Page 1
Catalyst 3750-X and 3560-X Switch Command Reference Cisco IOS Release 12.2(55)SE August 2010 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Text Part Number: OL-21522-02 Downloaded from www.Manualslib.com...
Page 2
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks.
Global Configuration Mode Interface Configuration Mode VLAN Configuration Mode Line Configuration Mode Catalyst 3750-X and 3560-X Switch C H A P T E R Cisco IOS Commands aaa accounting dot1x aaa authentication dot1x aaa authorization network action archive copy-sw archive download-sw...
Page 4
Contents authentication fallback 2-31 authentication host-mode 2-33 authentication linksec policy 2-35 authentication mac-move permit 2-36 authentication open 2-38 authentication order 2-40 authentication periodic 2-42 authentication port-control 2-44 authentication priority 2-46 authentication timer 2-48 authentication violation 2-50 auto qos classify 2-52 auto qos trust 2-55 auto qos video...
Page 7
Contents hw-module 2-206 interface port-channel 2-208 interface range 2-210 interface vlan 2-212 ip access-group 2-214 ip address 2-217 ip admission 2-219 ip admission name proxy http 2-220 ip arp inspection filter vlan 2-222 ip arp inspection limit 2-224 ip arp inspection log-buffer 2-226 ip arp inspection trust 2-228...
Page 8
Contents ip igmp snooping report-suppression 2-267 ip igmp snooping tcn 2-269 ip igmp snooping tcn flood 2-271 ip igmp snooping vlan immediate-leave 2-272 ip igmp snooping vlan mrouter 2-273 ip igmp snooping vlan static 2-275 ip snap forwarding 2-277 ip source binding 2-278 ip ssh 2-280...
Page 9
Contents logging event power-inline-status 2-331 logging file 2-332 mab request format attribute 32 2-334 mac access-group 2-336 mac access-list extended 2-338 mac address-table aging-time 2-340 mac address-table learning vlan 2-341 mac address-table move update 2-343 mac address-table notification 2-345 mac address-table static 2-347 mac address-table static drop 2-348...
Page 12
Contents show controllers utilization 2-553 show diagnostic 2-555 show dot1q-tunnel 2-560 show dot1x 2-562 show dtp 2-566 show eap 2-568 show env 2-571 show errdisable detect 2-574 show errdisable flap-values 2-576 show errdisable recovery 2-577 show etherchannel 2-579 show fallback profile 2-582 show flowcontrol 2-584...
Page 13
Contents show ipv6 mld snooping mrouter 2-643 show ipv6 mld snooping querier 2-645 show ipv6 route updated 2-647 show l2protocol-tunnel 2-649 show lacp 2-652 show link state group 2-656 show lldp 2-658 show location 2-659 show logging onboard 2-662 show mac access-group 2-667 \show mac address-table 2-668...
Page 14
Contents show mvr 2-721 show mvr interface 2-723 show mvr members 2-725 show network-policy profile 2-727 show nmsp 2-728 show pagp 2-731 show policy-map 2-733 show port-security 2-734 show power inline 2-737 show sdm prefer 2-743 show setup express 2-746 show spanning-tree 2-747 show stack-power...
Page 17
Contents Catalyst 3750-X and 3560-X Switch Boot Loader Commands A P P E N D I X boot copy delete flash_init A-10 format A-11 fsck A-12 help A-13 memory A-14 mgmt_clr A-16 mgmt_init A-17 mgmt_show A-18 mkdir A-19 more A-20 rename A-21 reset...
Page 18
Contents debug fastethernet B-14 debug ilpower B-15 debug interface B-16 debug ip dhcp snooping B-17 debug ip verify source packet B-18 debug ip igmp filter B-19 debug ip igmp max-groups B-20 debug ip igmp snooping B-21 debug lacp B-22 debug lldp packets B-23 debug mac-notification B-24...
Page 20
Contents debug sw-vlan vtp B-100 debug udld B-102 debug vqpc B-104 Catalyst 3750-X and 3560-X Show Platform Commands A P P E N D I X show platform acl show platform backup interface show platform configuration show platform dl show platform etherchannel show platform forward show platform frontend-controller show platform ip igmp snooping...
Page 21
Contents show platform tb C-45 show platform tcam C-47 show platform vlan C-50 Acknowledgments for Open-Source Software A P P E N D I X N D E X Catalyst 3750-X and 3560-X Switch Command Reference OL-21522-02 Downloaded from www.Manualslib.com manuals search engine...
Page 22
Contents Catalyst 3750-X and 3560-X Switch Command Reference xxii OL-21522-02 Downloaded from www.Manualslib.com manuals search engine...
Page 23
Catalyst 3750-X and 3560-X switch, or the Catalyst 3750-X switch stack, referred to as the switch. Before using this guide, you should have experience working with the Cisco IOS commands and the switch software features. Before using this guide, you should have experience working with the concepts and terminology of Ethernet and local area networking.
Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data. Related Publications Documents with complete information about the switch are available from these Cisco.com sites: Catalyst 3750-X http://www.cisco.com/en/US/products/ps10745/tsd_products_support_series_home.html Catalyst 3560-X http://www.cisco.com/en/US/products/ps10744/tsd_products_support_series_home.html...
