Use the show mvr command in Privileged EXEC mode to display global MVR settings Syntax show mvr Parameter...

Page 559: ...rrent multicast groups 1 MVR Global query response time 10 tenths of sec MVR Mode compatible MVR Max Multicast Groups The maximum number of multicast groups that is supported by MVR MVR Current Multicast groups The current number of MVR groups allocated MVR Query Response Time The current MVR query response time MVR Mode The current MVR mode It can be compatible or dynamic Message Type Message Des...

Page 560: ...ut parameters Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines The following table lists the completion messages Examples console show mvr members Parameter Description MVR Group IP MVR group multicast IP address Status The status of the specific MVR group It can be active or inactive Members The list of ports which participates in the sp...

Page 561: ...es configuration Syntax show mvr interface interface id members vlan vid Parameter Description The following table explains the output parameters Parameter Description Interface id Identifies a specific interface VID VLAN identifier Parameter Description Port Interface number Type The MVR port type It can be None Receiver or Source type Status The interface status It consists of two characteristic...

Page 562: ...VER ACTIVE inVLAN DISABLED console show mvr interface 1 0 9 Type RECEIVER Status ACTIVE Immediate Leave DISABLED console show mvr interface Fa1 0 23 members 235 0 0 1 STATIC ACTIVE console show mvr interface Fa1 0 23 members vlan 12 235 0 0 1 STATIC ACTIVE 235 1 1 1 STATIC ACTIVE Immediate Leave The state of immediate mode It can be enabled or disabled Message Type Message Description Successful C...

Page 563: ...EXEC User Guidelines The following table lists the completion messages Examples The following table explains the output parameters Message Type Message Description Successful Completion Message None Error Completion Message MVR disabled Parameter Description IGMP Query Received Number of received IGMP Queries IGMP Report V1 Received Number of received IGMP Reports V1 IGMP Report V2 Received Number...

Page 564: ...Leave Transmitted 1 IGMP Packet Receive Failures 0 IGMP Packet Transmit Failures 0 IGMP Report V1 Transmitted Number of transmitted IGMP Reports V1 IGMP Report V2 Transmitted Number of transmitted IGMP Reports V2 IGMP Leave Transmitted Number of transmitted IGMP Leaves IGMP Packet Receive Failures Number of failures on receiving the IGMP packets IGMP Packet Transmit Failures Number of failures on ...

Page 565: ...dd ethernet intf list no add ethernet intf list intf list List of Ethernet interfaces Separate nonconsecutive ports with a comma and no spaces Use a hyphen to designate a range of ports Range valid Ethernet interface list or range Default Configuration This command has no default configuration Command Mode Port Aggregator mode User Guidelines This command has no user guidelines add ethernet negoti...

Page 566: ... all member ports in the aggregator group zone To restore the default use the no form of this command Syntax duplex half full no duplex half Force half duplex operation full Force full duplex operation Default Configuration This command has no default configuration Command Mode Port Aggregator mode User Guidelines This command has no user guidelines Example console config port aggregator group 1 c...

Page 567: ...plink port should be active for the Aggregator Group to be active Syntax minimum active uplinks number of uplinks number of uplinks Minimum number of uplinks to be active for the Aggregator Group to be active Range 1 4 Default Configuration This command has no default configuration Command Mode Port Aggregator mode User Guidelines This command has no user guidelines Example console config port agg...

Page 568: ...le config port aggregator group 1 console config aggregator 1 mtu disable console config aggregator 1 negotiation Use the negotiation command in port aggregator mode to enable auto negotiation of all member ports in the aggregator group zone To disable negotiation use the no form of this command Syntax negotiation no negotiation Default Configuration This command has no default configuration Comma...

Page 569: ... this command The no form of this command deletes all the member ports from the group and also sets other attributes mtu VLAN to its default values for that group Syntax port aggregator group GroupId GroupId Port Aggregator group identifier Range 1 8 or 1 72 On a standalone switch it is up to 8 On a stack it is 1 to 6 x number of units in stack For a stack of 12 units it is 1 72 Default Configurat...

Page 570: ...ator group GroupId GroupId Port Aggregator group identifier Range 1 8 or 1 72 On a standalone switch it is up to 8 On a stack it is 1 to 6 x number of units in stack For a stack of 12 units it is 1 72 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console show bridge address table port ag...

Page 571: ...form of this command Syntax speed 10 100 no speed 10 Configures the port to 10 Mbps operation 100 Configures the port to 100 Mbps operation Default Configuration This command has no default configuration Command Mode Port Aggregator mode User Guidelines This command has no user guidelines Example console config port aggregator group 1 console config aggregator 1 speed 100 console config aggregator...

Page 572: ...572 Port Aggregator Commands ...

Page 573: ...oes not aggregate with the LAG until all the other active members see the new information When each of the other active members sees the new information they continue to drop out of the LAG When all the members have dropped out of the LAG they form an aggregate with the new information Static LAGS A static LAG is no different from a dynamically configured LAG All the requirements for the member po...

Page 574: ...r ports is active This enhancement provides configurability for the minimum number of member links to be active to declare a LAG up Network administrators can also utilize this feature to automatically declare a LAG down when only some of the links have failed Port Channels Trunking which is also called Port Channels or Link Aggregation is initiated and maintained by the periodic exchanges of Link...

Page 575: ...istrator is able to choose from hash algorithms utilizing the following attributes of a packet to determine the outgoing port Source MAC VLAN EtherType and incoming port associated with the packet Source IP and Source TCP UDP fields of the packet Destination MAC VLAN EtherType and incoming port associated with the packet Source MAC Destination MAC VLAN EtherType and incoming port associated with t...

Page 576: ...devices based on Broadcom XGS IV silicon support configuration of hashing algorithms for each LAG interface The hashing algorithm is used to distribute traffic load among the physical ports of the LAG while preserving the per flow packet order One limitation with earlier LAG hashing techniques is that the packet attributes were fixed for all type of packets Also there was no MODULO N operation inv...

Page 577: ...tner Information Commands in this Chapter This chapter explains the following commands channel group Use the channel group command in Interface Configuration mode to configure a port to port channel To remove the channel group configuration from the interface use the no form of this command Syntax channel group port channel number mode on auto no channel group port channel number Number of a valid...

Page 578: ...s how port 1 0 5 is configured to port channel 1 without LACP console config interface gigabitethernet 1 0 5 console config if 1 0 5 channel group 1 mode on interface port channel Use the interface port channel command in Global Configuration mode to configure a port channel type and enter port channel configuration mode Syntax interface port channel port channel number Default Configuration This ...

Page 579: ...ecutive port channels with a comma and no spaces A hyphen designates a range of port channels Range valid port channel all All the channel ports Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Commands in the interface range context are executed independently on each interface in the range If the command returns an error on one...

Page 580: ...MAC VLAN EtherType source module and port ID 3 Source IP and source TCP UDP port 4 Destination IP and destination TCP UDP port 5 Source destination MAC VLAN EtherType and source MODID port 6 Source destination IP and source destination TCP UDP port 7 Enhanced hashing mode Default Configuration This command has no default configuration Command Mode Interface Configuration port channel User Guidelin...

Page 581: ...figuration This command has no default configuration Command Mode Port Aggregator mode User Guidelines This command has no user guidelines Example console config port aggregator group 2 console config aggregator 2 lacp auto console config aggregator 2 lacp off Use the lacp off command to set the LACP Link Aggregation mode to off for that Aggregator Group This means that when more than one uplink p...

Page 582: ...g aggregator 2 lacp port priority Use the lacp port priority command in Interface Configuration mode to configure the priority value for physical ports To reset to default priority value use the no form of this command Syntax lacp port priority value no lacp port priority value Port priority value Range 1 65535 Default Configuration The default port priority value is 1 Command Mode Interface Confi...

Page 583: ...port is in the Group those uplink ports will be enabled automatically with static LACP Syntax lacp static Default Configuration This command has no default configuration Command Mode Port Aggregator mode User Guidelines This command has no user guidelines Example console config port aggregator group 2 console config aggregator 2 lacp static console config aggregator 2 lacp system priority Use the ...

Page 584: ...ple The following example configures the system priority to 120 console config lacp system priority 120 lacp timeout Use the lacp timeout command in Interface Configuration mode to assign an administrative LACP timeout To reset the default administrative LACP timeout use the no form of this command Syntax lacp timeout long short no lacp timeout long Specifies a long timeout value short Specifies a...

Page 585: ...thernet 1 0 8 console config if 1 0 8 lacp timeout long no lacp Use the no lacp command to set the LACP Link Aggregation mode to default for that Aggregator Group The default LACP mode is dynamic Syntax no lacp Default Configuration This command has no default configuration Command Mode Port Aggregator mode User Guidelines This command has no user guidelines Example console config port aggregator ...

Page 586: ...s no default configuration Command Mode Interface Configuration port channel mode User Guidelines This command has no user guidelines show interfaces port channel Use the show interfaces port channel command to show port channel information Syntax Description show interfaces port channel port channel port channel number index Number of the port channel to show This parameter is optional If the por...

Page 587: ... No Configured Ports 6 po6 No Configured Ports 4 po7 No Configured Ports 3 default po8 No Configured Ports 3 default Hash algorithm type 1 Source MAC VLAN EtherType source module and port Id 2 Destination MAC VLAN EtherType source module and port Id 3 Source IP and source TCP UDP port 4 Destination IP and destination TCP UDP port 5 Source Destination MAC VLAN EtherType and source MODID port 6 Sour...

Page 588: ... mode User Guidelines This command has no user guidelines Example The following example shows how to display LACP Ethernet interface information console show lacp gigabitethernet 1 0 1 Port 1 0 1 LACP parameters Actor system priority 1 system mac addr 00 00 12 34 56 78 port Admin key 30 port Oper key 30 port Oper priority 1 port Admin timeout LONG port Oper timeout LONG LACP Activity ACTIVE Aggreg...

Page 589: ...er timeout LONG LACP Activity ASSIVE Aggregation AGGREGATABLE synchronization FALSE collecting FALSE distributing FALSE expired FALSE Port 1 0 1 LACP Statistics LACP PDUs sent 2 LACP PDUs received 2 show statistics port channel Use the show statistics port channel command in Privileged EXEC mode to display statistics about a specific port channel Syntax show statistics port channel port channel nu...

Page 590: ...ackets Received 1522 Octets 0 Packets RX and TX 64 Octets 1064 Packets RX and TX 65 127 Octets 140 Packets RX and TX 128 255 Octets 201 Packets RX and TX 256 511 Octets 418 Packets RX and TX 512 1023 Octets 1 Packets RX and TX 1024 1518 Octets 0 Packets RX and TX 1519 1522 Octets 0 Packets RX and TX 1523 2047 Octets 0 Packets RX and TX 2048 4095 Octets 0 Packets RX and TX 4096 9216 Octets 0 Total ...

Page 591: ... 802 3x Pause Frames Received 0 Unacceptable Frame Type 0 Multicast Tree Viable Discards 0 Reserved Address Discards 0 Broadcast Storm Recovery 0 CFI Discards 0 Upstream Threshold 0 Total Packets Transmitted Octets 263567 Max Frame Size 1518 Total Packets Transmitted Successfully 1824 Unicast Packets Transmitted 330 Multicast Packets Transmitted 737 Broadcast Packets Transmitted 757 Total Transmit...

Page 592: ...rded 0 Single Collision Frames 0 Multiple Collision Frames 0 Excessive Collision Frames 0 Port Membership Discards 0 802 3x Pause Frames Transmitted 0 GVRP PDUs received 0 GVRP PDUs Transmitted 0 GVRP Failed Registrations 0 Time Since Counters Last Cleared 0 day 0 hr 17 min 52 sec console ...

Page 593: ...nding destination port A network traffic analyzer can be attached to destination ports to analyze the traffic patterns of source ports A session is operationally active only if both a destination port and at least one source port are configured If neither is true the session is inactive A port configured as a destination port acts as a mirroring port when the session is operationally active If it ...

Page 594: ...rt monitors all the traffic received and transmitted on the physical monitored port Use the no form of the command to remove the monitoring session Syntax monitor session session_number source interface interface id rx tx destination interface interface id no monitor session session _number Session identification number interface id Ethernet interface Range Any valid Ethernet Port CPU interface CP...

Page 595: ...nfig monitor session 1 destination interface 1 0 10 console config monitor session 1 mode show monitor session Use the show monitor session command in Privileged EXEC mode to display status of port monitoring Syntax show monitor session session_number session _number Session identification number Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC...

Page 596: ...596 Port Monitor Commands Session ID Admin Mode Probe Port Mirrored Port Type 1 Enable 1 0 10 1 0 8 Rx Tx ...

Page 597: ...is a means of providing consistent predictable data delivery by distinguishing between packets that have strict timing requirements from those that are more tolerant of delay Packets with strict timing requirements are given special treatment in a QoS capable network To accomplish this all elements of the network must be QoS capable If one node is unable to meet the necessary timing requirements t...

Page 598: ...ess CoS queue should handle the traffic and whether the traffic flow is to be redirected to a specific outgoing interface MAC access lists are identified by a user specified name instead of a number Layer 3 4 IPv4 ACLs The Layer 3 4 ACL feature supports IP access lists both standard and extended These lists check the Layer 3 portion of a packet looking specifically at information contained in the ...

Page 599: ...in a meaningful COS queue designation the ingress port can be configured to use its default priority to specify the CoS queue CoS queue mappings use the concept of trusted and untrusted ports A trusted port is one that takes at face value a certain priority designation within arriving packets Specifically a port may be configured to trust one of the following packet fields 802 1p User Priority IP ...

Page 600: ...el port channel out show policy map interface interface out The following command is not supported on VLAN interfaces on the PCM6220 ip access group name out Commands in this Chapter This chapter explains the following commands assign queue mark cos match ip tos show classofservice dot1p mapping class mark ip dscp match protocol show classofservice ip dscp mapping class map mark ip precedence matc...

Page 601: ...Class Map Configuration mode User Guidelines This command has no user guidelines classofservice trust match dstip match vlan show diffserv service brief conform color match dstip6 mirror show interfaces cos queue cos queue min bandwidth match dstl4port police simple show interfaces random detect cos queue random detect match ethertype policy map show policy map cos queue strict match ip6flowlbl re...

Page 602: ...tribute statements Syntax class classname no class classname Specifies the name of an existing DiffServ class Range 1 31 characters Default Configuration This command has no default configuration Command Mode Policy Map Configuration mode User Guidelines This command causes the specified policy to create a reference to the class definition The command mode is changed to Policy Class Map Configurat...

Page 603: ...om 1 to 31 characters uniquely identifying an existing DiffServ class Default Configuration The class map defaults to ipv4 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example creates a class map named DELL which requires all ACE s to be matched console config class map DELL console config cmap class map rename Use the c...

Page 604: ... DELL1 console config classofservice dot1p mapping Use the classofservice dot1p mapping command in Global Configuration mode to map an 802 1p priority to an internal traffic class In Interface Configuration mode the mapping is applied only to packets received on that interface Use the no form of the command to remove mapping between an 802 1p priority and an internal traffic class Syntax classofse...

Page 605: ... classofservice ip dscp mapping command in Global Configuration mode to map an IP DSCP value to an internal traffic class Syntax classofservice ip dscp mapping ipdscp trafficclass ipdscp Specifies the IP DSCP value to which you map the specified traffic class Range 0 63 or an IP DSCP keyword af11 af12 af13 af21 af22 af23 af31 af32 af33 af41 af42 af43 be cs0 cs1 cs2 cs3 cs4 cs5 cs6 cs7 ef trafficcl...

Page 606: ...nterface mode to untrusted use the no form of this command Syntax classofservice trust dot1p untrusted ip dscp no classofservice trust dot1p Specifies that the mode be set to trust dot1p 802 1p packet markings untrusted Sets the Class of Service Trust Mode for all interfaces to Untrusted ip dscp Specifies that the mode be set to trust IP DSCP packet markings Default Configuration This command has ...

Page 607: ... mode to specify second level matching for traffic flow the only possible actions are drop setdscp transmit set prec transmit or transmit In this two rate form of the policy command the conform action defaults to send the exceed action defaults to drop and the violate action defaults to drop These actions can be set with this command Syntax conform color Default Configuration This command has no d...

Page 608: ... through bw n Range 0 100 in increments of 5 Default Configuration This command has no default configuration Command Mode Global Configuration mode or Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines The maximum number of queues supported per interface is seven Example The following example displays how to specify the minimum transmission bandwidth for s...

Page 609: ...his command will override the settings on the individual interfaces that are part of the port channel This command can be used in Interface Range mode Use the cos queue min bandwidth command to configure the minimum bandwidth percentage for the CoS queues Use the show interfaces random detect command to display the WRED configuration Example console config cos queue min bandwidth 5 5 10 5 5 5 5 co...

Page 610: ...ich you are activating the strict priority scheduler You can specify a queue ID for as many queues as you have queue id 1 through queue id n Range 0 6 Default Configuration This command has no default configuration Command Mode Global Configuration mode or Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines This command has no user guidelines Example The fo...

Page 611: ...mode to inactive use the no form of this command Syntax diffserv no diffserv Default Configuration This command default is enabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example displays how to set the DiffServ operational mode to active console Config diffserv drop Use the drop command in Policy Class Map Configuration mode...

Page 612: ...cos command in Policy Class Map Configuration mode to mark all packets for the associated traffic stream with the specified class of service value in the priority field of the 802 1p header If the packet does not already contain this header one is inserted Syntax mark cos cos value cos value Specifies the CoS value as an integer Range 0 7 Default Configuration There is no default cos value for thi...

Page 613: ...scp dscpval dscpval Specifies a DSCP value 10 12 14 18 20 22 26 28 30 34 36 38 0 8 16 24 32 40 48 56 46 or a DSCP keyword af11 af12 af13 af21 af22 af23 af31 af32 af33 af41 af42 af43 be cs0 cs1 cs2 cs3 cs4 cs5 cs6 cs7 ef Default Configuration This command has no default configuration Command Mode Policy Class Map Configuration mode User Guidelines This command has no user guidelines Example The fol...

Page 614: ...tion Command Mode Policy Class Map Configuration mode User Guidelines This command has no user guidelines Example The following example displays console config policy map p1 in console config policy map class c1 console config policy classmap mark ip precedence 2 console config policy classmap match class map Use the match class map command to add to the specified class definition the set of match...

Page 615: ...ria of class map name and refclassname must be an allowed combination based on the class type Any subsequent changes to the refclassname class match criteria must maintain this validity or the change attempt fails The total number of class rules formed by the complete reference class chain including both predecessor and successor classes must not exceed a platform specific maximum In some cases ea...

Page 616: ...ue as an integer Range 0 7 Default Configuration This command has no default configuration Command Mode Class Map Configuration mode User Guidelines This command has no user guidelines Example The following example displays adding a match condition to the specified class console config classmap match cos 1 match destination address mac Use the match destination address mac command in Class Map Con...

Page 617: ...his command has no user guidelines Example The following example displays adding a match condition for the specified MAC address and bit mask console config classmap match destination address mac AA ED DB 21 11 06 FF FF FF EF EE EE match dstip Use the match dstip command in Class Map Configuration mode to add to the specified class definition a match condition based on the destination IP address o...

Page 618: ...stip 10 240 1 1 10 240 0 0 match dstip6 The match dstip6 command adds to the specified class definition a match condition based on the destination IPv6 address of a packet Syntax match dstip6 destination ipv6 prefix prefix length destination ipv6 prefix IPv6 prefix in IPv6 global address format prefix length IPv6 prefix length value Default Configuration There is no default configuration for this ...

Page 619: ...ported port name keywords A match condition is specified by one layer 4 port number The currently supported values are domain echo ftp ftpdata http smtp snmp telnet tftp and www port number Specifies a layer 4 port number Range 0 65535 Default Configuration This command has no default configuration Command Mode Class Map Configuration mode User Guidelines This command has no user guidelines Exampl...

Page 620: ... ibmsna ipv4 ipv6 ipx mplsmcast mplsucast netbios novell pppoe rarp Range 0x0600 0xFFFF Default Configuration This command has no default configuration Command Mode Class Map Configuration mode User Guidelines This command has no user guidelines Example The following example displays how to add a match condition based on ethertype console config classmap match ethertype arp match ip6flowlbl The ma...

Page 621: ... ip dscp Use the match ip dscp command in Class Map Configuration mode to add to the specified class definition a match condition based on the value of the IP DiffServ Code Point DSCP field in a packet This field is defined as the high order six bits of the Service Type octet in the IP header The low order two bits are not checked Syntax match ip dscp dscpval dscpval Specifies an integer value or ...

Page 622: ... The following example displays how to add a match condition based on the DSCP field console config classmap match ip dscp 3 match ip precedence Use the match ip precedence command in Class Map Configuration mode to add to the specified class definition a match condition based on the value of the IP precedence field Syntax match ip precedence precedence precedence Specifies the precedence field in...

Page 623: ... match ip precedence 1 match ip tos Use the match ip tos command in Class Map Configuration mode to add to the specified class definition a match condition based on the value of the IP TOS field in a packet This field is defined as all eight bits of the Service Type octet in the IP header Syntax match ip tos tosbits tosmask tosbits Specifies a two digit hexadecimal number Range 00 ff tosmask Speci...

Page 624: ...TOS field in a packet console config classmap match ip tos AA EF match protocol Use the match protocol command in Class Map Configuration mode to add to the specified class definition a match condition based on the value of the IP Protocol field in a packet using a single keyword notation or a numeric value notation Syntax match protocol protocol name protocol number protocol name Specifies one of...

Page 625: ...ny valid layer 2 MAC address formatted as six two digit hexadecimal numbers separated by colons macmask Specifies a layer 2 MAC address bit mask formatted as six two digit hexadecimal numbers separated by colons This bit mask does not need to be contiguous Default Configuration This command has no default configuration Command Mode Class Map Configuration mode User Guidelines This command has no u...

Page 626: ...ubnet mask it does not need to be contiguous Default Configuration This command has no default configuration Command Mode Class Map Configuration mode User Guidelines This command has no user guidelines Example The following example displays adding a match condition for the specified IP address and address bit mask console config classmap match srcip 10 240 1 1 10 240 0 0 match srcip6 The match sr...

Page 627: ...and in Class Map Configuration mode to add to the specified class definition a match condition based on the source layer 4 port of a packet using a single keyword or a numeric notation Syntax match srcl4port portkey port number portkey Specifies one of the supported port name keywords A match condition is specified by one layer 4 port number The currently supported values are domain echo ftp ftpda...

Page 628: ...atch condition based on the value of the layer 2 VLAN Identifier field This field is the only tag in a single tagged packet or the first or outer tag of a double VLAN packet Syntax match vlan vlan id vlan id Specifies a VLAN ID as an integer Range 0 4095 Default Configuration This command has no default configuration Command Mode Class Map Configuration mode User Guidelines This command has no use...

Page 629: ...the destination port of the monitor command Example The following example displays how to copy all the data to port 1 0 5 console config policy classmap mirror 1 0 5 police simple Use the police simple command in Policy Class Map Configuration mode to establish the traffic policing style for the specified class The simple form of the police command uses a single data rate and burst size resulting ...

Page 630: ...1 af12 af13 af21 af22 af23 af31 af32 af33 af41 af42 af43 be cs0 cs1 cs2 cs3 cs4 cs5 cs6 cs7 ef Default Configuration This command has no default configuration Command Mode Policy Class Map Configuration mode User Guidelines Only one style of police command simple is allowed for a given class instance in a particular policy Example The following example shows how to establish the traffic policing s...

Page 631: ...mple The following example shows how to establish a new ingress DiffServ policy named DELL console config policy map DELL in console config policy classmap Parameter Description policyname Specifies the DiffServ policy name as a unique case sensitive alphanumeric string of characters Range 1 31 alphanumeric characters in The policy is applied on ingress Must be specified to create new DiffServ pol...

Page 632: ...ommand has no default configuration Command Mode Policy Class Map Configuration mode User Guidelines This command has no user guidelines Example The following example shows how to redirect incoming packets to port 1 0 1 console config policy classmap redirect 1 0 1 service policy Use the service policy command in either Global Configuration mode for all system interfaces or Interface Configuration...

Page 633: ...re that no attributes within the policy definition exceed the capabilities of the interface When a policy is attached to an interface successfully any attempt to change the policy definition such that it would result in a violation of the interface capabilities causes the policy change attempt to fail ACLs and DiffServ policies may not both exist on the same interface in the same direction Example...

Page 634: ...s Range 1 31 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays all the configuration information for the class named Dell console show class map Class L3 Class Name Type Proto Reference Class Name ipv4 All ipv4 ipv6 All ipv6 stop_http_class All ipv6 ...

Page 635: ... DB8 32 Source Layer 4 Port 80 http www show classofservice dot1p mapping Use the show classofservice dot1p mapping command in Privileged EXEC mode to display the current Dot1p 802 1p priority mapping to internal traffic classes for a specific interface Syntax show classofservice dot1p mapping gigabitethernet unit slot port port channel port channel number tengigabitethernet unit slot port Default...

Page 636: ... displays the dot1p traffic class mapping and user priorities console show classofservice dot1p mapping User Priority Traffic Class 0 1 1 1 2 6 3 4 4 3 5 4 6 5 7 6 The following table lists the parameters in the example and gives a description of each Parameter Description User Priority The 802 1p user priority value Traffic Class The traffic class internal queue identifier to which the user prior...

Page 637: ...pping to internal traffic classes for a specific interface Syntax show classofservice ip dscp mapping Command is supported only globally Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines Example console show classofservice ip dscp mapping IP DSCP Traffic Class 0 be cs0 1 1 1 2 1 3 1 4 1 5 1 6 1 7 1 ...

Page 638: ...S Commands 8 cs1 0 9 0 10 af11 0 11 0 12 af12 0 13 0 14 af13 0 15 0 16 cs2 0 17 0 18 af21 0 19 0 More or q uit 20 af22 0 21 0 22 af23 0 23 0 24 cs3 1 25 1 26 af31 1 27 1 28 af32 1 29 1 30 af33 1 31 1 32 cs4 2 ...

Page 639: ...QoS Commands 639 33 2 34 af41 2 35 2 36 af42 2 37 2 38 af43 2 39 2 40 cs5 2 41 2 42 2 More or q uit 43 2 44 2 45 2 46 ef 2 47 2 48 cs6 3 49 3 50 3 51 3 52 3 53 3 54 3 55 3 56 cs7 3 57 3 ...

Page 640: ...annel port channel number tengigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines If the interface is specified the port trust mode of the interface is displayed If omitted the port trust mode for global configuration is shown Example The following example displays the current trust mode settings for the sp...

Page 641: ...ration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the DiffServ information console show diffserv DiffServ Admin mode Enable Class Table Size Current Max 5 25 Class Rule Table Size Current Max 6 150 Policy Table Size Current Max 2 64 Policy Instance Table Size Current Max 2 64...

Page 642: ...lot port tengigabitethernet unit slot port in out Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines This command has no user guidelines Example console show diffserv service interface gigabitethernet 1 0 1 in DiffServ Admin Mode Enable Interface 1 0 1 Direction In Parameter Description in Show ingress policies out Sho...

Page 643: ...ault Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines Not applicable Example console show diffserv service interface port channel 1 in DiffServ Admin Mode Enable Interface po1 Direction In No policy is attached to this interface in this direction Parameter Description channel group A valid port channel in the system Range 1 18 in Show ingress pol...

Page 644: ...ommand has no user guidelines Example The following example shows how to display all interfaces in the system to which a DiffServ policy has been attached console show diffserv service brief Interface Direction OperStatus Policy Name 1 0 1 in Down DELL show interfaces cos queue Use the show interfaces cos queue command in Privileged EXEC mode to display the class of service queue configuration for...

Page 645: ...splayed Examples The following example displays the COS configuration with no unit slot port or port channel parameter console show interfaces cos queue Global Configuration Interface Shaping Rate 0 Queue Id Min Bandwidth Scheduler Type Queue Management Type 0 0 Weighted Tail Drop 1 0 Weighted Tail Drop 2 0 Weighted Tail Drop 3 0 Weighted Tail Drop 4 0 Weighted Tail Drop 5 0 Weighted Tail Drop 6 0...

Page 646: ...Parameter Description Interface The port of the interface If displaying the global configuration this output line is replaced with a global configuration indication Intf Shaping Rate The maximum transmission bandwidth limit for the interface as a whole It is independent of any per queue maximum bandwidth values in effect for the interface This value is a configured value Queue Mgmt Type The queue ...

Page 647: ...how the global or per interface scheduler type and queue management types Minimum Bandwidth The minimum transmission bandwidth guarantee for the queue expressed as a percentage A value of 0 means bandwidth is not guaranteed and the queue operates using best effort This value is a configured value Scheduler Type Indicates whether this queue is scheduled for transmission using a strict priority or a...

Page 648: ...Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the DiffServ information console show policy map Policy Name Policy Type Class Members POLY1 xxx DellClass DELL xxx DellClass show policy map interface Use the show policy map interface command in Privileged EXEC mode t...

Page 649: ... Guidelines This command has no user guidelines Example The following example displays the statistics information for port 1 0 1 console show policy map interface 1 0 1 in Interface 1 0 1 Operational Status Down Policy Name DELL Interface Summary Class Name murali In Discarded Packets 0 Class Name test In Discarded Packets 0 Class Name DELL1 Parameter Description in Show inbound service policies o...

Page 650: ...ormation for all interfaces Syntax show service policy Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays a summary of policy oriented statistics information console show service policy Oper Policy Intf Stat Name 1 0 1 Down DELL 1 0 2 Down DELL 1 0 3 Down DELL 1...

Page 651: ...the effect of smoothing temporary traffic bursts over time so that the transmitted traffic rate is bounded To restore the default interface shaping rate value use the no form of this command Syntax traffic shape bw kbps no traffic shape bw Maximum transmission bandwidth value expressed in Kbps Range 64 4294967295 Default Configuration This command has no default configuration Command Mode Global C...

Page 652: ...652 QoS Commands Example The following example displays the setting of traffic shape to a maximum bandwidth of 1024 Kbps console config if 1 0 1 traffic shape 1024 kbps ...

Page 653: ... or access from unauthorized devices are silently discarded by the server RADIUS conforms to a client server model with secure communications using UDP as a transport protocol It is extremely flexible supporting a variety of methods to authenticate and statistically track users It is very extensible allowing for new methods of authentication to be added without disrupting existing network function...

Page 654: ...a accounting network default start stop group radius Default Configuration RADIUS accounting is disabled by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config aaa accounting network default start stop group radius auth port radius server deadtime show aaa servers deadtime radius server host show radius statistics key ...

Page 655: ...ault Configuration The default value of the port number is 1813 Command Mode Radius accounting mode User Guidelines There are no user guidelines for this command Example The following example sets port number 56 for accounting requests console config radius server host acct 3 2 3 2 console Config acct radius acct port 56 auth port Use the auth port command in Radius mode to set the port number for...

Page 656: ...uthentication requests console config radius server host 192 143 120 123 console config radius auth port 2412 deadtime Use the deadtime command in Radius mode to configure the minimum amount of time to wait before attempting to re contact an unresponsive RADIUS server If a RADIUS server is currently active and responsive that server will be used until it no longer responds RADIUS servers whose dea...

Page 657: ... 60 minutes console config radius server host 192 143 120 123 console config radius deadtime 60 key Use the key command to specify the encryption key which is shared with the RADIUS server Use the no form of this command to remove the key Syntax key key string key string A string specifying the encryption key Range 0 128 characters Default Configuration There is no key configured by default Comman...

Page 658: ...ing server being configured Use the no form of this command to disable the message authenticator attribute Syntax msgauth no msgauth Default Configuration The message authenticator attribute is enabled by default Command Mode Radius mode User Guidelines There are no user guidelines for this command Example console Config auth radius msgauth name RADIUS server Use the name command to assign a name ...

Page 659: ... moving on to name2 Even if the priority value of servers in name2 is lower lower value indicates high priority the request would be sent to the name1 servers If for name1 list the configured servers fail to respond the request is sent to the second configured name list Within the same server list the first primary server would be tried You can have multiple secondary servers in the same name list...

Page 660: ...erver name by default If it fails to communicate with the primary server for any reason it uses the backup servers configured with the same server name These backup servers are identified as the Secondary type Syntax primary Default Configuration There is no primary authentication server by default Command Mode Radius mode User Guidelines There are no user guidelines for this command Example conso...

Page 661: ...pting to recontact an unresponsive RADIUS server If a RADIUS server is currently active and responsive that server will be used until it no longer responds RADIUS servers whose deadtime interval has not expired are skipped when searching for a new RADIUS server to contact To set the deadtime to 0 use the no form of this command Syntax radius server deadtime deadtime no radius server deadtime deadt...

Page 662: ...erver host and enter RADIUS Configuration mode To delete the specified Radius host use the no form of this command Syntax radius server host acct auth ip address hostname no radius server host acct auth ip address hostname Parameter Description Default Configuration The default server type is authentication The default server name is Default RADIUS Server The default port number is 1812 for an aut...

Page 663: ...us server key command in Global Configuration mode to set the authentication and encryption key for all Radius communications between the switch and the Radius server To reset to the default use the no form of this command Syntax radius server key key string no radius server key key string Specifies the authentication and encryption key for all Radius communications between the switch and the Radi...

Page 664: ...mber of times the Radius client will retransmit requests to the Radius server To reset the default configuration use the no form of this command Syntax radius server retransmit retries no radius server retransmit retries Specifies the retransmit value Range 1 10 Default Configuration The default is 3 attempts Command Mode Global Configuration mode User Guidelines This command has no user guideline...

Page 665: ...rce IP address Default Configuration The default IP address is the outgoing IP interface Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example configures the source IP address used for communication with Radius servers to 10 1 1 1 console config radius server source ip 10 1 1 1 radius server timeout Use the radius server timeout co...

Page 666: ...a server host to reply to 5 seconds console config radius server timeout 5 retransmit Use the retransmit command in Radius mode to specify the number of times the Radius client retransmits requests to the Radius server Syntax retransmit retries retries Specifies the retransmit value Range 1 10 attempts Default Configuration The default number for attempts is 3 Command Mode Radius mode User Guideli...

Page 667: ...escription Default Configuration Authentication servers are displayed by default Command Mode User EXEC Privileged EXEC User Guidelines The following fields are displayed Parameter Description accounting This optional parameter will cause accounting servers to be displayed authentication This optional parameter will cause authentication servers to be displayed name This optional parameter will cau...

Page 668: ...been configured Named Authentication Server Groups The number of configured named RADIUS server groups Named Accounting Server Groups The number of configured named RADIUS server groups Timeout The configured timeout value in seconds for request retransmissions Retransmit The configured value of the maximum number of times a request packet is retransmitted Deadtime The length of time an unavailabl...

Page 669: ...Mode Disable More or q uit RADIUS Attribute 4 Value 0 0 0 0 console show aaa servers name Server Name Host Address Port Secret Configured Default RADIUS Server 4 4 4 4 1812 No test 6 6 6 6 1812 No console show radius servers IP address Type Port TimeOut Retran DeadTime Source IP Prio Usage 10 27 5 157 Auth 1812 Global Global Global 10 27 65 13 0 all Global values Configured Authentication Servers ...

Page 670: ...ius servers name Default RADIUS Server RADIUS Server Name Default RADIUS Server Current Server IP Address 1 1 1 1 Retransmits 4 Timeout 5 Deadtime 0 Port 1812 Source IP 0 0 0 0 Secret Configured No Message Authenticator Enable show radius statistics Use the show radius statistics command to show the statistics for an authentication or accounting server Syntax show radius statistics accounting auth...

Page 671: ...the host name when specified in double quotes For example console config snmp server host host name servername The alias used to identify the server Field Description RADIUS Accounting Server Name Name of the accounting server Server Host Address IP address of the host Round Trip Time The time interval in hundredths of a second between the most recent Accounting Response and the Accounting Request...

Page 672: ...eouts The number of accounting timeouts on this server Unknown Types The number of packets unknown type which were received from this server on accounting port Packets Dropped The number of RADIUS packets received from this server on accounting port and dropped for some other reason Field Description RADIUS Server Name Name of the authenticating server Server Host Address IP address of the host Ac...

Page 673: ...e packets with an invalid length Bad authenticators or signature attributes or unknown types are not included as malformed access responses Bad Authenticators The number of RADIUS Access Response packets containing invalid authenticators or signature attributes received from this server Pending Requests The number of RADIUS Access Request packets destined for this server that have not yet timed ou...

Page 674: ...0 Access Retransmissions 0 Access Accepts 0 Access Rejects 0 Access Challenges 0 Malformed Access Responses 0 Bad Authenticators 0 Pending Requests 0 Timeouts 0 Unknown Types 0 Packets Dropped 0 source ip Use the source ip command in Radius mode to specify the source IP address to be used for communication with Radius servers 0 0 0 0 is interpreted as a request to use the IP address of the outgoin...

Page 675: ...xample The following example specifies 10 240 1 23 as the source IP address console config radius server host 192 143 120 123 console config radius source ip 10 240 1 23 timeout Use the timeout command in Radius mode to set the timeout value in seconds for the designated Radius server Syntax timeout timeout timeout Timeout value in seconds for the specified server Range 1 30 seconds Default Config...

Page 676: ...0 usage Use the usage command in Radius mode to specify the usage type of the server Syntax usage type type Variable can be one of the following values login 802 1x or all Default Configuration The default variable setting is all Command Mode Radius mode User Guidelines User must enter the mode corresponding to a specific Radius server before executing this command Example The following example sp...

Page 677: ...a network from forwarding loops induced by BPDU packet loss It can be configured to prevent a blocked port from transitioning to the forwarding state when the port stops receiving BPDUs for some reason such as a uni directional link failure STP BPDU Guard The STP BPDU guard allows the network administrator to enforce the STP domain borders and keep the active topology consistent and predictable Th...

Page 678: ...led switch To enable BPDU flooding on a port STP should be disabled on the switch administratively When this feature is enabled on the switch it floods all the ports with the BPDU flood feature enabled on it Commands in this Chapter This chapter explains the following commands clear spanning tree detected protocols spanning tree auto portfast spanning tree max age spanning tree portfast bpdufilter...

Page 679: ... channel number tengigabitethernet unit slot port Default Configuration This command has no default setting Command Mode Privileged EXEC mode User Guidelines This feature is used only when working in RSTP or MSTP mode Example The following example restarts the protocol migration process forces the renegotiation with neighboring switches on 1 0 1 console clear spanning tree detected protocols gigab...

Page 680: ... VLANS to an MST instance Syntax instance instance id add remove vlan vlan range instance ID ID of the MST instance Range 1 15 vlan range VLANs to be added to the existing MST instance To specify a range of VLANs use a hyphen To specify a series of VLANs use a comma Range 1 4093 Default Configuration VLANs are mapped to the common and internal spanning tree CIST instance instance 0 Command Mode MS...

Page 681: ... ports have some but not all of the VLANs mapped to MST instances console config spanning tree mode mst console config spanning tree mst 1 priority 8192 console config spanning tree mst 2 priority 28672 console config spanning tree mst configuration console config mst instance 1 add vlan 2 199 console config mst instance 1 add vlan 350 console config mst instance 1 add vlan 400 449 console config ...

Page 682: ...port mode trunk console config if Te1 1 2 switchport trunk allowed vlan add 200 349 console config if Te1 1 2 spanning tree mst 2 port priority 16 console config if Te1 1 2 exit name mst Use the name command in MST mode to define the configuration name To return to the default setting use the no form of this command Syntax name string string Case sensitive MST configuration name Range 1 32 charact...

Page 683: ...g use the no form of this command Syntax revision version no revision version Configuration revision number Range 0 65535 Default Configuration Revision number is 0 Command Mode MST mode User Guidelines This command has no user guidelines Example The following example sets the configuration revision to 1 console config spanning tree mst configuration console config mst revision 1 show spanning tre...

Page 684: ...er Guidelines This command has no user guidelines Examples The following examples display spanning tree information console show spanning tree Spanning tree Enabled BPDU Flooding Disabled Portfast BPDU filtering Disabled mode rstp CST Regional Root 80 00 00 1E C9 AA AD 1B Regional Root Path Cost 0 ROOT ID Priority 32768 Address 0010 1882 1C53 Path Cost 20000 Parameter Description detail Displays d...

Page 685: ...1 Port Gi1 0 1 Enabled State Forwarding Role Root Port id 128 1 Port Cost 20000 Port Fast No Root Protection No Designated bridge Priority 32768 Address 0010 1882 1C53 Designated port id 128 48 Designated path cost 0 CST Regional Root 80 00 00 10 18 82 1C 53 CST Port Cost 0 Root Guard FALSE Loop Guard FALSE TCN Guard FALSE Auto Portfast TRUE Port Up Time Since Counters Last Cleared 0 day 0 hr 17 m...

Page 686: ... 0 CST Regional Root 80 00 00 10 18 82 1C 53 CST Port Cost 0 BPDU sent 24 received 500 console show spanning tree detail active Spanning tree Enabled BPDU flooding Disabled Portfast BPDU filtering Disabled mode rstp CST Regional Root 80 00 00 1E C9 AA AD 1B Regional Root Path Cost 0 ROOT ID Priority 32768 Address 0010 1882 1C53 Path Cost 20000 Root Port Gi1 0 1 Hello Time 2 Sec Max Age 20 sec Forw...

Page 687: ...st 0 BPDU sent 524 received 0 console show spanning tree detail blockedports Spanning tree Enabled BPDU flooding Disabled Portfast BPDU filtering Disabled mode rstp CST Regional Root 80 00 00 1E C9 AA AD 1B Regional Root Path Cost 0 ROOT ID Priority 32768 Address 0010 1882 1C53 Path Cost 20000 Root Port Gi1 0 1 Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 Address 0...

Page 688: ...d based upon the mode parameter BPDU Protection Mode Enabled or disabled BPDU Filter Mode Enabled or disabled BPDU Flooding Mode Enabled or disabled Configuration Name Identifier used to identify the configuration currently being used Configuration Revision Level Identifier used to identify the configuration currently being used Configuration Digest Key A generated Key used in the exchange of the ...

Page 689: ...he spanning tree command in Global Configuration mode to enable spanning tree functionality To disable spanning tree functionality use the no form of this command Syntax spanning tree no spanning tree Default Configuration Spanning tree is enabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enables spanning tree functiona...

Page 690: ...ed by default Command Mode Interface Configuration Ethernet Port Channel mode Usage Guidelines There are no user guidelines for this command Example The following example enables spanning tree functionality on gigabit ethernet interface 4 0 1 console config console config interface gigabitethernet 4 0 1 console config if 4 0 1 spanning tree auto portfast spanning tree bpdu flooding The spanning tr...

Page 691: ... terminal such as a desktop computer or file server directly and configured as an edge port to implement the fast transition When the port receives a BPDU packet the system sets it to non edge port and recalculates the spanning tree which causes network topology flapping In normal cases these ports do not receive any BPDU packets However someone may forge BPDU to maliciously attack the switch and ...

Page 692: ...ng tree cost command in Interface Configuration mode to configure the external spanning tree path cost for a port To return to the default port path cost use the no form of this command Syntax spanning tree cost cost no spanning tree cost cost The port path cost Range 0 200 000 000 Default Configuration The default cost is 0 which signifies that the cost is automatically calculated based on port s...

Page 693: ...he spanning tree cost on 1 0 5 to 35000 console config interface gigabitethernet 1 0 5 console config if 1 0 5 spanning tree cost 35000 spanning tree disable Use the spanning tree disable command in Interface Configuration mode to disable spanning tree on a specific port To enable spanning tree on a port use the no form of this command Syntax spanning tree disable no spanning tree disable Default ...

Page 694: ...ates before entering the forwarding state To reset the default forward time use the no form of this command Syntax spanning tree forward time seconds no spanning tree forward time seconds Time in seconds Range 4 30 Default Configuration The default forwarding time for IEEE Spanning tree Protocol STP is 15 seconds Command Mode Global Configuration mode User Guidelines When configuring the Forward T...

Page 695: ... guard none Disables root and loop guard Default Configuration Neither root nor loop guard is enabled Command Mode Interface Configuration Ethernet Port Channel mode User Guidelines There are no user guidelines for this command Example The following example disables spanning tree guard functionality on gigabit ethernet interface 4 0 1 console config console config interface gigabitethernet 4 0 1 c...

Page 696: ...nning tree loopguard functionality on all ports console config spanning tree loopguard default spanning tree max age Use the spanning tree max age command in Global Configuration mode to configure the spanning tree bridge maximum age To reset the default maximum age use the no form of this command Syntax spanning tree max age seconds no spanning tree max age seconds Time in seconds Range 6 40 Defa...

Page 697: ...se the spanning tree max hops command to set the MSTP Max Hops parameter to a new value for the common and internal spanning tree Use the no form of this command to reset the Max Hops to the default Syntax spanning tree max hops hops no spanning tree max hops hops The maximum number of hops to use Range 1 127 Default Configuration The Maximum number of hops is 20 by default Command Mode Global Con...