Obtaining Documentation and Submitting a Service Request For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html...
Page 26
Preface Catalyst 3750-X and 3560-X Switch Command Reference xxvi OL-21522-02 Downloaded from www.Manualslib.com manuals search engine...
C H A P T E R Using the Command-Line Interface The Catalyst 3750-X and 3560-X switches are supported by Cisco IOS software. This chapter describes how to use the switch command-line interface (CLI) to configure software features. For a complete description of the commands that support these features, see Chapter 2, “Catalyst 3750-X...
Using the Command-Line Interface CLI Command Modes CLI Command Modes This section describes the CLI command mode structure. Command modes support specific Cisco IOS commands. For example, the interface interface-id command only works when entered in global configuration mode. These are the main command modes for the switch: User EXEC •...
Chapter 1 Using the Command-Line Interface CLI Command Modes Table 1-1 Command Modes Summary (continued) Command Mode Access Method Prompt Exit or Access Next Mode VLAN In global configuration mode, To exit to global configuration mode, Switch(config-vlan)# configuration enter the vlan vlan-id command. enter the exit command.
Chapter 1 Using the Command-Line Interface CLI Command Modes Global Configuration Mode Global configuration commands apply to features that affect the device as a whole. Use the configure privileged EXEC command to enter global configuration mode. The default is to enter commands from the management console.
Chapter 1 Using the Command-Line Interface CLI Command Modes Enter the vlan vlan-id global configuration command to access VLAN configuration mode: Switch(config)# vlan 2000 Switch(config-vlan)# The supported keywords can vary but are similar to the commands available in VLAN configuration mode.
Page 32
Chapter 1 Using the Command-Line Interface CLI Command Modes Catalyst 3750-X and 3560-X Switch Command Reference OL-21522-02 Downloaded from www.Manualslib.com manuals search engine...
C H A P T E R Catalyst 3750-X and 3560-X Switch Cisco IOS Commands aaa accounting dot1x Use the aaa accounting dot1x global configuration command to enable authentication, authorization, and accounting (AAA) accounting and to create method lists defining specific accounting methods on a per-line or per-interface basis for IEEE 802.1x sessions.
Page 34
IEEE 802.1x. aaa new-model Enables the AAA access control model. For syntax information, see the Cisco IOS Security Command Reference, Release 12.2 > Authentication, Authorization, and Accounting > Authentication Commands. dot1x reauthentication Enables or disables periodic reauthentication. dot1x timeout Sets the number of seconds between re-authentication attempts.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands aaa authentication dot1x aaa authentication dot1x Use the aaa authentication dot1x global configuration command on the switch stack or on a standalone switch to specify the authentication, authorization, and accounting (AAA) method to use on ports complying with the IEEE 802.1x authentication.
Page 36
Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_command_ reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command. Catalyst 3750-X and 3560-X Switch Command Reference OL-21522-02 Downloaded from www.Manualslib.com...
Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_command_ reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command. Catalyst 3750-X and 3560-X Switch Command Reference OL-21522-02 Downloaded from www.Manualslib.com...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands action action Use the action access-map configuration command on the switch stack or on a standalone switch to set the action for the VLAN access map entry. Use the no form of this command to return to the default setting.
Page 39
Cisco IOS IP Command Reference, Volume 1 of 3:Addressing and Services, Release 12.2 > IP Services Commands. ip access-list Creates a named access list. For syntax information, select Cisco IOS IP Command Reference, Volume 1 of 3:Addressing and Services, Release 12.2 > IP Services Commands.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands archive copy-sw archive copy-sw Use the archive copy-sw privileged EXEC command on the stack master to copy the running image from the flash memory on one stack member to the flash memory on one or more other stack members.
Page 41
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands archive copy-sw To successfully use the archive copy-sw privileged EXEC command, you must have downloaded from Note a TFTP server the images for both the stack member switch being added and the stack master. You use the archive download-sw privileged EXEC command to perform the download.
Page 42
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands archive copy-sw Examples This example shows how to copy the running image from stack member 6 to stack member 8: Switch# archive copy-sw /destination-system 8 6 This example shows how to copy the running image from stack member 6 to all the other stack members: Switch# archive copy-sw 6 This example shows how to copy the running image from stack member 5 to stack member 7.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands archive download-sw archive download-sw Use the archive download-sw privileged EXEC command on the switch stack or on a standalone switch to download a new image from a TFTP server to the switch or switch stack and to overwrite or keep the existing image.
Page 44
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands archive download-sw source-url1 [sourceurl2 The source URLs for the software images. sourceurl3 sourceurl4] On a standalone switch, enter one source URL for the software image that the switch supports. In a switch stack, you can enter source URLs for the software images that the stack members support as follows: Up to two source URLs without the /directory keyword.
Page 45
The /imageonly option removes the HTML files for the existing image if the existing image is being removed or replaced. Only the Cisco IOS image (without the HTML files) is downloaded. Using the /safe or /leave-old-sw option can cause the new image download to fail if there is insufficient flash memory.
Page 46
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands archive download-sw Examples This example shows how to download a new image from a TFTP server at 172.20.129.10 and to overwrite the image on the switch: Switch# archive download-sw /overwrite tftp://172.20.129.10/test-image.tar This example shows how to download only the software image from a TFTP server at 172.20.129.10 to...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands archive tar archive tar Use the archive tar privileged EXEC command on the switch stack or on a standalone switch to create a tar file, list files in a tar file, or extract the files from a tar file.