Page 698: ...t Configuration Rapid Spanning Tree Protocol RSTP is supported Command Mode Global Configuration mode User Guidelines In RSTP mode the switch would use STP when the neighbor switch is using STP In MSTP mode the switch would use RSTP when the neighbor switch is using RSTP and would use STP when the neighbor switch is using STP Example The following example configures the spanning tree protocol to M...

Page 699: ... configuration console config mst instance 1 add vlan 10 20 console config mst name region1 console config mst revision 1 spanning tree mst cost Use the spanning tree mst cost command in Interface Configuration mode to configure the internal path cost for multiple spanning tree MST calculations If a loop occurs the spanning tree considers path cost when selecting an interface to put in the forward...

Page 700: ...abitethernet mode User Guidelines MST instance id 0 is the common internal spanning tree instance CIST Example The following example configures the MSTP instance 1 path cost for interface 1 0 9 to 4 console config interface gigabitethernet 1 0 9 console config if 1 0 9 spanning tree mst 1 cost 4 spanning tree mst port priority Use the spanning tree mst port priority command in Interface Configurat...

Page 701: ... interface 1 0 5 to 144 console config interface gigabitethernet 1 0 5 console config if spanning tree mst 1 port priority 144 spanning tree mst priority Use the spanning tree mst priority command in Global Configuration mode to set the switch priority for the specified spanning tree instance To return to the default setting use the no form of this command Syntax spanning tree mst instance id prio...

Page 702: ...t 1 priority 4096 spanning tree portfast Use the spanning tree portfast command in Interface Configuration mode to enable PortFast mode In PortFast mode the interface is immediately put into the forwarding state upon linkup without waiting for the timer to expire To disable PortFast mode use the no form of this command Syntax spanning tree portfast no spanning tree portfast Parameter Description i...

Page 703: ...abled is moved directly to the spanning tree forwarding state when linkup occurs without waiting the standard forward time delay Example The following example enables PortFast on 1 0 5 console config interface gigabitethernet 1 0 5 console config if 1 0 5 spanning tree portfast spanning tree portfast bpdufilter default The spanning tree portfast bpdufilter default command discards BPDUs received o...

Page 704: ...mmand to disable Portfast mode on all ports Syntax spanning tree portfast default no spanning tree portfast default Default Configuration Portfast mode is disabled by default Command Mode Global Configuration mode Usage Guidelines This command only applies to access ports NOTE This command should be used with care An interface with PortFast mode enabled is moved directly to the spanning tree forwa...

Page 705: ... of this command Syntax spanning tree port priority priority no spanning tree port priority priority The port priority Range 0 240 Default Configuration The default port priority for IEEE STP is 128 Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines The priority value must be a multiple of 16 Example The following example configures the spanni...

Page 706: ...e Range 0 61440 Default Configuration The default bridge priority for IEEE STP is 32768 Command Mode Global Configuration mode User Guidelines The priority value must be a multiple of 4096 The switch with the lowest priority is the root of the spanning tree Example The following example configures spanning tree priority to 12288 console config spanning tree priority 12288 spanning tree tcnguard Us...

Page 707: ...e transmit hold count Use the spanning tree transmit hold count command to set the maximum number of BPDUs that a bridge is allowed to send within a hello time window 2 seconds Use the no form of this command to reset the hold count to the default value Syntax spanning tree transmit hold count value no spanning tree transmit hold count value The maximum number of BPDUs to send Range 1 10 Default C...

Page 708: ...708 Spanning Tree Commands Example The following example sets the maximum number of BPDUs sent to 6 console config spanning tree transmit hold count 6 ...

Page 709: ... authentication method for a user login type CLI HTTP HTTPS the NAS will prompt for the user login credentials and request services from the FASTPATH TACACS client the client will then use the configured list of servers for authentication and provide results back to the NAS The TACACS server list is configured with one or more hosts defined via their network IP address each can be assigned a prior...

Page 710: ...sed on the TACACS daemon Syntax key key string key string To specify the key name Range 1 128 characters Default Configuration If left unspecified the key string parameter defaults to the global value Command Mode TACACS Configuration mode User Guidelines This command has no user guidelines Example The following example specifies an encryption and authentication key of 12 console tacacs key 12 key...

Page 711: ...figuration mode User Guidelines This command has no user guidelines Example The following example displays how to specify server port number 1200 console tacacs port 1200 priority Use the priority command in TACACS Configuration mode to specify the order in which servers are used where 0 zero is the highest priority Syntax priority priority priority Specifies the priority for servers 0 zero is the...

Page 712: ...the show tacacs command in Privileged EXEC mode to display the configuration and statistics of a TACACS server Syntax show tacacs ip address ip address The name or IP address of the host Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Examples The following example displays TACACS server settings ...

Page 713: ...Syntax tacacs server host ip address hostname no tacacs server host ip address hostname ip address The IP address of the TACACS server hostname The hostname of the TACACS server Range 1 255 characters Default Configuration No TACACS host is specified Command Mode Global Configuration mode User Guidelines To specify multiple hosts multiple tacacs server host commands can be used TACACS servers are ...

Page 714: ...key must match the key used on the TACACS daemon Range 0 128 printable characters except for question marks and double quotes Default Configuration The default is an empty string Command Mode Global Configuration mode User Guidelines The tacacs server key command accepts any printable characters for the key except a double quote or question mark Enclose the string in double quotes to include space...

Page 715: ...timeout no tacacs server timeout timeout The timeout value in seconds Range 1 30 Default Configuration The default value is 5 seconds Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example sets the timeout value as 30 console config tacacs server timeout 30 timeout Use the timeout command in TACACS Configuration mode to specify the ...

Page 716: ...1 30 Default Configuration If left unspecified the timeout defaults to the global value Command Mode TACACS Configuration mode User Guidelines This command has no user guidelines Example This example shows how to specify the timeout value console tacacs timeout 23 ...

Page 717: ...he physical locations of devices in the network PowerConnect switching supports up to 1024 VLANs for forwarding VLANs can be allocated by subnet and netmask pairs thus allowing overlapping subnets For example subnet 10 10 128 0 with Mask 255 255 128 0 and subnet 10 10 0 0 with Mask 255 255 0 0 can have different VLAN associations Double VLAN Mode An incoming frame is identified as tagged or untagg...

Page 718: ... VLAN can quickly eat up address entries Each VLAN is associated with its own forwarding database Hence the number of forwarding databases equals the number of VLANs supported The MAC address stored is supplemented by a 2 byte VLAN ID The first 2 bytes of a forwarding database entry contain the VLAN ID associated and the next 6 bytes contain the MAC address There is a one to one relationship betwe...

Page 719: ...e use of the packet s protocol in addition to the PVID to determine the VLAN to which the packet belongs This approach requires one VID on each port for each protocol for which the filter is desired IP Subnet Based VLANs This feature allows an untagged packet to be placed in a configured VLAN based upon its IP address MAC Based VLANs This feature allows an untagged packet to be placed in a configu...

Page 720: ...rt trunk vlan protocol group name protocol group show vlan association subnet vlan vlan protocol group remove protocol vlan group switchport access vlan vlan Global Config vlan routing protocol vlan group all switchport forbidden vlan vlan association mac show dvlan tunnel switchport general acceptable frame type tagged only vlan association subnet Parameter Description 802 1Q Configures the Ether...

Page 721: ...ommand enables disables the use of the ethertype on the specific interface The ethertype used in the interface form of the command must use the same ethertype as specified in the global configuration form of the command The inner vlan tag C TAG is configured using the switchport command in interface configuration mode Example The following example displays configuring Double VLAN tunnel for vman E...

Page 722: ...onfig vlan ip address 131 108 1 27 255 255 255 0 interface range vlan Use the interface range vlan command in Global Configuration mode to execute a command on multiple VLANs at the same time Syntax interface range vlan vlan range all vlan range A list of valid VLAN IDs to add Separate nonconsecutive VLAN IDs with a comma and no spaces use a hyphen to designate a range of IDs Range 2 4093 all All ...

Page 723: ...mand console config interface range vlan 221 228 889 console config if mode dvlan tunnel Use the mode dvlan tunnel command in Interface Configuration mode to enable Double VLAN Tunneling on the specified interface To disable Double VLAN Tunneling on the specified interface use the no form of this command Syntax mode dvlan tunnel no mode dvlan tunnel Default Configuration By default Double VLAN Tun...

Page 724: ...context Syntax name vlan name no name Parameter Description Default Configuration The default VLAN name is default Command Mode Interface VLAN Configuration mode User Guidelines The VLAN name may include any alphanumeric characters including a space underscore or dash Enclose the string in double quotes to include spaces within the name The surrounding quotes are not used as part of the name The C...

Page 725: ... protocol based group except when GVRP is expected to create the VLAN To detach the VLAN from this protocol based group identified by this groupid use the no form of this command Syntax protocol group groupid vlanid no protocol group groupid vlanid groupid The protocol based VLAN group ID which is automatically generated when you create a protocol based VLAN group with the vlan protocol group comm...

Page 726: ... fails and the interface s are not added to the group Ensure that the referenced VLAN is created prior to the creation of the protocol based group except when GVRP is expected to create the VLAN To remove the interface from this protocol based VLAN group that is identified by this groupid use the no form of this command If you select all all ports are removed from this protocol group Syntax protoc...

Page 727: ...rrently associated with the group this command fails and the interface s are not added to the group Ensure that the referenced VLAN is created prior to the creation of the protocol based group except when GVRP is expected to create the VLAN To remove all interfaces from this protocol based group that is identified by this groupid use the no form of the command Syntax protocol vlan group all groupi...

Page 728: ... Use the show dvlan tunnel command in Privileged EXEC mode to display all interfaces enabled for Double VLAN Tunneling Syntax show dvlan tunnel Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example shows how to display all interfaces for Double VLAN Tunneling console show d...

Page 729: ...Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays detailed information for port 1 0 1 console show dvlan tunnel interface 1 0 1 Interface Mode EtherType 1 0 1 Enable vMAN The following table describes the significant fields shown in the example Field Description Mode T...

Page 730: ...no user guidelines Examples The following example displays switchport configuration individually for gi1 0 1 console show interface switchport gigabitethernet 1 0 1 Port 1 0 1 VLAN Membership mode General Operating parameters EtherType This field represents a 2 byte hex EtherType to be used as the first 16 bits of the DVLAN tunnel The three different EtherType tags are 1 802 1Q which represents th...

Page 731: ...e 1 default untagged Default 8 VLAN008 tagged Dynamic 11 VLAN0011 tagged Static 19 IPv6 VLAN untagged Static 72 VLAN0072 untagged Static Static configuration PVID 1 default Ingress Filtering Enabled Acceptable Frame Type All Port 1 0 1 is statically configured to VLAN Name Egress rule 11 VLAN0011 tagged 19 IPv6 VLAN untagged 72 VLAN0072 untagged Forbidden VLANS VLAN Name ...

Page 732: ...eneral Operating parameters PVID 4095 discard vlan Ingress Filtering Enabled Acceptable Frame Type All Port 1 0 1 is member in VLAN Name Egress rule Type 91 IP Telephony tagged Static Static configuration PVID 8 Ingress Filtering Disabled Acceptable Frame Type All Port 1 0 2 is statically configured to VLAN Name Egress rule 8 VLAN0072 untagged 91 IP Telephony tagged Forbidden VLANS VLAN Name ...

Page 733: ... PVID 2922 Ingress Filtering Enabled Acceptable Frame Type Untagged GVRP status Disabled Port 2 0 19 is member in VLAN Name Egress rule Type 2921 Primary A untagged Static 2922 Community A1 untagged Static Static configuration PVID 2922 Ingress Filtering Enabled Acceptable Frame Type Untagged GVRP status Disabled Port 2 0 19 is member in VLAN Name Egress rule Type 2921 Primary A untagged Static ...

Page 734: ...up ID which is automatically generated when you create a protocol based VLAN group with the vlan protocol group command all Enter all to show all interfaces Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the Protocol Based VLAN information for either the ent...

Page 735: ...name Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays information for VLAN id 1 2 and 3 console show vlan id 1 VLAN Name Ports Type 1 default Po1 48 Default Gi1 0 1 10 console show vlan id 2 VLAN Name Ports Type Parameter Description vlan...

Page 736: ...o MAC address is specified the VLAN associations of all the configured MAC addresses are displayed Syntax show vlan association mac mac address mac address Specifies the MAC address to be entered in the list Range Any valid MAC address Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The fo...

Page 737: ...N associations of all the configured IP subnets are displayed Syntax show vlan association subnet ip address ip mask ip address Specifies IP address to be shown ip mask Specifies IP mask to be shown Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The command has no user guidelines Example The following example shows the case if no I...

Page 738: ... vlan id A valid VLAN ID of the VLAN to which the port is configured Default Configuration The default value for the vlan id parameter is 1 Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines The command automatically removes the port from the previous VLAN and adds it to the new VLAN Example The following example configures a VLAN ID of interf...

Page 739: ... IDs with a comma and no spaces Use a hyphen to designate a range of IDs remove vlan list List of valid VLAN IDs to remove from the forbidden list Separate nonconsecutive VLAN IDs with a comma and no spaces Use a hyphen to designate a range of IDs Default Configuration All VLANs allowed Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines This c...

Page 740: ...l frame types are accepted at ingress Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines This command has no user guidelines Example The following example configures 1 0 8 to discard untagged frames at ingress console config interface gigabitethernet 1 0 8 console config if 1 0 8 switchport general acceptable frame type tagged only switchport ...

Page 741: ...he port to transmit untagged packets for the VLANs Default Configuration Untagged Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines You can use this command to change the egress rule for example from tagged to untagged without first removing the VLAN from the list Example The following example shows how to add VLANs 1 2 5 and 8 to the allowed...

Page 742: ...ering on 1 0 8 console config interface gigabitethernet 1 0 8 console config if 1 0 8 switchport general ingress filtering disable switchport general pvid Use the switchport general pvid command in Interface Configuration mode to configure the Port VLAN ID PVID when the interface is in general mode Use the switchport mode general command to set the VLAN membership mode of a port to general To conf...

Page 743: ...le config if 1 0 8 switchport general pvid 234 switchport mode Use the switchport mode command in Interface Configuration mode to configure the VLAN membership mode of a port To reset the mode to the appropriate default for the switch use the no form of this command Syntax switchport mode access trunk general no switchport mode Parameter Description Parameter Description access An access port conn...

Page 744: ... from a trunk port or to set the PVID for an interface in Trunk Mode Syntax switchport trunk allowed vlan vlan list native vlan vlan id trunk A trunk port connects two switches A trunk port may belong to multiple VLANs A trunk port accepts only packets tagged with the VLAN IDs of the VLANs to which the trunk is a member or untagged packets if configured with a PVID A trunk only transmits tagged pa...

Page 745: ... VLANs from 1 to 4093 This keyword is not allowed on commands that do not permit all VLANs in the list to be set at the same time add adds the defined list of VLANs to those currently set instead of replacing the list remove removes the defined list of VLANs from those currently set instead of replacing the list Valid IDs are from 1 to 4093 extended range VLAN IDs of the form X Y or X Y Z are vali...

Page 746: ... range A list of valid VLAN IDs to be added List separate non consecutive VLAN IDs separated by commas without spaces use a hyphen to designate a range of IDs Range 2 4093 Default Configuration This command has no default configuration Command Mode VLAN Database mode User Guidelines Deleting the VLAN for an access port will cause that port to become unusable until it is assigned a VLAN that exists...

Page 747: ...has no default configuration Command Mode Global Configuration Config User Guidelines This command has no user guidelines Example The following example shows how to create add VLAN of IDs 22 23 and 56 console config vlan 22 23 56 console config vlan Parameter Description vlan id A valid VLAN ID Range 2 4093 vlan range A list of valid VLAN IDs List separate non consecutive VLAN IDs separated by com...

Page 748: ...xx vlanid VLAN to associate with subnet Range 1 4093 Default Configuration No assigned MAC address Command Mode VLAN Database mode User Guidelines This command has no user guidelines Example The following example associates MAC address with VLAN ID 1 console config vlan vlan association mac 0001 0001 0001 1 vlan association subnet Use the vlan association subnet command in VLAN Database mode to as...

Page 749: ...is command has no user guidelines Example The following example associates IP address with VLAN ID 100 console config vlan vlan association subnet 192 245 23 45 255 255 255 0 100 vlan database Use the vlan database command in Global Configuration mode to enter the VLAN database configuration mode Syntax vlan database Default Configuration This command has no default configuration Command Mode Glob...

Page 750: ...is a valid VLAN identification number VLAN range is 2 4093 Syntax vlan makestatic vlan id vlan id Valid vlan ID Range is 2 4093 Default Configuration This command has no default configuration Command Mode VLAN Database Mode User Guidelines The dynamic VLAN created via GRVP should exist prior to executing this command See the Type column in output from the show vlan command to determine that the VL...

Page 751: ...g command vlan protocol group groupname is updated to vlan protocol group groupid so that groupid is used for both configuration and script generation NOTE If an attempt is made to migrate to the latest implementation with any of the groupnames deleted prior to saving configuration on the pre 3 0 0 x code applicable only for platforms PC62xx PCM622x PCM8024 the problem on the latest code will rema...

Page 752: ...rm of this command Syntax vlan protocol group add protocol groupid ethertype value no vlan protocol group add protocol groupid ethertype value groupid The protocol based VLAN group ID which is automatically generated when you create a protocol based VLAN group with the vlan protocol group command To see the group ID associated with the name of a protocol group use the show port protocol all comman...

Page 753: ...ommand To see the group ID associated with the name of a protocol group use the show port protocol all command groupName The group name you want to add The group name can be up to 16 characters length It can be any valid alpha numeric characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines...

Page 754: ...nfiguration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example displays the removal of the protocol based VLAN group identified as 2 console config vlan protocol group remove 2 vlan routing Use the vlan routing command to enable routing on a VLAN Use the no form of this command to disabl...

Page 755: ...he routing command in VLAN Interface Configuration mode Examples console config vlan vlan routing 10 1 index Internal interface ID This optional parameter is listed in the configuration file for all VLAN routing interfaces When a nonstop forwarding failover occurs this information enables the system to correlate checkpointed state information with the proper interfaces and their configuration Para...

Page 756: ...756 VLAN Commands ...

Page 757: ... are therefore segregated so that better service can be provided to the voice traffic When a dot1p priority is associated with the voice VLAN port instead of VLAN ID then the priority information is passed onto the VoIP phone using the LLDP MED mechanism Thus the voice data coming from the VoIP phone is tagged with VLAN 0 and with the exchanged priority Regular data arriving on the switch is given...

Page 758: ...lobal Configuration Usage Guidelines Not applicable Default Value This feature is disabled by default Example console config voice vlan console config no voice vlan voice vlan Interface This command is used to enable the voice vlan capability on the interface Syntax voice vlan vlanid dot1p priority none untagged data priority trust untrust auth enable disable dscp dscp no voice vlan ...

Page 759: ... the priority on received voice vlan traffic trusted mode dot1p Configure Voice VLAN 802 1p priority tagging for voice traffic dscp Configure DSCP value for voice traffic on the voice vlan port Range 0 64 none Allow the IP phone to use its own configuration to send untagged voice traffic priority The Dot1p priority for the voice VLAN on the port trust Trust the dot1p priority or DSCP values contai...

Page 760: ...t trust the dot1p priority or DSCP values contained in packets arriving on the voice vlan port Command Mode Interface Configuration Default Value trust Example console config if 1 0 1 voice vlan data priority untrust console config if 1 0 1 voice vlan data priority trust show voice vlan show voice vlan interface gigabitethernet unit slot port tengigabitethernet unit slot port all Syntax When the i...

Page 761: ... When the interface parameter is specified Voice VLAN Mode The admin mode of the voice VLAN on the interface Voice VLAN ID The voice VLAN ID Voice VLAN Priority The Dot1p priority for the voice VLAN on the port Voice VLAN Untagged The tagging option for the voice VLAN traffic Voice VLAN COS Override The Override option for the voice traffic arriving on the port Voice VLAN Status The operational st...

Page 762: ...762 Voice VLAN Commands ...

Page 763: ...on server or authentication using remote RADIUS or TACACS servers Supported security methods for communication with remote servers include MD5 PEAP EAP TTL EAP TTLS and EAP TLS Local 802 1X Authentication Server The PowerConnect switch supports a dedicated database for local authentication of users for network access through the Dot1x feature This functionality is distinct from management access f...

Page 764: ...loaded or imported downloaded to from a central location using a TFTP server MAC Authentication Bypass Today 802 1x has become the recommended port based authentication method at the access layer in enterprise networks However there may be 802 1x unaware devices such as printers fax machines etc that would require access to the network without 802 1x authentication MAC Authentication Bypass MAB is...

Page 765: ...s a failure to authenticate but logs the results of the authentication process for diagnostic purposes The exact details are described in the below sections The main aim of the monitor mode is to provide a mechanism to the operator to be able to identify the short comings in the configuration of a Dot1x authentication on the switch without affecting the network access to the users of the switch Th...

Page 766: ... that the client can connect from any port and be assigned to the appropriate VLAN This gives flexibility for clients to move around the network with out requiring the operator to perform additional provisioning for each network interface Commands in this Chapter This chapter explains the following commands dot1x dynamic vlan enable dot1x timeout guest vlan period show dot1x clients dot1x mac auth...

Page 767: ...does not exist in the switch Use the no form of the command to disable this capability Syntax dot1x dynamic vlan enable no dot1x dynamic vlan enable Parameter Description This command does not require a parameter description Default Configuration The default value is Disabled Command Mode Global Configuration User Guidelines This command has no user guidelines dot1x guest vlan dot1x unauth vlan sh...

Page 768: ...Syntax Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command dot1x mac auth bypass Use the dot1x mac auth bypass command to enable MAB on an interface Use the no form of this command to disable MAB on an interface Syntax dot1x mac auth bypass no dot1x mac auth bypass Default Config...

Page 769: ...ing that no response is received to the client before restarting the authentication process To return to the default setting use the no form of this command Syntax dot1x max req count no dot1x max req count Number of times that the switch sends an EAP request identity frame before restarting the authentication process Range 1 10 Default Configuration The default value for the count parameter is 2 ...

Page 770: ...o version of the command to reset the maximum number of clients supported on the port when MAC based 802 1X authentication is enabled on the port The value would be reset to 8 Syntax dot1x max users users no dot1x max users users The number of users the port supports for MAC based 802 1X authentication Range 1 16 Default Configuration The default number of clients supported on a port with MAC base...

Page 771: ...n on the interface and causes the port to transition to the authorized state without any authentication exchange required The port sends and receives normal traffic without 802 1x based authentication of the client force unauthorized Denies all access through this interface by forcing the port to transition to the unauthorized state ignoring all attempts by the client to authenticate The switch ca...

Page 772: ... authentication on port 1 0 2 console config interface gigabitethernet 1 0 2 console config if 1 0 2 dot1x port control mac based dot1x re authenticate Use the dot1x re authenticate command in Privileged EXEC mode to enable manually initiating a re authentication of all 802 1x enabled ports or the specified 802 1x enabled port Syntax dot1x re authenticate gigabitethernet unit slot port Default Con...

Page 773: ...cation is disabled Command Mode Interface Configuration Ethernet mode User Guidelines This command has no user guidelines Example The following example enables periodic re authentication of the client console config interface gigabitethernet 1 0 16 console config if 1 0 16 dot1x reauthentication dot1x system auth control monitor Use the dot1x system auth control monitor command in Global Configura...

Page 774: ...nitor dot1x timeout guest vlan period Use the dot1x timeout guest vlan period command in Interface Configuration mode to set the number of seconds that the switch waits before authorizing the client if the client is a dot1x unaware client Syntax dot1x timeout guest vlan period seconds seconds Time in seconds that the switch waits before authorizing the client if the client is a dot1x unaware clien...

Page 775: ...ode to set the number of seconds that the switch remains in the quiet state following a failed authentication exchange for example the client provided an invalid password To return to the default setting use the no form of this command Syntax dot1x timeout quiet period seconds no dot1x timeout quiet period seconds Time in seconds that the switch remains in the quiet state following a failed authen...

Page 776: ... config interface gigabitethernet 1 0 16 console config if 1 0 16 dot1x timeout quiet period 3600 dot1x timeout re authperiod Use the dot1x timeout re authperiod command in Interface Configuration mode to set the number of seconds between re authentication attempts To return to the default setting use the no form of this command Syntax dot1x timeout re authperiod seconds no dot1x timeout re authpe...

Page 777: ...r To return to the default setting use the no form of this command Syntax dot1x timeout server timeout seconds no dot1x timeout server timeout seconds Time in seconds that the switch waits for a response from the authentication server Range 1 65535 Default Configuration The period of time is set to 30 seconds Command Mode Interface Configuration Ethernet mode User Guidelines The actual timeout is ...

Page 778: ...pp timeout seconds Time in seconds that the switch should wait for a response to an EAP request frame from the client before resending the request Range 1 65535 Default Configuration The period of time is set to 30 seconds Command Mode Interface Configuration Ethernet mode User Guidelines Change the default value of this command only to adjust for unusual circumstances such as unreliable links or ...

Page 779: ... wait for a response to an EAP request identity frame from the client before resending the request Range 1 65535 Default Configuration The period of time is set to 30 seconds Command Mode Interface Configuration Ethernet mode User Guidelines Change the default value of this command only to adjust for unusual circumstances such as unreliable links or specific behavioral problems with certain client...

Page 780: ...cription Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines If you do not use the optional parameters the command displays the global dot1x mode and the VLAN Assignment mode Parameter Description interface id Any valid interface See Interface Naming Conventions for interface representation Field Description Administrative Mode Indicate...

Page 781: ...ts in summary or in detail Syntax show dot1x authentication history interface id all failed auth only detail Parameter Description The following table explains the output parameters Monitor Mode Indicates whether the Dot1x Monitor mode on the switch is enabled or disabled Parameter Description Time Stamp Exact time at which the event occurs Interface Physical Port on which the event occurs MAC Add...

Page 782: ...0 2 MAC Address 00 01 02 03 04 05 VLAN Assigned 111 VLAN Assigned Reason Guest VLAN Auth Status Authorized Reason Dot1x Authentication due to Guest VLAN Timer Expiry console show dot1x authentication history all Time Stamp Interface MAC Address VLANID Auth Status Mar 22 2010 01 16 31 gi1 0 2 00 01 02 03 04 05 111 Authorized Mar 22 2010 01 20 33 gi1 0 7 00 00 0D 00 00 00 222 Authorized Reason Actua...

Page 783: ... 03 04 05 0 Unauthorized show dot1x clients Use the show dot1x clients command in Privileged EXEC mode to display 802 1x client information The client information is displayed in summary or in detail The command also displays the statistics of the number of clients that are authenticated using Monitor Mode and using 802 1x Syntax show dot1x clients interface id all Parameter Description Default Co...

Page 784: ... port number Username The username representing the identity of the Supplicant This field shows the username when the port control is auto or mac based If the port is Authorized it shows the username of the current user If the port is unauthorized it shows the last user that was authenticated successfully Supp MAC Address The MAC address of the supplicant Session Time The amount of time in seconds...

Page 785: ...upp MAC Address 00 08 A1 7E 45 1A Session Time 67 VLAN Id 1 VLAN Assigned Monitor Mode Session Timeout 0 Session Termination Action Default show dot1x interface This command shows the status of MAC Authentication Bypass This feature is an extension of Dot1x Option 81 feature added in Power Connect Release 2 1 to accept a VLAN name as an alternative to a number when RADIUS indicates the Tunnel Priv...

Page 786: ... There are no user guidelines for this command Example console show dot1x interface gigabitethernet 1 0 10 Administrative Mode Disabled Dynamic VLAN Creation Mode Disabled Monitor Mode Disabled Port Admin Oper Reauth Reauth Mode Mode Control Period Gi1 0 10 auto N A FALSE 3600 Quiet Period 60 Transmit Period 30 Maximum Requests 2 Max Users 16 ...

Page 787: ...stics Use the show dot1x statistics command in Privileged EXEC mode to display 802 1x statistics for the specified interface Syntax show dot1x statistics gigabitethernet unit slot port tengigabitethernetunit slot port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example di...

Page 788: ...POL Length Error Frames Received 0 The following table describes the significant fields shown in the display Field Description EapolFramesRx The number of valid EAPOL frames of any type that have been received by this Authenticator EapolFramesTx The number of EAPOL frames of any type that have been transmitted by this Authenticator EapolStartFramesRx The number of EAPOL Start frames that have been...

Page 789: ... number of EAP Req Id frames that have been transmitted by this Authenticator EapolReqFramesTx The number of EAP Request frames other than Rq Id frames that have been transmitted by this Authenticator InvalidEapolFramesRx The number of EAPOL frames that have been received by this Authenticator in which the frame type is not recognized EapLengthErrorFramesRx The number of EAPOL frames that have bee...

Page 790: ...llowing table describes the significant fields shown in the display clear dot1x authentication history Use the clear dot1x authentication history command in Privileged EXEC mode to clear the authentication history table captured during successful and unsuccessful authentication Syntax show dot1x authentication history interface id Field Description Username The username representing the identity o...

Page 791: ...tion history gi1 0 1 Purge all entries for the specified interface from the log 802 1x Advanced Features dot1x guest vlan Use the dot1x guest vlan command in Interface Configuration mode to set the guest VLAN on a port The VLAN must already have been defined The no form of this command sets the guest VLAN id to zero which disables the guest VLAN on a port Syntax dot1x guest vlan vlan id Parameter ...

Page 792: ...1 0 2 to VLAN 10 console config if 1 0 2 dot1x guest vlan 10 dot1x unauth vlan Use the dot1x unauth vlan command in Interface Configuration mode to specify the unauthenticated VLAN on a port The unauthenticated VLAN is the VLAN to which supplicants that fail 802 1X authentication are assigned Syntax dot1x unauth vlan vlan id no dot1x unauth vlan vlan id The ID of a valid VLAN to use for unauthenti...

Page 793: ...2 1 to remove the Multiple Hosts column and add an Unauthenticated VLAN column which indicates whether an unauthenticated VLAN is configured on a port The command has also been updated to show the Guest VLAN ID instead of the status since it is now configurable per port Syntax show dot1x advanced gigabitethernet unit slot port tengigabitethernetunit slot port Default Configuration This command has...

Page 794: ...icated VLAN Vlan 1 0 2 10 20 802 1x Option 81 radius server attribute 4 Use the radius server attribute 4 command in Global Configuration mode to set the network access server NAS IP address for the RADIUS server Use the no version of the command to set the value to the default Syntax radius server attribute 4 ip address no dot1x guest vlan ip address Specifies the IP address to be used as the RAD...

Page 795: ...e default attribute 4 value is the RADIUS server IP address Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example sets the NAS IP address in RADIUS attribute 4 to 192 168 10 22 console config radius server attribute 4 192 168 10 22 ...

Page 796: ...796 802 1x Commands ...

Page 797: ...of the Internet This section of the document contains the following Layer 3 topics ARP Commands IPv6 Routing Commands DHCP Server and Relay Agent Commands Loopback Interface Commands DHCPv6 Commands Multicast Commands DVMRP Commands OSPF Commands GMRP Commands OSPFv3 Commands IGMP Commands Router Discovery Protocol Commands IGMP Proxy Commands Routing Information Protocol Commands IP Helper DHCP R...

Page 798: ...798 Layer 3 Commands ...

Page 799: ...earn a default gateway The router discovery protocol is one method that enables hosts to learn a default gateway If a host does not know a default gateway it can learn the first hop to the destination through proxy ARP Proxy ARP RFC 1027 is a technique used to make a machine physically located on one network appear to be logically part of a different physical network connected to the same router m...

Page 800: ...the cache entry is retained and its age is reset to 0 By enabling the dynamic renew option the system administrator can configure ARP to attempt to renew aged ARP entries regardless of their use for forwarding If the system learns a new ARP entry but the hardware does not have space to add the new ARP entry the system attempts to remove entries that have not been used for forwarding recently This ...

Page 801: ...elines This command has no user guidelines Example The following example creates an ARP entry consisting of an IP address and a MAC address console config arp 192 168 1 2 00A2 64B3 A245 arp cachesize Use the arp cachesize command in Global Configuration mode to configure the maximum number of entries in the ARP cache To return the maximum number ARP cache entries to the default value use the no fo...

Page 802: ...enew dynamic ARP entries when they age out To disable the automatic renewal of dynamic ARP entries when they age out use the no form of the command Syntax arp dynamicrenew no arp dynamicrenew Default Configuration The default state is disabled Command Mode Global Configuration mode User Guidelines When an ARP entry reaches its maximum age the system must decide whether to retain or delete the entr...

Page 803: ...to host entries The disadvantage of enabling dynamic renew is that once an ARP cache entry is created that cache entry continues to take space in the ARP cache as long as the neighbor continues to respond to ARP requests even if no traffic is being forwarded to the neighbor In a network where the number of potential neighbors is greater than the ARP cache capacity enabling dynamic renew could prev...

Page 804: ...mode to configure the ARP request response timeout To return the response timeout to the default value use the no form of this command Syntax arp resptime integer no arp resptime integer IP ARP entry response time out Range 1 10 seconds Default Configuration The default value is 1 second Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The followin...

Page 805: ...lt Configuration The default value is 4 retries Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example defines 6 as the maximum number of retries console config arp retries 6 arp timeout Use the arp timeout command in Global Configuration mode to configure the ARP entry ageout time Use the no form of the command to set the ageout ti...

Page 806: ...rp cache Use the clear arp cache command in Privileged EXEC mode to remove all ARP entries of type dynamic from the ARP cache Syntax clear arp cache gateway gateway Removes the dynamic entries of type gateway as well Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example cle...

Page 807: ...Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example In the example below out of band management entries are shown i e those from the service port console show arp Age Time seconds 1200 Response Time seconds 1 Retries 4 Cache Size 6144 Dynamic Renew Mode Disable Total Entry Count Current Peak 0 0 Stati...

Page 808: ...ing is not enabled Syntax ip local proxy arp no ip local proxy arp Default Configuration Proxy arp is disabled by default Command Mode Interface Configuration User Guidelines This command has no user guidelines ip proxy arp Use the ip proxy arp command in Interface Configuration mode to enable proxy ARP on a router interface Without proxy ARP a device only responds to an ARP request if the target ...

Page 809: ...ion VLAN mode User Guidelines This command has no user guidelines Example The following example enables proxy arp for VLAN 15 config interface vlan 15 console config if vlan15 ip proxy arp show arp Use the show arp command in Privileged EXEC mode to display all entries in the Address Resolution Protocol ARP cache The displayed results are not the total ARP entries To view the total ARP entries the...

Page 810: ... EXEC modes User Guidelines This command has no user guidelines Example The following example shows show arp command output console show arp Age Time seconds 1200 Response Time seconds 1 Retries 4 Cache Size 896 Dynamic Renew Mode Enable Total Entry Count Current Peak 1 1 Static Entry Count Configured Active Max 0 0 64 ...

Page 811: ...for allocation of network addresses to hosts DHCP offers the following features and benefits It supports the definition of pools of IP addresses that can be allocated to clients by the server Many implementations use the term scope instead of pool Configuration settings like the subnet mask default router DNS server that are required to make TCP IP work correctly can be passed to the client using ...

Page 812: ...ration mode to define a DHCP address pool that can be used to supply addressing information to DHCP clients Upon successful completion this command puts the user into DHCP Pool Configuration mode Use the no form of the command to remove an address pool definition ip dhcp pool dns server IP DHCP Pool Config ip dhcp ping packets service dhcp bootfile domain name IP DHCP Pool Config lease sntp clear ...

Page 813: ...strator can configure the address space and other parameters to be supplied to DHCP clients By default the DHCP server assumes that all addresses specified are available for assignment to clients Use the ip dhcp excluded address command in Global Configuration mode to specify addresses that should never be assigned to DHCP clients To configure a dynamic DHCP address pool configure the following po...

Page 814: ...manual address binding configure the pool properties using the DHCP pool commands listed below It is only necessary to configure a DHCP client identifier or a BOOTP client MAC address for a manual binding To configure a manual binding the client identifier or hardware address must be specified before specifying the host address DHCP client identifier client identifier BOOTP client MAC address hard...

Page 815: ...sole config dhcp pool default router 192 168 22 1 192 168 23 1 bootfile Use the bootfile command in DHCP Pool Configuration mode to set the name of the image for the DHCP client to load Use the no form of the command to remove the bootfile configuration Use the show ip dhcp pool command to display pool configuration parameters Syntax bootfile filename no bootfile Parameter Description Default Conf...

Page 816: ...ivileged EXEC mode to remove automatic DHCP server bindings Syntax clear ip dhcp binding ip address Parameter Description Default Configuration The command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console clear ip dhcp binding 1 2 3 4 Parameter Description Clear all automatic dhcp bindings ip address Clear a specific...

Page 817: ...uration The command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console clear ip dhcp conflict client identifier Use the client identifier command in DHCP Pool Configuration mode to identify a Microsoft DHCP client to be manually assigned an address Use the no form of the command to remove the client identifier configur...

Page 818: ...hcp pool command to display pool configuration parameters Example console config dhcp pool client identifier 01 03 13 18 22 33 11 console config dhcp pool host 192 168 21 34 32 client name Use the client name command in DHCP Pool Configuration mode to specify the host name of a DHCP client Use the no form of the command to remove the client name configuration Syntax client name name Parameter Desc...

Page 819: ...t names Example console config dhcp pool client identifier 01 03 13 18 22 33 11 console config dhcp pool host 192 168 21 34 32 console config dhcp pool client name Line_Printer_Hallway default router Use the default router command in DHCP Pool Configuration mode to set the IPv4 address of one or more routers for the DHCP client to use Use the no form of the command to remove the default router con...

Page 820: ...68 22 1 192 168 23 1 dns server IP DHCP Pool Config Use the dns server command in IP DHCP Pool Configuration mode to set the IP DNS server address which is provided to a DHCP client by the DHCP server DNS server address is configured for stateless server support Syntax dns server ip address1 no dns server Parameter Description ip address1 The IPv4 address of the first default router for the DHCP c...

Page 821: ...HCP Pool Configuration mode to set the DNS domain name which is provided to a DHCP client by the DHCP server The DNS name is an alphanumeric string up to 255 characters in length Use the no form of the command to remove the domain name Syntax domain name domain no domain name domain domain DHCP domain name Range 1 255 characters Default Configuration This command has no default configuration Comma...

Page 822: ...There are no default MAC address manual bindings Command Mode DHCP Pool Configuration mode User Guidelines Use the show ip dhcp pool command to display pool configuration parameters It may be necessary to use the no host command prior to executing the no hardware address command Example console config dhcp pool hardware address 00 23 12 43 23 54 console config dhcp pool host 192 168 21 131 32 Para...

Page 823: ...ode User Guidelines Use the client identifier or hardware address command prior to using this command for an address pool Use the show ip dhcp pool command to display pool configuration parameters Example console config dhcp pool client identifier 00 23 12 43 23 54 console config dhcp pool host 192 168 21 131 32 Parameter Description ip address IPv4 address to be manually assigned to the host iden...

Page 824: ...lay the automatic address assignment configuration Syntax ip dhcp bootp automatic no ip dhcp bootp automatic Parameter Description This command does not require a parameter description Default Configuration Automatic BOOTP client address assignment is disabled by default Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console ip dhcp bootp automat...

Page 825: ...g ip dhcp excluded address Use the ip dhcp excluded address command in Global Configuration mode to exclude one or more DHCP addresses from automatic assignment Use the no form of the command to allow automatic address assignment for the specified address or address range Syntax ip dhcp excluded address low address high address no ip dhcp excluded address low address high address Parameter Descrip...

Page 826: ... ip dhcp ping packets command in Global Configuration mode to configure the number of pings sent to detect if an address is in use prior to assigning an address from the DHCP pool If neither ping is answered the DHCP server presumes the address is not in use and assigns the selected IP address Syntax ip dhcp ping packets 0 2 10 no ip dhcp ping packets High address An IPv4 address indicating the en...

Page 827: ...parameter to indicate that addresses are to be automatically assigned Use the no form of the command to return the lease configuration to the default Use the show ip dhcp pool command to display pool configuration parameters Use the show ip dhcp binding command to display the expiration time of the leased IP address Syntax lease days hours minutes infinite no lease Parameter Description count The ...

Page 828: ...figure the IPv4 address of the Windows Internet Naming Service WINS for a Microsoft DHCP client Use the no form of the command to remove the NetBIOS name server configuration Syntax netbios name server ip address ip address2 ip address8 no netbios name server Parameter Description days The number of days for the lease duration Range 0 59 Default is 1 hours The number of hours for the lease duratio...

Page 829: ...NetBIOS WINS information is conveyed in the Option 44 TLV of the DHCP OFFER DCHP ACK DHCP INFORM ACK and DHCP BOOTREPLY messages Example console config dhcp pool netbios name server 192 168 21 1 192 168 22 1 netbios node type Use the netbios node type command in DHCP Pool Configuration mode to set the NetBIOS node type for a Microsoft DHCP client Use the no form of the command to remove the netbio...

Page 830: ... in the Option 46 TLV of the DHCP OFFER DHCP ACK DHCP INFORM ACK and DHCP BOOTREPLY messages Supported NetBIOS node types are broadcast b node peer to peer p node mixed m node hybrid h node Example console config dhcp pool netbios node type h node network Use the network command in IP DHCP Pool Configuration mode to define a pool of IPv4 addresses for distributing to clients Syntax network network...

Page 831: ... the next server configuration Syntax next server ip address no next server Parameter Description Default Configuration There is no default IPv4 next server configured Command Mode DHCP Pool Configuration mode Parameter Description network number A valid IPv4 address mask A valid IPv4 network mask with contiguous left aligned bits prefix length An integer indicating the number of leftmost bits in ...

Page 832: ...iguration Use the show ip dhcp pool command to display pool configuration parameters Syntax option code ascii string1 hex string1 string8 ip ip address1 ip address8 no option code Parameter Description Default Configuration There is no default option configured Parameter Description code The DHCP TLV option code ascii string1 An ASCII character string Strings with embedded blanks must be wholly co...

Page 833: ...and DHCP BOOTREPLY messages Figure 41 1 lists the options that can be configured and their fixed length minimum length and length multiple requirements Figure 41 1 Option Codes and Lengths Option Code Fixed Length Minimum Length Multiple Of 2 Time Offset 4 4 Time Server 4 4 7 Log Server 4 4 8 Cookie Server 4 4 9 LPR Server 4 4 10 Impress Server 4 4 11 Resource Location Server 4 4 12 Host Name 1 13...

Page 834: ...sk 1 30 Mask Supplier 1 31 Perform Router Discovery 1 32 Router Solicitation Address 4 33 Static Router Option 8 8 34 Trailer Encapsulation 1 35 ARP Cache Timeout 4 36 Ethernet Encapsulation 1 37 TCP TTL 1 38 TCP Keepalive Interval 4 39 TCP Keepalive Garbage 1 40 Network Information Service 1 41 Network Information Servers 4 4 Figure 41 1 Option Codes and Lengths continued Option Code Fixed Length...

Page 835: ... Server 4 4 49 X Windows Display Manager 4 4 58 Renewal Time T1 4 59 Rebinding Time T2 4 60 Vendor Class 1 64 NIS Domain 1 65 NIS Servers 4 4 66 TFTP Server 1 68 Mobile IP Home Agent 0 4 69 SMTP Server 4 4 70 POP3 Server 4 4 71 NNTP Server 4 4 72 WWW Server 4 4 73 Finger Server 4 4 74 IRC Server 4 4 75 Streettalk Server 4 4 76 STDA Server 4 4 Figure 41 1 Option Codes and Lengths continued Option C...

Page 836: ... Global Configuration mode to enable local IPv4 DHCP server on the switch Use the no form of the command to disable the DHCPv4 service Syntax service dhcp no service dhcp Default Configuration The service is disabled by default Command Mode Global Configuration mode User Guidelines This command has no user guidelines sntp Use the sntp command in DHCP Pool Configuration mode to set the IPv4 address...

Page 837: ...ool configuration parameters The IPv4 address of the NTP server is conveyed in the Option 42 TLV of the DHCP OFFER DHCP ACK DHCP INFORM ACK and DHCP BOOTREPLY messages Example console config dhcp pool sntp 192 168 21 2 show ip dhcp binding Use the show ip dhcp binding command in Privileged EXEC mode to display the configured DHCP bindings Syntax show ip dhcp binding address Parameter Description i...

Page 838: ...DHCP address conflicts for all relevant interfaces or a specified interface If an interface is specified the optional statistics parameter is available to view statistics for the specified interface Syntax show ip dhcp conflict address Parameter Description Default Configuration The command has no default configuration Command Mode Privileged EXEC modes Parameter Description address A valid IPv4 a...