Page 48
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands archive tar /table source-url Display the contents of an existing tar file to the screen. For source-url, specify the source URL alias for the local or network file system. These options are supported: •...
Page 49
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands archive tar Defaults There is no default setting. Command Modes Privileged EXEC Command History Release Modification 12.2(53)SE2 This command was introduced. Usage Guidelines Filenames and directory names are case sensitive.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands archive upload-sw archive upload-sw Use the archive upload-sw privileged EXEC command on the switch stack or on a standalone switch to upload an existing switch image to a server. archive upload-sw [/source-system-num stack member number | /version version_string]...
Page 51
Use the upload feature only if the HTML files associated with the embedded device manager have been installed with the existing image. The files are uploaded in this sequence: the Cisco IOS image, the HTML files, and info. After these files are uploaded, the software creates the tar file.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands arp access-list arp access-list Use the arp access-list global configuration command on the switch stack or on a standalone switch to define an Address Resolution Protocol (ARP) access control list (ACL) or to add clauses to the end of a previously defined list.
Page 53
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands arp access-list Examples This example shows how to define an ARP access list and to permit both ARP requests and ARP responses from a host with an IP address of 1.1.1.1 and a MAC address of 0000.0000.abcd: Switch(config)# arp access-list static-hosts Switch(config-arp-nacl)# permit ip host 1.1.1.1 mac host 00001.0000.abcd...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication command bounce-port ignore authentication command bounce-port ignore Use the authentication command bounce-port ignore global configuration command on the switch stack or on a standalone switch to allow the switch to ignore a command to temporarily disable a port.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication command disable-port ignore authentication command disable-port ignore Use the authentication command disable-port ignore global configuration command on the switch stack or on a standalone switch to allow the switch to ignore a command to disable a port. Use the no form of this command to return to the default status.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication control-direction authentication control-direction Use the authentication control-direction interface configuration command to configure the port mode as unidirectional or bidirectional. Use the no form of this command to return to the default setting.
Page 57
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication control-direction Command Description authentication Enable or disables reauthentication on a port. periodic authentication Enables manual control of the port authorization state. port-control authentication Adds an authentication method to the port-priority list.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication event authentication event Use the authentication event interface configuration command to set the actions for specific authentication events on the port. authentication event {[linksec] fail [action [authorize vlan vlan-id | next-method] {| retry {retry...
Page 59
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication event Usage Guidelines Use this command with the fail, no-response, or event keywords to configure the switch response for a specific action. For server-dead events: When the switch moves to the critical-authentication state, new hosts trying to authenticate are •...
Page 60
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication event For authentication-fail events: If the supplicant fails authentication, the port is moved to a restricted VLAN, and an EAP success • message is sent to the supplicant because it i s not notified of the actual authentication failure.
Page 61
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication event Related Commands Command Description authentication Configures the port mode as unidirectional or bidirectional. control-direction authentication Configures a port to use web authentication as a fallback method for clients fallback that do not support IEEE 802.1x authentication...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication event linksec fail action authentication event linksec fail action To configure the required action for a link-security authentications failure, use the authentication event linksec fail action interface configuration command. To disable the configured fail action, use the no form of this command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication fallback authentication fallback Use the authentication fallback interface configuration command to configure a port to use web authentication as a fallback method for clients that do not support IEEE 802.1x authentication. To return to the default setting, use the no form of this command.
Page 64
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication fallback Command Description authentication Enables manual control of the port authorization state. port-control authentication Adds an authentication method to the port-priority list. priority authentication timer Configures the timeout and reauthentication parameters for an 802.1x-enabled port.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication host-mode authentication host-mode Use the authentication host-mode interface configuration command to set the authorization manager mode on a port. authentication host-mode [multi-auth | multi-domain | multi-host | single-host] no authentication host-mode [multi-auth | multi-domain | multi-host | single-host]]...
Page 66
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication host-mode This example shows how to enable single-host mode on a port: Switch(config-if)# authentication host-mode single-host You can verify your settings by entering the show authentication privileged EXEC command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication linksec policy authentication linksec policy To set the static selection of a link-security policy, use the authentication linksec policy interface configuration command. To return to the default state, use the no form of this command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication mac-move permit authentication mac-move permit Use the authentication mac-move permit global configuration command to enable MAC move on a switch. Use the no form of this command to return to the default setting.
Page 69
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication mac-move permit Command Description authentication Enables manual control of the port authorization state. port-control authentication Adds an authentication method to the port-priority list. priority authentication timer Configures the timeout and reauthentication parameters for an 802.1x-enabled port.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication open authentication open Use the authentication open interface configuration command to enable or disable open access on a port. Use the no form of this command to disable open access.
Page 71
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication open Command Description authentication timer Configures the timeout and reauthentication parameters for an 802.1x-enabled port. authentication Configures the violation modes that occur when a new device connects to a...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication order authentication order Use the authentication order interface configuration command to set the order of authentication methods used on a port. authentication order [dot1x | mab] {webauth} no authentication order...
Page 73
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication order Related Commands Command Description authentication Configures the port mode as unidirectional or bidirectional. control-direction authentication event Sets the action for specific authentication events. authentication Configures a port to use web authentication as a fallback method for clients fallback that do not support IEEE 802.1x authentication.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication periodic authentication periodic Use the authentication periodic interface configuration command to enable or disable reauthentication on a port. Enter the no form of this command to disable reauthentication. authentication periodic...
Page 75
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication periodic Command Description authentication timer Configures the timeout and reauthentication parameters for an 802.1x-enabled port. authentication Configures the violation modes that occur when a new device connects to a...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication port-control authentication port-control Use the authentication port-control interface configuration command to enable manual control of the port authorization state. Use the no form of this command to return to the default setting.
Page 77
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication port-control • EtherChannel port—Do not configure a port that is an active or a not-yet-active member of an EtherChannel as an port. If you try to enable authentication on an EtherChannel port, an error message appears, and authentication is not enabled.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication priority authentication priority Use the authentication priority interface configuration command to add an authentication method to the port-priority list. auth priority [dot1x | mab] {webauth} no auth priority [dot1x | mab] {webauth}...
Page 79
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication priority Examples This example shows how to set 802.1x as the first authentication method and web authentication as the second authentication method: Switch(config-if)# authentication priority dotx webauth This example shows how to set MAC authentication Bypass (MAB) as the first authentication method...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication timer authentication timer Use the authentication timer interface configuration command to configure the timeout and reauthentication parameters for an 802.1x-enabled port. authentication timer {{[inactivity | reauthenticate]} {restart value}} no authentication timer {{[inactivity | reauthenticate]} {restart value}}...
Page 81
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication timer Command Description authentication Sets the authorization manager mode on a port. host-mode authentication open Enables or disables open access on a port. authentication order Sets the order of authentication methods used on a port.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication violation authentication violation Use the authentication violation interface configuration command to configure the violation modes that occur when a new device connects to a port or when a new device connects to a port after the maximum number of devices are connected to that port.
Page 83
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands authentication violation Related Commands Command Description authentication Configures the port mode as unidirectional or bidirectional. control-direction authentication event Sets the action for specific authentication events. authentication Configures a port to use web authentication as a fallback method for clients fallback that do not support 802.1x authentication.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands auto qos classify auto qos classify Use the auto qos classify interface configuration command to automatically configure quality of service (QoS) classification for untrusted devices within a QoS domain. Use the no form of this command to return to the default setting.
Page 85
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands auto qos classify Usage Guidelines Use this command to configure the QoS for trusted interfaces within the QoS domain. The QoS domain includes the switch, the network interior, and edge devices that can classify incoming traffic for QoS.
Page 86
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands auto qos classify The switch applies the auto-QoS-generated commands as if the commands were entered from the Note command-line interface (CLI). An existing user configuration can cause the application of the generated commands to fail or to be overridden by the generated commands.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands auto qos trust auto qos trust Use the auto qos trust interface configuration command on the switch stack or on a standalone switch to automatically configure quality of service (QoS) for trusted interfaces within a QoS domain. Use the no form of this command to return to the default setting.
Page 88
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands auto qos trust Table 2-5 Auto-QoS Configuration for the Egress Queues Queue (Buffer) Size Queue (Buffer) Queue Weight for Gigabit-Capable Size for 10/100 Egress Queue Queue Number CoS-to-Queue Map (Bandwidth)
Page 89
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands auto qos trust The switch applies the auto-QoS-generated commands as if the commands were entered from the Note command-line interface (CLI). An existing user configuration can cause the application of the generated commands to fail or to be overridden by the generated commands.
Identiy this port as connected to a Cisco TelePresence System and automatically configure QoS for video. ip-camera Identify this port as connected to a Cisco IP camera and automatically configure QoS for video. Defaults Auto-QoS video is disabled on the port.
Page 91
QoS. Auto-Qos configures the switch for video connectivity with a Cisco TelePresence system and a Cisco IP camera. To take advantage of the auto-QoS defaults, you should enable auto-QoS before you configure other QoS commands.
Page 92
Examples This example shows how to enable auto-QoS for a Cisco Telepresence interface with conditional trust. The interface is trusted only if a Cisco Telepresence device is detected; otherwise, the port is untrusted. Switch(config)# interface gigabitethernet2/0/1 Switch(config-if)# auto qos video cts You can verify your settings by entering the show auto qos video interface interface-id privileged EXEC command.
[cisco-phone | cisco-softphone | trust] Syntax Description cisco-phone Identify this port as connected to a Cisco IP Phone, and automatically configure QoS for VoIP. The QoS labels of incoming packets are trusted only when the telephone is detected.
Page 94
QoS. Auto-QoS configures the switch for VoIP with Cisco IP Phones on switch and routed ports and for VoIP with devices running the Cisco SoftPhone application. These releases support only Cisco IP SoftPhone Version 1.3(3) or later.
Page 95
If the packet does not have a DSCP value of 24, 26, or 46 or is out of profile, the switch changes the DSCP value to 0. When a Cisco IP Phone is absent, the ingress classification is set to not trust the QoS label in the packet.