Page 839: ...ption This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console show ip dhcp server statistics show ip dhcp pool Use the show ip dhcp pool command in User EXEC or Privileged EXEC mode to display the configured DHCP pool or pools If no poo...

Page 840: ...e the show ip dhcp server statistics command in Privileged EXEC mode to display the DHCP server binding and message counters Syntax show ip dhcp server statistics Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Parameter D...

Page 841: ...nsole show ip dhcp server statistics Automatic Bindings 100 Expired Bindings 32 Malformed Bindings 0 Messages Received DHCP DISCOVER 132 DHCP REQUEST 132 DHCP DECLINE 0 DHCP RELEASE 32 DHCP INFORM 0 Messages Sent DHCP OFFER 132 DHCP ACK 132 DHCP NACK 0 ...

Page 842: ...842 DHCP Server and Relay Agent Commands ...

Page 843: ...id statistics vlan id Valid VLAN ID statistics Indicates statistics display if VLAN is specified Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines clear ipv6 dhcp service dhcpv6 dns server IPv6 DHCP Pool Config show ipv6 dhcp domain name IPv6 DHCP Pool Config show ipv6 dhcp binding ipv6 dhcp pool sh...

Page 844: ...ed to a DHCPv6 client by the DHCPv6 server DNS server address is configured for stateless server support Syntax dns server ipv6 address no dns server ipv6 address Parameter Description Default Configuration This command has no default configuration Command Mode IPv6 DHCP Pool Configuration mode User Guidelines This command has no user guidelines domain name IPv6 DHCP Pool Config Use the domain nam...

Page 845: ...ames with maximum of 8 Example The following example sets the DNS domain name test which is provided to a DHCPv6 client by the DHCPv6 server console config ipv6 dhcp pool addrpool console config dhcp6s pool domain name test console config dhcp6s pool no domain name test ipv6 dhcp pool Use the ipv6 dhcp pool command in Global Configuration mode to enter IPv6 DHCP Pool Configuration mode DHCPv6 pool...

Page 846: ...hcp relay command in Interface Configuration mode to configure an interface for DHCPv6 relay functionality Syntax ipv6 dhcp relay destination relay address interface vlan vlan id interface vlan vlan id remote id duid ifid user defined string destination Keyword that sets the relay server IPv6 address relay address An IPv6 address of a DHCPv6 relay server interface Sets the relay server interface v...

Page 847: ...essages to the relay server An IP interface VLAN can be configured in DHCP relay mode or DHCP server mode Configuring an interface in DHCP relay mode overwrites the DHCP server mode and vice versa An IP interface configured in relay mode cannot be configured as a DHCP client ip address dhcp Example The following example configures VLAN 15 for DHCPv6 relay functionality console config interface vla...

Page 848: ...igured in DHCP relay mode or DHCP server mode Configuring an interface in DHCP server mode overwrites the DHCP relay mode configuration and vice versa An interface in server mode cannot be configured as a DHCP client ip address dhcp Example The following example configures DHCPv6 server functionality console config interface vlan 15 console config if vlan15 ipv6 dhcp server pool prefix delegation ...

Page 849: ...6 dhcp pool addrpool console config dhcp6s pool prefix delegation 2020 1 1 64 00 01 00 09 f8 79 4e 00 04 76 73 43 76 Parameter Description prefix prefix length Delegated IPv6 prefix client DUID Client DUID e g 00 01 00 09 f8 79 4e 00 04 76 73 43 76 hostname Client hostname used for logging and tracing Range 0 31 characters The command allows spaces in the host name when specified in double quotes ...

Page 850: ...gation fc00 7 00 1D BA FF FE 06 37 64 preferred lifetime 43200 service dhcpv6 Use the service dhcpv6 command in Global Configuration mode to enable local IPv6 DHCP server on the switch Use the no form of the command to disable the DHCPv6 service Syntax service dhcpv6 no service dhcpv6 Default Configuration The service dhcpv6 is disabled by default Command Mode Global Configuration mode User Guidel...

Page 851: ...on This command has no arguments or keywords Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC modes User Guidelines This command has no user guidelines Example The following example displays the DHCPv6 server name and status console show ipv6 dhcp DHCPv6 is disabled Server DUID show ipv6 dhcp binding Use the show ipv6 dhcp binding command in Pr...

Page 852: ... console show ipv6 dhcp binding 2020 1 show ipv6 dhcp interface User EXEC Use the show ipv6 dhcp interface command in User EXEC mode to display DHCPv6 information for all relevant interfaces or for the specified interface If an interface is specified the optional statistics parameter is available to view statistics for the specified interface Syntax show ipv6 dhcp interface type number statistics ...

Page 853: ...n relay mode console show ipv6 dhcp interface vlan 11 IPv6 Interface vlan11 Mode Relay Relay Address 2020 1 1 Relay Interface Number Relay Relay Remote ID Option Flags console show ipv6 dhcp interface vlan 11 statistics DHCPv6 Interface vlan11 Statistics DHCPv6 Solicit Packets Received 0 DHCPv6 Request Packets Received 0 DHCPv6 Confirm Packets Received 0 DHCPv6 Renew Packets Received 0 DHCPv6 Rebi...

Page 854: ... Relay reply Packets Transmitted 0 DHCPv6 Relay forward Packets Transmitted 0 Total DHCPv6 Packets Transmitted 0 show ipv6 dhcp interface Privileged EXEC Use the show ipv6 dhcp interface command in Privileged EXEC mode to display configuration and status information about an IPv6 DHCP interface or all interfaces Syntax show ipv6 dhcp interface interface id statistics Syntax Description Default Con...

Page 855: ...face T1 Time The T1 in seconds time as indicated by the DHCPv6 Server T1 value indicates the time interval after which the address is requested for renewal T2 Time The T2 in seconds time as indicated by the DHCPv6 Server T2 value indicates the time interval after which the Client sends Rebind message to the Server in case there are no replies to the Renew messages Interface IAID An identifier for ...

Page 856: ...13 c4 db 6c 00 T1 Time 0 days 12 hrs 0 mins 0 secs T2 Time 0 days 19 hrs 12 mins 0 secs Interface IAID 20 Leased Address 2017 309D 161 4EF1 DBB1 128 Preferred Lifetime 1 days 0 hrs 0 mins 0 secs Valid Lifetime 2 days 0 hrs 0 mins 0 secs Renew Time 0 days 11 hrs 55 mins 28 secs Expiry Time 1 days 23 hrs 55 mins 28 secs console show ipv6 dhcp interface vlan 10 IPv6 Interface Vl10 Mode Relay Relay Ad...

Page 857: ...smitted 0 DHCPv6 Reply Packets Transmitted 0 DHCPv6 Reconfig Packets Transmitted 0 DHCPv6 Relay reply Packets Transmitted 0 DHCPv6 Relay forward Packets Transmitted 0 Total DHCPv6 Packets Transmitted 0 console show ipv6 dhcp interface vlan 10 statistics DHCPv6 Client Interface Vl10 Statistics DHCPv6 Advertisement Packets Received 0 DHCPv6 Reply Packets Received 0 Received DHCPv6 Advertisement Pack...

Page 858: ...mand Mode User EXEC Privileged EXEC modes User Guidelines This command has no user guidelines Example The following example displays the configured DHCP pool console show ipv6 dhcp pool test DHCPv6 Pool test show ipv6 dhcp statistics Use the show ipv6 dhcp statistics command in User EXEC mode to display the global DHCPv6 server and relay statistics Syntax show ipv6 dhcp statistics Default Configur...

Page 859: ...Packets Received 0 DHCPv6 Renew Packets Received 0 DHCPv6 Rebind Packets Received 0 DHCPv6 Release Packets Received 0 DHCPv6 Decline Packets Received 0 DHCPv6 Inform Packets Received 0 DHCPv6 Relay forward Packets Received 0 DHCPv6 Relay reply Packets Received 0 DHCPv6 Malformed Packets Received 0 Received DHCPv6 Packets Discarded 0 Total DHCPv6 Packets Received 0 DHCPv6 Advertisement Packets Tran...

Page 860: ...860 DHCPv6 Commands FILE LOCATION C My Documents ActiveProjects 2CSPC7000 SWUM400 Dell Zeiss CLI Guide working DHCPv6 fm DELL CONFIDENTIAL PRELIMINARY 3 10 11 FOR PROOF ONLY ...

Page 861: ... a distributed routing algorithm to build per source group multicast trees It is also called Broadcast and Prune Multicasting protocol It dynamically generates per source group multicast trees using Reverse Path Multicasting Trees are calculated and updated dynamically to track membership of individual groups Commands in this Chapter This chapter explains the following commands ip dvmrp Use the ip...

Page 862: ... of DVMRP to active console config interface vlan 15 console config if vlan15 ip dvmrp ip dvmrp metric Use the ip dvmrp metric command in Interface Configuration mode to configure the metric for an interface This value is used in the DVMRP messages as the cost to reach this network Syntax ip dvmrp metric metric no ip dvmrp metric metric Cost to reach the network Range 1 31 Default Configuration 1 ...

Page 863: ... show ip dvmrp command in Privileged EXEC mode to display the system wide information for DVMRP Syntax show ip dvmrp Default Configuration This command has no default condition Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays system wide information for DVMRP console config show ip dvmrp Admin Mode Disable Version 3 Total ...

Page 864: ...an id vlan id Valid VLAN ID Default Configuration This command has no default condition Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays interface information for VLAN 11 DVMRP console config show ip dvmrp interface vlan 11 Interface Mode Disable show ip dvmrp neighbor Use the show ip dvmrp neighbor command in Privileged E...

Page 865: ...tion for DVMRP console config show ip dvmrp neighbor No neighbors available show ip dvmrp nexthop Use the show ip dvmrp nexthop command in Privileged EXEC mode to display the next hop information on outgoing interfaces for routing multicast datagrams Syntax show ip dvmrp nexthop Default Configuration This command has no default condition Command Mode Privileged EXEC mode User Guidelines This comma...

Page 866: ...prune command in Privileged EXEC mode to display the table that lists the router s upstream prune information Syntax show ip dvmrp prune Default Configuration This command has no default condition Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the table that lists the router s upstream prune information console config sh...

Page 867: ...ax show ip dvmrp route Default Configuration This command has no default condition Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the multicast routing information for DVMRP console show ip dvmrp route Upstream Expiry Up Time Source Address Neighbor Interface Metric Time secs secs ...

Page 868: ...868 DVMRP Commands ...

Page 869: ...esses associated with the Group 2 Group service requirements information This indicates that one or more GMRP participants require Forward all Groups or Forward Unregistered to be the default filtering behavior NOTE The Group Service requirement is not supported Registration of group membership information allow networking devices to be made aware that frames destined for that group MAC address co...

Page 870: ...registered GMRP participants nor are in the path through the active topology between the sources of the frames and the registered group members Commands in this Chapter This chapter explains the following commands gmrp enable Use the gmrp enable command in Global Configuration mode to enable GMRP globally or Interface Configuration mode to enable GMRP on a port Syntax gmrp enable no gmrp enable Pa...

Page 871: ... show gmrp configuration Parameter Description This command does not require a parameter description Default Configuration GMRP is disabled by default Command Mode Global Configuration and Interface Configuration modes User Guidelines This command has no user guidelines Example console show gmrp configuration Global GMRP Mode Disabled Join Leave LeaveAll Port Interface Timer Timer Timer GMRP Mode ...

Page 872: ...872 GMRP Commands Gi1 0 2 20 60 1000 Disabled Gi1 0 3 20 60 1000 Disabled Gi1 0 4 20 60 1000 Disabled Gi1 0 5 20 60 1000 Disabled Gi1 0 6 20 60 1000 Disabled ...

Page 873: ...otocol that is not the host portion It is backward compatible with IGMPv1 and IGMPv2 One router periodically broadcasts IGMP Query messages onto the network Hosts respond to the Query messages by sending IGMP Report messages indicating their group memberships All routers receive the Report messages and note the memberships of hosts on the network If a router does not receive a Report message for a...

Page 874: ...urces sending unwanted traffic IGMPv3 adds the capability for a multicast router to learn which sources are of interest to neighboring systems for packets sent to any particular multicast address This information gathered by IGMP is provided to the multicast routing protocol that is DVMRP PIM DM and PIM SM that is currently active on the router in order to ensure multicast packets are delivered to...

Page 875: ...figuration mode User Guidelines This command has no user guidelines Example The following example globally enables IGMP console config ip igmp ip igmp last member query count Use the ip igmp last member query count command in Interface Configuration mode to set the number of Group Specific Queries sent before the router assumes that there are no local members on the interface Syntax ip igmp last m...

Page 876: ...ount 10 console config if vlan2 no ip igmp last member query count ip igmp last member query interval Use the ip igmp last member query interval command in Interface Configuration mode to configure the Maximum Response Time inserted in Group Specific Queries which are sent in response to Leave Group messages Syntax ip igmp last member query interval tenthsofseconds no ip igmp last member query int...

Page 877: ...terval 20 ip igmp query interval Use the ip igmp query interval command in Interface Configuration mode to configure the query interval for the specified interface The query interval determines how fast IGMP Host Query packets are transmitted on this interface Syntax ip igmp query interval seconds no ip igmp query interval seconds Query interval Range 1 3600 Default Configuration The default query...

Page 878: ...ponse time advertised in IGMPv2 queries on this interface The time interval is specified in seconds Syntax ip igmp query max response time seconds no ip igmp query max response time seconds Maximum response time Range 0 25 seconds Default Configuration The default maximum response time value is 10 seconds Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guide...

Page 879: ...obustness variable Range 1 255 Default Configuration The default robustness value is 2 Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example configures a robustness value of 10 for VLAN 15 console config interface vlan 15 console config if vlan15 ip igmp robustness 10 ip igmp startup query count Use the ip igmp startup quer...

Page 880: ...of queries sent out on startup at 10 console config interface vlan 15 console config if vlan15 ip igmp startup query count 10 ip igmp startup query interval Use the ip igmp startup query interval command in Interface Configuration mode to set the interval between general queries sent at startup on the interface Syntax ip igmp startup query interval seconds no ip igmp startup query interval seconds...

Page 881: ... if vlan15 ip igmp startup query interval 10 ip igmp version Use the ip igmp version command in Interface Configuration mode to configure the version of IGMP for an interface Syntax ip igmp version version version IGMP version Range 1 3 Default Configuration The default version is 3 Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The follo...

Page 882: ...fault Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays system wide IGMP information console show ip igmp IGMP Admin Mode Enabled IGMP Router Alert check Disabled IGMP INTERFACE STATUS Interface Interface Mode Operational Status vlan 3 Enabled Non Operational ...

Page 883: ...iguration This command has no default configuration Command Mode User EXEC Privileged EXEC modes User Guidelines This command has no user guidelines Example The following example displays the registered multicast groups for VLAN 1 console show ip igmp groups interface vlan 3 detail REGISTERED MULTICAST GROUP DETAILS Version1 Version2 Group Multicast Last Up Expiry Host Host Compat IP Address Repor...

Page 884: ...and has no default configuration Command Mode User EXEC Privileged EXEC modes User Guidelines This command has no user guidelines Example The following example displays IGMP information for VLAN 11 console show ip igmp vlan 11 Interface 11 IGMP Admin Mode Enable Interface Mode Enable IGMP Version 3 Query Interval secs 125 Query Max Response Time 1 10 of a second 100 Robustness 2 Parameter Descript...

Page 885: ...etailed information about the listed interfaces Syntax show ip igmp membership groupaddr detail groupaddr Group IP address Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC modes User Guidelines This command has no user guidelines Examples The following examples display the list of interfaces that have registered in the multicast group at IP add...

Page 886: ...tats vlan vlan id vlan id Valid VLAN ID Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines This command has no user guidelines Examples The following example displays the IGMP statistical information for VLAN 7 console show ip igmp interface stats vlan 7 Querier Status Querier Querier IP Address 7 7 7 7 Querier Up Time secs 55372 Querier Ex...

Page 887: ...to set IGMP to not require the Router Alert field Syntax ip igmp router alert optional no ip igmp router alert optional Default Value The Router Alert field is not required by default Command Mode Global Configuration Usage Guidelines No specific guidelines Example ip igmp router alert optional ...

Page 888: ...888 IGMP Commands ...

Page 889: ...group membership terminations to be quickly reported to overcome leave latency and is designed to be interoperable with Version 1 Commands in this Chapter This chapter explains the following commands ip igmp proxy Use the ip igmp proxy command in Interface Configuration mode to enable the IGMP Proxy on the router To enable the IGMP Proxy on the router multicast forwarding must be enabled and there...

Page 890: ...lan 15 console config if vlan15 ip igmp proxy ip igmp proxy reset status Use the ip igmp proxy reset status command in Interface Configuration mode to reset the host interface status parameters of the IGMP Proxy router This command is valid only when IGMP Proxy is enabled on the interface Syntax ip igmp proxy reset status Default Configuration This command has no default configuration Command Mode...

Page 891: ...l for the IGMP Proxy router This command is valid only if IGMP Proxy on the interface is enabled Syntax ip igmp proxy unsolicited report interval seconds seconds Unsolicited report interval Range 1 260 seconds Default Configuration The default configuration is 1 second Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example s...

Page 892: ...mand has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays a summary of the host interface status parameters console show ip igmp proxy Interface Index vlan13 Admin Mode Enable Operational Mode Enable Version 3 Number of Multicast Groups 0 Unsolicited Report Interval 1 Querier IP Address on Proxy In...

Page 893: ...IGMP Proxy is enabled Syntax show ip igmp proxy interface Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example fails to display status parameters because IGMP Proxy is not enabled console show ip igmp proxy interface Interface Index vlan13 Ver Query Rcvd Report Rcvd Report...

Page 894: ...s This command has no user guidelines Example The following example attempts to display a table of information about multicast groups that IGMP Proxy reported console show ip igmp proxy groups Interface Index vlan13 Group Address Last Reporter Up Time Member State Filter Mode Sources 225 0 1 1 13 13 13 1 7 DELAY MEMBER Exclude 0 225 0 1 2 13 13 13 1 48 DELAY MEMBER Exclude 0 show ip igmp proxy gro...

Page 895: ...no user guidelines Example The following example displays complete information about multicast groups that IGMP Proxy has reported console show ip igmp proxy groups detail Interface Index vlan13 Group Address Last Reporter Up Time Member State Filter Mode Sources 225 0 1 1 13 13 13 1 26 DELAY MEMBER Exclude 0 225 0 1 2 13 13 13 1 67 DELAY MEMBER Exclude 0 ...

Page 896: ...896 IGMP Proxy Commands ...

Page 897: ... priority over global configuration If the destination UDP port for a packet matches any entry on the ingress interface the packet is handled according to the interface configuration If the packet does not match any entry on the ingress interface the packet is handled according to the global IP helper configuration Network administrators can configure discard relay entries Discard entries are used...

Page 898: ...ddress as the source IP address of relayed DHCP client packets When a switch receives a broadcast UDP packet on a routing interface the relay agent verifies that the interface is configured to relay to the destination UDP port If so the relay agent unicasts the packet to the configured server IP addresses Otherwise the relay agent verifies that there is a global configuration for the destination U...

Page 899: ...CP Relay on the system Use the no form of the command to set the maximum hop count to the default value Syntax bootpdhcprelay maxhopcount integer no bootpdhcprelay maxhopcount integer Maximum allowable relay agent hops for BootP DHCP Relay on the system Range 1 16 Default Configuration The default integer configuration is 4 bootpdhcprelay maxhopcount ip helper address global configuration bootpdhc...

Page 900: ...elay on the system When the BOOTP relay agent receives a BOOTREQUEST message it might use the seconds sinceclient began booting field of the request as a factor in deciding whether to relay the request or not Use the no form of the command to set the minimum wait time to the default value Syntax bootpdhcprelay minwaittime integer no bootpdhcprelay minwaittime integer Minimum wait time for BootP DH...

Page 901: ...and Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console clear ip helper statistics ip dhcp relay information check Use the ip dhcp relay information check command to enable DHCP Relay to check that the relay agent information option in forwarded BOOTREPLY messages is valid If an invalid message is received the relay agent drops it This in...

Page 902: ...igured such that only it should insert option 82 fields and no other device near the client has the facility to insert options Example The following example enables relay information check globally console config ip dhcp relay information check ip dhcp relay information check reply Use the ip dhcp relay information check reply command to enable DHCP Relay to check that the relay agent information ...

Page 903: ... client and server processes DHCP information options Example The following example enables relay information check on the interface console config interface vlan 10 console config if vlan10 ip dhcp relay information check ip dhcp relay information option Use the ip dhcp relay information option command in Global Configuration mode to enable the circuit ID option and remote agent ID mode for BootP...

Page 904: ...he ip dhcp relay information option insert command in Interface Configuration mode to enable the circuit ID option and remote agent ID mode for BootP DHCP Relay on the interface also called option 82 Use the no form of the command to return the option insert configuration to the default Syntax ip dhcp relay information option insert none no ip dhcp relay information option insert Parameter Descrip...

Page 905: ...ived on any interface To delete an IP helper entry use the no form of this command Syntax ip helper address server address dest udp port dhcp domain isakmp mobile ip nameserver netbios dgm netbios ns ntp pim auto rp rip tacacs tftp time no ip helper address server address dest udp port dhcp domain isakmp mobile ip nameserver netbios dgm netbios ns ntp pim auto rp rip tacacs tftp time server addres...

Page 906: ...ecify multiple server addresses for a given port number or to specify multiple port numbers handled by a specific server The command no ip helper address with no arguments clears all global IP helper addresses Example To relay DHCP packets received on any interface to two DHCP servers 10 1 1 1 and 10 1 2 1 use the following commands console config console config ip helper address 10 1 1 1 dhcp con...

Page 907: ...o which relayed UDP broadcast packets are sent The server address cannot be an IP address configured on any interface of the local router discard Matching packets should be discarded rather than relayed even if a global ip helper address configuration matches the packet dest udp port A destination UDP port number from 0 to 65535 port name The destination UDP port may be optionally specified by its...

Page 908: ...ands console config console config interface vlan 5 console config if vlan5 ip helper address 192 168 10 1 dhcp console config if vlan5 ip helper address 192 168 20 1 dhcp To relay both DHCP and DNS packets to 192 168 30 1 use the following commands console config console config interface vlan 5 console config if vlan5 ip helper address 192 168 30 1 dhcp console config if vlan5 ip helper address 1...

Page 909: ...s 192 168 40 2 dhcp console config if vlan5 ip helper address 192 168 40 2 domain console config if vlan5 exit console config interface 2 6 console config if vlan6 ip helper address 192 168 23 1 162 console config if vlan6 ip helper address discard dhcp ip helper enable Use the ip helper enable command to enable relay of UDP packets To disable relay of all UDP packets use the no form of this comma...

Page 910: ...able show ip helper address Use the show ip helper address command to display the IP helper address configuration Syntax show ip helper address interface interface Optionally specify an interface to limit the output to the configuration of a single interface The interface is identified as vlan vlan id Default Configuration This command has no default configuration Command Mode Privileged EXEC mode...

Page 911: ...r keywords UDP Port The relay configuration is applied to packets whose destination UDP port is this port Entries whose UDP port is identified as any are applied to packets with the destination UDP ports listed in Table 47 1 Discard If Yes packets arriving on the given interface with the given destination UDP port are discarded rather than relayed Discard entries are used to override global IP hel...

Page 912: ...lay information console show ip dhcp relay Maximum Hop Count 4 Minimum Wait Time Seconds 0 Circuit Id Option Mode Disable Circuit Id Option Check Mode Enable show ip helper statistics Use the show ip helper statistics command to display the number of DHCP and other UDP packets processed and relayed by the UDP relay agent Syntax show ip helper statistics Default Configuration This command has no de...

Page 913: ...tistic in this table UDP client messages relayed The number of UDP packets relayed This count includes DHCP messages relayed as well as all other protocols The count is incremented for each server to which a packet is sent DHCP message hop count exceeded max The number of DHCP client messages received whose hop count is larger than the maximum allowed The maximum hop count is a configurable value ...

Page 914: ...sages relayed 2 DHCP message hop count exceeded max 0 DHCP message with secs field below min 0 DHCP message with giaddr set to local address 0 Packets with expired TTL 0 Packets that matched a discard entry 0 Packets with expired TTL The number of packets received with TTL of 0 or 1 that might otherwise have been relayed Packets that matched a discard entry The number of packets ignored by the rel...

Page 915: ...the additional routes creates several options for the PowerConnect network operator 1 The operator configures multiple next hops to a given destination intending for the router to load share across the next hops 2 The operator configures multiple next hops to a given destination intending for the router to use the primary next hops and only use the other next hops if the primary next hops are unus...

Page 916: ...r that network on the router Such traffic is discarded and the ICMP destination unreachable message is sent back to the source Static reject routes are typically used to prevent routing loops Default Routes PowerConnect routing provides a preference option for the configuration of default routes A configured default route is treated exactly like a static route Therefore default routes and static r...

Page 917: ...terface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example applies SNAP encapsulation for VLAN 15 console config interface vlan 15 console config if vlan15 encapsulation snap ip address Use the ip address command in Interface Configuration mode to configure an IP address on an interface Also use this command to configure one or more secondary ...

Page 918: ...ace Configuration VLAN Loopback mode User Guidelines This command also implicitly enables the VLAN or loopback interface for routing i e as if the user had issued the routing interface command By default configuring an IP address on a VLAN enables in band management for interfaces configured with that VLAN Setting up an IP address on VLAN 1 enables switch management on all in band interfaces excep...

Page 919: ...k The IP stack uses its default IP MTU and ignores the value set using the ip mtu command OSPF advertises the IP MTU in the Database Description packets it sends to its neighbors during database exchange If two OSPF neighbors advertise different IP MTUs they will not form an adjacency unless OSPF has been instructed to ignore differences in IP MTU with the ip ospf mtuignore command Syntax ip mtu b...

Page 920: ...When enabled network directed broadcasts are forwarded When disabled they are dropped Use the no form of the command to disable the broadcasts Syntax ip netdirbcast no ip netdirbcast Default Configuration Disabled is the default configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example defines the IP address and s...

Page 921: ...han other static routes to the same destination Syntax ip route ip addr subnetmask prefix length nextHopRtr preference no ip route ip addr subnetmask prefix length nextHopRtr preference ip address IP address of destination interface subnet mask Subnet mask of destination interface prefix length Length of prefix Must be preceded with a forward slash Range 0 32 bits nextHopRtr IP address of the next...

Page 922: ... address of the next hop router preference Specifies the preference value a k a administrative distance of an individual static route Range 1 255 Default Configuration Default value of preference is 1 Command Mode Global Configuration mode User Guidelines For routed management traffic 1 Router entries are checked for applicable destinations 2 The globally assigned default gateway is consulted If D...

Page 923: ...next hop ip and a preference value of 200 console config ip route default 192 168 10 1 200 ip route distance Use the ip route distance command in Global Configuration mode to set the default distance preference for static routes Lower route preference values are preferred when determining the best route The ip route and ip route default commands allow optional setting of the distance of an individ...

Page 924: ...able IPv4 routing on the router use the ip routing command in Global Configuration mode To disable IPv4 routing globally use the no form of this command NOTE Enabling or disabling routing will cause in band management connections to be reset Syntax ip routing no ip routing Default Configuration The ip routing default configuration is disabled Command Mode Global Configuration mode User Guidelines ...

Page 925: ... to disable routing for an interface Syntax routing no routing Default Configuration Disabled is the default configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example enables IPv4 and IPv6 routing for VLAN 15 console config interface vlan 15 console config if vlan15 routing show ip brief Use the show ip brief comm...

Page 926: ...fault Time to Live 30 Routing Mode Disabled IP Forwarding Mode Enabled Maximum Next Hops 2 show ip interface Use the show ip interface command in Privileged EXEC mode to display information about one or more IP interfaces The output shows how each IP address was assigned Syntax show ip interface type number Syntax Description Parameter Description type Interface type loopback out of band or vlan n...

Page 927: ...nd information specific to VLAN 2 console show ip interface Default Gateway 0 0 0 0 Burned In MAC Address 001E C9AA AC84 Routing Interfaces Interface State IP Address IP Mask Method Vl1 Down 0 0 0 0 0 0 0 0 None The Method field contains one of the following values DHCP The address is leased from a DHCP server Manual The address is manually configured Field Description DHCP The address is leased f...

Page 928: ...Enable Forward Net Directed Broadcasts Disable Proxy ARP Enable Local Proxy ARP Disable Active State Active Link Speed Data Rate 100 Half MAC address 00 11 88 2A 3C B3 Encapsulation Type Ethernet IP MTU 1500 Bandwidth 100000 kbps Destination Unreachables Enabled ICMP Redirects Enabled console show ip interface out of band IP Address 10 131 11 66 Subnet Mask 255 255 255 0 Default Gateway 10 131 11 ...

Page 929: ...Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC modes User Guidelines This command has no user guidelines Example The following example displays parameters and current state of active routing protocols console show ip protocols Routing Protocol is rip Sending updates every 30 seconds Invalid after 180 seconds hold down 120 flushed after 300 Redistribu...

Page 930: ...76 1 1 1 10 flowers 176 2 1 1 1 Routing Information Sources Gateway State 176 1 1 2 Full External Preference 60 Internal Preference 20 show ip route Use the show ip route command in Privileged EXEC mode to display the current state of the routing table The output of the command also displays the IPv4 address of the default gateway and the default route associated with the gateway Syntax show ip ro...

Page 931: ...r Area E1 OSPF External Type 1 E2 OSPF External Type 2 N1 OSPF NSSA External Type 1 N2 OSPF NSSA External Type 2 Parameter Description ip address Specifies the network for which the route is to be displayed and displays the best matching best route for the address mask Subnet mask of the IP address prefix length Length of prefix in bits Must be preceded with a forward slash Range 0 32 bits longer ...

Page 932: ...referred over higher router preference values The user can configure a global default gateway using the ip default gateway command creating a default route with a preference of 253 The show ip route preferences command lists the new preference value The show command also displays the preference of default routes learned from a DHCP server Syntax show ip route preferences Default Configuration This...

Page 933: ...EXEC mode to display the routing table summary including best and non best routes Syntax show ip route summary best Parameter Description Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC modes User Guidelines This command has no user guidelines Parameter Description best Shows the number of best routes To include the number of all routes do not...

Page 934: ...Type 1 Routes 0 External Type 2 Routes 0 Total routes 0 show ip traffic Use the show ip traffic command in User EXEC mode to display IP statistical information Refer to RFC 1213 for more information about the fields that are displayed Syntax show ip traffic Syntax Description This command has no arguments or keywords Default Configuration This command has no default configuration Command Mode User...

Page 935: ...traffic IpInReceives 24002 IpInHdrErrors 1 IpInAddrErrors 925 IpForwDatagrams 0 IpInUnknownProtos 0 IpInDiscards 0 IpInDelivers 18467 IpOutRequests 295 IpOutDiscards 0 IpOutNoRoutes 0 IpReasmTimeout 0 IpReasmReqds 0 IpReasmOKs 0 IpReasmFails 0 IpFragOKs 0 IpFragFails 0 IpFragCreates 0 IpRoutingDiscards 0 IcmpInMsgs 3 IcmpInErrors 0 IcmpInDestUnreachs 0 ...

Page 936: ...0 IcmpInAddrMaskReps 0 IcmpOutMsgs 3 IcmpOutErrors 0 IcmpOutDestUnreachs 0 IcmpOutTimeExcds 0 IcmpOutParmProbs 0 IcmpOutSrcQuenchs 0 IcmpOutRedirects 0 IcmpOutEchos 3 IcmpOutEchoReps 3 IcmpOutTimestamps 0 IcmpOutTimestampReps 0 IcmpOutAddrMasks 0 show ip vlan Use the show ip vlan command in Privileged EXEC mode to display the VLAN routing information for all VLANs with routing enabled ...

Page 937: ...guration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays VLAN routing information console show ip vlan MAC Address used by Routing VLANs 00 00 00 01 00 02 VLAN ID IP Address Subnet Mask 10 0 0 0 0 0 0 0 0 20 0 0 0 0 0 0 0 0 ...

Page 938: ...938 IP Routing Commands ...

Page 939: ...interfaces by default Command Mode Interface VLAN Configuration mode User Guidelines There are no user guidelines for this command ipv6 pim ipv6 pim join prune interval show ipv6 pim bsr router ipv6 pim sparse Global config ipv6 pim register rate limit show ipv6 pim interface ipv6 pim dense ipv6 pim rp address show ipv6 pim neighbor ipv6 pim bsr border ipv6 pim rp candidate show ipv6 pim rp hash i...

Page 940: ...o ipv6 pim sparse Default Configuration IPv6 PIM is disabled by default Command Mode Global Configuration mode User Guidelines Only one of sparse or dense mode can be configured on a router Example console config ipv6 pim sparse ipv6 pim dense Use the ipv6 pim dense command in Global configuration mode to administratively configure PIM dense mode for IPv6 multicast routing Use the no form of this ...

Page 941: ...istratively disable bootstrap router BSR messages from being sent or received through an interface Use the no form of this command to return the configuration to the default Syntax ipv6 pim bsr border no ipv6 pim bsr border Default Configuration BSR messages are enabled on the interface by default Command Mode Interface VLAN Configuration mode User Guidelines This command only has an effect if spa...

Page 942: ...nfiguration None The router does not advertise itself as an BSR candidate Command Mode Global Configuration mode User Guidelines All multicast groups with the same hash value correspond to the same RP Lower priority values are preferred Example console config ipv6 pim bsr candidate vlan 10 16 0 Parameter Description vlan id A valid VLAN identifier with multicast routing enabled hash mask len The l...

Page 943: ... 1 Command Mode Interface VLAN Configuration mode User Guidelines This command only has an effect if sparse mode is enabled Lower values are preferred Example console if vlan 10 ipv6 pim dr priority 32768 ipv6 pim hello interval Use the ipv6 pim hello interval command to administratively configure the frequency of PIM Hello messages for the specified interface Use the no form of this command to re...

Page 944: ...rune interval command to administratively configure the frequency of join prune messages on the specified interface Use the no form of this command to return the join prune interval to the default Syntax ipv6 pim join prune interval interval no ipv6 pim join prune interval Parameter Description Parameter Description interval The number of seconds between successive hello transmissions Range 0 1800...

Page 945: ...mmand to set a limit on the maximum number of PIM register messages sent per second for each S G entry Use the no form of this command to return the limit to its default value 0 Syntax ipv6 pim register rate limit register rate limit no ipv6 pim register rate limit Parameter Description Default Configuration The default threshold is 0 This indicates that the register limit is infinite Command Mode...

Page 946: ...rp address rp address group address group mask Parameter Description Default Configuration None There are no static multicast groups configured for an RP Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Parameter Description rp address The valid IPv6 address for the Rendezvous Point group address A valid multicast group address to be sourced from...

Page 947: ... vlan id group address group mask no ipv6 pims rp candidate vlan vlan id group address group mask Parameter Description Default Configuration None The router does not advertise itself as an RP candidate by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ipv6 pim rp candidate vlan 10 ffe8 0 16 Parameter Description ...

Page 948: ...d rate is 0 This indicates that the multicast router should always switch to the multicast source tree Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ipv6 pim spt threshold 1000 ipv6 pim ssm Use the ipv6 pim ssm command to administratively configure PIM Source Specific Multicast SSM range of addresses for IPv6 multicast r...

Page 949: ... There are no user guidelines for this command Example console config ipv6 pim ssm ffe8 01 00 00 00 96 show ipv6 pimsm Use the show ipv6 pimsm command to display global status of IPv6 PIMSM and its IPv6 routing interfaces Syntax show ipv6 pimsm Default Configuration There is no default configuration for this command Parameter Description default Defines the SSM range access list to 232 8 group add...

Page 950: ...a Threshold Rate Kbps 1000 Register Threshold Rate Kbps 250 SSM RANGE TABLE Group Address Prefix Length FF1E 64 PIM SM INTERFACE STATUS Interface Interface Mode Operational Status vlan 3 Enabled Operational vlan 6 Enabled Operational vlan 9 Enabled Operational show ipv6 pim bsr router Use the show ipv6 pim bsr router command to display the bootstrap router BSR information ...

Page 951: ...mple console show ipv6 pim bsr router BSR Address 2001 0db8 0 badc 1 BSR Priority 0 BSR Hash Mask Length 32 Next Bootstrap message HH MM SS 00 00 05 Next Candidate RP Advertisement HH MM SS 00 00 02 Field Description BSR Address Address of the BSR BSR Priority Configured BSR priority BSR Hash Mask Length Configured hash mask length Next Bootstrap Message Remaining time until a BSR message is sent ...

Page 952: ... show ipv6 pim interface vlan vlan id Parameter Description Default Configuration There is no default configuration for this command Command Mode User EXEC Privileged EXEC modes User Guidelines There are no user guidelines for this command Field descriptions are shown in the table below Parameter Description vlan id A valid VLAN ID for which multicast routing has been enabled Field Description Mod...

Page 953: ... Sparse Hello Interval secs 30 Join Prune Interval secs 60 DR Priority 1 BSR Border Disabled Neighbor Count 1 Designated Router 2001 db8 85a3 0 0 8a2e 370 7334 If none of the interfaces are enabled for PIM the following message is displayed BSR Border Whether or not this interface is configured as a BSR border Neighbor Count Number of PIM neighbors learned on this interface Designated Router IPv6 ...

Page 954: ...an id Default Configuration There is no default configuration for this command Command Mode User EXEC Privileged EXEC modes User Guidelines There are no user guidelines for this command Field descriptions are shown in the table below Example console show ipv6 pim neighbor vlan 10 Parameter Description vlan id A valid VLAN ID for which multicast routing has been enabled Field Description Neighbor A...

Page 955: ... 370 7334 VLAN0010 00 03 50 00 02 10 If no neighbors are learned on any of the interfaces the following message is displayed No neighbors are learned on any interface show ipv6 pim rp hash Use the show ipv6 pim rp hash command to display the rendezvous point RP selected for the specified group address Syntax show ipv6 pim rp hash group address Parameter Description Default Configuration There is n...

Page 956: ...s 2001 0db8 0 abcd 1 Type Static If no RP Group mapping exist on the router the following message is displayed No RP Group mappings exist learnt on this router show ipv6 pim rp mapping Use the show ipv6 pim rp mapping command to display the mappings for the PIM group to the active Rendezvous Points RPs Syntax show ipv6 pim rp mapping rp address Field Description RP Address Address of the RP Type O...

Page 957: ...escriptions are shown in the following table Example console show ipv6 pim rp mapping 192 168 10 1 RP Address 2001 db8 85a3 0 0 8a2e 370 7334 Group Address ff1e abcd def1 0 Group Mask 24 Origin Static switch show ipv6 pim rp mapping Parameter Description rp address IP address of the RP Field Description RP Address Address of the RP Group Address Address of the multicast group Origin Origin from wh...

Page 958: ...ddress ff1e abcd def1 0 Group Mask 24 Origin Static RP Address 2001 0db8 0 badc 1 Group Address ff1e abcd fed1 0 Group Mask 24 Origin Static If no RP Group mapping exist on the router the following message is displayed No RP Group mappings exist on this router ...

Page 959: ...s not available The DHCPv6 server does not support stateful address configuration Automated router renumbering is not supported IPv6 is not supported on the service port Commands in this Chapter This chapter explains the following commands clear ipv6 neighbors ipv6 mld query max response time ipv6 route show ipv6 mld proxy groups detail clear ipv6 statistics ipv6 mld router ipv6 route distance sho...

Page 960: ...efix show ipv6 interface management statistics show ipv6 traffic ipv6 mld proxy ipv6 nd ra interval show ipv6 mld groups show ipv6 vlan ipv6 mld proxy reset status ipv6 nd ra lifetime show ipv6 mld interface traceroute ipv6 ipv6 mld proxy unsolicit rprt interval ipv6 nd reachable time show ipv6 mld proxy ipv6 mld query interval ipv6 nd suppress ra show ipv6 mld proxy groups ...

Page 961: ...has no user guidelines Example The following example clears all entries in the IPv6 neighbor table console config clear ipv6 neighbors clear ipv6 statistics Use the clear ipv6 statistics command in Privileged EXEC mode to clear IPv6 statistics for all interfaces or for a specific interface including loopback and tunnel interfaces IPv6 statistics display in the output of the show ipv6 traffic comma...

Page 962: ...ress by using this command since one is automatically created IPv6 addresses can be expressed in eight blocks Also of note is that instead of a period a colon separates each block For simplification leading zeros of each 16 bit block can be omitted One sequence of 16 bit blocks containing only zeros can be replaced with a double colon but not more than one at a time otherwise it is no longer a uni...

Page 963: ... Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example configures an IPv6 address and enables IPv6 processing console config interface vlan 15 console config if vlan15 ipv6 address 2020 1 1 64 ipv6 enable Use the ipv6 enable command in Interface Configuration mode to enable IPv6 routing on an interface including tun...

Page 964: ...an explicit IPv6 address console config interface vlan 15 console config if vlan15 ipv6 enable ipv6 hop limit Use the ipv6 hop limit command to configure the hop limit used in IPv6 PDUs originated by the router Use the no form of the command to return the hop limit to the default setting Syntax ipv6 hop limit count no ipv6 hop limit Parameter Description Default Configuration The default count is ...

Page 965: ...hosts are defined Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console config ipv6 host Dell 2001 DB8 32 ipv6 mld last member query count The ipv6 mld last member query count command sets the number of listener specific queries sent before the router assumes that there are no local members on the interface Use the no form of this command to set...

Page 966: ... member query interval command sets the last member query interval for the MLD interface which is the value of the maximum response time parameter in the group specific queries sent out of this interface Use the no form of this command to set the last member query interval to the default Syntax ipv6 mld last member query interval last member query interval no ipv6 mld last member query interval la...

Page 967: ...cast routing protocols enabled on the router Use the no form of this command to disable MLD Proxy Syntax ipv6 mld proxy no ipv6 mld proxy Default Configuration MLD Proxy is disabled by default Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan3 ipv6 mld proxy ipv6 mld proxy reset status Use the ipv6 mld proxy ...

Page 968: ...icit rprt interval command to set the unsolicited report interval for the MLD Proxy router This command is only valid when MLD Proxy is enabled on the interface Use the no form of this command to reset the MLD Proxy router s unsolicited report interval to the default value Syntax ipv6 mld proxy unsolicited report interval interval no ipv6 mld proxy unsolicited report interval interval The interval...

Page 969: ...time between the general queries sent when the router is querying on that interface Use the no form of this command to set the query interval to the default Syntax ipv6 mld query interval query interval no ipv6 mld query interval query interval Query interval Range 1 3600 Default Configuration The default query interval is 125 seconds Command Mode Interface Configuration VLAN mode User Guidelines ...

Page 970: ...e time no ipv6 mld query max response time query max response time Maximum query response time Range 1 65535 milliseconds Default Configuration The default query maximum response time is 10 seconds Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan3 ipv6 mld query max response time 4500 ipv6 mld router The ipv...

Page 971: ...sole config if vlan3 ipv6 mld router ipv6 mtu Use the ipv6 mtu command in Interface Configuration mode to set the maximum transmission unit MTU size in bytes of IPv6 packets on an interface This command replaces the default MTU with a new MTU value Syntax ipv6 mtu bytes no ipv6 mtu Parameter Description Default Configuration The default MTU is 1500 Parameter Description bytes The maximum transmiss...

Page 972: ...ad attempts Use the ipv6 nd dad attempts command in Interface Configuration mode to set the number of duplicate address detection probes transmitted while doing neighbor discovery Duplicate address detection verifies that an IPv6 address on an interface is unique Syntax ipv6 nd dad attempts value no ipv6 nd dad attempts Parameter Description Default Configuration The default value for attempts is ...

Page 973: ...lag command in Interface Configuration mode to set the managed address configuration flag in router advertisements When the value is true end nodes use DHCPv6 When the value is false end nodes automatically configure addresses Syntax ipv6 nd managed config flag no ipv6 nd managed config flag Default Configuration False is the default configuration Command Mode Interface Configuration VLAN Tunnel L...

Page 974: ...on Range 0 1000 4294967295 Default Configuration 0 is the default value for milliseconds Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example sets the interval between router advertisements for advertised neighbor solicitations at 5000 ms console config interface vlan 15 console config if vlan15 ipv6 nd ns ...

Page 975: ...ion flag in router advertisements console config interface vlan 15 console config if vlan15 ipv6 nd other config flag ipv6 nd prefix Use the ipv6 nd prefix command to configure parameters associated with prefixes that the router advertises in its router advertisements Syntax ipv6 nd prefix ipv6 prefix prefix length valid lifetime infinite preferred lifetime infinite no autoconfig off link no ipv6 ...

Page 976: ...refix command to configure these values The ipv6 nd prefix command will allow you to preconfigure RA prefix values before you configure the associated interface address In order for the prefix to be included in RAs you must configure an address that matches the prefix using the ipv6 address command Prefixes specified using ipv6 nd prefix without an associated interface address will not be included...