Page 96
DSCP, and IP precedence values in the packet are not changed). Traffic is switched in pass-through mode. Packets are switched without any rewrites and classified as best effort without any policing. This is the enhanced configuration for the auto qos voip cisco-phone command: Switch(config)# mls qos map policed-dscp...
Page 97
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands auto qos voip Switch(config-pmap-c)# set dscp cs3 Switch(config-pmap-c)# police 32000 8000 exceed-action policed-dscp-transmit Switch(config-pmap)# class AUTOQOS_MULTIENHANCED_CONF_CLASS Switch(config-pmap-c)# set dscp af41 Switch(config-pmap-c)# police 5000000 8000 exceed-action drop Switch(config-pmap)# class AUTOQOS_BULK_DATA_CLASS Switch(config-pmap-c)# set dscp af11...
Page 98
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands auto qos voip Command Description show auto qos Displays auto-QoS information. show mls qos interface Displays QoS information at the port level. srr-queue bandwidth shape Assigns the shaped weights and enables bandwidth shaping on the four egress queues mapped to a port.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands boot auto-copy-sw boot auto-copy-sw Use the boot auto-copy-sw global configuration command from the stack master to enable the automatic upgrade (auto-upgrade) process. It automatically upgrades a switch in version-mismatch (VM) mode by copying the running software image on any stack member or by copying a tar file image in switch stack flash memory.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands boot auto-download-sw boot auto-download-sw Use the boot auto-download-sw global configuration command on the switch stack to specify a URL pathname to use for the automatic software upgrades. Use the no form of this command to remove the software image.
Page 101
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands boot auto-download-sw Command History Release Modification 12.2(53)SE2 This command was introduced. Usage Guidelines This command specifies a URL path to use for automatic software upgrades. You can use this command to configure the URL for the master switch to access in case of version-mismatch.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands boot buffersize boot buffersize Use the boot buffersize global configuration command on the switch stack or on a standalone switch to configure the NVRAM size. Use the no form of this command to return to the default.
Use the boot config-file global configuration command on a standalone switch to specify the filename that Cisco IOS uses to read and write a nonvolatile copy of the system configuration. Use the no form of this command to return to the default setting.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands boot enable-break boot enable-break Use the boot enable-break global configuration command on a standalone switch to enable interrupting the automatic boot process. Use the no form of this command to return to the default setting.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands boot helper boot helper Use the boot helper global configuration command on the switch stack or on a standalone switch to dynamically load files during boot loader initialization to extend or patch the functionality of the boot loader.
Use the boot helper-config-file global configuration command on the switch stack or on a standalone switch to specify the name of the configuration file to be used by the Cisco IOS helper image. If this is not set, the file specified by the CONFIG_FILE environment variable is used by all versions of Cisco IOS that are loaded.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands boot manual boot manual Use the boot manual global configuration command on a standalone switch to enable manually booting the switch during the next boot cycle. Use the no form of this command to return to the default setting.
Use the boot private-config-file global configuration command on a standalone switch to specify the filename that Cisco IOS uses to read and write a nonvolatile copy of the private configuration. Use the no form of this command to return to the default setting.
Use the boot system global configuration command on the switch stack or on a standalone switch to specify the Cisco IOS image to load during the next boot cycle. Use the no form of this command to return to the default setting.
Page 110
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands boot system When you enter the boot system switch number or the boot system switch all command on the stack master, the stack master checks if a software image is already on the stack member (except on the stack master).
This command was introduced. Usage Guidelines You must use only CDP-enabled phones with TelePresence E911 IP phone support. You can connect the IP phone and codec in the Cisco TelePresence System through any two ports in a switch stack. Examples Switch# configure terminal Enter configuration commands, one per line.
Page 112
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands cdp forward Related Commands Command Description show cdp forward Displays the CDP forwarding table. Catalyst 3750-X and 3560-X Switch Command Reference 2-80 OL-21522-02 Downloaded from www.Manualslib.com manuals search engine...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands channel-group channel-group Use the channel-group interface configuration command on the switch stack or on a standalone switch to assign an Ethernet port to an EtherChannel group, to enable an EtherChannel mode, or both. Use the no form of this command to remove an Ethernet port from an EtherChannel group.
Page 114
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands channel-group Defaults No channel groups are assigned. No mode is configured. Command Modes Interface configuration Command History Release Modification 12.2(53)SE2 This command was introduced. Usage Guidelines For Layer 2 EtherChannels, you do not have to create a port-channel interface first by using the interface port-channel global configuration command before assigning a physical port to a channel group.
Page 115
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands channel-group Do not configure a port that is an active or a not-yet-active member of an EtherChannel as an IEEE 802.1x port. If you try to enable IEEE 802.1x authentication on an EtherChannel port, an error message appears, and IEEE 802.1x authentication is not enabled.
Page 116
Displays PAgP channel-group information. show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_ command_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands channel-protocol channel-protocol Use the channel-protocol interface configuration command on the switch stack or on a standalone switch to restrict the protocol used on a port to manage channeling. Use the no form of this command to return to the default setting.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands cisp enable cisp enable Use the cisp enable global configuration command to enable Client Information Signalling Protocol (CISP) on a switch so that it acts as an authenticator to a supplicant switch.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands class class Use the class policy-map configuration command on the switch stack or on a standalone switch to define a traffic classification match criteria (through the police, set, and trust policy-map class configuration commands) for the specified class-map name.