Page 977: ...al maximum The maximum interval duration Range 4 1800 seconds minimum The minimum interval duration Range 3 0 75 maximum seconds Default Configuration 600 is the default value for seconds Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines The minimum interval cannot be larger than 75 of the maximum interval Example The following example sets the transmission interval be...

Page 978: ...eans this router is not to be used as the default router Range 0 9000 Default Configuration 1800 is the default value for seconds Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example sets at 1000 seconds the value that is placed in the Router Lifetime field of the router advertisements console config interf...

Page 979: ...Loopback mode User Guidelines This command has no user guidelines Example The following example sets the router advertisement time at 5000 milliseconds to consider a neighbor reachable after neighbor discovery confirmation console config interface vlan 15 console config if vlan15 ipv6 nd reachable time 5000 ipv6 nd suppress ra Use the ipv6 nd suppress ra command in Interface Configuration mode to ...

Page 980: ...dual next hop or all next hops for a route Using the no ipv6 route distance form causes the system to use the system default administrative distance Syntax ipv6 route distance ipv6 route ipv6 prefix prefix length ipv6 address interface type ipv6 address preference no ipv6 route ipv6 prefix prefix length ipv6 address preference no ipv6 route ipv6 prefix prefix length interface type ipv6 address no ...

Page 981: ...tance is specified in these commands Changing the default distance does not update prefix length The length of the IPv6 prefix a decimal value usually 0 64 that shows how many of the high order contiguous bits of the address comprise the prefix the network portion of the address A slash mark must separate the prefix from the prefix length with no spaces on either side of the slash mark interface t...

Page 982: ...al static route Range 1 255 Default Configuration Default value of integer is 1 Command Mode Global Configuration mode User Guidelines Lower route distance values are preferred when determining the best route Example The following example sets the default distance to 80 console config ipv6 route distance 80 ipv6 unicast routing Use the ipv6 unicast routing command in Global Configuration mode to e...

Page 983: ... have the ping utility enabled and running on top of TCP IP The switch can be pinged from any IP workstation with which the switch is connected through the default VLAN VLAN 1 as long as there is a physical path between the switch and the workstation The terminal interface sends three pings to the target station Syntax ping ipv6 ip address hostname size size ipv6 address Target IPv6 address to pin...

Page 984: ...utility enabled and running on top of TCP IP The switch can be pinged from any IP workstation with which the switch is connected through the default VLAN VLAN 1 as long as there is a physical path between the switch and the workstation The terminal interface sends three pings to the target station Use the interface keyword to ping an interface by using the link local address or the global IPv6 add...

Page 985: ...d console config ping ipv6 interface loopback 1 FE80 202 BCFF FE00 3068 128 Send count 3 Receive count 0 from FE80 202 BCFF FE00 3068 128 Average round trip time 0 00 ms show ipv6 brief Use the show ipv6 brief command in Privileged EXEC mode to display the IPv6 status of forwarding mode and IPv6 unicast routing mode Syntax show ipv6 brief Default Configuration This command has no default configura...

Page 986: ... the command includes the method of assignment for each IPv6 address that is either autoconfigured or leased from a DHCP server Global addresses with no annotation are assumed to be manually configured Syntax show ipv6 interface brief loopback loopback id tunnel tunnel id vlan vlan id prefix Syntax Description Default Configuration Displays all IPv6 interfaces Command Mode User EXEC Privileged EXE...

Page 987: ...e Mode IPv6 Address Length Vl3 Enabled FE80 211 88FF FE2A 3E3C 128 2033 211 88FF FE2A 3E3C 64 Vl5 Enabled FE80 211 88FF FE2A 3E3C 128 2017 A42A 26DB 1049 43DD 128 DHCP Vl7 Enabled FE80 211 88FF FE2A 3E3C 128 2001 211 88FF FE2A 3E3C 64 AUTO Vl9 Disabled FE80 211 88FF FE2A 3E3C 128 TENT The Method column shows one of the following values Auto The IPv6 address was automatically generated using IPv6 a...

Page 988: ...0 kbps Interface Maximum Transmit Unit 1500 Router Duplicate Address Detection Transmits 1 Address Autoconfigure Mode Disabled Address DHCP Mode Enabled Router Advertisement NS Interval 0 Router Advertisement Lifetime 1800 Router Advertisement Reachable Time 0 Router Advertisement Interval 600 Router Advertisement Managed Config Flag Disabled Router Advertisement Other Config Flag Disabled Router ...

Page 989: ...has no user guidelines Example console show ipv6 interface management statistics DHCPv6 Client Statistics DHCPv6 Advertisement Packets Received 0 DHCPv6 Reply Packets Received 0 Received DHCPv6 Advertisement Packets Discard 0 Received DHCPv6 Reply Packets Discarded 0 DHCPv6 Malformed Packets Received 0 Total DHCPv6 Packets Received 0 DHCPv6 Solicit Packets Transmitted 0 DHCPv6 Request Packets Tran...

Page 990: ...roup address The group address to display vlan id A valid VLAN id Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines The following fields are displayed as a table when vlan vlan id is specified Field Description Number of G entries Displays the number of groups present in the MLD Table Number of S G entries Displays the number...

Page 991: ...eft in seconds before the entry is removed from the MLD membership table of this interface Last Reporter The IP Address of the source of the last membership report received for this multicast group address on that interface Filter Mode The filter mode of the multicast group on this interface The values it can take are INCLUDE and EXCLUDE Compatibility Mode The compatibility mode of the multicast g...

Page 992: ...ss Filter Mode Include Version1 Host Timer Group compat mode v2 Source Address ExpiryTime 4001 6 00 03 15 4001 7 00 03 15 4001 8 00 03 15 console show ipv6 mld groups vlan 6 Group Address FF1E 1 Interface vlan 6 Up Time hh mm ss 00 04 23 Expiry Time hh mm ss Group Address FF1E 2 Interface vlan 6 Up Time hh mm ss 00 04 23 Expiry Time hh mm ss ...

Page 993: ...how ipv6 mld interface command is used to display MLD related information for an interface Syntax show ipv6 mld interface vlan vlan id all vlan id A valid VLAN id Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines The following information is displayed for the specified interface Field Description Interface The interface numbe...

Page 994: ...pected packet loss on a subnet attached to the interface Startup Query Interval This value indicates the configured interval between General Queries sent by a Querier on startup Startup Query Count This value indicates the configured number of Queries sent out on startup separated by the Startup Query Interval Last Member Query Interval This value indicates the configured Maximum Response Time ins...

Page 995: ...nt 2 show ipv6 mld proxy Use the show ipv6 mld proxy command to display a summary of the host interface status parameters Querier Expiry Time Time left in seconds before the Querier losses its title as querier Wrong Version Queries Indicates the number of queries received whose MLD version does not match the MLD version of the interface Number of Joins The number of times a group membership has be...

Page 996: ...D Proxy is operationally enabled or disabled This is a status parameter Version The present MLD host version that is operational on the proxy interface Number of Multicast Groups The number of multicast groups that are associated with the MLD Proxy interface UnsolicitedReport Interval The time interval at which the MLD Proxy interface sends unsolicited group membership reports Querier IP Address o...

Page 997: ...requency 1 show ipv6 mld proxy groups Use the show ipv6 mld proxy groups command to display information about multicast groups that the MLD Proxy reported Syntax show ipv6 mld proxy groups Default Configuration There is no default configuration for this command Command Mode Privileged EXEC User Guidelines The following parameters are displayed by this command Field Description Interface The MLD Pr...

Page 998: ...ported Syntax show ipv6 mld proxy groups detail Default Configuration There is no default configuration for this command Last Reporter The IP address of the host that last sent a membership report for the current group on the network attached to the MLD Proxy interface upstream interface Up Time in secs The time elapsed in seconds since last created Member State Possible values are Idle_Member The...

Page 999: ...a membership report for the current group on the network attached to the MLD Proxy interface upstream interface Up Time in secs The time elapsed in seconds since last created Member State Possible values are Idle_Member The interface has responded to the latest group membership query for this group Delay_Member The interface is going to send a group membership report to respond to a group membersh...

Page 1000: ...R Include 4 Group Source List Expiry Time 4001 1 00 03 40 5002 2 00 03 40 4001 2 00 03 40 5002 2 00 03 40 show ipv6 mld proxy interface Use the show ipv6 mld proxy interface command to display a detailed list of the host interface status parameters Syntax show ipv6 mld proxy interface Default Configuration There is no default configuration for this command Command Mode Privileged EXEC User Guideli...

Page 1001: ...lay MLD statistical information for the router Syntax show ipv6 mld traffic Default Configuration There is no default configuration for this command Parameter Description Interface The MLD Proxy interface Parameter Description Ver The MLD version Query Rcvd Number of MLD queries received Report Rcvd Number of MLD reports received Report Sent Number of MLD reports sent Leaves Rcvd Number of MLD lea...

Page 1002: ... MLD packets sent by the router Queries Received The number of valid MLD queries received by the router Queries Sent The number of valid MLD queries sent by the router Reports Received The number of valid MLD reports received by the router Reports Sent The number of valid MLD reports sent by the router Leaves Received The number of valid MLD leaves received by the router Leaves Sent The number of ...

Page 1003: ...ipv6 neighbors Syntax Description This command has no arguments or keywords Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC modes User Guidelines This command has no user guidelines Example The following example displays information about the IPv6 neighbors console config show ipv6 neighbors Neighbor Last IPv6 Address MAC Address isRtr State U...

Page 1004: ...mmand has no user guidelines Parameter Description ipv6 address Specifies an IPv6 address for which the best matching route would be displayed protocol Specifies the protocol that installed the routes Is one of the following keywords connected ospf static ipv6 prefix prefix length Specifies an IPv6 network for which the matching route would be displayed interface type interface number Valid IPv6 i...

Page 1005: ...SA Ext Type 1 ON2 OSPF NSSA Ext Type 2 Default gateway is 10 1 20 1 S 0 0 0 0 0 254 0 via 10 1 20 1 C 10 1 20 0 24 0 1 directly connected vlan2 C 20 1 20 0 24 0 1 directly connected vlan4 show ipv6 route preferences Use the show ipv6 route preferences command in Privileged EXEC mode to show the preference value associated with the type of route Lower numbers have a greater preference Syntax show i...

Page 1006: ...tes 110 show ipv6 route summary Use the show ipv6 route summary command in Privileged EXEC mode to display a summary of the routing table for all routes including best and non best routes Use best to display the count summary for only best routes Syntax show ipv6 route summary best best Displays the count summary for only best routes Default Configuration This command has no default configuration ...

Page 1007: ... 0 Number of Prefixes show ipv6 traffic Use the show ipv6 traffic command in User EXEC mode to show traffic and statistics for IPv6 and ICMPv6 Syntax show ipv6 traffic vlan vlan id tunnel tunnel id loopback loopback id vlan id Valid VLAN ID shows information about traffic on a specific interface or without the optional parameter shows information about traffic on all interfaces tunnel Tunnel ident...

Page 1008: ...ed Datagrams Discarded Due To Header Errors 0 Received Datagrams Discarded Due To MTU 0 Received Datagrams Discarded Due To No Route 0 Received Datagrams With Unknown Protocol 0 Received Datagrams Discarded Due To Invalid Address 0 Received Datagrams Discarded Due To Truncated Data 0 Received Datagrams Discarded Other 0 Received Datagrams Reassembly Required 0 Datagrams Successfully Reassembled 0 ...

Page 1009: ...agrams Discarded Due To MTU 0 Red Datagrams Discarded Due To No Route 0 Received Datagrams With Unknown Protocol 0 Received Datagrams Discarded Due To Invalid Address 0 Received Datagrams Discarded Due To Truncated Data 0 Received Datagrams Discarded Other 0 Received Datagrams Reassembly Required 0 Datagrams Successfully Reassembled 0 Datagrams Failed To Reassemble 0 Datagrams Forwarded 0 Datagram...

Page 1010: ...nfiguration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays IPv6 VLAN routing interface addresses console show ipv6 vlan MAC Address used by Routing VLANs 00 02 BC 00 30 68 VLAN ID IPv6 Address Prefix Length 1 traceroute ipv6 Use the traceroute ipv6 command in Privileged EXEC mode to discover the routes that packets actua...

Page 1011: ...raceroute host name port UDP port used as the destination of packets sent as part of the traceroute This port should be an unused port on the destination system Range 0 65535 Default Configuration 33434 is the default port value Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example discovers the packet routes on a hop by hop basis conso...

Page 1012: ...1012 IPv6 Routing Commands ...

Page 1013: ...its data but may receive data It is typically expected to be used by routing protocols Support for the internal loopback address if present is limited to testing the IP stack Commands in this Chapter This chapter explains the following commands interface loopback Use the interface loopback command in Global Configuration mode to enter the Interface Loopback configuration mode Syntax interface loop...

Page 1014: ...1 Pinging 192 168 22 1 with 0 bytes of data Reply From 192 168 22 1 icmp_seq 0 time 10 msec Reply From 192 168 22 1 icmp_seq 1 time 10 msec Reply From 192 168 22 1 icmp_seq 2 time 10 msec Reply From 192 168 22 1 icmp_seq 3 time 10 msec show interfaces loopback Use the show interfaces loopback command in Privileged EXEC mode to display information about one or all configured loopback interfaces Syn...

Page 1015: ...s Examples The following examples display information about configured loopback interfaces console show interfaces loopback Loopback Id Interface IP Address Received Packets Sent Packets 1 loopback 1 0 0 0 0 0 0 console show interfaces loopback 1 Interface Link Status Up IP Address 0 0 0 0 0 0 0 0 MTU size 1500 bytes ...

Page 1016: ...1016 Loopback Interface Commands ...

Page 1017: ...d below Network Load Decrease A number of applications are required to transmit packets to hundreds of stations The packets transmitted to these stations share a group of links on their paths to their destinations Multicast transmission can conserve much needed network bandwidth since multicasting transmission requires the transmission of only a single packet by the source and replicates this pack...

Page 1018: ...a video cast as needed The variable membership maintenance is managed efficiently through multicasting Commands in this Chapter This chapter explains the following commands ip mcast boundary ip pim dr priority ip pim spt threshold show ip mcast mroute static ip mroute ip pim hello interval show bridge multicast address table count show ip pim bsr router ip multicast ip pim join prune interval show...

Page 1019: ...dr IP address of multicast group Valid range is 239 0 0 0 to 239 255 255 255 mask IP mask of multicast group Default Configuration This command has no default configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example adds an administrative scope multicast boundary console config interface vlan 15 console config if...

Page 1020: ...on mode Usage Guidelines There are no user guidelines for this command Example console config console config ip mroute 1 1 1 1 255 255 0 0 192 168 20 1 34 ip multicast Use the ip multicast command in Global Configuration mode to set the administrative mode of the IP multicast forwarder in the router to active For multicast routing to become operational IGMP must be currently enabled An error messa...

Page 1021: ...sole config no ip multicast ip multicast ttl threshold Use the ip multicast ttl threshold command in Interface Configuration mode to apply a ttlvalue to a routing interface ttlvalue is the TTL threshold which is applied to the multicast Data packets forwarded through the interface Syntax ip multicast ttl threshold ttlvalue no ip multicast ttl threshold ttlvalue Specifies TTL threshold Range 0 255 ...

Page 1022: ...nd in Interface VLAN Configuration mode to administratively configure PIM mode for IP multicast routing on a VLAN interface Use the no form of the command to disable PIM on the interface Syntax ip pim no ip pim Default Configuration PIM is not enabled on interfaces by default Command Mode Interface VLAN Configuration mode User Guidelines PIM requires that routing multicast and IGMP be enabled Exam...

Page 1023: ...lt Configuration BSR messages are enabled on the interface by default Command Mode Interface VLAN Configuration mode User Guidelines This command only has an effect if sparse mode is enabled Lower values are preferred Example console if vlan 10 ip pim bsr border ip pim bsr candidate The ip pim bsr candidate command is used to configure the router to advertise itself as a bootstrap router BSR Use t...

Page 1024: ...red Example console config ip pim bsr candidate vlan 10 16 0 ip pim dense Use the ip pim dense command in Global Configuration mode to administratively configure PIM dense mode for IP multicast routing Use the no form of this command to disable PIM dense mode This command replaces the ip pimsm command Syntax ip pim dense Parameter Description vlan id A valid VLAN identifier with multicast routing ...

Page 1025: ...iority The ip pim dr priority command in Interface VLAN Configuration mode to administratively configure the advertised designated router DR priority value Use the no form of this command to return the configuration to the default Syntax ip pim dr priority priority no ip pim dr priority priority The administratively configured priority Range 0 2147483647 Default Configuration The default election ...

Page 1026: ... of this command to return the configuration to the default This command deprecates the ip pimsm query interval the ip pimsm hello interval and the ip pimdm hello interval commands Syntax ip pim hello interval interval no ip pim hello interval interval The number of seconds between successive hello transmissions Range 0 18000 seconds Default is 30 Default Configuration The default hello interval i...

Page 1027: ... The number of seconds between successive join prune transmissions Range 0 18000 seconds Default is 60 Default Configuration The default join prune interval is 60 seconds Command Mode Interface VLAN Configuration mode User Guidelines This command only has an effect if sparse mode is enabled Example console if vlan10 ip pim join prune interval 30 ip pim register rate limit Use the ip pim register r...

Page 1028: ...register rate limit 10 ip pim rp address Use the ip pim rp address command in Global Configuration mode to define the address of a PIM Rendezvous point RP for a specific multicast group range Use the no form of this command to remove a configured RP This command replaces the ip pimsm rp address command Syntax ip pim rp address rp address group address group mask override no ip pim rp address rp ad...

Page 1029: ...didate rendezvous point RP for a specific multicast group range Use the no form of this command to return to the default configuration This command replaces the ip pimsm rp candidate command Syntax ip pim rp candidate vlan vlanid group address group mask no ip pim rp candidate vlan vlanid group address group mask Parameter Description rp address The valid IPv4 address for the rendezvous point grou...

Page 1030: ...e command in Global Configuration mode to administratively configure PIM sparse mode for IP multicast routing Use the no form of this command to disable PIM sparse mode This command replaces the ip pimsm command Syntax ip pim sparse no ip pim sparse Default Configuration PIM not enabled by default Parameter Description vlan id A valid VLAN identifier with multicast routing enabled group address A ...

Page 1031: ...P multicast routing Use the no form of this command to remove configured ranges of addresses from the router Syntax ip pim ssm default group address group mask no ip pim ssm default group address group mask Parameter Description Default Configuration There are no group addresses configured by default Command Mode Global Configuration mode Parameter Description default Defines the SSM range access ...

Page 1032: ...orm of this command to return the threshold to its default value 0 Syntax ip pim spt threshold spt threshold no ip pim spt threshold Parameter Description Default Configuration The default threshold is 0 This indicates that the multicast router should always switch to the multicast source tree Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Exam...

Page 1033: ...lt configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following command shows information about the entries in the multicast address table console show bridge multicast address table count Capacity 1024 Used 4 Static addresses 2 Dynamic addresses 1 Forbidden addresses 1 The following table shows the information the command displays Field...

Page 1034: ...This command has no user guidelines Example The following example displays system wide multicast information console show ip multicast Admin Mode Enabled Protocol State Non Operational Used The total number of addresses in the multicast address table Static addresses The number of addresses in the multicast address table that are static IP addresses Dynamic addresses The number of addresses in the...

Page 1035: ...ve scoped multicast boundaries Syntax show ip mcast boundary vlan vlan id all vlan id Valid VLAN ID Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays all the configured administrative scoped multicast boundaries console show ip mcast boundary all MULTICAST BOUN...

Page 1036: ...and Mode User EXEC Privileged EXEC modes User Guidelines This command has no user guidelines Example The following example displays the multicast information for VLAN 15 console show ip mcast interface vlan 15 Interface TTL show ip mcast mroute Use the show ip mcast mroute command in Privileged EXEC mode to display a summary or all the details of the multicast table Parameter Description type numb...

Page 1037: ...mary console show ip mcast mroute detail show ip mcast mroute group Use the show ip mcast mroute group command in Privileged EXEC mode to display the multicast configuration settings such as flags timer settings incoming and outgoing interfaces RPF neighboring routers and expiration times of all the entries in the multicast mroute table containing the groupipaddr value Syntax show ip mcast mroute ...

Page 1038: ...te source command in Privileged EXEC mode to display the multicast configuration settings such as flags timer settings incoming and outgoing interfaces RPF neighboring routers and expiration times of all the entries in the multicast mroute table containing the sourceipaddr or sourceipaddr groupipaddr pair value s Syntax show ip mcast mroute source sourceipaddr summary groupipaddr sourceipaddr IP a...

Page 1039: ...n the static mcast table if it is specified or display the static route associated with the particular sourceipaddr Syntax show ip mcast mroute static sourceipaddr sourceipaddr IP address of source Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the static ro...

Page 1040: ...tion for this command Command Mode User EXEC Privileged EXEC mode User Guidelines The following information is displayed Example console show ip pim bsr router Field Description BSR address IP address of the BSR BSR Priority The configured BSR priority BSR Hash Mask Length The configured hash mask length 32 bits maximum Next Bootstrap Message in Time remaining in hours minutes and seconds until a ...

Page 1041: ...s of all the PIM enabled interfaces This command deprecates the show ip pimsm interface stats show ip pimsm interface and show ip pimdm interface commands Syntax show ip pimsm interface vlan vlan id vlan id A valid VLAN ID for which multicast routing has been enabled Field Descriptions Field Description Mode Active PIM Protocol Interface Interface number Hello Interval Hello interval value Join pr...

Page 1042: ...re are no user guidelines for this command Example console show ip pim Interface VLAN0010 Mode Sparse Hello Interval secs 30 Join Prune Interval secs 60 DR Priority 1 BSR Border Disabled Neighbor Count1 Designated Router 192 168 10 1 Interface VLAN0001 Mode Sparse Hello Interval secs 30 Join Prune Interval secs 60 DR Priority 1 BSR Border Disabled Neighbor Count 1 ...

Page 1043: ... not specified this command displays the neighbors discovered on all the PIM enabled interfaces Syntax show ip pim neighbor vlan vlan id vlan id A valid VLAN ID for which multicast routing has been enabled Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC modes User Guidelines This command has no user guidelines Field Descriptions Field Descript...

Page 1044: ... 00 02 55 00 01 15 192 168 20 2 VLAN0010 00 03 50 00 02 10 If no neighbors are learned on any of the interfaces the following message is displayed No neighbors are learned on any interface show ip pim rp hash The show ip pim rp hash command displays the rendezvous point RP selected for the specified group address Syntax show ip pim rp hash group address group address A valid multicast address supp...

Page 1045: ...terface show ip pim rp mapping The show ip pim rp mapping command is used in User EXEC and Privileged EXEC modes to display the mappings for the PIM group to the active rendezvous points This command deprecates the show ip pimsm rp candidate show ip pimsm staticrp show ip pimsm rp mapping commands Syntax show ip pim rp mapping rp address rp address An RP address Default configuration There is no d...

Page 1046: ...P Address192 168 10 1 Group Address224 1 2 1 Group Mask255 255 255 0 OriginStatic console show ip pim rp mapping RP Address192 168 10 1 Group Address224 1 2 1 Group Mask255 255 255 0 OriginStatic RP Address192 168 20 1 Field Description RP Address Address of the RP Group Address Address of the multicast group Group Mask Mask for the group address Origin Origin from where this group mapping is lear...

Page 1047: ...lticast Commands 1047 Group Address229 2 0 0 Group Mask255 255 0 0 OriginStatic dsdIf no RP Group mapping exists on the router the following message is displayed No RP Group mappings exist on this router ...

Page 1048: ...1048 Multicast Commands ...

Page 1049: ... IPv6 PIMSM is disabled on the router by default Command Mode Global Configuration mode ipv6 pimsm Global config ipv6 pimsm rp candidate ipv6 pimsm VLAN Interface config ipv6 pimsm spt threshold ipv6 pimsm bsr border ipv6 pimsm ssm ipv6 pimsm bsr candidate show ipv6 pimsm ipv6 pimsm dr priority show ipv6 pimsm bsr ipv6 pimsm hello interval show ipv6 pimsm interface ipv6 pimsm join prune interval s...

Page 1050: ...no form of this command to disable PIM SM on an interface Syntax ipv6 pimsm no ipv6 pimsm Default Configuration PIM SM is disabled by default Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan3 ipv6 pimsm ipv6 pimsm bsr border Use the ipv6 pimsm bsr border command to prevent bootstrap router BSR messages from ...

Page 1051: ...ts candidacy as a bootstrap router BSR Use the no form of this command to stop the router from announcing its candidacy as a bootstrap router Syntax ipv6 pimsm bsr candidate vlan vlan id hash mask len priority no ipv6 pimsm bsr candidate vlan vlan id vlan id A valid VLAN ID value hash mask len The length of a mask that is to be ANDed with the group address before the hash function is called All gr...

Page 1052: ...al Configuration mode User Guidelines There are no user guidelines for this command Example console config ipv6 pimsm bsr candidate vlan 9 10 34 ipv6 pimsm dr priority Use the ipv6 pimsm dr priority command to set the priority value for which a router is elected as the designated router DR Use the no form of this command to set the priority to the default Syntax ipv6 pimsm dr priority priority no ...

Page 1053: ...6 pimsm hello interval interval no ipv6 pimsm hello interval interval The hello interval Range 0 65535 seconds Default Configuration The default hello interval is 30 seconds Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan3 ipv6 pimsm hello interval 45 ipv6 pimsm join prune interval Use the ipv6 pimsm join p...

Page 1054: ...mand Example console config if vlan3 ipv6 pimsm join prune interval 90 ipv6 pimsm register threshold Use the ipv6 pimsm register threshold command to configure the Register Threshold rate for the RP router to switch to the shortest path Use the no form of this command to set the register threshold rate to the default Syntax ipv6 pimsm register threshold threshold no ipv6 pimsm register threshold t...

Page 1055: ...d by BSR Use the no form of this command to remove the RP address for one or more multicast groups Syntax ipv6 pimsm rp address rp address group address prefixlength override no ipv6 pimsm rp address rp address An RP address group address The group address to display prefixlength This parameter specifies the prefix length of the IP address for the media gateway Range 1 32 Default Configuration The...

Page 1056: ... valid VLAN ID value group address The group address to display prefixlength This parameter specifies the prefix length of the IP address for the media gateway Range 1 32 Default Configuration The router does not advertise itself as a PIM candidate rendezvous point by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config...

Page 1057: ...config ipv6 pimsm spt threshold 1000 ipv6 pimsm ssm Use the ipv6 pimsm ssm command to define the Source Specific Multicast SSM range of multicast addresses Syntax ipv6 pimsm ssm default group address prefixlength default Defines the SSM range access list to 232 8 group address Group IP address supported by RP prefixlength This parameter specifies the prefix length of the IP address for the media g...

Page 1058: ...display global status of IPv6 PIMSM and its IPv6 routing interfaces Syntax show ipv6 pimsm Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show ipv6 pimsm Admin Mode Enabled Data Threshold Rate Kbps 1000 Register Threshold Rate Kbps 250 SSM RANGE TABLE ...

Page 1059: ...e show ipv6 pimsm bsr command to display the bootstrap router BSR information The output includes elected BSR information and information about the locally configured candidate rendezvous point RP advertisement Syntax show ipv6 pimsm bsr Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this c...

Page 1060: ...sm interface command to display interface config parameters If no interface is specified all interfaces are displayed Syntax show ipv6 pimsm interface vlan vlan id vlan id A valid VLAN ID value Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show ipv6 pimsm inter...

Page 1061: ...or Use the show ipv6 pimsm neighbor command to display IPv6 PIMSM neighbors learned on the routing interfaces Syntax show ipv6 pimsm neighbor all interface vlan vlan id vlan id A valid VLAN ID value Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show ipv6 pimsm ...

Page 1062: ...to display which rendezvous point RP is being selected for a specified group Syntax show ipv6 pimsm rphash group address group address Group IP address supported by RP Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show ipv6 pimsm rphash ff1e 64 RP Type Address ...

Page 1063: ... router BSR If no RP is specified all active RPs are displayed Syntax show ipv6 pimsm rp mapping rp address rp address IP address of RP Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show ipv6 pimsm rp mapping Group Address FF1E 64 RP Address 2001 1 origin Stati...

Page 1064: ...1064 IPv6 Multicast Commands RP Address 3001 1 origin BSR ...

Page 1065: ...ea and Inter area Intra area routing occurs if a source and destination are in the same area Inter area routing occurs when a source and destination are in different areas An OSPF backbone distributes information between areas For IPv4 networks PowerConnect routing supports OSPF version 2 in accordance with RFC 2328 The PowerConnect routing also provides a compatibility mode for the RFC 1583 OSPF ...

Page 1066: ...all never be used for forwarding The RIP preference is not used in IPv6 routing OSPF Equal Cost Multipath ECMP A device running the IP routing protocol OSPF maintains multiple equal cost routes to all destinations The multiple routes are of the same type intra area inter area type 1 external or type 2 external cost and have the same associated area However each route is defined by a separate adver...

Page 1067: ... and static route into a single route to 20 0 0 0 8 with two next hops All next hops within an ECMP route must be provided by the same source On StrataXGS IV platforms the ECMP hashing support is extended to Enhanced hashing mode which provides improved load balancing performance ECMP hashing on these platforms has the following features MODULO N operation based on the number N of next hops in the...

Page 1068: ... neighbors continue to forward packets through the restarting router The restarting router relearns the network topology from its helpful neighbors PowerConnect implements both the restarting router and helpful neighbor features described in RFC 3623 Commands in this Chapter This chapter explains the following commands area default cost Router OSPF bandwidth ip ospf network show ip ospf area area ...

Page 1069: ...sf helper show ip ospf neighbor area stub enable nsf helper strict lsa checking show ip ospf range area stub no summary exit overflow interval nsf restart interval show ip ospf statistics area virtual link external lsdb limit passive interface default show ip ospf stub table area virtual link authentication ip ospf area passive interface show ip ospf virtual link area virtual link dead interval ip...

Page 1070: ...not been previously created this command creates the area and then applies the NSSA distinction If the area already exists the NSSA distinction is added or modified Use the no form of the command to remove the NSSA distinction from the specified area ID Syntax area area id nssa no redistribution default information originate metric metric value metric type metric type value no summary translator r...

Page 1071: ...configures the NSSA so that summary LSAs are not advertised into the NSSA metric value Specifies the metric of the default route advertised to the NSSA Range 1 16777214 metric type value The metric type can be one of the following 1 A metric type of nssa external 1 2 A metric type of nssa external 2 default role The translator role where role is one of the following always The router assumes the r...

Page 1072: ... Syntax area area id nssa default info originate integer comparable non comparable no area area id nssa default info originate area id Identifies the OSPF NSSA to configure Range IP address or decimal from 0 4294967295 integer Specifies the metric of the default route advertised to the NSSA Range 1 16777214 comparable A metric type of nssa external 1 non comparable A metric type of nssa external 2...

Page 1073: ...ea area id nssa no redistribute area id Identifies the OSPF NSSA to configure Range IP address or decimal from 0 4294967295 Default Configuration This command has no default configuration Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Example The following example configures the NSSA ABR console config router area 20 nssa no redistribute area nssa n...

Page 1074: ...vertised into the NSSA console config router area 20 nssa no summary area nssa translator role Use the area nssa translator role command in Router OSPF Configuration mode to configure the translator role of the NSSA Syntax area area id nssa translator role always candidate no area area id nssa translator role area id Identifies the OSPF NSSA to configure Range IP address or decimal from 0 42949672...

Page 1075: ...and in Router OSPF Configuration mode to configure the translator stability interval of the NSSA Syntax area area id nssa translator stab intv integer no area area id nssa translator stab intv area id Identifies the OSPF NSSA to configure Range IP address or decimal from 0 4294967295 integer The period of time that an elected translator continues to perform its duties after it determines that its ...

Page 1076: ...a area route as a type 3 summary LSA Also an area range can be configured at the edge of an NSSA to summarize external routes reachable within the NSSA The range is advertised as a type 5 external LSA Syntax area area id range ip address subnet mask summarylink nssaexternallink advertise not advertise no area area id range ip address subnet mask summarylink nssaexternallink Parameter Description P...

Page 1077: ...to create a stub area for the specified area ID A stub area is characterized by the fact that AS External LSAs are not propagated into the area Removing AS External LSAs and Summary LSAs can significantly reduce the link state database of routers within the stub area Use the no form of the command to remove the stub area Syntax area area id stub no area area id stub area id Identifies the area ide...

Page 1078: ...ub no summary command in Router OSPF Configuration mode to prevent Summary LSAs from being advertised into the NSSA Use the no form of the command to return the Summary LSA mode to the default value Syntax area area id stub no summary no area area id stub no summary area id Identifies the OSPF area to configure Range IP address or decimal from 0 4294967295 Default Configuration Disabled is the def...

Page 1079: ...ormation is added or modified Syntax area area id virtual link router id authentication message digest null hello interval seconds retransmit interval seconds transmit delay seconds dead interval seconds authentication key key message digest key key id md5 key no area area id virtual link router id authentication message digest null hello interval retransmit interval transmit delay dead interval a...

Page 1080: ...sending based on the estimated time it takes to transmit from the interface Range 0 3600 md5 Use MD5 Encryption for an OSPF Virtual Link key Authentication key for the specified interface Range 8 bytes or less if the authentication type is simple and 16 bytes or less if the type is encrypt key id Authentication key identifier for the authentication type encrypt Range 0 255 Parameter Default area i...

Page 1081: ...le establishes a virtual link with MD5 authentication router ospf network 10 50 50 0 0 0 0 255 area 10 area 10 0 0 0 virtual link 10 3 4 5 message digest key 100 md5 test123 area virtual link authentication Use the area virtual link authentication command in Router OSPF Configuration mode to configure the authentication type and key for the OSPF virtual interface identified by the area ID and neig...

Page 1082: ... an authentication key If no parameters are specified after the authentication keyword then plain text password authentication is used Example The following example configures the authentication type and key for the area 10 OSPF virtual interface and neighbor ID console config router area 10 virtual link 192 168 2 7 authentication console config router area 10 virtual link 192 168 2 7 authenticati...

Page 1083: ...Router OSPF Configuration mode User Guidelines This command has no user guidelines Example The following example configures the dead interval for the area 10 OSPF virtual interface on the virtual interface and neighbor router console config router area 10 virtual link 192 168 2 2 dead interval 655555 area virtual link hello interval Use the area virtual link hello interval command in Router OSPF C...

Page 1084: ...ollowing example configures a 50 second wait interval console config router area 10 virtual link 192 168 2 2 hello interval 50 area virtual link retransmit interval Use the area virtual link retransmit interval command in Router OSPF Configuration mode to configure the retransmit interval for the OSPF virtual interface on the virtual interface identified by the area ID and neighbor ID Use the no f...

Page 1085: ...l link transmit delay Use the area virtual link transmit delay command in Router OSPF Configuration mode to configure the transmit delay for the OSPF virtual interface identified by the area ID and neighbor ID Use the no form of the command to return the transmit delay to the default value Syntax area area id virtual link neighbor id transmit delay seconds no area area id virtual link neighbor id ...

Page 1086: ...o the interface bandwidth ref_bw interface bandwidth where interface bandwidth is defined by the bandwidth command Because the default reference bandwidth is 100 Mbps OSPF uses the same default link cost for all interfaces whose bandwidth is 100 Mbps or greater To change the reference bandwidth use the auto cost command specifying the reference bandwidth in megabits per second The different refere...

Page 1087: ...nd specifies the interface bandwidth The bandwidth is specified in kilobits per second If no bandwidth is configured the bandwidth defaults to the actual interface bandwidth for port based routing interfaces and to 10 Mbps for VLAN routing interfaces This command does not affect the actual speed of an interface Syntax bandwidth bw bw Interface bandwidth in Kbps Range 1 10000000 Default Configurati...

Page 1088: ...elines for this command Example console config router capability opaque clear ip ospf Use the clear ip ospf command to reset specific OSPF states If no parameters are specified OSPF is disabled and then re enabled Syntax clear ip ospf configuration redistribution counters neighbor interface vlan vlan id neighbor id configuration Reset the OSPF configuration to factory defaults redistribution Flush...

Page 1089: ...his command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example shows the options for the clear ip ospf command console clear ip ospf cr Press enter to execute the command configuration Restore OSPF configuration to defaults counters Clear OSPF counters neighbor Bounce all OSPF neighbors redistribution Flush and reoriginate ...

Page 1090: ... compatibility mode should be disabled Example The following example enables 1583 compatibility console config router compatible rfc1583 default information originate Use the default information originate command in Router OSPF Configuration mode to control the advertisement of default routes Use the no form of the command to return the default route advertisement settings to the default value Syn...

Page 1091: ...etric command in Router OSPF Configuration mode to set a default for the metric of distributed routes Use the no form of the command to remove the metric from the distributed routes If the area has not been previously created it is created by this command If the area already exists the default metric information is added or modified Syntax default metric metric value no default metric Parameter De...

Page 1092: ...alues of OSPF route types in the router Lower route preference values are preferred when determining the best route The type of OSPF route can be intra inter external All the external type routes are given the same preference value Use the no form of this command to reset the preference values to the default Syntax distance ospf intra area dist1 inter area dist2 external dist3 no distance ospf int...

Page 1093: ...n mode to specify the access list to filter routes received from the source protocol Use the no form of the command to remove the specified source protocol from the access list Syntax distribute list name out rip static connected no distribute list name out rip static connected inter area dist2 Used to select the best path from one area to another area when there are two or more routes to the same...

Page 1094: ...enable Use the enable command in Router OSPF Configuration mode to reset the default administrative mode of OSPF in the router active Use the no form of the command to disable the administrative mode for OSPF Syntax enable Parameter Description name The name used to identify an existing ACL The range is 1 31 characters rip Apply the specified access list when RIP is the source protocol static Appl...

Page 1095: ...he exit overflow interval for OSPF When a router leaves the overflow state it can originate non default AS external LSAs When set to 0 the router will not leave Overflow State until restarted Use the no form of the command to return the interval to the default value Syntax exit overflow interval seconds no exit overflow interval seconds Number of seconds after entering overflow state that a router...

Page 1096: ...tabase reaches the external LSDB limit the router enters overflow state The router never holds more than the external LSDB limit non default AS external LSAs in it database Use the no form of the command to return the limit to the default value Syntax external lsdb limit integer no external lsdb limit integer Maximum number of non default AS external LSAs allowed in the router s link state databas...

Page 1097: ... the advertisability of the secondary addresses on this interface into OSPFv2 domain Use the no form of this command to disable OSPFv2 on an interface Syntax ip ospf area area id secondaries none no ip ospf area secondaries none area id The ID of the area Range IP address or decimal from 0 4294967295 Default Configuration OSPFv2 is disabled by default Command Mode Interface Configuration VLAN mode...

Page 1098: ...ey key Authentication key for the specified interface Range 8 bytes or less if the authentication type is simple and 16 bytes or less if the type is encrypt key id Authentication key identifier for the authentication type encrypt Range 0 25 Default Configuration This command has no default configuration Command Mode Interface Configuration VLAN mode User Guidelines Unauthenticated interfaces do no...

Page 1099: ...figuration 10 is the default link state metric configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example configures the cost on the OSPF interface at 5 console config if vlan15 ip ospf cost 5 ip ospf dead interval Use the ip ospf dead interval command in Interface Configuration to set the OSPF dead interval for th...

Page 1100: ... some multiple of the Hello Interval i e 4 Example The following example sets the dead interval at 30 seconds console config if vlan15 ip ospf dead interval 30 ip ospf hello interval Use the ip ospf hello interval command in Interface Configuration mode to set the OSPF hello interval for the specified interface Use the no form of the command to return the interval to the default value Syntax ip os...

Page 1101: ...ription packets specify the size of the largest IP packet that can be sent without fragmentation on the interface When a router receives a Database Description packet it examines the MTU advertised by the neighbor By default if the MTU is larger than the router can accept the Database Description packet is rejected and the OSPF adjacency is not established Use the no form of the command to enable ...

Page 1102: ...fault Configuration Interfaces operate in broadcast mode by default Command Mode Interface Configuration VLAN mode Usage Guidelines OSPF treats interfaces as broadcast interfaces by default Loopback interfaces have a special loopback network type which cannot be changed When there are only two routers on the network OSPF can operate more efficiently by treating the network as a point to point netw...

Page 1103: ...uter interface Range 0 255 Default Configuration 1 is the default integer value Command Mode Interface Configuration VLAN mode User Guidelines A value of 1 is the highest router priority A value of 0 indicates that the interface is not eligible to become the designated router on this network Example The following example sets the OSPF priority for the VLAN 15 router at 100 console config if vlan15...

Page 1104: ...figuration VLAN mode User Guidelines A value of 1 is the highest router priority A value of 0 indicates that the interface is not eligible to become the designated router on this network Example The following example sets the OSPF retransmit Interval for VLAN 15 at 50 seconds console config if vlan15 ip ospf retransmit interval 50 ip ospf transmit delay Use the ip ospf transmit delay command in In...

Page 1105: ... the OSPF Transit Delay for VLAN 15 at 20 seconds console config if vlan15 ip ospf transmit delay 20 maximum paths Use the maximum paths command in Router OSPF Configuration mode to set the number of paths that OSPF can report for a given destination Use the no form of the command to reset the number to the default value Syntax maximum paths integer no maximum paths integer Number of paths that OS...

Page 1106: ...ame interface When a network area command is deleted matching interfaces are reevaluated against all remaining network area commands Example The following example sets the number of paths at 2 that OSPF can report for a given destination console config router maximum paths 2 network area The network area command enables OSPFv2 on an interface and sets its area ID if the ip address of an interface ...

Page 1107: ...rk area command for the same area as the primary address on the same interface When a network area command is deleted matching interfaces are reevaluated against all remaining network area commands Example console config router network 10 50 50 0 0 0 0 255 area 4 nsf Use this command to enable OSPF graceful restart Use the no form of this command to disable graceful restart Syntax nsf ietf planned...

Page 1108: ...pology change and everything that goes with that i e flooding of LSAs SPF runs Helpful neighbors continue to forward packets through the restarting router The restarting router relearns the network topology from its helpful neighbors This implementation of graceful restart restarting router behavior is only useful with a router stack Graceful restart does not work on a standalone single unit route...

Page 1109: ...a topology change occurs Use the no form of this command to allow OSPF to continue as a helpful neighbor in spite of topology changes Syntax nsf ietf helper strict lsa checking no nsf ietf helper strict lsa checking ietf This keyword is used to distinguish the IETF standard implementation of graceful restart from other implementations Since the IETF implementation is the only one supported this ke...

Page 1110: ...art interval seconds no nsf ietf restart interval ietf This keyword is used to distinguish the IETF standard implementation of graceful restart from other implementations Since the IETF implementation is the only one supported this keyword is optional seconds The number of seconds that the restarting router asks its neighbors to wait before exiting helper mode The restarting router includes the re...

Page 1111: ...ace default no passive interface default Default Configuration Global passive mode is disabled by default Command Mode Router OSPF Configuration mode User Guidelines There are no user guidelines for this command Example console config router passive interface passive interface Use the passive interface command to set the interface as passive It overrides the global passive mode that is currently e...

Page 1112: ...col routers Use the no version of the command to disable redistribution from the selected source or to reset options to their default values Syntax redistribute protocol metric metric value metric type type value tag tag value subnets no redistribute protocol metric metric type tag subnets Parameter Description Parameter Description protocol rip Specifies RIP as the source protocol static Specifie...

Page 1113: ...er id Use the router id command in Router OSPF Configuration mode to set a 4 digit dotted decimal number uniquely identifying the router OSPF ID Syntax router id ip address ip address IP address that uniquely identifies the router OSPF ID metric value Specifies the metric to use when redistributing the route Range 0 16777214 type value Type 1 external route Type 2 external route tag value Value at...

Page 1114: ...ple defines the router OSPF ID as 5 5 5 5 console config router ospf console config router router id 5 5 5 5 router ospf Use the router ospf command in Global Configuration mode to enter Router OSPF mode Syntax router ospf Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines The command prompt changes when the router ospf command ex...

Page 1115: ...d has no arguments or keywords Default Configuration There is no default configuration for this command Command Mode User EXEC Privileged EXEC modes User Guidelines Some of the information below displays only if you enable OSPF and configure certain features The following fields may be displayed Field Description Router ID A 32 bit integer in dotted decimal format identifying the router about whic...

Page 1116: ...Spf Hold Time The minimum number of seconds between routing table calculations Opaque Capability Shows whether router is capable of sending Opaque LSAs AutoCost Ref BW The configured autocost reference bandwidth This value is used to determine the OSPF metric on its interfaces The reference bandwidth is divided by the interface speed to compute the metric Default Passive Setting When enabled OSPF ...

Page 1117: ...ter but allowing other routers to compute routes to destinations attached to the stub router To restore OSPF to normal operation resolve the condition that caused the resource overload then disable and re enable OSPF globally External LSDB Overflow OSPF enters this state when the number of external LSAs exceeds a configured limit as described in RFC 1765 External LSA Count Shows the number of exte...

Page 1118: ...rt Status Whether the router is currently performing a graceful restart NSF Restart Age The number of seconds until a graceful restart expires Only non zero when the router is in graceful restart NSF Restart Exit Reason The reason the previous graceful restart ended Possible values are Not attempted In progress Completed Timed out Topology change and Manual clear NSF Helper Support Whether this ro...

Page 1119: ...low Interval 0 Spf Delay Time 5 Spf Hold Time 10 Opaque Capability Disable AutoCost Ref BW 100 Mbps Default Passive Setting Disabled Maximum Paths 4 Default Metric Not configured Default Route Advertise Disabled Always FALSE Metric Not configured Metric Type External Type 2 Number of Active Areas 1 1 normal 0 stub 0 nssa ABR Status Disable Distribute List Shows the access list used to filter redis...

Page 1120: ... Mark 4 Retransmit List Entries 0 Maximum Number of Retransmit Entries 72800 Retransmit Entries High Water Mark 2 NSF Support Disabled NSF Restart Interval 120 NSF Restart Status Not Restarting NSF Restart Age 0 seconds NSF Restart Exit Reason Not Attempted NSF Helper Support Always NSF Helper Strict LSA Checking Enabled show ip ospf abr The show ip ospf abr command displays the internal OSPF rout...

Page 1121: ... Router Id Cost Area ID Next Hop Next Hop Intf INTRA 3 3 3 3 1 0 0 0 1 10 1 23 3 vlan11 INTRA 4 4 4 4 10 0 0 0 1 10 1 24 4 vlan12 show ip ospf area Use the show ip ospf area command in Privileged EXEC mode to display information about the identified OSPF area Syntax show ip ospf area area id area id Identifies the OSPF area whose ranges are being displayed Range 0 4294967295 Default Configuration ...

Page 1122: ... Routing Import External LSAs Spf Runs 0 Area Border Router Count 0 Area LSA Count 0 Area LSA Checksum 0 Import Summary LSAs Enable console show ip ospf area 20 AreaID 0 0 0 20 External Routing Import NSSAs Spf Runs 0 Area Border Router Count 0 Area LSA Count 0 Area LSA Checksum 0 OSPF NSSA Specific Information Import Summary LSAs Enable Redistribute into NSSA Enable Default Information Originate ...

Page 1123: ...able entries to Autonomous System Boundary Routes ASBR This command takes no options Syntax show ip ospf asbr Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console show ip ospf asbr Type Router Id Cost Area ID Next Hop Next Hop Intf INTRA 1 1 1 1 1 0 0 0 1 10 1 12 1 vlan10 INTRA 4 4 4 4 ...

Page 1124: ...rmation will be displayed asbr summary Display the autonomous system boundary router ASBR summary LSAs external Display the external LSAs network Display the network LSAs nssa external Display NSSA external LSAs router Display router LSAs summary Display the LSA database summary information ls id Specifies the link state ID LSID Range IP address or an integer in the range of 0 4294967295 adv route...

Page 1125: ...0 0 0 1360 80000006 3a1f 5 2 0 0 5 2 0 0 1360 80000009 a47e E 20 20 20 20 20 20 20 20 1165 8000000b 0f80 E Network Link States Area 0 0 0 0 Link Id Adv Router Age Sequence Chksm Options Rtr Opt 2 2 2 2 20 20 20 20 1165 80000005 f86d E O Network Summary States Area 0 0 0 0 Link Id Adv Router Age Sequence Chksm Options Rtr Opt 5 2 0 0 0 0 0 0 1360 80000007 242e Summary ASBR States Area 0 0 0 0 Link ...

Page 1126: ...0 1361 80000005 ef59 Area Opaque States Area 0 0 0 0 Link Id Adv Router Age Sequence Chksm Options Rtr Opt 5 2 0 0 0 0 0 0 1362 80000005 e166 AS External States Link Id Adv Router Age Sequence Chksm Options Rtr Opt 6 0 0 0 5 2 0 0 1364 80000008 e35d AS Opaque States Link Id Adv Router Age Sequence Chksm Options Rtr Opt 5 2 0 0 0 0 0 0 1364 80000005 d373 ...

Page 1127: ... Description Router Shows Total number of router LSAs in the OSPF link state database Network Shows Total number of network LSAs in the OSPF link state database Summary Net Shows Total number of summary network LSAs in the database Summary ASBR Shows Number of summary ASBR LSAs in the database Type 7 Ext Shows Total number of Type 7 external LSAs in the database Self Originated Type 7 Shows Total ...

Page 1128: ...y OSPF Router with ID 5 5 5 5 Area 0 0 0 0 database summary Router 0 Network 0 Summary Net 0 Summary ASBR 0 Type 7 Ext 0 Self Originated Type 7 0 Opaque Link 0 Opaque Area 0 Subtotal 0 Area 0 0 0 10 database summary Router 0 Network 0 Summary Net 0 Summary ASBR 0 Type 7 Ext 0 Self Originated Type 7 0 Opaque Link 0 Opaque Area 0 Subtotal 0 Total Shows Number of entries for all areas ...

Page 1129: ...pf interface Use the show ip ospf interface command in Privileged EXEC mode to display the information for the VLAN or loopback interface Syntax show ip ospf interface interface type interface number Syntax Description Default Configuration This command has no default configuration Parameter Description interface type Vlan or loopback interface number Valid VLAN ID or loopback interface number Ran...

Page 1130: ...0 IP Address 1 1 1 1 Subnet Mask 255 255 255 0 Secondary IP Address es OSPF Admin Mode Enable OSPF Area ID 0 0 0 0 OSPF Network Type Broadcast Router Priority 1 Retransmit Interval 5 Hello Interval 10 Dead Interval 40 LSA Ack Interval 1 Iftransit Delay Interval 1 Authentication Type None Metric Cost 10 computed Passive Status Non passive interface OSPF Mtu ignore Disable State designated router De...

Page 1131: ...isplays brief information for the IFO object or virtual interface tables console show ip ospf interface brief Router Hello Dead Retrax Retrax LSAAck Interface AdminMode Area ID Priority Intval Intval Intval Delay Intval vlan1 Enable 0 0 0 10 1 10 40 5 1 1 vlan2 Disable 0 0 0 0 1 10 40 5 1 1 vlan3 Disable 0 0 0 0 1 10 40 5 1 1 loopback2 Disable 0 0 0 0 1 10 40 5 1 1 show ip ospf interface stats Use...

Page 1132: ...e stats vlan15 OSPF Area ID 0 0 0 0 Area Border Router Count 0 AS Border Router Count 0 Area LSA Count 1 IP Address 2 2 2 2 OSPF Interface Events 1 Virtual Events 0 Neighbor Events 0 External LSA Count 0 show ip ospf neighbor Use the show ip ospf neighbor command in Privileged EXEC mode to display information about OSPF neighbors The information below only displays if OSPF is enabled and the inter...

Page 1133: ...n the specified Ethernet and IP interfaces console show ip ospf neighbor 99 9 9 9 Interface Vl12 Neighbor IP Address 5 5 5 5 Interface Index 723 Area Id 0 0 0 0 Options 0x42 Router Priority 1 Dead timer due in secs 31 Up Time 0 days 0 hrs 2 mins 17 secs State Full DR Events 5 Retransmission Queue Length 0 Parameter Description interface type Interface type only supported type is vlan interface num...

Page 1134: ...te of the adjacency Events Incremented for the following events A DD is received from the neighbor with an MTU mismatch The neighbor sent an ACK for an LSA not on the neighbor s retransmit list The state of the adjacency changed Retransmission Queue Length The number of LSAs on the neighbor s retransmit queue waiting for the neighbor to acknowledge Restart Helper Status One of two values Helping T...

Page 1135: ... a grace LSA it sets the Restart Reason to Software Restart on a planned warm restart when the initiate failover command is invoked and to Unknown on an unplanned warm restart Remaining Grace Time The number of seconds remaining in the current graceful restart interval This row is only included if the router is currently acting as a restart helper for the neighbor Restart Exit Reason One of the fo...

Page 1136: ...e specified area id console show ip ospf range 20 Area ID IP Address Subnet Mask Lsdb Type Advertisement 0 0 0 20 192 168 6 0 255 255 255 0 Summary Link Enabled show ip ospf statistics This command displays information about recent Shortest Path First SPF calculations The SPF is the OSPF routing table calculation The output lists the number of times the SPF has run for each OSPF area A table follo...

Page 1137: ...user guidelines Example console show ip ospf statistics Area 0 0 0 0 SPF algorithm executed 0 times Delta T SPF Duration msec Reason 26 01 45 0 23 15 05 0 R 23 14 22 0 R N 23 14 12 0 R 23 10 04 0 show ip ospf stub table Use the show ip ospf stub table command in Privileged EXEC mode to display the OSPF stub table The information below will only be displayed if OSPF is initialized on the switch Syn...

Page 1138: ... 0 0 0 1 Normal 1 Enable show ip ospf virtual link Use the show ip ospf virtual link command in Privileged EXEC mode to display the OSPF Virtual Interface information for a specific area and neighbor or for all Syntax show ip ospf virtual link area id neighbor id area id Identifies the OSPF area whose ranges are being displayed Range IP address or decimal from 0 4294967295 neighbor id Identifies t...

Page 1139: ...ID 10 Neighbor Router ID 192 168 2 2 Hello Interval 10 Dead Interval 655555 Iftransit Delay Interval 1 Retransmit Interval 5 State down Metric 0 Neighbor State down Authentication Type MD5 Authentication Key test123 Authentication Key ID 100 show ip ospf virtual links brief Use the show ip ospf virtual link brief command in Privileged EXEC mode to display the OSPF Virtual Interface information for...

Page 1140: ... information in the system console show ipv6 ospf virtual link brief Hello Dead Retransmit Transit Area ID Neighbor Interval Interval Interval Delay 0 0 0 2 5 5 5 5 10 40 5 1 timers spf Use the timers spf command in Router OSPF Configuration mode to configure the SPF delay and hold time Use the no form of the command to reset the numbers to the default value Syntax timers spf delay time hold time ...

Page 1141: ...for delay time is 5 The default value for hold time is 10 Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Example The following example configures the SPF delay and hold time console config router timers spf 20 30 ...

Page 1142: ...1142 OSPF Commands ...

Page 1143: ...database database summary area nssa translator role exit overflow interval nsf show ipv6 ospf interface area nssa translator stab intv external lsdb limit nsf helper show ipv6 ospf interface brief area range Router OSPFv3 ipv6 ospf nsf helper strict lsa checking show ipv6 ospf interface stats area stub ipv6 ospf area nsf restart interval show ipv6 ospf interface vlan area stub no summary ipv6 ospf...

Page 1144: ...rea and then applies the default cost Syntax area area id default cost cost no area area id default cost areaid Valid area identifier cost Default cost Range 1 16777215 Default Configuration This command has no default configuration Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example configures the monetary default cost at...

Page 1145: ...o summary translator role translator stab intv Parameter Description Parameter Description area id Identifies the OSPFv3 stub area to configure Range IP address or decimal from 0 4294967295 metric value Specifies the metric of the default route advertised to the NSSA Range 1 16777214 metric type value The metric type can be one of the following 1 A metric type of nssa external 1 comparable 2 A met...

Page 1146: ...t advertised into the NSSA console config router area 20 nssa default info originate metric 250 metric type 2 no summary area nssa default info originate Use the area nssa default info originate command in Router OSPFv3 Configuration mode to configure the metric value and type for the default route advertised into the NSSA The optional metric parameter specifies the metric of the default route The...

Page 1147: ...ault metric value for the default route advertised into the NSSA console config ipv6 router ospf console config rtr area 1 nssa default info originate area nssa no redistribute Use the area nssa no redistribute command in Router OSPFv3 Configuration mode to configure the NSSA ABR so that learned external routes will not be redistributed to the NSSA Use the no form of the command to remove the conf...

Page 1148: ...ssa no redistribute area nssa no summary Use the area nssa no summary command in Router OSPFv3 Configuration mode to configure the NSSA so that summary LSAs are not advertised into the NSSA Use the no form of the command to remove the configuration Syntax area areaid nssa no summary no area area id nssa no summary areaid Valid OSPF area identifier Default Configuration This command has no default ...

Page 1149: ...ax area areaid nssa translator role always candidate no area areaid nssa translator role areaid Valid OSPF area identifier always Causes the router to assume the role of the translator the instant it becomes a border router candidate Causes the router to participate in the translator election process when it attains border router status Default Configuration This command has no default configurati...

Page 1150: ...atus has been deposed by another router Syntax area areaid nssa translator stab intv seconds no area areaid nssa translator stab intv areaid Valid OSPF area identifier seconds Translator stability interval of the NSSA Range 0 3600 seconds Default Configuration This command has no default configuration Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines...

Page 1151: ...tes reachable within the NSSA The range is advertised as a type 5 external LSA Use the no form of the command to remove the summary prefix configuration for routes learned in the specified area Syntax area area id range ipv6 prefix prefix length summarylink nssaexternallink advertise not advertise no area area id range ipv6 prefix prefix length summarylink nssaexternallink Parameter Description De...

Page 1152: ...a has not been previously created this command creates the area and then applies the stub distinction A stub area is characterized by the fact that AS External LSAs are not propagated into the area Removing AS External LSAs and Summary LSAs can significantly reduce the size of the link state database of routers within the stub area Syntax area area id stub no summary no area area id stub no summar...

Page 1153: ... no summary command in Router OSPFv3 Configuration mode disable the import of Summary LSAs for the stub area identified by area id Syntax area area id stub no summary no area area id stub no summary area id Valid OSPFv3 area identifier so summary Disable the import of Summary LSAs for the stub area identified by area id Default Configuration This command has no default configuration Command Mode R...

Page 1154: ...mit interval seconds transmit delay seconds dead interval seconds no area area id virtual link router id id hello interval retransmit interval transmit delay dead interval Parameter Description area id Valid OSPFv3 area identifier or decimal value in the range of 0 4294967295 router id Identifies the Router ID or valid IP address of the neighbor hello interval seconds Number of seconds to wait bef...

Page 1155: ...rval a hello interval of 20 seconds a retransmit interval of 20 seconds and a 20 second transmit delay for the OSPF virtual interface on the virtual interface identified by area 1 and its neighbor console config ipv6 router ospf console config rtr area 1 virtual link 2 dead interval 20 hello interval 20 retransmit interval 20 transmit delay 20 Parameter Default area id No area ID is predefined rou...

Page 1156: ... Range 1 65535 Default Configuration 40 is the default value for seconds Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example configures a 20 second dead interval for the OSPF virtual interface on the virtual interface identified by area 1 and its neighbor console config ipv6 router ospf console config rtr area 1 virtual li...

Page 1157: ...res a hello interval of 20 seconds for the OSPF virtual interface on the virtual interface identified by area 1 and its neighbor console config ipv6 router ospf console config rtr area 1 virtual link 2 hello interval 20 area virtual link retransmit interval Use the area virtual link retransmit interval command in Router OSPFv3 Configuration mode to configure the retransmit interval for the OSPF vi...

Page 1158: ...identified by area 1 and its neighbor config ipv6 router ospf config rtr area 1 virtual link 2 retransmit interval 20 area virtual link transmit delay Use the area virtual link transmit delay command in Router OSPFv3 Configuration mode to configure the transmit delay for the OSPF virtual interface on the virtual interface identified by areaid and neighbor Syntax area areaid virtual link neighbor t...

Page 1159: ... virtual link 2 transmit delay 20 default information originate Use the default information originate command in Router OSPFv3 Configuration mode to control the advertisement of default routes Use the no form of the command to return the default route advertisement settings to the default value Syntax default information originate always metric metric value metric type type value no default inform...

Page 1160: ... config rtr default information originate metric 100 metric type 2 default metric Use the default metric command in Router OSPFv3 Configuration mode to set a default for the metric of distributed routes Use the no form of the command to remove the metric from the distributed routes Syntax default metric metric value no default metric metric value The metric or preference value of the default route...

Page 1161: ... when determining the best route The type of OSPF route can be intra inter external All the external type routes are given the same preference value Use the no form of this command to reset the preference values to the default Syntax distance ospf external inter area intra area distance no distance ospf external inter area intra area distance distance Used to select the best path when there are tw...

Page 1162: ...ra 100 enable Use the enable command in Router OSPFv3 Configuration mode to enable administrative mode of OSPF in the router active Syntax enable no enable Default Configuration Enabled is the default state Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example enables administrative mode of OSPF in the router active console ...

Page 1163: ...nterval seconds Exit overflow interval for OSPF Range 0 2147483647 Default Configuration 0 is the default value for seconds Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example configures the exit overflow interval for OSPF at 100 seconds console config ipv6 router ospf console config rtr exit overflow interval 100 external...

Page 1164: ...t limit External LSDB limit for OSPF Range 1 2147483647 Default Configuration 1 is the default value for limit Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example sets the external LSDB limit at 100 for OSPF console config ipv6 router ospf console config rtr external lsdb limit 100 ipv6 ospf Use the ipv6 ospf command in In...

Page 1165: ...mand in Interface Configuration mode to set the OSPF area to which the specified router interface belongs Syntax ipv6 ospf area areaid no ipv6 ospf area areaid areaid Is a 32 bit integer formatted as a 4 digit dotted decimal number or a decimal value It uniquely identifies the area to which the interface connects Assigning an area id which does not exist on an interface causes the area to be creat...

Page 1166: ...n OSPF interface Use the no form of the command to return the cost to the default value Syntax ipv6 ospf cost interface cost no ipv6 ospf cost interface cost Specifies the cost link state metric of the OSPF interface Range 1 65535 Default Configuration 10 is the default link state metric configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guideline...

Page 1167: ...length of time must be the same for all routers attached to a common network This value should be some multiple of the Hello Interval i e 4 Range 1 65535 Default Configuration 40 seconds is the default value of seconds Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example sets the OSPF dead interval at 100 s...

Page 1168: ...VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example sets the OSPF hello interval at 15 seconds console config interface vlan 15 console config if vlan15 ipv6 ospf hello interval 15 ipv6 ospf mtu ignore Use the ipv6 ospf mtu ignore command in Interface Configuration mode to disable OSPF maximum transmission unit MTU mismatch detection Use the ...

Page 1169: ... Example The following example disables OSPF maximum transmission unit MTU mismatch detection console config interface vlan 15 console config if vlan15 ipv6 ospf mtu ignore ipv6 ospf network Use the ipv6 ospf network command in Interface Configuration mode to change the default OSPF network type for the interface Use the no form of the command to return the network setting to the default value Syn...

Page 1170: ...following example changes the default OSPF network type to point to point console config interface vlan 15 console config if vlan15 ipv6 ospf network point to point ipv6 ospf priority Use the ipv6 ospf priority command in Interface Configuration mode to set the OSPF priority for the specified router interface Use the no form of the command to return the priority to the default value Syntax ipv6 os...

Page 1171: ...x ipv6 ospf retransmit interval seconds no ipv6 ospf retransmit interval seconds The number of seconds between link state advertisement retransmissions for adjacencies belonging to this router interface This value is also used when retransmitting database description and link state request packets Range 0 to 3600 seconds Default Configuration 5 seconds is the default value Command Mode Interface C...

Page 1172: ... sets the estimated number of seconds it takes to transmit a link state update packet over this interface Range 1 to 3600 seconds Default Configuration No default value Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example sets the OSPF Transmit Delay at 100 seconds for VLAN 15 console config interface vlan ...

Page 1173: ...PFv3 console config ipv6 router ospf maximum paths Use the maximum paths command in Router OSPFv3 Configuration mode to set the number of paths that OSPF can report for a given destination Syntax maximum paths maxpaths no maximum paths maxpaths Number of paths that can be reported Range 1 2 Default Configuration 2 is the default value for maxpaths Command Mode Router OSPFv3 Configuration mode User...

Page 1174: ...s that OSPF should only perform a graceful restart when the restart is planned i e when the restart is a result of the initiate failover command Default Configuration Graceful restart is disabled by default Command Mode Router OSPFv3 Configuration mode User Guidelines Graceful restart works in concert with nonstop forwarding to enable the hardware to continue forwarding IPv6 packets using OSPFv3 r...

Page 1175: ... prevent OSPF from acting as a helpful neighbor Syntax nsf helper planned only no nsf helper planned only This keyword indicates that OSPF should only help a restarting router performing a planned restart Default Configuration OSPF may act as a helpful neighbor for both planned and unplanned restarts Command Mode Router OSPFv3 Configuration mode User Guidelines The grace LSA announcing the gracefu...

Page 1176: ... change occurs Command Mode Router OSPFv3 Configuration mode User Guidelines The restarting router is unable to react to topology changes In particular the restarting router will not immediately update its forwarding table therefore a topology change may introduce forwarding loops or black holes that persist until the graceful restart completes By exiting the graceful restart on a topology change ...

Page 1177: ...n The default restart interval is 120 seconds Command Mode Router OSPFv3 Configuration mode User Guidelines The grace period must be set long enough to allow the restarting router to reestablish all of its adjacencies and complete a full database exchange with each of those neighbors passive interface Use the passive interface command to set the interface or tunnel as passive It overrides the glob...

Page 1178: ... mode by default for all interfaces It overrides any interface level passive mode Use the no form of this command to disable the global passive mode by default for all interfaces Any interface previously configured to be passive reverts to non passive mode Syntax passive interface default no passive interface default Default Configuration Global passive mode is disabled by default Command Mode Rou...

Page 1179: ...utes Range 0 16777214 tag Tag Range 0 4294967295 Default Configuration 2 is the default value for metric type 0 for tag Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example configures the OSPFv3 protocol to allow redistribution of routes from the specified source protocol routers console config ipv6 router ospf console conf...

Page 1180: ...ollowing example sets a 4 digit dotted decimal number identifying the Router OSPF ID as 2 3 4 5 console config ipv6 router ospf console config rtr router id 2 3 4 5 show ipv6 ospf Use the show ipv6 ospf command in Privileged EXEC mode to display information relevant to the OSPF router Syntax show ipv6 ospf area id area id Identifier for the OSPF area being displayed Default Configuration This comm...

Page 1181: ...th This value is used to determine the OSPF metric on its interfaces The reference bandwidth is divided by the interface speed to compute the metric Default Passive Setting When enabled OSPF interfaces are passive by default Maximum Paths Shows the maximum number of paths that OSPF can report for a given destination Default Metric Default metric for redistributed routes Default Route Advertise Whe...

Page 1182: ... the stub router To restore OSPF to normal operation resolve the condition that caused the resource overload then disable and re enable OSPF globally External LSDB Overflow OSPF enters this state when the number of external LSAs exceeds a configured limit as described in RFC 1765 External LSA Count Shows the number of external LS type 5 link state advertisements in the link state database External...

Page 1183: ...il a graceful restart expires Only non zero when the router is in graceful restart NSF Restart Exit Reason The reason the previous graceful restart ended Possible values are Not attempted In progress Completed Timed out Topology change and Manual clear NSF Helper Support Whether this router is configured to act as a graceful restart helpful neighbor Possible values are Helper Support Always Disabl...

Page 1184: ...ault Metric Not Configured Maximum Paths 2 Default Route Advertise Disabled Always FALSE Metric Metric Type External Type 2 NSF Support Disabled NSF Restart Interval 120 seconds NSF Helper Support Always NSF Helper Strict LSA Checking Enabled show ipv6 ospf abr This command displays the internal OSPFv3 routes to reach Area Border Routers ABR This command takes no options Syntax show ipv6 ospf abr ...

Page 1185: ... FE2A 3CB3 vlan11 INTRA 4 4 4 4 10 0 0 0 1 FE80 210 18FF FE82 8E1 vlan12 show ipv6 ospf area Use the show ipv6 ospf area command in Privileged EXEC mode to display information about the area Syntax show ipv6 ospf area areaid areaid Identifier for the OSPF area being displayed Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This comm...

Page 1186: ...e show ipv6 ospf asbr The show ipv6 ospf asbr command displays the internal OSPFv3 routes to reach Autonomous System Boundary Routes ASBR This command takes no options Syntax show ipv6 ospf asbr Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console show ipv6 ospf asbr Type Router Id Cost...

Page 1187: ...C mode to display information about the link state database when OSPFv3 is enabled If no parameters are entered the command displays the LSA headers Optional parameters specify the type of link state advertisements to display The information below is only displayed if OSPF is enabled Syntax show ipv6 ospf area id database external inter area prefix router link network nssaexternal prefix router un...

Page 1188: ...that are self originated Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays information about the link state database when OSPFv3 is enabled console show ipv6 ospf database Router Link States Area 0 0 0 0 Adv Router Link Id Age Sequence Csum Options Rt...

Page 1189: ... 700 80000008 2D89 V6E R 2 2 2 2 634 689 8000000A 6F82 V6E R 2 2 2 2 635 590 80000001 7782 V6E R Intra Prefix States Area 0 0 0 0 Adv Router Link Id Age Sequence Csum Options Rtr Opt 1 1 1 1 0 1 8000003C 9F31 2 2 2 2 0 2 8000004D 9126 Router Link States Area 0 0 0 1 Adv Router Link Id Age Sequence Csum Options Rtr Opt 1 1 1 1 0 1 8000002E 35AD V6E R V B 2 2 2 2 0 0 8000004A D2F3 V6E R B Network Li...

Page 1190: ...0 0 1 Adv Router Link Id Age Sequence Csum Options Rtr Opt 1 1 1 1 0 6 8000003A 37C4 2 2 2 2 0 1 8000004F 439A 1 1 1 1 10634 434 80000002 440A show ipv6 ospf database database summary Use the show ipv6 ospf database database summary command in Privileged EXEC mode to display the number of each type of LSA in the database and the total number of LSAs in the database Syntax show ipv6 ospf database d...

Page 1191: ...sole show ipv6 ospf database database summary OSPF Router with ID 0 0 0 2 Router database summary Router 0 Network 0 Inter area Prefix 0 Inter area Router 0 Type 7 Ext 0 Link 0 Intra area Prefix 0 Link Unknown 0 Area Unknown 0 AS Unknown 0 Type 5 Ext 0 Self Originated Type 5 Ext 0 Total 0 show ipv6 ospf interface Use the show ipv6 ospf interface command in Privileged EXEC mode to display the infor...

Page 1192: ...owing example displays the information in VLAN 11 s virtual interface tables console show ipv6 ospf interface vlan 11 IP Address Err ifIndex 1 OSPF Admin Mode Enable OSPF Area ID 0 0 0 0 Router Priority 1 Retransmit Interval 5 Hello Interval 10 Dead Interval 40 LSA Ack Interval 1 Parameter Description interface type The interface type VLAN tunnel or loopback interface number The valid interface nu...

Page 1193: ...brief information for the IFO object or virtual interface tables Syntax show ipv6 ospf interface brief Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays brief ospf interface information console show ipv6 ospf interface brief Hello Dead Retrax LSA Admin Router I...

Page 1194: ...efault Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays the interface statistics for VLAN 5 console show ipv6 ospf interface stats vlan 5 OSPFv3 Area ID 0 0 0 1 Spf Runs 265 Area Border Router Count 1 AS Border Router Count 0 Area LSA Count 6 IPv6 Address FE80 202 BCFF FE00...

Page 1195: ...ed Hello 295 219 Database Description 10 14 LS Request 4 4 LS Update 521 398 LS Acknowledgement 209 282 show ipv6 ospf interface vlan Use the show ipv6 ospf interface vlan command in Privileged EXEC mode to display OSPFv3 configuration and status information for a specific vlan Syntax show ipv6 ospf interface vlan vlan id brief vlan id Valid VLAN ID Range is 1 4093 brief Displays a snapshot of con...

Page 1196: ... Address FE80 2FC E3FF FE90 44 ifIndex 634 OSPF Admin Mode Enable OSPF Area ID 0 0 0 1 Router Priority 1 Retransmit Interval 5 Hello Interval 10 Dead Interval 40 LSA Ack Interval 1 Iftransit Delay Interval 1 Authentication Type None Metric Cost 10 computed OSPF Mtu ignore Disable OSPF Interface Type broadcast State backup designated router Designated Router 1 1 1 1 Backup Designated Router 2 2 2 2...

Page 1197: ...erface number neighbor id Syntax Description Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC mode User Guidelines This command has no user guidelines Examples The following examples display information about OSPF neighbors in the first case in a summary table and in the second in a table specific to tunnel 1 console show ipv6 ospf neighbor Rou...

Page 1198: ...elay Interval 1 Authentication Type None Metric Cost 1 computed OSPF Mtu ignore Disable OSPF cannot be initialized on this interface show ipv6 ospf range Use the show ipv6 ospf range command in Privileged EXEC mode to display information about the area ranges for the specified area identifier Syntax show ipv6 ospf range areaid areaid Identifies the OSPF area whose ranges are being displayed Defaul...

Page 1199: ...e Use the show ipv6 ospf stub table command in Privileged EXEC mode to display the OSPF stub table The information below will only be displayed if OSPF is initialized on the switch Syntax show ipv6 ospf stub table Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displa...

Page 1200: ... area whose virtual interface information is being displayed neighbor id Router ID of neighbor Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the OSPF Virtual Interface information for area 1 and its neighbor console show ipv6 ospf virtual link 1 1...

Page 1201: ...on for all areas in the system Syntax show ipv6 ospf virtual link brief Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the OSPF stub table console config show ipv6 ospf virtual link brief Hello Dead Retransmit Transit Area ID Neighbor Interval Interval Inter...

Page 1202: ...1202 OSPFv3 Commands ...

Page 1203: ...t periodic message Router discovery enables hosts to select from among multiple default gateways and switch to a different default gateway if an initially designated gateway goes down Commands in this Chapter This chapter explains the following commands ip irdp Use the ip irdp command in Interface Configuration mode to enable Router Discovery on an interface Use the no form of the command to disab...

Page 1204: ... broadcast address holdtime seconds Integer value in seconds of the the holdtime field of the router advertisement sent from this interface Range 4 9000 seconds maxadvertinterval seconds Maximum time in seconds allowed between sending router advertisements from the interface Range 4 or the minimum advertisement interval whichever is greater and 1800 seconds minadvertinterval seconds Minimum time i...

Page 1205: ...ments Use the no form of the command to return the address to the default Syntax ip irdp address ip address no ip irdp address ip address IP address for router discovery advertisements Range 224 0 0 1 all hosts IP multicast address or 255 255 255 255 limited broadcast address Default Configuration IP address 224 0 0 1 is the default configuration Command Mode Interface Configuration VLAN mode User...

Page 1206: ...the default value Syntax ip irdp holdtime integer no ip irdp holdtime integer Integer value in seconds of the the holdtime field of the router advertisement sent from this interface The holdtime must be no less than the maximum advertisement interval and cannot be greater than 9000 seconds Default Configuration The holdtime defaults to 3 times the maximum advertisement interval Command Mode Interf...

Page 1207: ...greater and 1800 seconds Default Configuration 600 seconds is the default value Command Mode Interface Configuration VLAN mode User Guidelines The default values of the minimum advertisement interval and the holdtime depend on the value of the maximum advertisement interval Setting the maximum advertisement interval changes the minimum advertisement interval and holdtime if those values are at the...

Page 1208: ...nterface Use the no form of the command to set the time to the default value Syntax ip irdp minadvertinterval integer no ip irdp minadvertinterval integer Minimum time in seconds allowed between sending router advertisements from the interface Range 3 to value of maximum advertisement interval in seconds Default Configuration The default value is 0 75 times the maximum advertisement interval Comma...

Page 1209: ...p multicast Default Configuration Router discovery packets are sent to the all hosts IP multicast address 224 0 0 1 by default Command Mode Interface Configuration VLAN mode User Guidelines If a subnet includes any hosts that do not accept IP multicast packets send router advertisements to the limited broadcast address Example The following example configures router discovery to send to the limite...

Page 1210: ...ress as a default router address relative to other router addresses on the same subnet Range 2147483648 to 2147483647 Default Configuration 0 is the default value Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example sets the ip irdp preference to 1000 for VLAN 15 console config interface vlan 15 console config if vlan15 ip...

Page 1211: ...ration Command Mode User EXEC Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example shows router discovery information for VLAN 15 console show ip irdp vlan 15 Interface Ad Mode Advertise Address Max Int Min Int Hold Time Preference vlan15 Enable 224 0 0 1 600 450 1800 0 ...

Page 1212: ...1212 Router Discovery Protocol Commands ...

Page 1213: ...d to moderately sized networks whose physical interconnections are of similar type and speed PowerConnect routing supports RIPv2 as specified in RFC 2453 Commands in this Chapter This chapter explains the following commands auto summary Use the auto summary command in Router RIP Configuration mode to enable the RIP auto summarization mode Use the no form of the command to disable auto summarizatio...

Page 1214: ...ummary default information originate Use the default information originate command in Router RIP Configuration mode to control the advertisement of default routes Syntax default information originate no default information originate Default Configuration This command has no default configuration Command Mode Router RIP Configuration mode User Guidelines This command has no user guidelines Example ...

Page 1215: ...lt metric is not configured by default Command Mode Router RIP Configuration mode User Guidelines This command has no user guidelines Example The following example sets a default of 12 for the metric of distributed routes console config router default metric 12 distance rip Use the distance rip command in Router RIP Configuration mode to set the route preference value of RIP in the router Lower ro...

Page 1216: ...figuration mode to specify the access list to filter routes received from the source protocol Use the no form of the command to remove the access list from the specified source protocol Syntax distribute list accesslistname out ospf static connected no distribute list accesslistname out ospf static connected accesslistname The name used to identify the existing ACL The range is 1 31 characters osp...

Page 1217: ...s received from the source protocol console config router distribute list ACL40 out static enable Use the enable command in Router RIP Configuration mode to reset the default administrative mode of RIP in the router active Use the no form of the command to disable the administrative mode for RIP Syntax enable no enable Default Configuration Enabled is the default configuration Command Mode Router ...

Page 1218: ...P hostroutesaccept mode Syntax hostroutesaccept no hostroutesaccept Default Configuration Enabled is the default configuration Command Mode Router RIP Configuration mode User Guidelines This command has no user guidelines Example console config router hostroutesaccept ip rip Use the ip rip command in Interface Configuration mode to enable RIP on a router interface Use the no form of the command to...

Page 1219: ...RIP Version 2 Authentication Type and Key for the specified VLAN Use the no form of the command to return the authentication to the default value Syntax ip rip authentication none simple key encrypt key key id no ip rip authentication none Do not use RIP authentication on the VLAN simple Use simple authentication on the VLAN key Authentication key for the VLAN Range 16 bytes or less encrypt Use MD...

Page 1220: ...rface Configuration mode to configure the interface to allow RIP control packets of the specified version s to be received Use the no form of the command to return the version to the default value Syntax ip rip receive version rip1 rip2 both none no ip rip receive version rip1 Receive only RIP version 1 formatted packets rip2 Receive only RIP version 2 formatted packets both Receive packets from e...

Page 1221: ...ets of the specified version to be sent Use the no form of the command to return the version to the default value Syntax ip rip send version rip1 rip1c rip2 none no ip rip send version rip1 Send RIP version 1 formatted packets rip1c Send RIP version 1 compatibility mode which sends RIP version 2 formatted packets via broadcast rip2 Send RIP version 2 using multicast none Do not allow any RIP contr...

Page 1222: ...n redistributing the route Range 0 15 match internal Adds internal matches to any match types presently being redistributed match external 1 Adds routes imported into OSPF as Type 1 external routes into any match types presently being redistributed match external 2 Adds routes imported into OSPF as Type 2 external routes into any match types presently being redistributed match nssa external 1 Adds...

Page 1223: ...console config router redistribute connected metric 1 router rip Use the router rip command in Global Configuration mode to enter Router RIP mode Syntax router rip Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enters Router RIP mode console config router rip co...

Page 1224: ...ivileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays information relevant to the RIP router console show ip rip RIP Admin Mode Enable Split Horizon Mode Simple Auto Summary Mode Enable Host Routes Accept Mode Enable Global route changes 0 Global queries 0 Default Metric 12 Default Route Advertise 0 Redistributing Source Connected Metric 2 Di...

Page 1225: ...yntax show ip rip interface vlan vlan id vlan id Valid VLAN ID Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays information related to the VLAN 15 RIP interface console show ip rip interface vlan 15 Interface 15 IP Address Send version RIP 2 Receive version Bo...

Page 1226: ...splay successful results routing must be enabled per interface i e ip rip Syntax show ip rip interface brief Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays general information for each RIP interface console show ip rip interface brief Send Receive RIP Link I...

Page 1227: ...no split horizon none RIP does not use split horizon to avoid routing loops simple RIP uses split horizon to avoid routing loops poison RIP uses split horizon with poison reverse increases routing packet update size Default Configuration Simple is the default configuration Command Mode Router RIP Configuration mode User Guidelines This command has no user guidelines Example The following example d...

Page 1228: ...1228 Routing Information Protocol Commands ...

Page 1229: ...o the number of tunnel interfaces available to the entire system To support IPv4 to IPv6 transition PowerConnect supports configured tunnels RFC 4213 and automatic 6to4 tunnels RFC 3056 6to4 tunnels are automatically formed for IPv4 tunnels carrying IPv6 traffic The automatic tunnels IPv4 destination address is derived from the 6to4 IPv6 address of the tunnel s next hop PowerConnect can act as a 6...

Page 1230: ...guration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enables the interface configuration mode for tunnel 1 console config interface tunnel 1 console config if tunnel1 show interfaces tunnel Use the show interfaces tunnel command in Privileged EXEC mode to display the parameters related to tunnel such as tunnel mode tunnel...

Page 1231: ...el 1 Interface Link Status down MTU size 1480 bytes console show interfaces tunnel TunnelId Interface TunnelMode SourceAddress DestinationAddress 1 tunnel 1 IPv6OVER4 10 254 25 14 10 254 25 10 2 tunnel 2 IPv6OVER4 10 254 20 10 tunnel destination Use the tunnel destination command in Interface Configuration mode to specify the destination transport address of the tunnel Syntax tunnel destination ip...

Page 1232: ... tunnel1 tunnel destination 10 1 1 1 tunnel mode ipv6ip Use the tunnel mode ipv6ip command in Interface Configuration mode to specify the mode of the tunnel Syntax tunnel mode ipv6ip 6to4 no tunnel mode 6to4 Sets the tunnel mode to automatic Default Configuration This command has no default configuration Command Mode Interface Configuration Tunnel mode User Guidelines This command has no user guid...

Page 1233: ...n interface Syntax tunnel source ip address interface type interface number no tunnel source Syntax Description Default Configuration This command has no default configuration Command Mode Interface Configuration Tunnel mode User Guidelines This command has no user guidelines Example The following example specifies VLAN 11 as the source transport address of the tunnel Parameter Description ip addr...

Page 1234: ...1234 Tunnel Interface Commands console config interface tunnel 1 console config if tunnel1 tunnel source vlan 11 ...

Page 1235: ... and starts handling traffic sent to the address This change is transparent to end stations VRRP increases the availability of the default path without requiring configuration of dynamic routing or router discovery protocols on every end station Multiple virtual routers can be defined on a single router interface Pingable VRRP Interface RFC 3768 specifies that a router may only accept IP packets s...

Page 1236: ...onds to ICMP Echo Requests When Echo Replies are disabled using that option the VRRP master does not respond to Echo Requests even if this new option is enabled VRRP Route Interface Tracking The VRRP Route Interface Tracking feature extends the capability of the Virtual Router Redundancy Protocol VRRP to allow tracking of specific route interface IP states within the router that can alter the prio...

Page 1237: ...ble entry exists for the route and the route is accessible For route tracking make VRRP a best route client of RTO When a tracked route is added or deleted change the priority For simplicity routes are not distinguished with the next hop interface that has VRRP enabled So VRRP Route Tracking can ignore route modifications Commands in this Chapter This chapter explains the following commands Virtua...

Page 1238: ...lt Configuration VRRP is disabled by default Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enables VRRP protocol on the router console config ip vrrp vrrp accept mode Use the vrrp accept mode command in Interface VLAN Configuration mode to enable the VRRP Master to accept ping packets sent to one of the virtual router s IP ...

Page 1239: ...he authentication details value for the virtual router configured on a specified interface Use the no form of the command to return the authentication type to the default value Syntax vrrp group authentication none simple key no vrrp group authentication Syntax Description Default Configuration None is the default configuration Parameter Description group The virtual router identifier Range 1 255 ...

Page 1240: ...e test123 vrrp description Use the vrrp description command in Interface Configuration mode to assign a description to the Virtual Router Redundancy Protocol VRRP group To remove the description use the no form of the command Syntax vrrp group description text no vrrp group description Syntax Description Default Configuration No description is present Command Mode Interface Configuration VLAN mode...

Page 1241: ...mode to enable VRRP and set the virtual router IP address value for an interface Use the no form of the command remove the secondary IP address It is not possible to remove the primary IP address once assigned Remove the VRRP group instead Syntax vrrp group ip ip address secondary no vrrp group ip ip address vlan secondary Syntax Description Default Configuration VRRP is not configured on the inte...

Page 1242: ...the interface using the vrrp mode command Example The following example configures VRRP on VLAN 15 console configure console config ip routing console config ip vrrp console config vlan database console config vlan vlan 15 console config vlan vlan routing 15 console config vlan exit console config interface vlan 15 console config if vlan15 ip address 192 168 5 1 255 255 255 0 console config if vla...

Page 1243: ... The following example enables the virtual router for VLAN 15 console config interface vlan 15 console config if vlan15 vrrp 5 mode vrrp preempt Use the vrrp preempt command in Interface Configuration mode to set the preemption mode value for the virtual router configured on a specified interface Use the no form of the command to disable preemption mode Syntax vrrp group preempt delay seconds no v...

Page 1244: ...e specified number of seconds before issuing an advertisement claiming master ownership Example The following example sets the preemption mode value for the virtual router for VLAN 15 console config interface vlan 15 console config if vlan15 vrrp 5 preempt vrrp priority Use the vrrp priority command in Interface Configuration mode to set the priority value for the virtual router configured on a sp...

Page 1245: ...ertise Use the vrrp timers advertise command in Interface Configuration mode to set the frequency in seconds that an interface on the specified virtual router sends a virtual router advertisement Use the no form of the command to return the advertisement frequency to the default value Syntax vrrp group timers advertise interval no vrrp group timers advertise interval group The virtual router ident...

Page 1246: ...ure the router when it is acting as backup virtual router for a Virtual Router Redundancy Protocol VRRP group to learn the advertisement interval used by the master virtual router Use the no form of the command to prevent the router from learning the advertisement interval from the master virtual router Syntax vrrp group timers learn no vrrp group timers learn group The virtual router identifier R...

Page 1247: ... the interface is up for the IP protocol the priority will be incremented by the priority value A VRRP configured interface can track more than one interface When a tracked interface goes down then the priority of the router will be decreased by 10 default priority decrement for each downed interface The default priority decrement is changed using the priority argument The default priority of the ...

Page 1248: ...ity When the tracked route is deleted the priority of the VRRP router is decremented by the value specified in the priority argument When the tracked route is added the priority is incremented by the same A VRRP configured interface can track more than one route When a tracked route goes down the priority of the router is decreased by 10 default priority decrement for each downed route By default ...

Page 1249: ...fix length Parameter Description Default Configuration There are no routes tracked by default The default decrement priority is 10 Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example The following example adds the route 2 2 2 0 24 to the virtual router tracked list with a priority decrement value of 20 console config if vlan10 vrrp 1...

Page 1250: ...yntax Description Default Configuration Show information on all VRRP groups Command Mode User EXEC Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays detailed VRRP status console show vrrp Admin Mode Enable Router Checksum Errors 0 Router Version Errors 0 Router VRID Errors 0 Parameter Description group The virtual router group identifie...

Page 1251: ...Type None Priority 60 Configured Priority 100 Advertisement Interval secs 10 Accept Mode Enable Pre empt Mode Enable Pre empt Delay Enable Administrative Mode Enable State Initialized Timers Learn Mode Enable Description Track Interface vlan 3 Track Interface State Down Track Interface DecrementPriority 20 Track Route pfx len 10 10 10 0 24 ...

Page 1252: ... 5 65 VMAC Address 0000 5E00 0202 Authentication Type None Priority 60 Configured Priority 100 Advertisement Interval secs 10 Accept Mode Enable Pre empt Mode Enable Pre empt Delay 0 Administrative Mode Enable State Initialized Timers Learn Mode Disable Description Track Interface vlan 3 Track Interface State Down Track Interface DecrementPriority 20 ...

Page 1253: ...all configuration information and VRRP router statistics of a virtual router configured on a specific interface Syntax show vrrp interface brief vlan vlan id stats Syntax Description Default Configuration Show information for each group in the specified interface Parameter Description brief Display summary information about each virtual router configured on the switch stats Display the statistical...