Page 120
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands class The class command performs the same function as the class-map global configuration command. Use the class command when a new classification, which is not shared with any other ports, is needed. Use the class-map command when the map is shared among many ports.
Page 121
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands class Related Commands Command Description class-map Creates a class map to be used for matching packets to the class whose name you specify. police Defines a policer for classified traffic.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands class-map class-map Use the class-map global configuration command on the switch stack or on a standalone switch to create a class map to be used for matching packets to the class whose name you specify and to enter class-map configuration mode.
Page 123
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands class-map If you enter the match-all or match-any keyword, you can only use it to specify an extended named access control list (ACL) with the match access-group acl-index-or-name class-map configuration command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear dot1x clear dot1x Use the clear dot1x privileged EXEC command on the switch stack or on a standalone switch to clear IEEE 802.1x information for the switch or for the specified port.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear eap sessions clear eap sessions Use the clear eap sessions privileged EXEC command on the switch stack or on a standalone switch to clear Extensible Authentication Protocol (EAP) session information for the switch or for the specified port.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear errdisable interface clear errdisable interface Use the clear errdisable interface privileged EXEC command on the switch stack or on a standalone switch to re-enable a VLAN that was error disabled.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear ip arp inspection log clear ip arp inspection log Use the clear ip arp inspection log privileged EXEC command on the switch stack or on a standalone switch to clear the dynamic Address Resolution Protocol (ARP) inspection log buffer.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear ip arp inspection statistics clear ip arp inspection statistics Use the clear ip arp inspection statistics privileged EXEC command on the switch stack or on a standalone switch to clear the dynamic Address Resolution Protocol (ARP) inspection statistics.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear ip dhcp snooping clear ip dhcp snooping Use the clear ip dhcp snooping privileged EXEC command on the switch stack or on a standalone switch to clear the DHCP binding database agent statistics or the DHCP snooping statistics counters.
Page 130
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear ip dhcp snooping Related Commands Command Description ip dhcp snooping Enables DHCP snooping on a VLAN. ip dhcp snooping database Configures the DHCP snooping binding database agent or the binding file.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear ipc clear ipc Use the clear ipc privileged EXEC command on the switch stack or on a standalone switch to clear Interprocess Communications Protocol (IPC) statistics. clear ipc {queue-statistics | statistics} This command is not supported on switches running the LAN base feature set.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear ipv6 dhcp conflict clear ipv6 dhcp conflict Use the clear ipv6 dhcp conflict privileged EXEC command on the switch stack or on a standalone switch to clear an address conflict from the Dynamic Host Configuration Protocol for IPv6 (DHCPv6) server database.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear l2protocol-tunnel counters clear l2protocol-tunnel counters Use the clear l2protocol-tunnel counters privileged EXEC command on the switch stack or on a standalone switch to clear the protocol counters in protocol tunnel ports.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear lacp clear lacp Use the clear lacp privileged EXEC command on the switch stack or on a standalone switch to clear Link Aggregation Control Protocol (LACP) channel-group counters. clear lacp {channel-group-number counters | counters}...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear logging onboard clear logging onboard Use the clear logging onboard privileged EXEC command on the switch stack or on a standalone switch to clear all of the on-board failure logging (OBFL) data except for the uptime and CLI-command information stored in the flash memory.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear mac address-table clear mac address-table Use the clear mac address-table privileged EXEC command on the switch stack or on a standalone switch to delete from the MAC address table a specific dynamic address, all dynamic addresses on a particular interface, all dynamic addresses on stack members, or all dynamic addresses on a particular VLAN.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear mac address-table move update clear mac address-table move update Use the clear mac address-table move update privileged EXEC command on the switch stack or on a standalone switch to clear the MAC address table move-update counters.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear macsec counters interface clear macsec counters interface To clear Media Access Control Security (MACsec) counters for all interfaces or a specified interface, use the clear macsec counters interface privileged EXEC command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear nmsp statistics clear nmsp statistics Use the clear nmsp statistics privileged EXEC command to clear the Network Mobility Services Protocol (NMSP) statistics. clear nmsp statistics Syntax Description This command has no arguments or keywords.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear pagp clear pagp Use the clear pagp privileged EXEC command on the switch stack or on a standalone switch to clear Port Aggregation Protocol (PAgP) channel-group information. clear pagp {channel-group-number counters | counters}...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear port-security clear port-security Use the clear port-security privileged EXEC command on the switch stack or on a standalone switch to delete from the MAC address table all secure addresses or all secure addresses of a specific type (configured, dynamic, or sticky) on the switch or on an interface.
Page 144
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear port-security Examples This example shows how to clear all secure addresses from the MAC address table: Switch# clear port-security all This example shows how to remove a specific configured secure address from the MAC address table: Switch# clear port-security configured address 0008.0070.0007...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear spanning-tree counters clear spanning-tree counters Use the clear spanning-tree counters privileged EXEC command on the switch stack or on a standalone switch to clear the spanning-tree counters. clear spanning-tree counters [interface interface-id]...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear spanning-tree detected-protocols clear spanning-tree detected-protocols Use the clear spanning-tree detected-protocols privileged EXEC command on the switch stack or on a standalone switch to restart the protocol migration process (force the renegotiation with neighboring switches) on all interfaces or on the specified interface.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear vmps statistics clear vmps statistics Use the clear vmps statistics privileged EXEC command on the switch stack or on a standalone switch to clear the statistics maintained by the VLAN Query Protocol (VQP) client.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands clear vtp counters clear vtp counters Use the clear vtp counters privileged EXEC command on the switch stack or on a standalone switch to clear the VLAN Trunking Protocol (VTP) and pruning counters.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands cluster commander-address cluster commander-address You do not need to enter this command from the switch stack or from a standalone cluster member switch. The cluster command switch automatically provides its MAC address to cluster member switches when these switches join the cluster.
Page 150
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands cluster commander-address Examples This is partial sample output from the running configuration of a cluster member. Switch(config)# show running-configuration <output truncated> cluster commander-address 00e0.9bc0.a500 member 4 name my_cluster <output truncated>...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands cluster discovery hop-count cluster discovery hop-count Use the cluster discovery hop-count global configuration command on the switch stack or on the cluster command switch to set the hop-count limit for extended discovery of candidate switches. Use the no form of this command to return to the default setting.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands cluster enable cluster enable Use the cluster enable global configuration command on a command-capable switch or switch stack to enable it as the cluster command switch, assign a cluster name, and to optionally assign a member number to it.
Page 153
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands cluster enable Related Commands Command Description show cluster Displays the cluster status and a summary of the cluster to which the switch belongs. Catalyst 3750-X and 3560-X Switch Command Reference...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands cluster holdtime cluster holdtime Use the cluster holdtime global configuration command on the switch stack or on the cluster command switch to set the duration in seconds before a switch (either the command or cluster member switch) declares the other switch down after not receiving heartbeat messages.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands cluster member cluster member Use the cluster member global configuration command on the cluster command switch to add candidates to a cluster. Use the no form of the command to remove members from the cluster.
Page 156
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands cluster member Examples This example shows how to add a switch as member 2 with MAC address 00E0.1E00.2222 and the password key to a cluster. The cluster command switch adds the candidate to the cluster through VLAN 3.
Command Description show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_com mand_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands cluster run cluster run Use the cluster run global configuration command to enable clustering on a switch. Use the no form of this command to disable clustering on a switch.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands cluster standby-group cluster standby-group Use the cluster standby-group global configuration command to enable cluster command-switch redundancy by binding the cluster to an existing Hot Standby Router Protocol (HSRP). Entering the routing-redundancy keyword enables the same HSRP group to be used for cluster command-switch redundancy and routing redundancy.
Page 160
Related Commands Command Description standby ip Enables HSRP on the interface. For syntax information, select Cisco IOS IP Command Reference, Volume 1 of 3:Addressing and Services, Release 12.2 > IP Services Commands. show cluster Displays the cluster status and a summary of the cluster to which the switch belongs.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands cluster timer cluster timer Use the cluster timer global configuration command on the switch stack or on the a cluster command switch to set the interval in seconds between heartbeat messages. Use the no form of this command to set the interval to the default value.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands copy logging onboard copy logging onboard Use the copy logging onboard privileged EXEC command on the switch stack or on a standalone switch to copy on-board failure logging (OBFL) data to the local network or a specific file system.
Page 163
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands copy logging onboard Command History Release Modification 12.2(53)SE2 This command was introduced. Usage Guidelines For information about OBFL, see the hw-module command. Examples This example shows how to copy the OBFL data messages to the obfl_file file on the flash file system...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands confidentiality-offset confidentiality-offset To configure the confidentiality offset value for the MACsec Key Agreement (MKA) Protocol policy, use the confidentiality-offset MKA policy configuration command. To return to the default setting, use...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands define interface-range define interface-range Use the define interface-range global configuration command on the switch stack or on a standalone switch to create an interface-range macro. Use the no form of this command to delete the defined macro.
Page 166
Executes a command on multiple ports at the same time. show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_com mand_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.
The prompting behavior depends on the setting of the file prompt global configuration command. By default, the switch prompts for confirmation on destructive file operations. For more information about this command, see the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2. Examples...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands deny (ARP access-list configuration) deny (ARP access-list configuration) Use the deny Address Resolution Protocol (ARP) access-list configuration command on the switch stack or on a standalone switch to deny an ARP packet based on matches against the DHCP bindings. Use the no form of this command to remove the specified access control entry (ACE) from the access list.
Page 169
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands deny (ARP access-list configuration) Command History Release Modification 12.2(53)SE2 This command was introduced. Usage Guidelines You can add deny clauses to drop ARP packets based on matching criteria. Examples This example shows how to define an ARP access list and to deny both ARP requests and ARP responses from a host with an IP address of 1.1.1.1 and a MAC address of 0000.0000.abcd:...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands deny (IPv6 access-list configuration) deny (IPv6 access-list configuration) Use the deny command in IPv6 access list configuration mode on the switch stack or on a standalone switch to set deny conditions for an IPv6 access list. Use the no form of this command to remove the deny conditions.