Page 1254: ...Address 192 168 5 55 VMAC Address 0000 5E00 0101 Authentication Type None Priority 100 Configured Priority 100 Advertisement Interval secs 10 Accept Mode Disable Pre empt Mode Enable Pre empt Delay 0 Administrative Mode Enable State Initialized Timers Learn Mode Disable Description GoodStuff The following example displays all configuration information about the virtual router on the selected inter...

Page 1255: ... Errors 0 Authentication Failure 0 IP TTL Errors 0 Zero Priority Packets Received 0 Zero Priority Packets Sent 0 Invalid Type Packets Received 0 Address List Errors 0 Invalid Authentication Type 0 Authentication Type Mismatch 0 Packet Length Errors 0 show vrrp interface brief Use the show vrrp interface brief command in Privileged EXEC mode to display information about each virtual router configur...

Page 1256: ...te vlan1 2 0 0 0 0 Disable Initialize vlan2 5 192 168 5 55 Enable Initialize show vrrp interface stats Use the show vrrp interface stats command in User EXEC mode to display the statistical information about each virtual router configured on the switch Syntax show vrrp interface stats vlan vlan id vr id vlan id Valid VLAN ID vr id The virtual router identifier Range 1 255 Default Configuration Thi...

Page 1257: ...n Failure 0 IP TTL Errors 0 Zero Priority Packets Received 0 Zero Priority Packets Sent 0 Invalid Type Packets Received 0 Address List Errors 0 Invalid Authentication Type 0 Authentication Type Mismatch 0 Packet Length Errors 0 Pingable VRRP Commands ip vrrp accept mode Use the ip vrrp accept mode command in Interface VLAN Configuration mode to enable the VRRP Master to accept ping packets sent to...

Page 1258: ...ip vrrp interface Use the show ip vrrp interface command in User EXEC or Privileged EXEC mode to display the configured value for Accept Mode Syntax show ip vrrp interface interface id vrid Syntax Description Default Configuration The command has no default configuration Command Mode User EXEC Privileged EXEC mode Parameter Description interface id Any valid routing interface See Interface Naming ...

Page 1259: ...y IP Address 10 10 10 1 VMAC Address 00 00 5E 00 01 01 Authentication Type None Priority 100 Configured Priority 100 Advertisement Interval secs 1 Pre empt Mode Enable Administrative Mode Disable Accept Mode Enable State Initialized Track Interface State Decrement Priority No interfaces are tracked for this vrid and interface combination Track Route pfx len Reachable Decrement Priority No routes a...

Page 1260: ...1260 Virtual Router Redundancy Protocol Commands ...

Page 1261: ...e Commands CLI Macro Commands Password Management Commands SSH Commands Web Server Commands Clock Commands PHY Diagnostics Commands Syslog Commands Command Line Configuration Scripting Commands System Management Commands Configuration and Image File Commands RMON Commands Telnet Server Commands Denial of Service Commands SDM Templates Commands Terminal Length Commands Line Commands Serviceability ...

Page 1262: ...1260 Utility Commands ...

Page 1263: ...ble on Dell PowerConnect devices as per the specification listed below Auto Install features in this release include 1 Support download of image from TFTP server using DHCP option 125 The image update can result in a downgrade or upgrade of the firmware on the switch or stack of switches 2 Support for automatic download of a configuration file from a TFTP server when the device is booted with no s...

Page 1264: ... command in Privileged EXEC mode to enable or disable Stack Firmware Synchronization Use the no form of the command to disable Stack Firmware Synchronization Syntax boot auto copy sw no boot auto copy sw Parameter Description This command does not require a parameter description Default Configuration Stack firmware synchronization is disabled by default boot auto copy sw boot auto copy sw allow do...

Page 1265: ...n the stack member if the firmware version on the manager is older than the firmware version on the member Use the no form of the command to disable downgrading the image Syntax boot auto copy sw allow downgrade no boot auto copy sw allow downgrade Parameter Description This command does not require a parameter description Default Configuration The default value is Enable Command Mode Global Confi...

Page 1266: ...ting the device no administrative intervention when the auto image is successfully downloaded Syntax boot host autoreboot no boot host autoreboot Parameter Description This command does not require a parameter description Default Configuration The default value is enabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console console configure co...

Page 1267: ...eter Description This command does not require a parameter description Default Configuration The default value is disabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console console configure console config boot host auto save console config no boot host auto save boot host dhcp Use the boot host dhcp command in Global Configuration mode to e...

Page 1268: ...en minutes Syntax boot host dhcp no boot host dhcp Parameter Description This command does not require a parameter description Default Configuration The default value is Enabled Command Mode Global Configuration User Guidelines This command has no user guidelines Example console console configure console config boot host dhcp console config no boot host dhcp boot host retrycount The boot host retr...

Page 1269: ...ommand Mode Global Configuration mode User Guidelines This command has no user guidelines Example console console configure console config boot host retrycount 5 console config no boot host retrycount show auto copy sw Use the show auto copy sw command in Privileged EXEC mode to display Stack Firmware Synchronization configuration status Syntax show auto copy sw Parameter Description This command ...

Page 1270: ...tatus Example console show auto copy sw Stack Firmware Synchronization Synchronization Enabled SNMP Trap status Enabled Allow Downgrade Enabled show boot Use the show boot command in Privileged EXEC mode to display the auto install configuration and the status Syntax show boot Parameter Description This command does not require a parameter description Default Configuration This command has no defa...

Page 1271: ...ode Privileged EXEC User Guidelines This command has no user guidelines Example console show boot AutoInstall Mode Started AutoSave Mode Enabled AutoReboot Mode Enabled AutoInstall Retry Count 3 AutoInstall State Waiting for boot options ...

Page 1272: ...1270 Auto Install Commands ...

Page 1273: ...ed to use an optional HTTP port in support of HTTP Proxy networks or an optional HTTPS port If configured this additional port or ports are then used exclusively by Captive Portal NOTE This optional HTTP port is in addition to the standard HTTP port 80 which is currently being used for all other web traffic and the optional HTTPS port is in addition to the standard HTTPS port 443 used for secure w...

Page 1274: ...e client status show captive portal client status show captive portal interface configuration status show captive portal configuration client status clear captive portal users user logout no user user name show captive portal user user password user group user session timeout show captive portal configuration show captive portal configuration locales show captive portal configuration interface sho...

Page 1275: ...this command to reset the authentication timeout to the default Syntax authentication timeout timeout no authentication timeout timeout The authentication timeout Range 60 600 seconds Default Configuration The default authentication timeout is 300 seconds Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config CP authentic...

Page 1276: ...elines for this command Example console config captive portal console config CP enable Use the enable command to globally enable captive portal Use the no form of this command to globally disable captive portal Syntax enable no enable Default Configuration Captive Portal is disabled by default Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this comm...

Page 1277: ...port number to monitor Range 1 65535 Default Configuration Captive portal only monitors port 80 by default Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config CP http port 81 console config CP no http port https port Use the https port command to configure an additional HTTPS port for captive portal to monitor Use the ...

Page 1278: ...es There are no user guidelines for this command Example console config CP https port 1443 console config CP no https port show captive portal Use the show captive portal command to display the status of the captive portal feature Syntax show captive portal Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user g...

Page 1279: ...rtal status command to report the status of all captive portal instances in the system Syntax show captive portal status Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show captive portal status Additional HTTP Port 81 Additional HTTP Secure Port 1443 Authentica...

Page 1280: ...The commands in this section are related to captive portal configurations block Use the block command to block all traffic for a captive portal configuration Use the no form of this command to unblock traffic Syntax block no block Default Configuration Traffic is not blocked by default Command Mode Captive Portal Instance mode User Guidelines There are no user guidelines for this command Example c...

Page 1281: ...The default configuration 1 cannot be deleted Syntax configuration cp id no configuration cp id cp id Captive Portal ID Range 1 10 Default Configuration Configuration 1 is enabled by default Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config CP configuration 2 console config CP 2 enable Use the enable command to enabl...

Page 1282: ...ration If a group number is configured the user entry Local or RADIUS must be configured with the same name and the group to authenticate to this captive portal instance Use the no form of this command to reset the group number to the default Syntax group group number no group group number The number of the group to associate with this configuration Range 1 10 Default Configuration The default gro...

Page 1283: ...rfaces are associated with a configuration by default Command Mode Captive Portal Instance Config mode User Guidelines There are no user guidelines for this command Example console config CP 2 interface 1 0 2 locale The locale command is not intended to be a user command The administrator must use the Web UI to create and customize captive portal web content This command is primarily used by the s...

Page 1284: ...e name command to configure the name for a captive portal configuration Use the no form of this command to remove a configuration name Syntax name cp name no name cp name CP configuration name Range 1 32 characters Default Configuration Configuration 1 has the name Default by default All other configurations have no name by default Command Mode Captive Portal Instance mode User Guidelines There ar...

Page 1285: ...d Mode Captive Portal Instance mode User Guidelines There are no user guidelines for this command Example console config CP 2 protocol http redirect Use the redirect command to enable the redirect mode for a captive portal configuration Use the no form of this command to disable redirect mode Syntax redirect no redirect Default Configuration Redirect mode is disabled by default Command Mode Captiv...

Page 1286: ...rection Range 1 512 characters Default Configuration There is no redirect URL configured by default Command Mode Captive Portal Instance mode User Guidelines There are no user guidelines for this command Example console config CP 2 redirect url www dell com session timeout Use the session timeout command to configure the session timeout for a captive portal configuration Use the no form of this co...

Page 1287: ...n timeout 86400 console config CP 2 no session timeout verification Use the verification command to configure the verification mode for a captive portal configuration Syntax verification guest local radius guest Allows access for unauthenticated users users that do not have assigned user names and passwords local Authenticates users against a local user database radius Authenticates users against ...

Page 1288: ...portal client Syntax captive portal client deauthenticate macaddr macaddr Client MAC address Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console captive portal client deauthenticate 0002 BC00 1290 show captive portal client status Use the show captive portal client s...

Page 1289: ... 0d 00 01 20 0002 BC00 1291 10 254 96 48 https Local 0d 00 05 20 0002 BC00 1292 10 254 96 49 https Radius 0d 00 00 20 console show captive portal client 0002 BC00 1290 status Client MAC Address 0002 BC00 1290 Client IP Address 10 254 96 47 Protocol Mode https Verification Mode Local CP ID 1 CP Name cp1 Interface 1 0 1 Interface Description Unit 1 Slot 0 Port 1 Gigabit Level User Name user123 Sessi...

Page 1290: ...002 BC00 1290 10 254 96 47 1 0 1 0002 BC00 1291 10 254 96 48 1 0 2 2 cp2 0002 BC00 1292 10 254 96 49 1 0 3 3 cp3 0002 BC00 1293 10 254 96 50 1 0 4 console show captive portal configuration 1 client status CP ID 1 CP Name cp1 Client Client MAC Address IP Address Interface Interface Description 0002 BC00 1290 10 254 96 47 1 0 1 Unit 1 Slot 0 Port 1 Gigabit 0002 BC00 1291 10 254 96 48 1 0 2 Unit 1 Sl...

Page 1291: ...tatus Client Client Intf Intf Description MAC Address IP Address 1 0 1 Unit 1 Slot 0 Port 1 Gigabit 0002 BC00 1290 10 254 96 47 0002 BC00 1291 10 254 96 48 1 0 2 Unit 1 Slot 0 Port 2 Gigabit 0002 BC00 1292 10 254 96 49 1 0 3 Unit 1 Slot 0 Port 3 Gigabit 0002 BC00 1293 10 254 96 50 console show captive portal interface 1 0 1 client status Interface 1 0 1 Interface Description Unit 1 Slot 0 Port 1 G...

Page 1292: ...guration cp id status cp id Captive Portal ID Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show captive portal interface configuration status CP ID CP Name Interface Interface Description Type 1 Default 1 0 1 Unit 1 Slot 0 Port 1 Gigabit Physical console show ...

Page 1293: ...is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console clear captive portal users no user Use the no user command to delete a user from the local user database If the user has an existing session it is disconnected Syntax no user user id user id User ID Range 1 128 Default Configuration There is n...

Page 1294: ... command to display all configured users or a specific user in the captive portal local user database Syntax show captive portal user user id user id User ID Range 1 128 Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show captive portal user Session User ID User...

Page 1295: ...up Use the user group command to associate a group with a captive portal user Use the no form of this command to disassociate a group and user A user must be associated with at least one group so the last group cannot be disassociated Syntax user user id group group id user id User ID Range 1 128 group id Group ID Range 1 10 Default Configuration A user is associated with group 1 by default Comman...

Page 1296: ... command to return the user logout configuration to the default Syntax user logout no user logout Parameter Description This command does not require a parameter description Default Configuration User logout is disabled by default Command Mode Captive portal Instance mode User Guidelines There are no user guidelines for this command Example In this example all classes of entries in the mac address...

Page 1297: ...nge 1 32 characters Default Configuration There is no name for a user by default Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines Example console config CP user 1 name johnsmith user password Use the user password command to create a local user or change the password for an existing user Syntax user user id password password encrypted enc password user id...

Page 1298: ...cters Re enter password user session timeout Use the user session timeout command to set the session timeout value for a captive portal user Use the no form of this command to reset the session timeout to the default Syntax user user id session timeout timeout no user user id session timeout user id User ID Range 1 128 timeout Session timeout 0 indicates use global configuration Range 0 86400 seco...

Page 1299: ...uration command to display the operational status of each captive portal configuration Syntax show captive portal configuration cp id cp id Captive Portal ID Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show captive portal configuration 1 CP ID 1 CP Name cp1 O...

Page 1300: ...iguration Syntax show captive portal configuration cp id interface gigabitethernet unit slot port tengigabitethernet unit slot port cp id Captive Portal ID Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show captive portal configuration 1 interface CP ID 1 CP Na...

Page 1301: ...e portal configuration locales Use the show captive portal configuration locales command to display locales associated with a specific captive portal configuration Syntax show captive portal configuration cp id locales cp id Captive Portal Configuration ID Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user gu...

Page 1302: ...tatus cp id Captive Portal ID Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show captive portal configuration status CP ID CP Name Mode Protocol Verification 1 cp1 Enable https Guest 2 cp2 Enable http Local 3 cp3 Disable https Guest console show captive portal ...

Page 1303: ...he no form of this command to delete a user group The default user group 1 cannot be deleted Syntax user group group id no user group group id group id Group ID Range 1 10 Default Configuration User group 1 is created by default and cannot be deleted Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config CP user group 2 c...

Page 1304: ... Configuration There is no default configuration for this command Command Mode Captive Portal Configuration mode User Guidelines The new group id must already exist Example console config CP user group 2 moveusers 3 user group name Use the user group name command to configure a group name Syntax user group group id name name group id Group ID Range 1 10 name Group name Range 1 32 characters Defaul...

Page 1305: ...Captive Portal Commands 1303 Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config CP user group 2 name group2 ...

Page 1306: ...1304 Captive Portal Commands ...

Page 1307: ...cros which cannot be changed or deleted User Defined Macros or Custom Macros the macros which allow the operator to bundle some pre requisites or global configurations as a macro and then apply them to one or more interfaces at a time which can then be copied or used by other switches Up to 50 user defined macros are supported The software includes 6 built in macros profile global the global confi...

Page 1308: ...name name no macro name name Parameter Description Default Configuration The following macros are defined by default and may not be deleted or altered macro name macro apply macro global apply macro trace macro global trace macro description macro global description show parser macro Parameter Description name The name of the macro A macro name can consist of any printable characters including bla...

Page 1309: ...he command line when the macro is applied Macros may be applied to a specific interface a range of interfaces or to the global configuration Up to 50 user defined macros may be configured macro global apply Use the macro global apply command in Global Configuration mode to apply a macro Syntax macro global apply macro name parameter value parameter value parameter value Macro Default Definition de...

Page 1310: ...The trace command will display each line of the macro as it is executed and list any errors encountered Syntax macro global trace macro name parameter value parameter value parameter value Parameter Description Parameter Description macro name The name of the macro parameter The name of the parameter recognized by the macro The parameter must begin with a dollar sign value The string to be substit...

Page 1311: ...ion information by default macro global description Use the macro global description command in Global Configuration mode to append a line to the global macro description Use the no form of the command to clear the description Syntax macro global description line Parameter Description Default Configuration There is no description by default value The string to be substituted within the macro for t...

Page 1312: ... macro apply macro name parameter value parameter value parameter value Parameter Description Default Configuration No parameters are substituted unless supplied on the command line Command Mode Interface Configuration mode User Guidelines Commands applied are additive in nature That is they do not remove existing configuration information by default Parameter Description macro name The name of th...

Page 1313: ...ters are substituted unless supplied on the command line Command Mode Interface Configuration mode User Guidelines The line number of the first error encountered is printed The script is aborted after the first error Commands applied are additive in nature That is they do not remove existing configuration information by default Parameter Description macro name The name of the macro parameter The n...

Page 1314: ...ode User Guidelines This command is intended to give the administrator an easy way to remember which macros have been applied to an interface All text up to the new line is included in the description The line is appended to the interface description show parser macro Use the show parser macro command in Privileged EXEC mode to display information about defined macros Syntax show parser macro brie...

Page 1315: ...leged EXEC mode User Guidelines There are no user guidelines for this command Parameter Description brief Shows the list of defined macros and their type description Shows the macro descriptions name Shows an individual macro including its contents macro The name of the macro to display interface id The interface for which to show the macro description ...

Page 1316: ...1314 CLI Macro Commands ...

Page 1317: ...rious NTP implementations can operate as either a client or a server To an NTP or SNTP server NTP and SNTP clients are indistinguishable Likewise to an NTP or SNTP client NTP and SNTP servers are indistinguishable Furthermore any version of NTP is compatible with any other version of NTP PowerConnect SNTP implements the client side of SNTP Support for IPv6 address configuration is provided to the ...

Page 1318: ...configuration of the Simple Network Time Protocol SNTP Syntax show sntp configuration Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines show sntp configuration sntp trusted key show sntp server sntp unicast client enable show sntp status clock timezone hours offset sntp authenticate no clock timezon...

Page 1319: ...No trusted keys Unicast clients Disable Unicast servers Server Key Polling Priority 10 27 128 21 Disabled Enabled 1 show sntp server Use the show sntp server command in Privileged EXEC mode to display the pre configured SNTP servers The configured servers can be either IPv4 or IPv6 format Syntax show sntp server Parameter Description This command does not require a parameter description Default Co...

Page 1320: ...er Server Host Address 2001 01 Server Type IPv6 Server Stratum 2 Server Reference Id NTP Srv 158 108 96 32 Server Mode Server Server Maximum Entries 3 Server Current Entries 2 SNTP Servers Host Address 2001 01 Address Type IPv6 Priority 1 Version 4 Port 123 Last Update Time Dec 22 11 10 00 2009 Last Attempt Time Dec 22 11 10 00 2009 ...

Page 1321: ... Time Dec 22 07 30 31 2009 Last Attempt Time Dec 22 07 32 41 2009 Last Update Status Server Unsynchronized Total Unicast Requests 157 Failed Unicast Requests 2 show sntp status Use the show sntp status command in Privileged EXEC mode to show the status of the Simple Network Time Protocol SNTP Syntax show sntp status Default Configuration This command has no default configuration Command Mode Privi...

Page 1322: ...sponse 192 168 0 1 Up 21 21 20 Mar 30 2009 sntp authenticate Use the sntp authenticate command in Global Configuration mode to require server authentication for received Network Time Protocol NTP traffic To disable the feature use the no form of this command Syntax sntp authenticate no sntp authenticate Default Configuration No authentication Command Mode Global Configuration mode User Guidelines ...

Page 1323: ...ey for Simple Network Time Protocol SNTP To remove the authentication key for SNTP use the no form of this command Syntax sntp authentication key key number md5 value no sntp authentication key number key number number Range 1 4294967295 value value Range 1 8 characters Default value No authentication is defined Command Mode Global Configuration mode User Guidelines This command has no user guidel...

Page 1324: ...figuration The SNTP Broadcast client is disabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enables a Simple Network Time Protocol SNTP Broadcast client console config sntp broadcast client enable sntp client poll timer Use the sntp client poll timer command in Global Configuration mode to set the polling time for the Si...

Page 1325: ...to 1024 seconds console config sntp client poll timer 1024 sntp server Use the sntp server command in Global Configuration mode to configure an SNTP server address or a host name The server address can be either an IPv4 address or an IPv6 address Use the no form of this command to unconfigure an SNTP server address or a host name Syntax sntp server ip address ipv6 address hostname no sntp server i...

Page 1326: ...ole config sntp server 192 1 1 1 sntp trusted key Use the sntp trusted key command in Global Configuration mode to authenticate the identity of a system to which Simple Network Time Protocol SNTP will synchronize To disable authentication of the identity of the system use the no form of this command Syntax sntp trusted key key number no sntp trusted key key number key number Key number of authenti...

Page 1327: ...de to enable a client to use Simple Network Time Protocol SNTP predefined Unicast clients To disable an SNTP Unicast client use the no form of this command Syntax sntp unicast client enable no sntp unicast client enable Default Configuration The SNTP Unicast client is disabled Command Mode Global Configuration mode User Guidelines Use the sntp server command to define SNTP servers Examples The fol...

Page 1328: ...fset zone acronym hours offset Hours difference from UTC Range 12 to 13 minutes offset Minutes difference from UTC Range 0 59 acronym The acronym for the time zone Range Up to four characters Command Mode Global Configuration Default Value No default setting User Guidelines No specific guidelines Example console config clock timezone 5 minutes 30 zone IST no clock timezone Use the no clock timezon...

Page 1329: ...e read as either 0 or 0 as appropriate Syntax clock summer time recurring usa eu week day month hh mm week day month hh mm offset offset zone acronym week Week of the month Range 1 5 first last day Day of the week Range The first three letters by name sun for example month Month Range The first three letters by name jan for example hh mm Time in 24 hour format in hours and minutes Range hh 0 23 mm...

Page 1330: ...ot specified they are read as either 0 or 0 as appropriate Syntax clock summer time date date month month date year hh mm date month month date year hh mm offset offset zone acronym date Day of the month Range 1 31 month Month Range The first three letters by name jan for example year Year Range 2000 2097 hh mm Time in 24 hour format in hours and minutes Range hh 0 23 mm 0 59 offset Number of minu...

Page 1331: ...le config clock summer time date Apr 1 2007 02 00 Oct 28 2007 offset 90 zone EST no clock summer time Use the no clock summer time command to reset the summertime configuration Syntax Description no clock summer time Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines No specific guidelines Example console config no clock summer time ...

Page 1332: ...figuration This command has no default configuration Command Mode User EXEC Privileged EXEC User Guidelines This command has no user guidelines Example The following example shows the time and date only console show clock 15 29 03 PDT UTC 7 Jun 17 2005 Time source is SNTP The following example shows the time date timezone and summertime configuration console show clock detail 15 29 03 PDT UTC 7 Ju...

Page 1333: ...ng every year Begins at first Sunday of April at 2 00 Ends at last Sunday of October at 2 00 Offset is 60 minutes The following example displays the time and date from the system clock console show clock 15 29 03 Jun 17 2002 Time source is SNTP ...

Page 1334: ...1332 Clock Commands ...

Page 1335: ... modifications Commands applied from a script are additive in nature That is they modify but do not automatically replace the current configuration Any valid command can be placed in a script including show commands Scripts execute in Privileged EXEC mode The script author must add a command configure in order to enter Global Configuration mode Commands in this Chapter This chapter explains the fo...

Page 1336: ...o the switch console script apply config scr script delete Use the script delete command in Privileged EXEC mode to delete a specified script Syntax script delete scriptname all scriptname Script name of the file being deleted Range 1 31 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines E...

Page 1337: ...onfiguration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays all scripts present on the switch console script list Configuration Script Name Size Bytes 0 configuration script s found 2048 Kbytes free script show Use the script show command in Privileged EXEC mode to display the co...

Page 1338: ...how config scr interface gigabitethernet 1 0 1 ip address 176 242 100 100 255 255 255 0 exit script validate Use the script validate command in Privileged EXEC mode to validate a script file by parsing each line in the script file The validate option is intended for use as a tool in script development Validation identifies potential problems though it may not identify all problems with a given scr...

Page 1339: ... Scripting Commands 1337 Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example validates the contents of the script file config scr console script validate config scr ...

Page 1340: ...1338 Command Line Configuration Scripting Commands ...

Page 1341: ... Line Interface Scripting The configuration scripting feature allows the user to save the current PowerConnect configuration in text format To modify the configuration script file follow these procedures 1 Upload the file to a personal computer 2 Edit the file 3 Download the file to a PowerConnect switch 4 Apply it to the PowerConnect system With this feature in place the PowerConnect administrato...

Page 1342: ...s no default configuration Command Mode Privileged EXEC mode User Guidelines Use the show bootvar command to find out which image is the active image delete backup config show running config delete backup image show startup config delete startup config dir write erase Parameter Description image1 Marks the given image as active for subsequent reboots image2 Marks the given image as active for subs...

Page 1343: ...onfiguration Syntax clear config Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example restores the switch to its default configuration console clear config copy Use the copy command in Privileged EXEC mode to copy files within the switch and to upload and download files fr...

Page 1344: ...s code file by xmodem or tftp operational log Uploads Operational Log file running config Copies system config file script Uploads Configuration Script file startup config Uploads Startup Config file startup log Uploads Startup Log file Valid source URLs for downloading to the switch xmodem tftp ipaddress hostname filepath filename scp user ipaddresss hostname filepath filename sftp user ipaddress...

Page 1345: ...me The user name for logging into the remote server via SSH destination url The URL or reserved keyword of the destination file Range 1 160 characters List of valid destination parameters for downloading to the switch backup config Downloads config file using xmodem sftp or tftp image Downloads code file by xmodem ftp sftp or tftp script Downloads configuration script by xmodem sftp or tftp startu...

Page 1346: ...age When image is the source of a copy command it refers to the active image If this is destination the file will be distributed to all units in the stack ftp Source or destination URL for an FTP network server The syntax for this alias is ftp ipaddr filepath filename image tftp Source or destination URL for a TFTP network server The syntax for this alias is tftp location directory filename An out...

Page 1347: ...er and reserved keywords Examples Example Backing up the running config console copy running config backup config This operation may take a few minutes Management interfaces will not be available during this time Are you sure you want to save y n y Configuration saved Example Downloading new code to the switch console copy tftp 10 27 65 61 PC7000v20100911_2 stk image Transfer Mode TFTP Server IP A...

Page 1348: ...ge image2 Images currently available on Flash unit image1 image2 current active next active 1 M 9 11 2 M 9 11 3 image1 image1 After the file transfer completes use the boot system command to select the new image to run Example Downloading and applying ias users file console copy tftp 10 131 17 104 aaa_users txt ias users Transfer Mode TFTP Server IP Address 10 131 17 104 File Path File Name aaa_us...

Page 1349: ...le USB copy operations console copy usb start config startup config console copy operational log usb olog txt console copy usb backup config txt backup config console copy image usb image1 stk console copy flash crashdump 0 usb crashdump 0 delete Use the delete command to delete files from flash Syntax delete file file Name of the file to be deleted Default Configuration This command has no defaul...

Page 1350: ...ackup config Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example deletes the backup config file console delete backup config Delete backup config Y N y delete backup image Use the delete backup image command in Privileged EXEC mode to delete a file from a flash memory dev...

Page 1351: ...console delete backup image Delete image2 y n delete startup config Use the delete startup config command in Privileged EXEC mode to delete the startup config file Syntax delete startup config Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines If the startup config file is not present when system reboots it reboots with default setting...

Page 1352: ...leged EXEC mode User Guidelines This command has no user guidelines Example console dir 0 drwx 2048 Jan 13 2031 17 19 54 0 drwx 2048 Jan 10 2031 15 58 10 0 rwx 256 Jan 22 2005 08 00 48 vpd bin 0 rwx 16380 Jan 10 2031 15 58 18 log2 bin 0 rwx 72 Jan 10 2031 15 58 14 boot dim 0 rwx 0 Jan 10 2031 15 58 18 slog2 txt 0 rwx 53205 Jan 22 2005 09 45 04 rc soc 0 rwx 148 Jan 10 2031 15 58 22 hpc_broad cfg 0 ...

Page 1353: ...s This command has no user guidelines filedescr Use the filedescr command in Privileged EXEC mode to add a description to a file Use the no version of this command to remove the description from the filename Syntax filedescr image 1 image2 description no filedescr image 1 image2 image1 image2 Image file description Block of descriptive text Range 0 128 characters Parameter Description startup conf...

Page 1354: ...art of the description The CLI does not filter illegal combinations of characters on entry and may accept entries up to the first illegal character or reject the entry entirely Example The following example attaches a file description to image2 console filedescr image2 backedup on 03 22 05 rename Use the rename command in Privileged EXEC mode to rename a file present in flash Syntax rename source ...

Page 1355: ...contents of the backup configuration file Syntax show backup config Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example shows backup config data console show backup config software version 1 1 hostname device interface gigabitethernet 1 0 1 ip address 176 242 100 100 255 ...

Page 1356: ...ay the active system image file that the device loads at startup Syntax show bootvar unit unit Unit number Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays the active system image file that the device loads at startup console show bootvar Image Descriptions image1 d...

Page 1357: ...ou can view this data in the script files or by using the all mode for the show running config command In addition please note that this non readable data is contained and displayed at the end of the script files Syntax show running config all scriptname all To display or capture the commands with settings and configuration that are equal to the default value include the all option scriptname If t...

Page 1358: ...er exit line telnet no login banner exit banner exec exec banner login login banner motd motd exit show startup config Use the show startup config command in Privileged EXEC mode to display the startup configuration file contents Syntax show startup config Default Configuration This command has no default configuration Command Mode Privileged EXEC mode ...

Page 1359: ...M8024 1 0 0 0 VxWorks6 5 3 System Software Version 1 0 0 0 4 5 configure 6 vlan database 7 vlan 3 1000 1001 8 exit 9 stack 10 member 1 1 11 exit 12 ip address dhcp 13 ip address vlan 1001 14 interface vlan 3 15 routing 16 exit 17 username lvl7 password fb3604df5a109405b2d79ecb06c47ab5 level 15 encrypted 18 19 interface gigabitethernet 1 0 17 20 switchport mode general 21 switchport general pvid 10...

Page 1360: ...interface gigabitethernet 1 0 4 32 channel group 1 mode auto 33 exit 34 snmp server community public rw 35 exit update bootcode Use the update bootcode command in Privileged EXEC mode to update the bootcode on one or more switches For each switch the bootcode is extracted from the active image and programmed to flash Syntax update bootcode unit unit Unit number Default Configuration This command h...

Page 1361: ...tcode on unit 2 console update bootcode 2 write Use the write command to copy the running configuration image to the startup configuration Syntax write Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Usage Guidelines This command is equivalent to the copy running config startup config command functionally Example console write console ...

Page 1362: ...1360 Configuration and Image File Commands ...

Page 1363: ...Configuration and Image File Commands 1361 ...

Page 1364: ...1362 Configuration and Image File Commands ...

Page 1365: ...ler then configured value TCP Fragment IP Fragment Offset 1 TCP Flag TCP Flag SYN set and Source Port 1024 or TCP Control Flags 0 and TCP Sequence Number 0 or TCP Flags FIN URG and PSH set and TCP Sequence Number 0 or TCP Flags SYN and FIN set L4 Port Source TCP UDP Port Destination TCP UDP Port ICMP Limiting the size of ICMP Ping packets SMAC DMAC Source MAC address Destination MAC address TCP Po...

Page 1366: ...nd FIN set TCP FIN URG PSH TCP Flags FIN and URG and PSH set and TCP Sequence Number 0 ICMP V6 Limiting the size of ICMPv6 Ping packets ICMP Fragment Checks for fragmented ICMP packets Commands in this Chapter This chapter explains the following commands dos control firstfrag ip icmp error interval dos control icmp ip unreachables dos control l4port ip redirects dos control sipdip ipv6 icmp error ...

Page 1367: ... size is 20 ICMP packet size is 512 Default Configuration Denial of Service is disabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example defines a minimum TCP header size of 20 Packets entering with a smaller header size are dropped console config dos control firstfrag 20 dos control icmp Use the dos control icmp command in Gl...

Page 1368: ...Maximum ICMP Packet Denial of Service protection with a maximum packet size of 1023 console config dos control icmp 1023 dos control l4port Use the dos control l4port command in Global Configuration mode to enable L4 Port Denial of Service protection If the mode is enabled Denial of Service prevention is active for this type of attack If packets ingress having Source TCP UDP Port Number equal to D...

Page 1369: ...IP Address Destination IP Address SIP DIP Denial of Service protection If the mode is enabled Denial of Service prevention is active for this type of attack If packets ingress with SIP DIP the packets is dropped if the mode is enabled Syntax dos control sipdip no dos control sipdip Default Configuration Denial of Service is disabled Command Mode Global Configuration mode User Guidelines This comma...

Page 1370: ... SYN and FIN both set the packets are dropped Syntax dos control tcpflag no dos control tcpflag Default Configuration Denial of Service is disabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example activates TCP Flag Denial of Service protections console config dos control tcpflag dos control tcpfrag Use the dos control tcpfrag...

Page 1371: ...vice protection console config dos control tcpfrag ip icmp echo reply Use the ip icmp echo reply command to enable or disable the generation of ICMP Echo Reply messages Use the no form of this command to prevent the generation of ICMP Echo Replies Syntax ip icmp echo reply no ip icmp echo reply Default Configuration ICMP Echo Reply messages are enabled by default Command Mode Global Configuration ...

Page 1372: ...interval and burst size to their default values Syntax ip icmp error interval burst interval burst size no ip icmp error interval burst interval How often the token bucket is initialized Range 0 2147483647 milliseconds burst size The maximum number of messages that can be sent during a burst interval Range 1 200 Default Configuration Rate limiting is enabled by default The default burst interval i...

Page 1373: ...and Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan10 ip icmp unreachables ip redirects Use the ip redirects command to enable the generation of ICMP Redirect messages Use the no form of this command to prevent the sending of ICMP Redirect Messages In global configuration mode this command affects all interfaces In...

Page 1374: ...rval Use the no form of this command to return burst interval and burst size to their default values To disable ICMP rate limiting set burst interval to zero Syntax ipv6 icmp error interval burst interval burst size no ipv6 icmp error interval burst interval How often the token bucket is initialized Range 0 2147483647 milliseconds burst size The maximum number of messages that can be sent during a...

Page 1375: ...revent the generation of ICMPv6 Destination Unreachable messages Syntax ipv6 unreachables no ipv6 unreachables Default Configuration ICMPv6 Destination Unreachable messages are enabled by default Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan10 ipv6 unreachables show dos control Use the show dos control co...

Page 1376: ...er Guidelines This command has no user guidelines Example The following example displays Denial of Service configuration information console show dos control SIPDIP Mode Disable First Fragment Mode Disable Min TCP Hdr Size 20 TCP Fragment Mode Disable TCP Flag Mode Disable L4 Port Mode Disable ICMP Mode Disable Max ICMP Pkt Size 512 ...

Page 1377: ...nput before timeout To restore the default setting use the no form of this command Syntax exec timeout minutes seconds no exec timeout minutes Integer that specifies the number of minutes Range 0 65535 seconds Additional time intervals in seconds Range 0 59 Default Configuration The default configuration is 10 minutes Command Mode Line Configuration mode User Guidelines To specify no timeout enter...

Page 1378: ... of this command Syntax history no history Default Configuration The default value for this command is enabled Command Mode Line Interface mode User Guidelines This command has no user guidelines Example The following example disables the command history function for the current terminal session console config line no history history size Use the history size command in Line Configuration mode to ...

Page 1379: ...mands for the current terminal session console config line history size 20 line Use the line command in Global Configuration mode to identify a specific line for configuration and enter the line configuration command mode Syntax line console telnet ssh console Console terminal line telnet Virtual terminal for remote console access Telnet ssh Virtual terminal for secured remote console access SSH P...

Page 1380: ...t console config line telnet console config line show line Use the show line command in User EXEC mode to display line parameters Syntax show line console telnet ssh console Console terminal line telnet Virtual terminal for remote console access Telnet ssh Virtual terminal for secured remote console access SSH Default Configuration This command has no default configuration Command Mode User EXEC m...

Page 1381: ...nteractive timeout 10 minutes 10 seconds History 10 SSH configuration Interactive timeout 10 minutes 10 seconds History 10 speed Use the speed command in Line Configuration mode to set the line baud rate Use the no form of the command to restore the default settings Syntax speed bps no speed bps Baud rate in bits per second bps The options are 2400 9600 19200 38400 57600 and 115200 Default Configu...

Page 1382: ...nds Command Mode Line Interface console mode User Guidelines This configuration applies only to the current session Example The following example configures the console baud rate to 9600 console config line speed 9600 ...

Page 1383: ...n port Additionally other attributes such as incoming port or port channel and VLAN ID can be used to determine if the traffic should be allowed to the management interface When the component is disabled incoming TCP UDP packets are not filtered and are processed normally There is also an option to restrict all the above packets from the network interface This is done by specifying console only in...

Page 1384: ...n vlan id A valid VLAN number port channel port channel number A valid routed port channel number tengigabitethernet unit slot port A valid 10 gigabit Ethernet routed port number ip address Source IP address mask mask Specifies the network mask of the source IP address mask prefix length Specifies the number of bits that comprise the source IP address prefix The prefix length must be preceded by a...

Page 1385: ...s list mlist console config macal deny management access class Use the management access class command in Global Configuration mode to restrict management connections To disable restriction use the no form of this command Syntax management access class console only name no management access class name A valid access list name Range 1 32 characters console only The switch can be managed only from t...

Page 1386: ...t use the no form of this command Syntax management access list name no management access list name name The access list name Range 1 32 printable characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command enters the access list configuration mode where the denied or permitted access conditions with the deny and pe...

Page 1387: ...and gigabit Ethernet 2 0 9 console config management access list mlist console config macal deny gigabitethernet 1 0 1 priority 1 console config macal deny gigabitethernet 2 0 9 priority 2 console config macal permit priority 2 console config macal exit console config management access class mlist permit management Use the permit command in Management Access List configuration mode to set conditio...

Page 1388: ... tftp snmp sntp or any The any keyword indicates that the service match for the ACL is effectively don t care priority priority value Priority for the rule Range 1 64 Default Configuration This command has no default configuration Command Mode Management Access list Configuration mode User Guidelines Rules with gigabitethernet tengigabitethernet vlan and port channel parameters are valid only if a...

Page 1389: ...permit priority 2 console config macal exit console config management access class mlist show management access class Use the show management access class command in Privileged EXEC mode to display information about the active management access list Syntax show management access class Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines ...

Page 1390: ...ss list name Range 1 32 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the active management access list console show management access list mlist permit priority 1 gigabitethernet 1 0 1 permit priority 2 gigabitethernet 2 0 1 Note all other acces...

Page 1391: ...configure terminal Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Example console conf t console config console configure terminal console config do Use the do command to execute commands available in Privileged EXEC mode from Global Configuration and other modes Command completion using the space bar is not available when using this command When ...

Page 1392: ...nfigure devshell and hidden commands are forbidden Default Configuration This command has no default configuration Command Mode All except Privileged EXEC and User EXEC modes Example console config do show ip interface Management Interface IP Address 192 168 100 131 Subnet Mask 255 255 255 0 Default Gateway 192 168 100 1 Burned In MAC Address 0006 2932 8142 Network Configuration Protocol Current D...

Page 1393: ...e default operation is that no history is stored Password Aging The switch can implement an aging process on passwords and require users to change them when they expire The administrator can configure the switch to force a password change between 1 and 365 days By default password aging is disabled When a password expires the user must enter a new password before continuing User Lockout The admini...

Page 1394: ... is Disabled in FP and is independent of any platform The network operator has to take care that the Password Strength check is Disabled before downloading scripts containing old users to avoid password configuration failure for such users The Password Strength check won t be applied for already configured user passwords on reload It is applied only to passwords that are newly configured after con...

Page 1395: ...repetition of characters or numbers such as 1111 or aaaa Configuring minimum value of 0 for the above parameters means no restriction on that set of characters and configuring maximum of 0 means disabling the restriction or no limit on the maximum number of course limited by minimum password length The Password strength feature applies to all login passwords user line and enable Commands in this C...

Page 1396: ...he password aging to the default value Syntax passwords aging 1 365 no passwords aging Parameter Description This command does not require a parameter description Default Configuration The default value is 0 Command Mode Global Configuration mode User Guidelines A value of 0 days disables password aging passwords strength check passwords strength exclude keyword passwords strength minimum uppercas...

Page 1397: ...sword stored in password history This setting ensures that users do not reuse their passwords often The default is 0 Use the no form of this command to set the password history to the default value of 0 Syntax passwords history 0 10 no passwords history Parameter Description This command does not require a parameter description Default Configuration The default value is 0 Command Mode Global Confi...

Page 1398: ...es not apply to logins from the serial console Use the no form of this command to set the password lockout count to the default value Syntax passwords lock out 1 5 no passwords lock out Parameter Description This command does not require a parameter description Default Behavior The default value is 0 or no lockout count is enforced Command Mode Global Configuration mode User Guidelines Password lo...

Page 1399: ...8 64 characters Default Configuration By default the minimum password length is 8 characters Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example configures user bob with password xxxyymmmm and user level 15 config username bob password xxxyyymmm level 15 passwords strength check Use the passwords strength check command in Global ...

Page 1400: ...words strength minimum special characters passwords strength minimum numeric characters passwords strength max limit consecutive characters passwords strength max limit repeated characters passwords strength minimum character classes passwords strength minimum uppercase letters Use this command to enforce a minimum number of uppercase letters that a password must contain The valid range is 0 16 Th...

Page 1401: ...owercase letters Use this command to enforce a minimum number of lowercase letters that a password must contain The valid range is 0 16 The default is 1 A setting of 0 means no restriction Use the no form of this command to reset the minimum lowercase letters to the default value Syntax passwords strength minimum lowercase letters 0 16 no passwords strength minimum lowercase letters Parameter Desc...

Page 1402: ...e valid range is 0 16 The default is 1 A minimum of 0 means no restriction on that set of characters Use the no form of this command to reset the minimum numeric characters to the default value Syntax passwords strength minimum numeric characters 0 16 no passwords strength minimum numeric characters Parameter Description This command does not require parameter descriptions Default Behavior The def...

Page 1403: ...ecial characters are one of the following characters _ Use the no form of this command to reset the minimum special characters to the default value Syntax passwords strength minimum special characters 0 16 no passwords strength minimum special characters Parameter Description This command does not require parameter descriptions Default Behavior The default value is 1 Command Mode Global Configurat...

Page 1404: ...s no restriction on consecutive characters Examples of consecutive characters are ABCDEF or 123456 or Use the no form of this command to reset the maximum consecutive characters accepted to the default value Syntax passwords strength max limit consecutive characters 0 15 no passwords strength max limit consecutive characters Parameter Description This command does not require parameter description...

Page 1405: ...peated characters 0 15 no passwords strength max limit repeated characters Parameter Description This command does not require parameter descriptions Default Behavior The default value is 0 Command Mode Global Configuration User Guidelines This command has no user guidelines Example console config passwords strength max limit repeated characters 3 passwords strength minimum character classes Use t...

Page 1406: ...Command Mode Global Configuration User Guidelines This command has no user guidelines Example console config passwords strength minimum character classes 4 passwords strength exclude keyword Use this command to exclude the keyword while configuring the password The password does not accept the keyword in any form inbetween the string case insensitive and reverse as a substring You can configure up...

Page 1407: ...onfig passwords strength exclude keyword brcm enable password encrypted This command is used by an Administrator to transfer the enable password between devices without having to know the password The password parameter must be exactly 128 hexadecimal characters Syntax enable password encrypted password Parameter Description This command does not require parameter descriptions Default Behavior Thi...

Page 1408: ... History Number of passwords to store for reuse prevention Password Aging Length in days that a password is valid Lockout Attempts Number of failed password login attempts before lockout Minimum Password Uppercase Letters Minimum number of uppercase characters required when configuring passwords Minimum Password Lowercase Letters Minimum number of uppercase characters required when configuring pas...

Page 1409: ... Lockout Attempts 0 Password Strength Check Enable Minimum Password Uppercase Letters 4 Minimum Password Lowercase Letters 4 Maximum Password Repeated Characters Maximum number of repetition of characters that the password should contain when configuring passwords Minimum Password Character Classes Minimum number of character classes uppercase lowercase numeric and special required when configurin...

Page 1410: ...lt command in Privileged EXEC mode to display the last password set result information Syntax show passwords result Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the command output ...

Page 1411: ...Password Management Commands 1407 Reason for failure Could not set user password Password should contain at least 4 uppercase letters ...

Page 1412: ...1408 Password Management Commands ...

Page 1413: ...ernet port The full syntax is unit port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The copper related commands do not apply to the stacking CX 4 or 10GBaseT ports associated with these plug in modules The maximum length of the cable for the Time Domain Reflectometry TDR test is 120 meters Disable green mode on the port in order...

Page 1414: ...ports optical transceiver Use the show fiber ports optical transceiver command in Privileged EXEC mode to display the optical transceiver diagnostics Syntax show fiber ports optical transceiver interface interface A valid Ethernet port The full syntax is unit port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The show fiber ports ...

Page 1415: ...power in milliWatts Input Power Measured RX received power in milliWatts TX Fault Transmitter fault LOS Loss of signal test copper port tdr Use the test copper port tdr command in Privileged EXEC mode to diagnose with Time Domain Reflectometry TDR technology the quality and characteristics of a copper cable attached to a port Syntax test copper port tdr interface interface A valid Ethernet port Th...

Page 1416: ...e following example results in a report on the cable attached to port 1 0 3 console test copper port tdr 1 0 3 Cable is open at 64 meters The following example results in a failure to report on the cable attached to port 2 0 3 console test copper port tdr 2 0 3 Can t perform the test on fiber ports ...

Page 1417: ...FC 2819 A device that supports gathering and reporting the RMON data is referred to as an RMON probe or RMON Agent An RMON probe provides RMON data to an RMON Manager for analysis and presentation to the user An RMON probe may be embedded in an existing network device or stand alone Commands in this Chapter This chapter explains the following commands rmon alarm Use the rmon alarm command in Globa...

Page 1418: ...reshold value Range 2147483648 2147483647 falling threshold value Falling Threshold value Range 2147483648 2147483647 event number The index of the Event that is used when a rising or falling threshold is crossed Range 1 65535 delta The sampling method for the selected variable and calculating the value to be compared against the thresholds If the method is delta the selected variable value at the...

Page 1419: ...larm 1 1 3 6 1 2 1 2 2 1 1 10 5 10 50000 10 1 1 startup direction The alarm that may be sent when this entry is first set to valid If the first sample after this entry becomes valid is greater than or equal to the rising threshold and direction is equal to rising or rising falling then a single rising alarm is generated If the first sample after this entry becomes valid is less than or equal to th...

Page 1420: ...pecified the name is an empty string buckets bucket number A value associated with the number of buckets specified for the RMON collection history group of statistics If unspecified defaults to 50 Range 1 65535 interval seconds The number of seconds in each polling cycle If unspecified defaults to 1800 Range 1 3600 Default Configuration The buckets configuration is 50 The interval configuration is...

Page 1421: ...arameter Description Default Configuration This command has no default configuration Command Mode Global Configuration mode Parameter Description number The event index Range 1 65535 log An entry is made in the log table for each event trap An SNMP trap is sent to one or more management stations community If an SNMP trap is to be sent it is sent to the SNMP community specified by this octet string...

Page 1422: ...d in User EXEC mode to display alarm configuration Also see the rmon alarm command Syntax show rmon alarm number number Alarm index Range 1 65535 Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays RMON 1 alarms console show rmon alarm 1 Alarm 1 OID 1 3 6 1 2 1 2 2 1 1...

Page 1423: ...ed and compared with the rising and falling thresholds Sample Type The method of sampling the variable and calculating the value compared against the thresholds If the value is absolute the value of the variable is compared directly with the thresholds at the end of the sampling interval If the value is delta the value of the variable at the last sample is subtracted from the current value and the...

Page 1424: ...d A sampled statistic threshold When the current sampled value is greater than or equal to this threshold and the value at the last sampling interval is less than this threshold a single event is generated Falling Threshold A sampled statistic threshold When the current sampled value is less than or equal to this threshold and the value at the last sampling interval is greater than this threshold ...

Page 1425: ...so see the rmon collection history command Syntax show rmon collection history gigabitethernet unit slot port port channel port channel number tengigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays all RMON group statistics Field Descript...

Page 1426: ...nd in User EXEC mode to display the RMON event table Also see the rmon event command Syntax show rmon events Default Configuration This command has no default configuration Field Description Index An index that uniquely identifies the entry Interface The sampled Ethernet interface Interval The interval in seconds between samples Requested Samples The requested number of samples to be saved Granted...

Page 1427: ...tistics history Also see the rmon collection history command Field Description Index An index that uniquely identifies the event Description A comment describing this event Type The type of notification that the device generates about this event Can have the following values none log trap log trap In the case of log an entry is made in the log table for each event In the case of trap an SNMP trap ...

Page 1428: ...nfiguration Command Mode User EXEC mode User Guidelines This command has no user guidelines Examples The following example displays RMON Ethernet Statistics history for throughput on index number 1 console show rmon history 1 throughput Sample Set 1 Owner CLI Interface 1 0 1 interval 1800 Requested samples 50 Granted samples 50 Maximum table size 270 Time Octets Packets Broadcast Multicast 09 Mar ...

Page 1429: ...2005 1 1 0 49 0 18 29 32 09 Mar 2005 1 1 0 27 0 18 29 42 The following example displays RMON Ethernet Statistics history for other on index number 1 console show rmon history 1 other Sample Set 1 Owner Me Interface 1 0 1 Interval 1800 Requested samples 50 Granted samples 50 Maximum table size 270 Time Dropped Collisions 10 Mar 2005 22 06 00 3 0 10 Mar 2005 22 06 20 3 0 The following table describe...

Page 1430: ...ing framing bits but including FCS octets between 64 and 1518 octets inclusive but had either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets Alignment Error Undersize The number of packets received during this sampling interval that were less than 64 octets long excluding framing bits but including FCS octets and were ot...

Page 1431: ...d during this sampling interval that were longer than 1518 octets excluding framing bits but including FCS octets and had either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets Alignment Error Dropped The total number of events in which packets were dropped by the probe due to lack of resources during this sampling interv...

Page 1432: ... Broadcast Jan 18 2005 23 59 48 The following table describes the significant fields shown in the display show rmon statistics Use the show rmon statistics command in User EXEC mode to display RMON Ethernet Statistics Syntax show rmon statistics gigabitethernet unit slot port port channel port channel number tengigabitethernet unit slot port Field Description Event An index that uniquely identifie...

Page 1433: ...8 Broadcast 7 Multicast 1 CRC Align Errors 0 Collisions 0 Undersize Pkts 0 Oversize Pkts 0 Fragments 0 Jabbers 0 64 Octets 98 65 to 127 Octets 0 128 to 255 Octets 0 256 to 511 Octets 0 512 to 1023 Octets 491 1024 to 1518 Octets 389 The following table describes the significant fields shown in the display Field Description Dropped The total number of events in which packets are dropped by the probe...

Page 1434: ...kts The total number of packets received less than 64 octets long excluding framing bits but including FCS octets and otherwise well formed Oversize Pkts The total number of packets received longer than 1518 octets excluding framing bits but including FCS octets and otherwise well formed Fragments The total number of packets received less than 64 octets in length excluding framing bits but includi...

Page 1435: ...octets 256 to 511 Octets The total number of packets including bad packets received that are between 256 and 511 octets in length inclusive excluding framing bits but including FCS octets 512 to 1023 Octets The total number of packets including bad packets received that are between 512 and 1023 octets in length inclusive excluding framing bits but including FCS octets 1024 to 1518 Octets The total...

Page 1436: ...1432 RMON Commands ...

Page 1437: ...4 only routing environments depending on the how the switch is used in the network at runtime The operator can choose between Ipv4 only where all the routing table entries are reserved for IPv4 Routes or IPv4 IPv6 Default mode Commands in this Chapter This chapter explains the following commands sdm prefer Use the sdm prefer command in Global Config mode to change the template that will be active ...

Page 1438: ... it to the stack and power it on The following table lists the completion messages Parameter Description dual ipv4 and ipv6 This keyword filters subsequent template choices to those that support both IPv4 and IPv6 There is only one such template It is selected using the keyword default ipv4 routing This keyword filters subsequent template choices to those that support IPv4 and not IPv6 The default...

Page 1439: ...efault List the scaling parameters for the IPv4 only template maximizing the number of unicast routes ipv4 routing data center List the scaling parameters for the IPv4 only template supporting more ECMP next hops Parameter Description ARP Entries The maximum number of entries in the IPv4 Address Resolution Protocol ARP cache for routing interfaces IPv4 Unicast Routes The maximum number of IPv4 uni...

Page 1440: ...te as the next active template To list the scaling parameters of a specific template use that template s keyword as an argument to the command The following table lists the completion messages Examples This example shows the current SDM template The user has not changed the next active SDM template IPv4 Multicast Routes The maximum number of IPv4 multicast forwarding table entries IPv6 Multicast R...

Page 1441: ...tes 1536 IPv6 Multicast Routes 512 Now the user sets the next active SDM template for optimal performance for IPv4 routing console configure console config sdm prefer ipv4 routing default Changes to the running SDM preferences have been stored but cannot take effect until the next reload Use show sdm prefer to see what SDM preference is currently active config show sdm prefer The current template ...

Page 1442: ...e will be the IPv4 routing Default template To list the scaling parameters for the data center template invoke the command with the ipv4 routing data center keywords config show sdm prefer ipv4 routing data center Scaling parameters for the IPv4 data center template ARP Entries 6144 IPv4 Unicast Routes 8160 IPv6 NDP Entries 0 IPv6 Unicast Routes 0 ECMP Next Hops 16 IPv4 Multicast Routes 2048 IPv6 ...

Page 1443: ...le logging in the syslog utility is not required in order to view the output of debug traces Debug commands are provided in the normal CLI tree Debug settings are not persistent and are not visible in the running configuration To view the current debug settings use the show debug command The output of debug commands can be large and may adversely affect system performance Enabling debug for all IP...

Page 1444: ... arp no debug arp Default Configuration ARP packet tracing is disabled by default Command Mode Privileged EXEC mode User Guidelines There are no usage guidelines for this command Example console debug arp debug console debug ip pimsm debug lacp debug vrrp debug dot1x debug ip vrrp debug mldsnooping show debugging debug igmpsnooping debug ipv6 dhcp debug ospf debug ip acl debug ipv6 mcache debug os...

Page 1445: ...essages Syntax debug auto voip H323 SCCP SIP no debug auto voip H323 SCCP SIP Default Configuration Auto VOIP tracing is disabled by default Command Mode Privileged EXEC mode User Guidelines There are no usage guidelines for this command Example console debug auto voip debug clear Use the debug clear command to disable all debug traces Syntax debug clear Default Configuration There is no default c...

Page 1446: ... appears on all login sessions for which debug console has been enabled The configuration of this command remains in effect for the life of the login session The effect of this command is not persistent across resets Syntax debug console Default Configuration Display of debug traces is disabled by default Command Mode Privileged EXEC mode User Guidelines There are no usage guidelines for this comm...

Page 1447: ... Example console debug dot1x packet debug igmpsnooping Use the debug igmpsnooping to enable tracing of IGMP Snooping packets transmitted and or received by the switch IGMP Snooping should be enabled on the device and the interface in order to monitor packets for a particular interface Syntax debug igmpsnooping packet receive transmit no debug igmpsnooping packet receive transmit Default Configurat...

Page 1448: ...o debug ip acl acl acl The number of the IP ACL to debug Default Configuration Display of IP ACL traces is disabled by default Command Mode Privileged EXEC mode User Guidelines There are no usage guidelines for this command Example console debug ip acl 1 debug ip dvmrp Use the debug ip dvmrp to trace DVMRP packet reception and transmission The receive option traces only received DVMRP packets and ...

Page 1449: ...this command Example console debug ip dvmrp packet debug ip igmp Use the debug ip igmp command to trace IGMP packet reception and transmission The receive option traces only received IGMP packets and the transmit option traces only transmitted IGMP packets When neither keyword is used in the command then all IGMP packet traces are dumped Vital information such as source address destination address...

Page 1450: ...smit option traces only transmitted data packets When neither keyword is used in the command then all data packet traces are dumped Vital information such as source address destination address packet length and the interface on which the packet is received or transmitted is displayed on the console Use the no form of this command to disable MDATA tracing Syntax debug ip mcache packet receive trans...

Page 1451: ...packet is received or transmitted is displayed on the console Use the no form of this command to disable PIMDM tracing Syntax debug ip pimdm packet receive transmit no debug ip pimdm packet receive transmit Default Configuration Display of PIMDM traces is disabled by default Command Mode Privileged EXEC mode User Guidelines There are no usage guidelines for this command Example console debug ip pi...

Page 1452: ...ceive transmit no debug ip pimsm packet receive transmit Default Configuration Display of PIMSM traces is disabled by default Command Mode Privileged EXEC mode User Guidelines There are no usage guidelines for this command Example console debug ip pimsm packet debug ip vrrp Use the debug ip vrrp command to enable VRRP debug protocol messages Use the no form of this command to disable VRRP debug pr...

Page 1453: ... activities and to trace DHCPv6 packets to and from the local DHCPv6 client To disable debugging use the no form of the command Syntax debug ipv6 dhcp no debug ipv6 dhcp Parameter Description This command does not require a parameter description Default Configuration Debugging for the DHCP for IPv6 is disabled by default Command Mode Privileged EXEC User Guidelines DHCPv6 client already has packet...

Page 1454: ...is displayed on the console Syntax debug ipv6 mcache packet receive transmit no debug ipv6 mcache packet receive transmit Default Configuration Display of MDATA traces is disabled by default Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console debug ipv6 mcache packet debug ipv6 mld Use the debug ipv6 mld command to trace MLD packet reception and tr...

Page 1455: ...ole debug ipv6 mld packet debug ipv6 pimdm Use the debug ipv6 pimdm command to trace PIMDMv6 packet reception and transmission The receive option traces only received PIMDMv6 packets and the transmit option traces only transmitted PIMDMv6 packets When neither keyword is used in the command then all PIMDMv6 packet traces are dumped Vital information such as source address destination address contro...

Page 1456: ... traces only transmitted PIMSMv6 packets When neither keyword is used in the command then all PIMSMv6 packet traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitted is displayed on the console Use the no form of this command to disable PIMSMv6 tracing Syntax debug ipv6 pimsm pa...

Page 1457: ...ol packet type packet length and the interface on which the packet is received or transmitted is displayed on the console Use the no form of this command to disable ISDP tracing Syntax debug isdp packet receive transmit no debug isdp packet receive transmit Default Configuration Display of ISDP traces is disabled by default Command Mode Privileged EXEC mode Usage Guidelines There are no usage guid...

Page 1458: ...nly received MLD snooping packets and the transmit option traces only transmitted MLD snooping packets When neither keyword is used in the command then all MLD snooping packet traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitted is displayed on the console Use the no form of...

Page 1459: ...g ospf command to enable tracing of OSPF packets received and transmitted by the switch Use the no form of this command to disable tracing of OSPF packets Syntax debug ospf packet no debug ospf packet Default Configuration Display of OSPF traces is disabled by default Command Mode Privileged EXEC mode Usage Guidelines There are no usage guidelines for this command Example console debug ospf packet...

Page 1460: ...s disabled by default Command Mode Privileged EXEC mode Usage Guidelines There are no usage guidelines for this command Example console debug ospfv3 packet debug ping Use the debug ping command to enable tracing of ICMP echo requests and responses This command traces pings on the network port and on the routing interfaces Use the no form of this command to disable tracing of ICMP echo requests and...

Page 1461: ... debug rip Use the debug rip command to enable tracing of RIP requests and responses Use the no form of this command to disable tracing of RIP requests and responses Syntax debug rip packet no debug rip packet Default Configuration Display of RIP traces is disabled by default Command Mode Privileged EXEC mode Usage Guidelines There are no usage guidelines for this command Example console debug rip...

Page 1462: ... Use the debug spanning tree command to trace spanning tree BPDU packet reception and transmission The receive option traces only received spanning tree BPDUs and the transmit option traces only transmitted BPDUs When neither keyword is used in the command all spanning tree BPDU traces are dumped Vital information such as source address destination address control packet type packet length and the...

Page 1463: ...bpdu debug vrrp Use the debug vrrp command in Privileged EXEC mode to enable VRRP debug protocol messages Use the no form of this command to disable VRRP debug protocol messages Syntax debug vrrp all no debug vrrp all Default Configuration The display of VRRP traces is disabled by default Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines show debugging Use the s...

Page 1464: ...bugging Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Usage Guidelines Enabled packet tracing configurations are displayed Example console debug arp Arp packet tracing enabled console show debugging Arp packet tracing enabled ...

Page 1465: ...d to forward the sampled traffic statistics immediately to an sFlow Collector for analysis The sFlow Agent supports two forms of sampling statistical packet based sampling of switched or routed Packet Flows and time based sampling of counters Commands in this Chapter This chapter explains the following commands sflow destination Use the sflow destination command to configure the sFlow collector pa...

Page 1466: ... receiver configuration is reset to the default values An entity wishing to claim an sFlowRcvrTable entry must ensure that the entry is unclaimed before trying to claim it The entry is claimed by setting the owner string to a non null value The entry must be claimed before assigning a receiver to a sampler or poller Range 1 127 characters rcvr_timeout The time in seconds remaining before the sampl...

Page 1467: ...polling command to enable a new sflow poller instance for this data source if rcvr_idx is valid Use the no form of this command to reset poller parameters to the defaults Syntax sflow rcvr index polling gigabitethernet tengigabitethernet interface list poll interval no sflow rcvr index polling gigabitethernet tengigabitethernet interfaces rcvr index The sFlow Receiver associated with the poller Ra...

Page 1468: ...ance for this data source if rcvr_idx is valid Use the no form of this command to reset poller parameters to the defaults Syntax sflow rcvr index polling poll interval no sflow rcvr index polling rcvr index The sFlow Receiver associated with the poller Range 1 8 poll interval The sFlow instance polling interval A poll interval of 0 disables counter sampling A value of n means once in n seconds a c...

Page 1469: ...ch flow samples are to be sent If no receiver is configured then no packets will be sampled Only active receivers can be set If a receiver expires then all samplers associated with the receiver will also expire Range 1 8 interface list The list of interfaces to poll in unit slot port format sampling rate The statistical sampling rate for packet sampling from this source A sampling rate of 1 counts...

Page 1470: ... for this sFlow sampler to which flow samples are to be sent If no receiver is configured then no packets will be sampled Only active receivers can be set If a receiver expires then all samplers associated with the receiver will also expire Range 1 8 sampling rate The statistical sampling rate for packet sampling from this source A sampling rate of 1 counts all packets A rate of 0 disables samplin...

Page 1471: ...x show sflow agent Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The following fields are displayed sFlow Version Uniquely identifies the version and implementation of this MIB The version string must have the following structure MIB Version Organization Software Revision where MIB Version 1 3 the version of this MIB Organization ...

Page 1472: ...mand has no default configuration Command Mode Privileged EXEC mode User Guidelines The following fields are displayed Example console show sflow 2 destination Receiver Index The sFlow Receiver associated with the sampler poller Owner String The identity string for receiver the entity making use of this sFlowRcvrTable entry Time Out The time in seconds remaining before the receiver is released and...

Page 1473: ...ange 1 8 interface list The list of interfaces to poll in unit slot port format Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The following fields are displayed Example console show sflow 1 polling Poller Data Source The sFlowDataSource unit slot port for this sFlow sampler This agent will support Physical ports only Receiver Inde...

Page 1474: ...t of interfaces on which data is sampled Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The following fields are displayed Sampler Data Source The sFlowDataSource unit slot port for this sFlow sampler This agent will support Physical ports only Receiver Index The sFlowReceiver configured for this sFlow sampler Packet Sampling Rate ...

Page 1475: ...Sflow Commands 1471 Example console show sflow 1 sampling Sampler Receiver Packet Max Header Data Source Index Sampling Rate Size 1 0 1 1 0 128 ...

Page 1476: ...1472 Sflow Commands ...

Page 1477: ... undemanding The agent allows a network control station to retrieve reports from the networked device These reports are based upon the defined objects in the MIB The agent queries reports and sets MIB variables based upon directions from the network control station or upon preset conditions Commands in this Chapter This chapter explains the following commands show snmp Use the show snmp command in...

Page 1478: ...lays the SNMP communications status Console show snmp Community String Community Access View name IP address public read only user view All private read write Default 172 16 1 1 private su DefaultSuper 172 17 1 1 Community String Group name IP address public user group All Traps are enabled Authentication trap is enabled Version 1 2 notifications Target Address Type Community Version UDP Filter TO...

Page 1479: ...stem Location Marketing show snmp engineID Use the show snmp engineID command in Privileged EXEC mode to display the ID of the local Simple Network Management Protocol SNMP engine Syntax show snmp engineID Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the S...

Page 1480: ...command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following examples display the configuration of filters with and without a filter name specification console show snmp filters Name OID Tree Type user filter1 1 3 6 1 2 1 1 Included user filter1 1 3 6 1 2 1 1 7 Excluded user filter2 1 3 6 1 2 1 2 2 1 1 Included con...

Page 1481: ...and Mode Privileged EXEC mode User Guidelines The group name accepts any printable characters except a double quote or question mark Enclose the string in double quotes to include spaces within the name The surrounding quotes are not used as part of the name The CLI does not filter illegal characters and may accept entries up to the first illegal character or reject the entry entirely Example The ...

Page 1482: ...on Name Name of the group Security Model SNMP model in use v1 v2 or v3 Security Level Authentication of a packet with encryption Applicable only to SNMP Version 3 security model Views Read A string that is the name of the view that enables you only to view the contents of the agent If unspecified all the objects except the community table and SNMPv3 user and access tables are available Write A str...

Page 1483: ...he surrounding quotes are not used as part of the name The CLI does not filter illegal characters and may accept entries up to the first illegal character or reject the entry entirely Example The following example displays the configuration of users with the user name specified Console show snmp user Name Group Name Auth Priv Meth Meth Remote Engine ID bob user group MD5 DES 800002a20300fce3900106...

Page 1484: ...30 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following examples display the configuration of views with and without a view name specified console show snmp views Name OID Tree Type user view1 1 3 6 1 2 1 1 Included user view1 1 3 6 1 2 1 1 7 Excluded user view2 1 3 6 1 2 1 2 2 1 ...

Page 1485: ...x Description Show trapflags with no other arguments shows the trap status for all components Use the more specific form to display the trap status for an individual component Only one component argument may be given Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console show tra...

Page 1486: ...gs ospf OSPF Traps errors all Disabled authentication failure Enabled bad packet Enabled config error Enabled virt authentication failure Disabled virt bad packet Disabled virt config error Disabled if rx if rxpacket Disabled lsa lsamaxage Disabled lsaoriginate Disabled overflow lsdboverflow Enabled lsdb approaching overflow Enabled retransmit packets Disabled virtpackets Disabled ...

Page 1487: ...o form of this command Syntax snmp server community string ro rw su view view name ipaddress ipaddress no snmp server community string Parameter Description Parameter Description string Permits access to the SNMP protocol Range 1 20 characters ro Indicates read only access rw Indicates read write access su Indicates SNMP administrator access ipaddress Specifies the IP address of the management sta...

Page 1488: ...mapped to a view name If ro is specified then read view and notify view are mapped If rw is specified then read view notify view and write view are mapped The community name may include any printable characters except a double quote or question mark Enclose the string in double quotes to include spaces within the name The surrounding quotes are not used as part of the name The CLI does not filter ...

Page 1489: ...of a previously defined group The group defines the objects available to the community Range 1 30 characters ip address Management station IP address Default is all IP addresses Default Configuration No community group is defined Command Mode Global Configuration mode User Guidelines The group name parameter can be used to restrict the access rights of a community string When it is specified the s...

Page 1490: ... Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example displays setting up the system contact point as Dell_Technical_Support console config snmp server contact Dell_Technical_Support snmp server enable traps Use the snmp server enable traps command in Global Configuration mod...

Page 1491: ...rflow lsdbapproaching overflow retransmit all packets virt packets state change all if state change neighbor state change virtifstate change virtneighbor state change ospfv3type all errors all bad packet config error virt bad packet virt config error lsa all lsa maxage lsa originate overflow all lsdb overflow lsdb approaching overflow retransmit all packets virt packets state change all if state c...

Page 1492: ...e traps command console config snmp server enable traps cr Press enter to execute the command acl acl all Enable Disable all Traps authentication To enable the device to send SNMP traps when authentication fails dvmrp dvmrp link Enable Disable switch level Link Up Down trap flag pim Enable pim traps pim sm and pim dm poe Enable poe traps snmp authentication Enable snmp authentication traps spannin...

Page 1493: ...ocal device To remove the configured engine ID use the no form of this command Syntax snmp server engineID local engineid string default no snmp server engineID local engineid string The character string that identifies the engine ID The engine ID is a concatenated hexadecimal string Each byte in hexadecimal character strings is two hexadecimal digits Each byte can be separated by a period or colo...

Page 1494: ...effects A user s password entered on the command line is converted to an MD5 or SHA security digest This digest is based on both the password and the local engine ID The command line password is then destroyed as required by RFC 2274 Because of this deletion if the local value of engineID changes the security digests of SNMPv3 users will be invalid and the users will have to be reconfigured Exampl...

Page 1495: ...onfiguration mode User Guidelines This command can be entered multiple times for the same filter record Later lines take precedence when an object identifier is included in two or more lines The filter name may include any printable characters except a double quote or question mark Enclose the string in double quotes to include spaces within the name The surrounding quotes are not used as part of ...

Page 1496: ... v3 Indicates the SNMP Version 3 security model noauth Indicates no authentication of a packet Applicable only to the SNMP Version 3 security model auth Indicates authentication of a packet without encrypting it Applicable only to the SNMP Version 3 security model priv Indicates authentication of a packet with encryption Applicable only to the SNMP Version 3 security model contextname Provides dif...

Page 1497: ... the same view name then the argument specified in this command points to first view name in the table Example The following example attaches a group called user group to SNMPv3 and assigns to the group the privacy security level and read access rights to a view called user view console config snmp server group user group v3 priv read user view snmp server host Use the snmp server host command in ...

Page 1498: ...a password like community string sent with the notification operation Range 1 20 characters traps Indicates that SNMP traps are sent to this host version 1 Indicates that SNMPv1 traps will be used version 2 Indicates that SNMPv2 traps will be used informs Indicates that SNMPv2 informs are sent to this host seconds Number of seconds to wait for an acknowledgment before resending informs The default...

Page 1499: ...ost 192 16 12 143 Dell_powerconnect traps v2 snmp server location Use the snmp server location command in Global Configuration mode to set the system location string To remove the location string use the no form of this command Syntax snmp server location text no snmp server location text Character string describing the system location Range 1 to 255 characters Default Configuration This command h...

Page 1500: ...neid string Specifies the engine ID of the remote SNMP entity to which the user belongs The engine ID is a concatenated hexadecimal string Each byte in the hexadecimal character string is two hexadecimal digits The remote engine id designates the remote management station and should be defined to enable the device to receive acknowledgements to informs Range 5 32 characters auth md5 The HMAC MD5 9...

Page 1501: ...Mode Global Configuration mode User Guidelines If the SNMP local engine ID is changed configured users will no longer be able to connect and will need to be reconfigured Example The following example configures an SNMPv3 user John in group user group console config snmp server user John user group snmp server view Use the snmp server view command in Global Configuration mode to create or update a ...

Page 1502: ...ry does not exist Command Mode Global Configuration mode User Guidelines This command can be entered multiple times for the same view record The view name accepts any printable characters except a double quote or question mark Enclose the string in double quotes to include spaces within the name The surrounding quotes are not used as part of the name The CLI does not filter illegal combinations of...

Page 1503: ...ame of the host Range 1 158 characters The command allows spaces in the host name when specified in double quotes For example snmp server v3 host host name username Specifies user name used to generate the notification Range 1 30 characters traps Indicates that SNMP traps are sent to this host informs Indicates that SNMPv2 informs are sent to this host noauth Specifies sending of a packet without ...

Page 1504: ...characters except a double quote or question mark Enclose the string in double quotes to include spaces within the key The surrounding quotes are not used as part of the key The CLI does not filter illegal characters but may accept entries up to the first illegal character or reject the entry entirely Example The following example identifies an SNMPv3 host console config snmp server v3 host 192 16...

Page 1505: ...ins the following commands crypto key generate dsa Use the crypto key generate dsa command in Global Configuration mode to generate DSA key pairs for your switch A key pair is one public DSA key and one private DSA key Use the no form of the command to remove the generated key from the local file system Syntax crypto key generate dsa no crypto key generate dsa Default Configuration DSA key pairs d...

Page 1506: ... a configuration save Example The following example generates DSA key pairs console config crypto key generate dsa crypto key generate rsa Use the crypto key generate rsa command in Global Configuration mode to generate RSA key pairs Use the no form of the command to delete the key from the local file system Syntax crypto key generate rsa no crypto key generate rsa Default Configuration RSA key pa...

Page 1507: ... chain ssh command in Global Configuration mode to enter public key configuration mode in order to manually specify public keys such as SSH client public keys Syntax crypto key pubkey chain ssh Default Configuration By default this command has no public keys configured Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enters th...

Page 1508: ...lDnwCAC8Q h console config pubkey key exit ip ssh port Use the ip ssh port command in Global Configuration mode to specify the TCP port to be used by the SSH server To use the default port use the no form of this command Syntax ip ssh port port number no ip ssh port port number Port number for use by the SSH server Range 1 65535 Default Configuration The default value is 22 Command Mode Global Con...

Page 1509: ...uration The function is disabled Command Mode Global Configuration mode User Guidelines AAA authentication is independent from this configuration Example The following example enables public key authentication for incoming SSH sessions console config ip ssh pubkey auth ip ssh server Use the ip ssh server command in Global Configuration mode to enable the switch to be configured from SSH To disable...

Page 1510: ... switch to be configured using SSH console config ip ssh server key string Use the key string SSH Public Key Configuration mode to specify an SSH public key manually Syntax key string key string key string row key string row To specify the SSH public key row by row key string The UU encoded DER format is the same format as the authorized keys file used by OpenSSH Default Configuration By default t...

Page 1511: ...e config pubkey key key string AAAAB3NzaC1yc2EAAAADAQABAAABAQCvTnRwPWl Al4kpqIw9GBRonZQZxjHKcqKL6rMlQ ZNXfZSkvHG QusIZ 76ILmFT34v7u7ChFAE Vu4GRfpSwoQUvV35LqJJk67IOU zfwOl1g kTwml75QR9gHujS6KwGN2QWXgh3ub8gDjTSq muSn Wd05iDX2IExQWu08licglk02LYciz Z4TrEU 9FJxwPiVQOjc KBXuR0juNg5nFYsY 0ZCk0N W9a tnkm1shRE7Di71 w3fNiOA 6w9o44t6 AINEICBCCA4YcF6zMzaT1wefWwX6f Rmt5nhhqdAtN 4oJfce166DqVX1gWmN zNR4DYDvSzg0l...

Page 1512: ...command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the SSH public keys on the switch console show crypto key mypubkey rsa rsa key data ssh rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAu7WHtjQDUygjSQXHVgyqdUby dxUXEAiDHXcWHVr0R ak1HDQitBzeEv1vVEToEn5ddLmRhtIgRdKU JHgBHJV R2VaSN WC0IK53j9re4B11AE O3qAxw...

Page 1513: ...show crypto key pubkey chain ssh command in Privileged EXEC mode to display SSH public keys stored on the switch Syntax show crypto key pubkey chain ssh username username fingerprint bubble babble hex username Specifies the remote SSH client username Range 1 48 characters bubble babble Fingerprints in Bubble Babble format hex Fingerprint in Hex format If fingerprint is unspecified it defaults to H...

Page 1514: ...pubkey chain ssh username dana Username dana rsa key data ssh rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAywqRKTRnexccxVUVTeMl Gkh imyUDhcTkgEfssLPMsgoXlTwzCE5 97UIIsSRKQQWR pBNl45tCYd75LUofV 4LP6Lj1Q5Q0w5lBgiqC2MZ iBHGSsHMAE0lpYtelZprDu4uiZHMuWezmdQp9 a1PU4jwQ22TlcfaUq3sqC3FMUoU Fingerprint 2f 09 e7 6f c9 bf ab 04 d4 6f a0 eb e8 df 7a 11 show ip ssh Use the show ip ssh command in Privileged EXEC mode to disp...

Page 1515: ...Name Idle Time SessionTime 10 240 1 122 John 00 00 00 00 00 08 user key Use the user key command in SSH Public Key Chain Configuration mode to specify which SSH public key you are configuring manually To remove a SSH public key use the no form of this command Syntax user key username rsa dsa no user key username username Specifies the remote SSH client username Range 1 48 characters rsa RSA key ds...

Page 1516: ...no user guidelines Example The following example enables a SSH public key to be manually configured for the SSH public key chain called bob console config crypto key pubkey chain ssh console config pubkey chain user key bob rsa console config pubkey key ...

Page 1517: ...vel messages CLI Logged to Local File and Syslog Server The PowerConnect Command Logging component logs all command line interface commands issued on the system The command log messages are stored with the other system logs and provide the system operators with a detailed log of the commands executed CLI command logging is configured through any of the PowerConnect management interfaces When the f...

Page 1518: ...0 27 21 22 admin User admin logged in 190 JAN 10 18 58 56 10 27 21 22 2 CLI_WEB 209809328 cmd_logger_api c 260 362 CLI admin 10 27 21 22 User has successfully logged in The CLI command log subsystem also logs all user log out instances The format of the log message is 190 JAN 10 19 01 04 10 27 21 22 2 CLI_WEB 209809328 cmd_logger_api c 260 382 CLI admin 10 27 21 22 User has logged out Commands in ...

Page 1519: ...vileged EXEC mode User Guidelines This command has no user guidelines Example The following example clears messages from the internal syslog message logging buffer console clear logging Clear logging buffer y n clear logging file Use the clear logging file command in Privileged EXEC mode to clear messages from the logging file Syntax clear logging file Default Configuration There is no default con...

Page 1520: ...gging mode to describe the syslog server Syntax description description description Sets the description of the syslog server Range 1 64 characters Default Configuration This command has no default value Command Mode Logging mode User Guidelines After entering the view corresponding to a specific syslog server the command can be executed to set the description of the server Example The following e...

Page 1521: ...de User Guidelines After entering the view corresponding to a specific syslog server the command can be executed to set the severity level for syslog messages Example The following example sets the syslog message severity level to alert console config logging level alert logging cli command Use the logging cli command in Global Configuration mode to enable CLI command logging Parameter Description...

Page 1522: ...er Logging level informational Buffer Messages 71 Logged File Logging level notActive File Messages 385 Dropped CLI Command Logging enabled Switch Auditing enabled Web Session Logging disabled SNMP Set Command Logging disabled Syslog server hostname logging informational Messages 0 dropped Syslog server a12345678901234567890123456789012345678901234567890123456789012 logging informational Messages ...

Page 1523: ...2 2 CLI_WEB 209809328 cmd_logger_api c 260 374 CLI admin 10 27 21 22 User has successfully logged in 190 JAN 10 18 59 28 10 27 21 22 2 CLI_WEB 209809328 cmd_logger_api c 260 375 CLI admin 10 27 21 22 User admin logged in to enable mode logging Use the logging command in Global Configuration mode to log messages to a syslog server To delete the syslog server with the specified address from the list...

Page 1524: ...Message Sequence Number Line Number File Name Thread ID Component Name Stack ID Host IP Address Timestamp PRI PRI This consists of the facility code see RFC 3164 multiplied by 8 and added to the severity See below for more information on severity Timestamp The system up time For systems that use SNTP this is UTC When time zones are enabled local time will be used Host IP Address The IP address of ...

Page 1525: ...mponent Name Component name for the logging component Components must use the new APIs in order to enable identification of the logging component Component UNKN is substituted for components that do not use the new logging APIs Thread ID The thread ID of the logging component File Name The name of the file containing the invoking macro Line Number The line number which contains the invoking macro ...

Page 1526: ...vel no logging buffered Parameter Description Default Configuration The default value for level is info Command Mode Global Configuration mode User Guidelines All the syslog messages are logged to the internal buffer This command limits the commands displayed to the user Parameter Description severity level Optional The number or name of the desired severity level Range 0 emergencies 1 alerts 2 cr...

Page 1527: ...o the console based on severity To disable logging to the console terminal use the no form of this command Syntax logging console severity level no logging console Parameter Description Default Configuration The default value for level is warnings Command Mode Global Configuration mode Parameter Description severity level Optional The number or name of the desired severity level Range 0 emergencie...

Page 1528: ... mode to limit syslog messages sent to the logging file based on severity To cancel the buffer use the no form of this command Syntax logging file severity level number type no logging file Parameter Description Default Configuration The default severity level is error Parameter Description severity level number Optional The number or name of the desired severity level Range 0 emergencies 1 alerts...

Page 1529: ...ly enables the sending of logging messages to the currently configured locations To disable the sending of log messages use the no form of this command Syntax logging on no logging on Default Configuration Logging is enabled Command Mode Global Configuration mode User Guidelines The logging process controls the distribution of logging messages to the various destinations such as the logging buffer...

Page 1530: ...ogging snmp command in Global Configuration mode to enable SNMP Set command logging To disable use the no form of this command Syntax logging snmp no logging snmp Default Configuration Disabled Command Mode Global Configuration mode User Guidelines To see SNMP Set command logs use the show logging command Example console config logging snmp logging web session Use the logging web session command i...

Page 1531: ...ing web session 133 MAR 24 07 46 07 10 131 7 165 2 UNKN 83102768 cmd_logger_api c 140 764 WEB 10 131 7 67 UNKNOWN EwaSessionLookup session 0 created 133 MAR 24 07 46 07 10 131 7 165 2 UNKN 83102768 cmd_logger_api c 140 765 WEB 10 131 7 67 admin User admin logged in port Use the port command in Logging mode to specify the port number of syslog messages To reset to the default value use the no form ...

Page 1532: ...Example The following example sets the syslog message port to 300 console config logging port 300 show logging Use the show logging command in Privileged EXEC mode to display all logging information including auditing status Syntax show logging Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Param...

Page 1533: ...ed Web Session Logging disabled SNMP Set Command Logging disabled 1141 Messages dropped due to lack of resources Buffer Log 190 JAN 10 16 26 53 0 0 0 0 1 NIM 177745344 nim_intf_map_api c 381 985 nimCheckIfNumber incorrect phase for operation 190 JAN 10 16 26 53 0 0 0 0 1 NIM 177745344 nim_intf_map_api c 381 986 nimCheckIfNumber incorrect phase for operation show logging file Use the show logging f...

Page 1534: ...ging file Persistent Logging enabled Persistent Log Count 1 186 JAN 01 00 00 05 0 0 0 0 1 UNKN 268434928 bootos c 382 3 Event 0xaaaaaaaa show syslog servers Use the show syslog servers command in Privileged EXEC mode to display the syslog servers settings Syntax show syslog servers Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines Thi...

Page 1535: ...nds 1531 Example The following example displays the syslog server settings console show syslog servers IP address Port Severity Facility Description 192 180 2 275 14 Info local7 7 192 180 2 285 14 Warning local7 7 ...

Page 1536: ...1532 Syslog Commands ...

Page 1537: ...otd acknowledge movemanagement show nsfUse the show nsf command to show the status of non stop forwarding show version clear checkpoint statistics nsf show power usage history stack cut through mode ping show process cpu console config stack stack port exec banner reload show sessions standby hostname set description show slot switch renumber initiate failover slot show supported cardtype telnet i...

Page 1538: ...r a tag name except a double quote or question mark Enclose the string in double quotes to include spaces within the name The surrounding quotes are not used as part of the name The CLI does not filter illegal characters and may accept entries up to the first illegal character or reject the entry entirely Example The following example specifies the switch asset tag as 1qwepot Because the unit para...

Page 1539: ... configuration mode Up to 2000 characters may be entered into a banner Each line entered will consume an extra two characters to account for the carriage return and line feed Example console config banner exec banner text banner login Use the banner login command to set the message that is displayed just before the login prompt Use no banner login command to remove the message Syntax banner login ...

Page 1540: ...t banner motd Use the banner motd command to set the message that is displayed on logging into the switch Use no banner motd command to remove the message Syntax banner motd MESSAGE no banner motd MESSAGE Quoted text Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines The motd banner can consist of multiple lines Enter a quote to end th...

Page 1541: ...tinue to the login prompt If n is entered the session is terminated and no further communication is allowed on that session However serial connection will not get terminated if y is not entered Use the no banner motd acknowledge command to disable banner acknowledge Syntax banner motd acknowledge no banner motd acknowledge Default Configuration This command has no default configuration Command Mod...

Page 1542: ...tistics for the checkpointing process Syntax clear checkpoint statistics Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines When nonstop forwarding is enabled on a stack the stack s management unit checkpoints operational data to the backup unit If the backup unit takes over as the management unit the control plane on the new managemen...

Page 1543: ...cut through mode no cut through mode Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines No specific guidelines Example console config cut through mode The mode enable is effective from the next reload of Switch Stack exec banner Use the exec banner command to enable exec banner on the console telnet or SSH connection To disable use the...

Page 1544: ...nfig telnet no exec banner hostname Use the hostname command in Global Configuration mode to specify or modify the switch host name To restore the default host name use the no form of the command Syntax hostname name no hostname name The name of the host Range 1 255 characters The command allows spaces in the host name when specified in double quotes For example snmp server v3 host host name Defau...

Page 1545: ...a stack use the initiate failover command in Stack Configuration mode Syntax This command has no user guidelines Default Configuration There is no default configuration Command Mode Stack Configuration mode User Guidelines This command forces a warm restart of the stack The backup unit takes over as the new management unit without clearing the hardware state on any of the stack members The origina...

Page 1546: ...e ip address command to set a static OOB port IP address Syntax ip address addr mask gw addr IP address to be set for the OOB port Range Valid IP address mask Subnet mask Range Valid mask gw Gateway IP address Range Valid gateway IP address Command Mode Interface Configuration out of band Default Configuration This command has no default configuration User Guidelines No specific guidelines Example...

Page 1547: ...ation Command Mode Interface Configuration out of band User Guidelines No specific guidelines Example console config interface out of band console config if ip address none ip address dhcp bootp Use the ip address command to enable DHCP BOOTP on the OOB port Syntax ip address dhcp bootp Command Mode Interface Configuration out of band Default Configuration This command has no default configuration...

Page 1548: ...ommand Syntax login banner no login banner MESSAGE Quoted text Default Configuration This command has no default configuration Command Mode Line Configuration User Guidelines This command has no user guidelines Example console config telnet no login banner member Use the member command in Stack Global Configuration mode to pre configure a switch stack member Execute this command on the Management ...

Page 1549: ...d switchtype command Default configuration This command has no defaults Command Mode Stack Global Configuration User Guidelines The switch index SID can be obtained by executing the show supported switchtype command in User Exec mode When removing a unit from a stack use the no member command to remove the stack member configuration after physically removing the unit Example The following example ...

Page 1550: ...le config telnet motd banner movemanagement Use the movemanagement command in Stack Global Configuration mode to move the Management Switch functionality from one switch to another Syntax movemanagement fromunit tounit fromunit The switch identifier on the current Management Switch tounit The switch identifier on the new Management Switch Default Configuration This command has no default configura...

Page 1551: ...current configuration across a stack move execute the copy configuration command before performing the stack move A stack move causes all routes and layer 2 addresses to be lost This command is executed on the Management Switch The administrator is prompted to confirm the management move Example The following example displays how to move the Management Switch functionality from switch 1 to switch ...

Page 1552: ...pv6 ipaddress hostname repeat count timeout interval size size ipaddress IP address to ping contact hostname Hostname to ping contact Range 1 158 characters The command allows spaces in the host name when specified in double quotes even though host names may only consist of letters numbers and the hyphen character count Number of packets to send Range 1 15 packets interval The time between Echo Re...

Page 1553: ...ime 10 msec Reply From 10 27 65 60 icmp_seq 2 time 10 msec Reply From 10 27 65 60 icmp_seq 3 time 10 msec 10 27 65 60 PING statistics 4 packets transmitted 4 packets received 0 packet loss round trip msec min avg max 10 10 10 console The following example displays a ping to yahoo com console ping yahoo com Pinging yahoo com 66 217 71 198 with 64 bytes of data 64 bytes from 10 1 1 1 icmp_seq 0 time...

Page 1554: ...cription Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines If no unit is specified all units are reloaded Example The following example displays how to reload the stack console reload 1 Management switch has unsaved changes Would you like to save them now y n n Configuration Not Saved Are you sure you want to reload the switch y n y P...

Page 1555: ... Command Mode Stack Global Configuration mode User Guidelines This command has no user guidelines Example The following example displays console config stack console config stack set description 1 unit 1 slot NOTE The slot command is only available to be used on PCM6348 when it is a master switch in a mixed stack of PCM6348 PC7000 switches to configure the slot on a slave PC7000 switch Use the slo...

Page 1556: ...F PowerConnect 7048 PowerConnect 7048P PowerConnect 7048R PowerConnect 7048R RA CX4 Expansion Card 10GBaseT Expansion Card SFP Expansion Card Use the no form of the command to return the unit slot configuration to the default value Syntax slot unit slot cardindex no slot unit slot unit slot The slot identifier of the slot cardindex The index into the database of the supported card types see show s...

Page 1557: ...ner Use the show banner command to display banner information Syntax show banner Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines This command has no user guidelines Example console show banner Banner Exec Line Console Enable Line SSH Disable Line Telnet Enable exec Banner Login Line Console Enable ...

Page 1558: ...on command to display the boot image version details The details available to the user include the build date and time Syntax show boot version unit unit The switch identifier Range 1 12 Default Configuration This command has no default configuration Command Mode User EXEC or Privileged EXEC User Guidelines No specific guidelines Example console show boot version unit Boot Image Version ...

Page 1559: ...e stack s management unit checkpoints operational data to the backup unit If the backup unit takes over as the management unit the control plane on the new management unit uses the checkpointed data when initializing its state Checkpoint statistics track the amount of data checkpointed from the management unit to the backup unit Example console show checkpoint statistics Messages Checkpointed 6708...

Page 1560: ...guration User Guidelines No specific guidelines Example Console show cut through mode Current mode Enable Configured mode Disable This mode is effective on next reload show interfaces advanced firmware Use the show interfaces advanced firmware command to display the firmware revision of the PHY for a port Syntax show interfaces advanced firmware interface Parameter Description Parameter Descriptio...

Page 1561: ...es advanced firmware Te3 2 1 Transceiver firmware part number BCM54680E Transceiver firmware revision 0x0D show ip interface out of band Use the show ip interface out of band command to disable DHCP BOOTP on the OOB port Syntax show ip interface out of band Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines No specific guidelines Example co...

Page 1562: ... Burned In MAC Address 0006 2932 814C show memory cpu Use the show memory cpu command to check the total and available RAM space on the switch Syntax show memory cpu Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines No specific guidelines Example console show memory cpu Total Memory 262144 KBytes Available Memory Space 121181 KBytes ...

Page 1563: ...lines There are no user guidelines for this command Example console show nsf Administrative Status Enable Operational Status Enable Last Startup Reason Warm Auto Restart Time Since Last Restart 0 days 16 hrs 52 mins 55 secs Restart In Progress No Warm Restart Ready Yes Copy of Running Configuration to Backup Unit Status Stale Time Since Last Copy 0 days 4 hrs 53 mins 22 secs Time Until Next Copy 2...

Page 1564: ...d across switch reboots reloads Syntax show power usage history unit id Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show power usage history unit 1 Sampling Interval sec 30 Total No of Samples to Keep 168 Current Power Consumption mWatts 56172 Pa...

Page 1565: ...6172 56172 1 0d 00 01 12 54360 54360 show process cpu Use the show process cpu command to check the CPU utilization for each process currently running on the switch Syntax show process cpu Command Mode Privileged EXEC Default Configuration This command has no default configuration User Guidelines No specific guidelines Example console show process cpu Memory Utilization Report status bytes ...

Page 1566: ... 359d2e0 bcmCNTR 0 0 80 0 42 0 50 3b5b750 bcmRX 0 00 0 13 0 12 3d3f6d0 MAC Send Task 0 00 0 07 0 10 More or q uit 3d48bd0 MAC Age Task 0 00 0 00 0 03 40fdbf0 bcmLINK 0 0 00 0 14 0 46 4884e70 tL7Timer0 0 00 0 06 0 02 48a1250 osapiMonTask 0 00 0 32 0 17 4969790 BootP 0 00 0 00 0 01 4d71610 dtlTask 0 00 0 06 0 05 4ed00e0 hapiRxTask 0 00 0 06 0 03 562e810 DHCP snoop 0 00 0 00 0 06 58e9bc0 Dynamic ARP ...

Page 1567: ... 06 0 03 b585770 isdpTask 0 00 0 00 0 02 bda6210 RMONTask 0 00 0 11 0 11 bdb24b0 boxs Req 0 00 0 13 0 10 c2d6db0 sshd 0 00 0 00 0 01 More or q uit Total CPU Utilization 2 40 3 62 3 45 show sessions Use the show sessions command in Privileged EXEC mode to display a list of the open telnet sessions to remote hosts Syntax show sessions Default Configuration This command has no default configuration C...

Page 1568: ...he show slot command in User EXEC mode to display information about all the slots in the system or for a specific slot Syntax show slot slot port The following table explains the output parameters Field Description Connection Connection number Host Remote host to which the switch is connected through a Telnet session Address IP address of the remote host Port Telnet TCP port number Parameter Descr...

Page 1569: ...del Identifier The model identifier of the card preconfigured in the slot Model identifier is a 32 character field used to identify a card Pluggable Cards are pluggable or non pluggable in the slot Parameter Description Inserted Card Model Identifier The model identifier of the card inserted in the slot Model identifier is a 32 character field used to identify a card This field is displayed only i...

Page 1570: ... types supported in the system Card index values are specific to each family of products Use the generic form without specifying an index to display all the card types for a product family Syntax show supported cardtype cardindex cardindex Displays the index into the database of the supported card types This index is used when preconfiguring a slot The following table explains the output parameter...

Page 1571: ...witch types Syntax show supported switchtype switchindex switchindex Specifies the index into the database of the supported switch types indicating the type of the switch being preconfigured The switch index is a 32 bit integer Range 0 65535 Default Configuration This command has no default configuration Command Mode User EXEC mode Parameter Description Card Type The 32 bit numeric card type for t...

Page 1572: ... show supported switchtype switchindex command console show supported switchtype 1 Switch Type 0x73950001 Model Identifier PCM8024 Switch Description PowerConnect M8024 Management Preference 1 Field Description Switch Index SID This field displays the index into the database of supported switch types This index is used when preconfiguring a member to be added to the stack Model Identifier This fie...

Page 1573: ...e configured model identifier the plugged in model identifier the switch status and the current code version If there is a stack firmware synchronization SFS operation in progress the switch status will show as Updating Code Both the pre configured switch type as set by the member command in stack mode and the actual connected switch type are shown The show switch unitid command shows details of t...

Page 1574: ...ls regarding slot configuration Use the show sdm prefer command to display the SDM template configuration Syntax show switch chassis mgmt stack member number stack ports counters diag stack standby Parameter Description Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC modes Parameter Description unitid The unit number chassis mgmt Display chass...

Page 1575: ...dmin Management Preference 4 Switch Type 0x73950001 Preconfigured Model Identifier PCM8024 Plugged in Model Identifier PCM8024 Switch Status OK Switch Description PCM8024 Expected Code Type 0x100b000 Detected Code Version I 12 21 1 Detected Code in Flash I 12 21 1 Boot Code Version I 12 1 Up Time 1 days 0 hrs 16 mins 37 secs The following table describes the fields in the example Unit Description ...

Page 1576: ...cturer to identify the switch Switch Status This field displays the switch status Possible values are OK Unsupported Code Mismatch Config Mismatch or Not Present Switch Description This field displays the switch description Expected Code Version This field indicates the expected code version Detected Code Version This field displays the version of code running on this switch If the switch is not p...

Page 1577: ...field indicates whether the switch is the Management Switch a stack member or the status is unassigned Preconfigured Model Identifier This field displays the model identifier of a preconfigured switch ready to join the stack The Model Identifier is a 32 character field assigned by the switch manufacturer to identify the switch Plugged In Model Identifier This field displays the model identifier of...

Page 1578: ...rm Auto Restart means that the primary management card restarted due to a failure and the system executed a nonstop forwarding failover Cold Auto Restart means that the system switched from the active manager to the backup manager and was unable to maintain user data traffic This is usually caused by multiple failures occurring close together Power On Administrative Move Warm Auto Restart Cold Aut...

Page 1579: ... hrs 53 mins 22 secs Status Whether the running configuration on the backup unit includes all changes made on the management unit Current or Stale Time Since Last Copy When the running configuration was last copied from the management unit to the backup unit Time Stamp Time Until Next Copy The number of seconds until the running configuration will be copied to the backup unit This line only appear...

Page 1580: ...nfig Plugged in Switch Code SW Switch Status Model ID Model ID Status Version 1 Mgmt Sw ANFirebolt 48 ANFirebolt 48 OK 4 12 17 37 2 Stack Mbr ANFirebolt 24 ANFirebolt 24 Updating Code 13 4 8 42 console show switch 1 Switch 1 Management Status Management Switch Hardware Management Preference Unassigned Admin Management Preference Unassigned Switch Type 0xb6340001 Preconfigured Model Identifier PCT7...

Page 1581: ...ple shows the SDM Mismatch value in the Switch Status field console show switch Management Standby Preconfig Plugged in Switch Code SW Switch Status Model ID Model ID Status Version 1 Mgmt Sw ANFirebolt 48 ANFirebolt 48 OK 2 24 17 48 2 ANFirebolt 48 ANFirebolt 48 SDM Mismatch 2 24 17 48 show system Use the show system command in User EXEC mode command to display system information Syntax show syst...

Page 1582: ...iption Dell Ethernet Switch System Up Time 0 days 22h 27m 32s System Contact System Name System Location Burned In MAC Address 0006 2932 8120 System Object ID 1 3 6 1 4 1 674 10895 3041 System Model ID PCM8024 k Machine Type PowerConnect M8024 k Temperature Sensors Unit Description Temperature Status Celsius 1 System 63 Good Power Supplies Unit Description Status 1 Main OK ...

Page 1583: ...ation This command has no default configuration Command Mode User EXEC mode User Guidelines The tag information is on a switch by switch basis Example The following example displays the system service tag information console show system id Service Tag 89788978 Serial number 8936589782 Asset tag 7843678957 Unit Service tag Serial number Asset tag 1 89788978 8936589782 7843678957 2 4254675 321652387...

Page 1584: ...t require a parameter description Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC User Guidelines This command has no user guidelines Examples console show system power console show system power Power Supplies Unit Description Status Source Average Current Since Power Power Date Time Watts Watts 1 System OK AC 206710688 81540 1 Main OK AC 4489...

Page 1585: ...temperature Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC User Guidelines Temperature status is indicated as per the following table Examples console show system temperature Temperature Sensors Unit Description Temperature Status Status Degrees Celsius Good 0 50 Medi...

Page 1586: ...ow tech support command to display system and configuration information for use in debugging or contacting technical support The output of the show tech support command combines the output of the following commands show version show sysinfo show port all show isdp neighbors show logging show event log show logging buffered show running config show debugging ...

Page 1587: ...ble Default Value Not applicable Example console show tech support Show Version Switch 2 System Description PowerConnect 6248P 1 23 0 33 VxWorks 6 5 Machine Type PowerConnect 6248P Machine Model PCT6248P Serial Number CN0PK4632829881C0067 FRU Number 1 Part Number BCM56314 Maintenance Level A Manufacturer 0xbc00 Burned In MAC Address 00 1E 4F 04 5D F4 ...

Page 1588: ... ID 1 3 6 1 4 1 674 10895 3013 System Up Time 0 days 0 hrs 11 mins 47 secs 10 100 Ethernet 802 3 interface s 4 Gig Ethernet 802 3 interface s 1 10Gig Ethernet 802 3 interface s 0 Virtual Ethernet 802 3 interface s 0 MIBs Supported More or q uit Selecting More m continues the display of output for the show tech support command show users Use the show users command in Privileged EXEC mode to display...

Page 1589: ...s no user guidelines Example The following example displays a list of active users and the information about them console show users Username Protocol Location Bob Serial John SSH 172 16 0 1 Robert HTTP 172 16 0 8 Betty Telnet 172 16 1 7 show version Use the show version command in User EXEC mode to displays the system version information Syntax show version unit unit The unit number ...

Page 1590: ...r demonstration purposes console show version Image Descriptions image1 default image image2 Images currently available on Flash unit image1 image2 current active next active 1 K 3 9 1 0 0 0 0 image1 image1 2 K 3 9 1 0 0 0 0 image1 image1 stack Stack commands are supported by PCM6220 and PCM6348 switches Use the stack command in Global Configuration mode to set the mode to Stack Global Config Synt...

Page 1591: ...igure CX 4 ports to be either stacking or Ethernet ports By default CX 4 ports are Ethernet ports Syntax stack port tengigabitethernet unit slot port ethernet stack Default Configuration By default these ports are configured as stacking ports Command Mode Stack Configuration mode User Guidelines The clear config command will not change the stacking port mode Only the stack port command can change ...

Page 1592: ...es up as the master when the stack failover occurs Use the no form of this command to reset to default in which case a standby is automatically selected from the existing stack units if there no preconfiguration Syntax standby unit no standby unit Valid unit number in the stack Range 1 12 maximum The range is limited to the number of units available on the stack Default Configuration The default c...

Page 1593: ... be operationally unplugged Syntax switch oldunit renumber newunit oldunit The current switch identifier Range 1 12 newunit The updated value of the switch identifier Range 1 12 Command Mode Global Configuration mode User Guidelines This command is executed on the Management Switch Example The following example displays how to reconfigure switch number 1 to an identifier of 2 console config switch...

Page 1594: ...eywords from the port table in the usage guidelines see Port Table below keyword One or more keywords from the keywords table in the user guidelines see Keywords Table below Options Description debug Enable telnet debugging mode line Enable telnet linemode localecho Enable telnet localecho cr Press ENTER to execute the command port Enter the port number Refer to the following table Keyword Descrip...

Page 1595: ...s login 543 kshell Kerberos shell 544 login Login 513 lpd Printer service 515 nntp Network News Transport Protocol 119 pim auto rp PIM Auto RP 496 pop2 Post Office Protocol v2 109 pop3 Post Office Protocol v3 110 smtp Simple Mail Transport Protocol 25 sunrpc Sun Remote Procedure Call 111 syslog Syslog 514 tacacs TAC Access Control System 49 talk Talk 517 telnet Telnet 23 time Time 37 uucp Unix to ...

Page 1596: ...he command The traceroute ipaddress hostname command sets the parameters to their default values You can enter traceroute to without specifying the IP address and hostname and specify values for the traceroute parameters Syntax traceroute ip ipv6 ipaddress hostname initTtl initTtl maxTtl maxTtl maxFail maxFail interval interval count count port port size size ipaddress Valid IP address of the dest...

Page 1597: ...TL level Range 1 10 port The destination UDP port of the probe This should be an unused port on the remote destination system Range 1 65535 size The size in bytes of the payload of the Echo Requests sent Range 0 65507 bytes Default Configuration The default count is 3 probes The default interval is 3 seconds The default size is 0 data bytes The default port is 33434 The default initTtl is 1 hop Th...

Page 1598: ...heir destination console traceroute traceroute Enter the ip address hostname 192 168 77 171 traceroute Packet size default 40 bytes 30 traceroute Max ttl value default 20 10 traceroute Number of probes to send at each level default 3 traceroute Timeout default 3 seconds 6 traceroute Source ip address default to select best interface address traceroute Type of Service byte default Tracing route ove...

Page 1599: ... can negotiate new options or renegotiate old options at any time In general each end of the Telnet connection attempts to implement all options that maximize performance for the systems involved When a Telnet connection is initiated each side of the connection is assumed to originate and terminate at a Network Virtual Terminal or NVT Therefore the server and user hosts do not maintain information...

Page 1600: ...nsole config ip telnet server disable console config no ip telnet server disable ip telnet port The ip telnet port command is used to configure the Telnet service port number on the switch Syntax ip telnet port port number port number Telnet service port number Range 1 65535 Default Configuration This command has no default configuration Command Mode Global Configuration Usage Guidelines No specif...

Page 1601: ...ort show ip telnet The show ip telnet command displays the status of the Telnet server and the Telnet service port number Syntax show ip telnet Default Configuration This command has no default configuration Command Mode Privileged EXEC Example console show ip telnet Telnet Server is Enabled Port 23 ...

Page 1602: ...1598 Telnet Server Commands ...

Page 1603: ...e default Syntax terminal length value no terminal length value The length in number of lines Range 0 512 Default Configuration This default value is 24 Command Mode Privileged EXEC mode User Guidelines Setting the terminal length to 0 disables paging altogether It is recommended that the terminal length either be set to 0 or a value larger than 4 as terminal lengths in the range of 1 to 4 may giv...

Page 1604: ...1600 Terminal Length Commands ...

Page 1605: ...y this name already exists this command enters Time Range Configuration mode to allow updating the time range entries Use the no form of this command to delete a time range identified by name Syntax time range name no time range name Parameter Description Default Configuration This command has no default configuration time range periodic absolute show time range Parameter Description name A case s...

Page 1606: ...arameter Description Start time date Time and date at which the configuration that referenced the time range is in effect The time is expressed in a 24 hour clock in the form of hours minutes For example 8 00 is 8 00 am and 20 00 is 8 00 pm The date is expressed in the format day month year If no start time and date are specified the configuration statement is in effect immediately End time date T...

Page 1607: ...the currently configured time zone Example console time range timeRange_1 console Config time range absolute end 12 00 16 Dec 2010 periodic Use the periodic command to add a periodic time entry to a time range The time parameter is based off of the currently configured time zone Use the no form of this command to delete a periodic time entry from a time range Syntax periodic days of the week time ...

Page 1608: ...erenced the time range is no longer in effect If the end days of the week are the same as the start they can be omitted This argument can be any single day or combinations of days Monday Tuesday Wednesday Thursday Friday Saturday Sunday Other possible values are daily Monday through Sunday weekdays Monday through Friday weekend Saturday and Sunday If the ending days of the week are the same as the...

Page 1609: ...onfigured individually Monday Tuesday Wednesday Thursday Friday but with after work hours 9pm to 11pm The administrator wants to permit deny HTTP traffic for this time range but the entire time range is invalid due to conflicting entries The absolute entry is forced to inactive because the periodic entry time is not yet in effect Examples console time range timeRange_2 console Config time range pe...

Page 1610: ... Range Status Inactive Entry Number 1 Parameter Description Number of Time Ranges Number of time ranges configured in the system Time Range Name Name of the time range Time Range Status Status of the time range active inactive Absolute start Start time and day for absolute time entry Absolute end End time and day for absolute time entry Periodic Entries Number of periodic entries in a time range P...

Page 1611: ...UE 12 30 Entry Number 3 Periodic Start Time TUE 13 00 Periodic End Time WED 12 00 Entry Number 4 Periodic Start Time WED 12 30 Periodic End Time THU 20 00 Entry Number 5 Periodic Start Time SUN SAT 18 00 More or q uit Periodic End Time SUN SAT 20 00 console show time range Current number of all Time Ranges 5 Maximum number of all Time Ranges 100 ...

Page 1612: ... Commands Periodic Time Range Name Status Entry count Absolute Entry timeRange_1 Inactive 4 Exists timeRange_2 Inactive 4 Exists timeRange_3 Inactive 4 Exists timeRange_4 Inactive 4 Exists timeRange_5 Inactive 4 Exists ...

Page 1613: ...EC mode Syntax enable Default Configuration The default privilege level is 15 Command Mode User EXEC mode User Guidelines If there is no authentication method defined for enable then a level 1 user is not allowed to execute this command Example The following example shows how to enter privileged mode console enable console enable mode simple end mode change confirm exit quit ...

Page 1614: ...s command has no default configuration Command Mode All command modes User Guidelines No specific guidelines Example console config end console end console exit Use the exit command to go to the next lower command prompt or in User EXEC mode to close an active terminal session by logging off the switch Syntax exit Default Configuration This command has no default configuration ...

Page 1615: ...er EXEC mode to the login prompt console config if Gi1 0 1 exit console config exit console exit console exit User mode simple NOTE The PCM8024 k switch defaults from the factory in Simple Mode of operation Use the mode simple command to select the Simple Mode as the start up mode To select Normal Mode as the operational mode use the no form of this command Syntax mode simple no mode simple Defaul...

Page 1616: ...mmand mode change confirm Use the mode change confirm command to confirm the mode selection Syntax mode change confirm Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command must be executed within 60 seconds of executing the mode simple or no mode simple command The selected mode is applied as operational mode Example co...

Page 1617: ...t Default Configuration This command has no default configuration Command Mode User EXEC command mode User Guidelines There are no user guidelines for this command Example The following example closes an active terminal session console quit ...

Page 1618: ...1614 User Interface Commands ...

Page 1619: ...ies must be enabled on the browser The Set Cookie directive is sent only once at initiation of the session With the introduction of Web Sessions the client connections can be monitored and controlled Web Sessions put the authentication control in the PowerConnect instead of the client browser resulting in a more efficient implementation that allows web access while using Radius or TACACS for authe...

Page 1620: ...y ip http secure server crypto certificate generate key generate crypto certificate import location crypto certificate request organization unit duration show crypto certificate mycertificate ip http port show ip http server status ip http server show ip http server secure status ip http secure certificate state Parameter Description common name Specifies the fully qualified URL or IP address of t...

Page 1621: ... gm com console config crypto cert common name router gm com country Use the country command in Crypto Certificate Generation or Crypto Certificate Request mode to specify the country Syntax country country country Specifies the country name Range 2 characters Default Configuration This command has no default configuration Command Mode Crypto Certificate Generation or Crypto Certificate Request mo...

Page 1622: ...elines This command is not saved in the router switch configuration however the certificate and keys generated by this command are saved in the private configuration This saved information is never displayed to the user or backed up to another switch If the RSA keys do not exist the generate parameter must be used To save the generated certificate and keys on the local switch and distribute the ce...

Page 1623: ... cert ex console config ex crypto certificate import Use the crypto certificate import command in Global Configuration mode to import a certificate signed by the Certification Authority for HTTPS Syntax crypto certificate number import number Specifies the certificate number Range 1 2 Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidel...

Page 1624: ...ple imports a certificate sighed by the Certification Authority for HTTPS console config crypto certificate 1 import BEGIN CERTIFICATE dHmUgUm9vdCBDZXJ0aWZpZXIwXDANBgkqhkiG9w0BAQEFAANLADBI AkEAp4HS nnH xQSGA2ffkRBwU2XIxb7n8VPsTm1xyJ1t11a1GaqchfMqqe0km fhcoHSWr yf1FpD0MWOTgDAwIDAQABo4IBojCCAZ4wEwYJKwYBBAGCNxQCBAYe BABDAEEw CwR0PBAQDAgFGMA8GA1UdEwEB wQFMAMBAf8wHQYDVR0OBBYEFAf4 MT9BRD47 ZvKBAEL9Ggp 6...

Page 1625: ...uest to a Certification Authority The certificate request is generated in Base64 encoded X 509 format Before generating a certificate request you must first generate a self signed certificate using the crypto certificate generate command in Global Configuration mode in order to generate the keys Make sure to re enter values in the certificate fields After receiving the certificate from the Certifi...

Page 1626: ...ys Command Mode Crypto Certificate Generation mode User Guidelines This command mode is entered using the crypto certificate generate command Example The following example displays how specify a duration of 50 days that a certification is valid console config crypto cert duration 50 ip http port Use the ip http port command in Global Configuration mode to specify the TCP port for use by a web brow...

Page 1627: ...the switch Example The following example shows how the http port number is configured to 100 console config ip http port 100 ip http server Use the ip http server command in Global Configuration mode to enable the switch to be configured monitored or modified from a browser To disable this function use the no form of this command Syntax ip http server no ip http server Default Configuration The de...

Page 1628: ...f this command Syntax ip http secure certificate number no ip http secure certificate Parameter Description Default Configuration The default value of the certificate number is 1 Command Mode Global Configuration mode User Guidelines The HTTPS certificate is generated using the crypto certificate generate command in Global Configuration mode Example The following example configures the active cert...

Page 1629: ...This default port number is 443 Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example configures the https port number to 100 console config ip http secure port 2 ip http secure server Use the ip http secure server command in Global Configuration mode to enable the switch to be configured monitored or modified securely from a brows...

Page 1630: ...cate generate command Example The following example enables the switch to be configured from a browser console config ip http secure server key generate Use the key generate command in Crypto Certificate Generation mode to specify the key generate Syntax key generate length length Specifies the length of the SSL RSA key If left unspecified this parameter defaults to 1024 Range 512 2048 Default Con...

Page 1631: ... Crypto Certificate Request mode to specify the location or city name Syntax location location location Specifies the location or city name Range 1 64 characters Default Configuration This command has no default configuration Command Mode Crypto Certificate Generation or Crypto Certificate Request mode User Guidelines This command mode is entered using the crypto certificate request or crypto cert...

Page 1632: ... Certificate Generation or Crypto Certificate Request mode User Guidelines This command mode is entered using the crypto certificate request or crypto certificate generate command Example The following example displays how to specify the generalmotors organization unit console config crypto cert organization unit generalmotors show crypto certificate mycertificate Use the show crypto certificate m...

Page 1633: ...BAQEFAANLADBI AkEAp4HS NnH xQSGA2ffkRBwU2XIxb7n8VPsTm1xyJ1t11a1GaqchfMqqe0km fhcoHSWr yf1FpD0MWOTgDAwIDAQABo4IBojCCAZ4wEwYJKwYBBAGCNxQCBAYe BABDAEEw CwR0PBAQDAgFGMA8GA1UdEwEB wQFMAMBAf8wHQYDVR0OBBYEFAf4 MT9BRD47 ZvKBAEL9Ggp 6MIIBNgYDVR0fBIIBLTCCASkwgdKggc ggcyGgcls ZGFwOi8v L0VByb3h5JTIwU29mdHdhcmUlMjBSb290JTIwQ2VydGlmaWVyLENO PXNlcnZl END CERTIFICATE Issued by www verisign com Valid from 8 9 2003...

Page 1634: ...lt configuration Command Mode User EXEC Privileged EXEC User Guidelines This command has no user guidelines Example The following example displays the HTTP server configuration console show ip http server status HTTP server enabled Port 80 show ip http server secure status Use the show ip http server secure status command in User EXEC or Privileged EXEC mode to display the HTTP secure server statu...

Page 1635: ...ort 443 DH Key exchange enabled Certificate 1 is active Issued by www verisign com Valid from 8 9 2003 to 8 9 2004 Subject CN router gm com 0 General Motors C US Finger print DC789788 DC88A988 127897BC BB789788 Certificate 2 is inactive Issued by self signed Valid from 8 9 2003 to 8 9 2004 Subject CN router gm com 0 General Motors C US Finger print 1873B936 88DC3411 BC8932EF 782134BA The following...

Page 1636: ... gm com 0 General Motors C US Finger print 1873B936 88DC3411 BC8932EF 782134BA state Use the state command in Crypto Certificate Generation or Crypto Certificate Request mode to specify the state or province name Syntax state state state Specifies the state or province name Range 1 64 characters Default Configuration This command has no default configuration Command Mode Crypto Certificate Generat...

Page 1637: ...Web Server Commands 1633 Example The following example shows how to specify the state of texas console config crypto cert state texas ...

Page 1638: ...1634 Web Server Commands ...

Page 1639: ...thentication login 221 aaa authorization network default radius 223 AAA Commands 217 aaa ias user username 224 absolute 1602 Access Control Lists 597 access list 244 acct port 655 ACL Commands 243 ACL Logging 243 action 525 add ethernet 565 add gigabitethernet 527 add port channel 528 add tengigabitethernet 527 Address Table Commands 259 area default cost Router OSPF 1069 area default cost Router ...

Page 1640: ...o summary 1153 area stub 1077 area stub 1152 area virtual link authentication 1081 area virtual link dead interval 1082 area virtual link dead interval 1156 area virtual link hello interval 1083 area virtual link hello interval 1156 area virtual link retransmit interval 1084 area virtual link retransmit interval 1157 area virtual link transmit delay 1085 area virtual link transmit delay 1158 area ...

Page 1641: ...ck 1278 boot auto copy sw allow downgrade 1263 boot auto copy sw 1262 boot host autoreboot 1264 boot host autosave 1265 boot host dhcp 1265 boot host retrycount 1266 boot system 1340 bootfile 815 bootpdhcprelay maxhopcount 899 bootpdhcprelay minwaittime 900 capability opaque 1088 Captive Portal Client Connection Commands 1286 Captive Portal Commands 1271 Captive Portal Configuration Commands 1278 ...

Page 1642: ... 225 clear arp cache management 807 clear arp cache 806 clear captive portal users 1291 clear checkpoint statistics 1538 clear config 1341 clear counters 372 clear dot1x authentication history 790 clear gvrp statistics 427 clear host 460 clear ip address conflict detect 460 clear ip arp inspection statistics 342 clear ip dhcp binding 816 clear ip dhcp conflict 817 clear ip dhcp snooping binding 32...

Page 1643: ...log Server 1513 CLI Macro Commands 1305 client identifier 817 client name 818 Clock Commands 1315 clock summer time date 1328 clock summer time recurring 1327 clock timezone hours offset 1326 Command Groups 73 Command Groups 74 Command Line Configuration Scripting Commands 1333 Command Line Interface Scripting 1339 common name 1616 compatible rfc1583 1089 Configurable Minimum Password Length 1389 ...

Page 1644: ...ut through mode 1539 Data Center Bridging Commands 303 datacenter bridging 304 deadtime 656 debug arp 1440 debug auto voip 1441 debug cfm 423 debug clear 1441 debug console 1442 debug dhcp packet 320 debug dot1x 1442 debug igmpsnooping 1443 debug ip acl 1444 debug ip dvmrp 1444 debug ip igmp 1445 debug ip mcache 1446 debug ip pimdm 1447 debug ip pimsm 1447 debug ip vrrp 1448 debug ipv6 dhcp 1449 d...

Page 1645: ...ault information originate 1214 default metric 1091 default metric 1160 default metric 1215 default router 819 delete backup config 1348 delete backup image 1348 delete startup config 1349 delete 1347 Denial of Service Commands 1361 deny management 1380 deny permit IP ACL 246 deny permit Mac Access List Configuration 247 depends on 529 description 1516 description 373 dhcp l2relay Global Configura...

Page 1646: ...e list out 1093 distribute list out 1216 dns server IP DHCP Pool Config 820 dns server IPv6 DHCP Pool Config 844 do 1387 domain name IP DHCP Pool Config 821 domain name IPv6 DHCP Pool Config 844 dos control firstfrag 1363 dos control icmp 1363 dos control l4port 1364 dos control sipdip 1365 dos control tcpflag 1366 dos control tcpfrag 1366 dot1x dynamic vlan enable 767 dot1x guest vlan 791 dot1x i...

Page 1647: ...riod 779 dot1x unauth vlan 792 Double VLAN Mode 717 drop 611 duplex 374 duplex 566 duration 1622 dvlan tunnel ethertype 720 DVMRP Commands 861 Dynamic ARP Inspection Commands 341 Email Alerting Commands 355 enable authentication 225 enable password encrypted 1403 enable password 226 enable 1094 enable 1162 enable 1217 enable 1274 enable 1279 enable 1609 encapsulation 917 end 1610 Enhanced LAG Hash...

Page 1648: ...3 exit mst 679 exit 1610 exit overflow interval 1095 exit overflow interval 1163 external lsdb limit 1096 external lsdb limit 1163 File System Commands 1339 filedescr 1351 flowcontrol 375 Forwarding of OSPF Opaque LSAs Enabled by Default 1067 garp timer 428 GMRP Commands 869 gmrp enable 870 Graceful Restart 1068 group 1280 Guest VLAN 765 GVRP Commands 427 gvrp enable global 429 gvrp enable interfa...

Page 1649: ...ng 718 instance mst 680 interface loopback 1013 interface out of band 461 interface port channel 578 interface range port channel 579 interface range vlan 722 interface range 376 Interface Tracking 1237 interface tunnel 1230 interface vlan 721 interface 1281 interface 375 Introduction 163 Introduction 73 ip access group 250 ip address Out of Band 462 ip address dhcp bootp 1543 ip address dhcp Inte...

Page 1650: ...ormation check 901 ip dhcp relay information check reply 902 ip dhcp relay information option 903 ip dhcp relay information option insert 904 ip dhcp snooping binding 328 ip dhcp snooping database write delay 330 ip dhcp snooping database 329 ip dhcp snooping limit 331 ip dhcp snooping log invalid 332 ip dhcp snooping trust 332 ip dhcp snooping verify mac address 333 ip dhcp snooping 327 ip domain...

Page 1651: ...gmp router alert optional 887 ip igmp snooping global 438 ip igmp snooping interface 439 ip igmp snooping VLAN 445 ip igmp snooping fast leave 446 ip igmp snooping groupmembership interval 447 ip igmp snooping host time out 440 ip igmp snooping leave time out 440 ip igmp snooping maxresponse 448 ip igmp snooping mcrtrexpiretime 449 ip igmp snooping mrouter time out 441 ip igmp snooping querier ele...

Page 1652: ...eference 1210 ip irdp 1203 ip local proxy arp 808 ip mcast boundary 1019 ip mroute 1019 ip mtu 919 ip multicast ttl threshold 1021 ip multicast 1020 ip name server 469 ip netdirbcast 920 ip ospf area 1097 ip ospf authentication 1098 ip ospf cost 1099 ip ospf dead interval 1099 ip ospf hello interval 1100 ip ospf mtu ignore 1101 ip ospf network 1102 ip ospf priority 1103 ip ospf retransmit interval...

Page 1653: ...redirects 1369 ip rip authentication 1219 ip rip receive version 1220 ip rip send version 1221 ip rip 1218 ip route default 922 ip route distance 923 ip route 921 IP Routing Commands 915 ip routing 924 IP Source Guard Commands 507 ip ssh port 1504 ip ssh pubkey auth 1505 ip ssh server 1505 IP Subnet Based VLANs 719 ip telnet port 1596 ip telnet server disable 1595 ip unreachables 1369 ip verify bi...

Page 1654: ...mber query count 965 ipv6 mld last member query interval 966 ipv6 mld query interval 969 ipv6 mld query max response time 970 ipv6 mld router 970 ipv6 mld snooping Global 491 ipv6 mld snooping Interface 492 ipv6 mld snooping VLAN 493 IPv6 MLD Snooping Commands 487 ipv6 mld snooping groupmembership interval 489 ipv6 mld snooping immediate leave 488 ipv6 mld snooping maxresponse 489 ipv6 mld snoopin...

Page 1655: ...interval 974 ipv6 nd other config flag 974 ipv6 nd prefix 975 ipv6 nd ra interval 977 ipv6 nd ra lifetime 978 ipv6 nd reachable time 978 ipv6 nd suppress ra 979 ipv6 ospf area 1165 ipv6 ospf cost 1166 ipv6 ospf dead interval 1167 ipv6 ospf hello interval 1167 ipv6 ospf mtu ignore 1168 ipv6 ospf network 1169 ipv6 ospf priority 1170 ipv6 ospf retransmit interval 1171 ipv6 ospf transmit delay 1172 ip...

Page 1656: ...sm bsr candidate 1051 ipv6 pimsm dr priority 1052 ipv6 pimsm hello interval 1053 ipv6 pimsm join prune interval 1053 ipv6 pimsm register threshold 1054 ipv6 pimsm rp address 1055 ipv6 pimsm rp candidate 1056 ipv6 pimsm spt threshold 1056 ipv6 pimsm ssm 1057 ipv6 route distance 981 ipv6 route 980 ipv6 router ospf 1172 IPv6 Routing Commands 959 ipv6 traffic filter 482 ipv6 unicast routing 982 ipv6 u...

Page 1657: ...rity 583 lacp timeout 584 LAG Hashing 575 LAG Thresholds 574 Layer 2 ACLs 598 Layer 2 Commands 215 Layer 2 Commands 79 Layer 3 Commands 113 Layer 3 Commands 797 Layer 3 4 IPv4 ACLs 598 lease 827 level 1517 Line Commands 1373 line 1375 Link Dependency Commands 525 link dependency group 526 List of Commands 1635 LLDP Commands 533 lldp notification 536 lldp notification interval 536 lldp receive 537 ...

Page 1658: ...ssage type to addr 360 logging email test message type 363 logging email urgent 358 logging email 356 logging file 1524 logging on 1525 logging snmp 1526 logging traps 359 logging web session 1526 logging 1519 login authentication 229 login banner 1544 Loopback Interface Commands 1013 mac access group 251 mac access list extended rename 253 mac access list extended 252 mac address table aging time...

Page 1659: ...bal description 1309 macro global trace 1308 macro name 1306 macro trace 1311 mail server ip address hostname 366 management access class 1381 management access list 1382 Management ACL Commands 1379 Manual Aggregation of LAGs 577 mark cos 612 mark ip dscp 613 mark ip precedence 614 match class map 614 match cos 616 match destination address mac 616 match dstip 617 match dstip6 618 match dstl4port...

Page 1660: ...629 Mode Commands 1387 mode dvlan tunnel 723 mode simple 1611 Mode Types 77 mode change confirm 1612 monitor session 594 motd banner 1545 msgauth 658 mtu disable 567 mtu 378 Multicast Commands 1017 Multicast VLAN Registration Commands 549 mvr group 551 mvr immediate 554 mvr mode 552 mvr querytime 552 mvr type 555 mvr vlan group 557 mvr vlan 554 mvr 550 name Captive Portal 1282 name mst 682 name RA...

Page 1661: ...checking 1109 nsf helper strict lsa checking 1176 nsf helper 1108 nsf helper 1175 nsf restart interval 1110 nsf restart interval 1176 nsf 1107 nsf 1174 nsf 1547 option 832 organization unit 1628 OSPF Commands 1065 OSPF Equal Cost Multipath ECMP 1066 OSPFv3 Commands 1143 Passive Interfaces 1067 passive interface default 1111 passive interface default 1178 passive interface 1111 passive interface 11...

Page 1662: ...peated characters 1401 passwords strength minimum character classes 1401 passwords strength minimum lowercase letters 1397 passwords strength minimum numeric characters 1398 passwords strength minimum special characters 1399 passwords strength minimum uppercase letters 1396 passwords strength check 1395 PCM6220 Limitations 600 periodic 1603 permit management 1383 permit ip host mac host 347 PHY Di...

Page 1663: ... 660 priority 711 priority flow control mode on 305 priority flow control priority 305 Protocol Based VLANs 718 protocol group 725 protocol vlan group all 727 protocol vlan group 726 protocol 1283 QoS Commands 597 Queue Mapping 599 quit 1612 RADIUS Commands 653 RADIUS based Dynamic VLAN Assignment 766 radius server attribute 4 794 radius server deadtime 661 radius server host 662 radius server key...

Page 1664: ...sion mst 683 rmon alarm 1413 rmon collection history 1416 RMON Commands 1413 rmon event 1417 Route Preferences 1066 Route Tracking 1237 Router Discovery Protocol Commands 1203 router ospf 1114 router rip 1223 router id 1113 router id 1179 Routing Information Protocol Commands 1213 routing 925 script apply 1333 script delete 1334 script list 1335 script show 1335 script validate 1336 sdm prefer 143...

Page 1665: ...de 1466 sflow sampling 1465 show aaa ias users 233 show aaa servers 667 show arp access list 348 show arp switch 473 show arp 809 show authentication methods 234 show auto copy sw 1267 show backup config 1353 show banner 1553 show boot 1268 show bootvar 1354 show boot version 1554 show bridge address table 570 show bridge multicast address table count 1033 show captive portal client status 1286 sh...

Page 1666: ...cp mapping 637 show classofservice trust 640 show clock 1330 show copper ports tdr 1409 show crypto certificate mycertificate 1628 show crypto key mypubkey 1508 show crypto key pubkey chain ssh 1509 show cut through mode 1556 show debugging 1459 show dhcp lease 321 show diffserv service brief 644 show diffserv service interface port channel 643 show diffserv service interface 642 show diffserv 641...

Page 1667: ...ces advanced firmware 1556 show interfaces advertise 379 show interfaces configuration 380 show interfaces cos queue 644 show interfaces counters 382 show interfaces datacenter bridging 306 show interfaces description 385 show interfaces loopback 1014 show interfaces port channel 586 show interfaces random detect 647 show interfaces status 386 show interfaces switchport 730 show interfaces tunnel ...

Page 1668: ...rp route 867 show ip dvmrp 863 show ip helper statistics 912 show ip helper address 476 show ip helper address 910 show ip http server secure status 1630 show ip http server status 1630 show ip igmp groups 883 show ip igmp interface stats 886 show ip igmp interface 884 show ip igmp membership 885 show ip igmp snooping groups 443 show ip igmp snooping interface 444 show ip igmp snooping mrouter 445...

Page 1669: ...123 show ip ospf database database summary 1127 show ip ospf database 1124 show ip ospf interface brief 1131 show ip ospf interface stats 1131 show ip ospf interface 1129 show ip ospf neighbor 1132 show ip ospf range 1135 show ip ospf statistics 1136 show ip ospf stub table 1137 show ip ospf virtual link 1138 show ip ospf virtual links brief 1139 show ip ospf 1115 show ip pim bsr router 1040 show ...

Page 1670: ...6 dhcp binding 851 show ipv6 dhcp interface Privileged EXEC 854 show ipv6 dhcp interface User EXEC 852 show ipv6 dhcp pool 857 show ipv6 dhcp statistics 858 show ipv6 dhcp 851 show ipv6 interface management statistics 988 show ipv6 interface 986 show ipv6 mld groups 990 show ipv6 mld interface 993 show ipv6 mld snooping groups 495 show ipv6 mld snooping querier 504 show ipv6 mld snooping 494 show ...

Page 1671: ...6 ospf range 1198 show ipv6 ospf stub table 1199 show ipv6 ospf virtual link brief 1201 show ipv6 ospf virtual links 1200 show ipv6 ospf 1180 show ipv6 pim bsr router 950 show ipv6 pim interface 952 show ipv6 pim neighbor 954 show ipv6 pim rp hash 955 show ipv6 pim rp mapping 956 show ipv6 pimsm bsr 1059 show ipv6 pimsm interface 1060 show ipv6 pimsm neighbor 1061 show ipv6 pimsm rp mapping 1063 s...

Page 1672: ... 541 show logging email statistics 364 show logging file 1529 show logging 1528 show mac access list 257 show mac address table address 275 show mac address table count 276 show mac address table dynamic 277 show mac address table filtering 273 show mac address table interface 279 show mac address table multicast 271 show mac address table static 280 show mac address table vlan 281 show mac addres...

Page 1673: ...ecurity 282 show power usage history 1560 show process cpu 1561 show radius statistics 670 show rmon alarm 1418 show rmon alarms 1420 show rmon collection history 1421 show rmon events 1422 show rmon history 1423 show rmon log 1427 show rmon statistics 1428 show running config 1355 show sdm prefer 1435 show service acl interface 255 show service policy 650 show sessions 1563 show sflow agent 1467 ...

Page 1674: ...ort channel 589 show statistics switchport 395 show statistics 390 show storm control 397 show supported cardtype 1566 show supported switchtype 1567 show switch 1569 show switchport protected 404 show switchport voice 285 show syslog servers 1530 show system id 1579 show system power 1580 show system temperature 1581 show system 1577 show tacacs 712 show tech support 1582 show time range 1605 sho...

Page 1675: ... server community 1483 snmp server community group 1485 snmp server contact 1486 snmp server enable traps 1486 snmp server engineID local 1489 snmp server filter 1490 snmp server group 1492 snmp server host 1493 snmp server location 1495 snmp server user 1496 snmp server v3 host 1499 snmp server view 1497 sntp authenticate 1320 sntp authentication key 1321 sntp broadcast client enable 1322 sntp cl...

Page 1676: ...hops 697 spanning tree mode 698 spanning tree mst configuration 698 spanning tree mst cost 699 spanning tree mst port priority 700 spanning tree mst priority 701 spanning tree portfast bpdufilter default 703 spanning tree portfast default 704 spanning tree portfast 702 spanning tree port priority 705 spanning tree priority 706 spanning tree tcnguard 706 spanning tree transmit hold count 707 spanni...

Page 1677: ...itchport general ingress filtering disable 741 switchport general pvid 742 switchport mode 743 switchport protected name 403 switchport protected 402 switchport trunk 744 switchport voice detect auto 288 Syslog Commands 1513 System Management Commands 1533 TACACS Commands 709 tacacs server host 713 tacacs server key 714 tacacs server timeout 715 Telnet Server Commands 1595 telnet 1589 Terminal Len...

Page 1678: ...p 1293 user group 1301 User Interface Commands 1609 User Lockout 1389 user name 1295 user password 1295 user session timeout 1296 user key 1511 user logout 1294 username Mail Server Configuration Mode 367 username password encrypted 239 username unlock 241 username 238 Using CLI Functions and Tools 193 Using the CLI 163 Utility Commands 1259 Utility Commands 140 verification 1285 Virtual Router Re...

Page 1679: ...1 vlan routing 754 vlan 746 VLANs and LAGs 574 voice vlan Interface 758 Voice VLAN Commands 757 voice vlan data priority 760 voice vlan 758 vrrp accept mode 1238 vrrp authentication 1239 vrrp description 1240 vrrp ip 1241 vrrp mode 1242 vrrp preempt 1243 vrrp priority 1244 VRRP Route Interface Tracking 1236 vrrp timers advertise 1245 vrrp timers learn 1246 vrrp track interface 1247 vrrp track ip r...

Page 1680: ...1676 Appendix A List of Commands ...

Page 1681: ......

Page 1682: ...www dell com support dell com Printed in the U S A ...