Page 171
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands deny (IPv6 access-list configuration) An abbreviation for the IPv6 prefix ::/0. host source-ipv6-address The source IPv6 host address for which to set deny conditions. This source-ipv6-address argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons.
Page 172
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands deny (IPv6 access-list configuration) sequence value (Optional) Specify the sequence number for the access list statement. The acceptable range is from 1 to 4294967295. time-range name (Optional) Specify the time range that applies to the deny statement. The name of the time range and its restrictions are specified by the time-range and absolute or periodic commands, respectively.
Page 173
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands deny (IPv6 access-list configuration) Usage Guidelines The deny (IPv6 access-list configuration mode) command is similar to the deny (IPv4 access-list configuration mode) command, but it is IPv6-specific. Use the deny (IPv6) command after the...
Page 174
Examples This example configures the IPv6 access list named CISCO and applies the access list to outbound traffic on a Layer 3 interface. The first deny entry in the list prevents all packets that have a destination TCP port number greater than 5000 from leaving the interface. The second deny entry in the list prevents all packets that have a source UDP port number less than 5000 from leaving the interface.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands deny (MAC access-list configuration) deny (MAC access-list configuration) Use the deny MAC access-list configuration command on the switch stack or on a standalone switch to prevent non-IP traffic from being forwarded if the conditions are matched. Use the no form of this command to remove a deny condition from the named MAC access list.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands deny (MAC access-list configuration) lsap lsap-number mask (Optional) Use the LSAP number (0 to 65535) of a packet with 802.2 encapsulation to identify the protocol of the packet. mask is a mask of don’t care bits applied to the LSAP number before testing for a match.
Page 177
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands deny (MAC access-list configuration) Usage Guidelines You enter MAC-access list configuration mode by using the mac access-list extended global configuration command. If you use the host keyword, you cannot enter an address mask; if you do not use the host keyword, you must enter an address mask.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands diagnostic monitor diagnostic monitor Use the diagnostic monitor global configuration command to configure health-monitoring diagnostic testing. Use the no form of this command to disable testing and to return to the default settings.
Page 179
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands diagnostic monitor threshold Configure the failure threshold. failure count Set the failure threshold count. The range for count is from 0 to 99. count Defaults Monitoring is disabled, and a failure threshold value is not set.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands diagnostic schedule diagnostic schedule Use the diagnostic schedule global configuration command to configure the diagnostic test schedule. Use the no form of this command to remove the schedule. diagnostic schedule switch number test {name | test-id | test-id-range | all | basic | non-disruptive}...
Page 181
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands diagnostic schedule Usage Guidelines Use these guidelines when scheduling testing: name—Enter the show diagnostic content privileged EXEC command to display the test names in • the test ID list. test-id—Enter the show diagnostic content command to display the test numbers in the test ID list.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands diagnostic start diagnostic start Use the diagnostic start privileged EXEC command to run an online diagnostic test. diagnostic start switch number test {name | test-id | test-id-range | all | basic | non-disruptive}...
Page 183
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands diagnostic start When specifying a test name, use the show diagnostic content privileged EXEC command to display the test ID list. To specify test 3 by using the test name, enter the diagnostic start switch number test TestPortAsicCam privileged EXEC command.
Page 184
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands diagnostic start This message appears if the configured test can cause a stack partition: Switch 6: Running test(s) 2 will cause the switch under test to reload after completion of the test list.
IEEE 802.1x authentication and EtherChannel are configured. If you are using a device running the Cisco Access Control Server (ACS) application for IEEE 802.1x authentication with EAP-Transparent LAN Services (TLS) and with EAP-MD5, make sure that the device is running ACS Version 3.2.1 or later.
Page 186
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x Examples This example shows how to globally enable IEEE 802.1x authentication on a switch: Switch(config)# dot1x system-auth-control This example shows how to globally enable the optional guest VLAN behavior on a switch:...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x auth-fail max-attempts dot1x auth-fail max-attempts Use the dot1x auth-fail max-attempts interface configuration command on the switch stack or on a standalone switch to configure the maximum allowable authentication attempts before a port is moved to the restricted VLAN.
Page 188
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x auth-fail max-attempts Related Commands Command Description dot1x auth-fail vlan [vlan id] Enables the optional restricted VLAN feature. dot1x max-reauth-req [count] Sets the maximum number of times that the switch restarts the authentication process before a port changes to the unauthorized state.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x auth-fail vlan dot1x auth-fail vlan Use the dot1x auth-fail vlan interface configuration command on the switch stack or on a standalone switch to enable the restricted VLAN on a port. To return to the default setting, use the no form of this command.
Page 190
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x auth-fail vlan You cannot configure a VLAN to be both a restricted VLAN and a voice VLAN. If you do this, a syslog message is generated. When a restricted VLAN port is moved to an unauthorized state, the authentication process restarts. If the supplicant fails the authentication process again, the authenticator waits in the held state.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x control-direction dot1x control-direction Use the dot1x control-direction interface configuration command to enable the IEEE 802.1x authentication with the wake-on-LAN (WoL) feature and to configure the port control as unidirectional or bidirectional.
Page 192
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x control-direction If you enter the dot1x control-direction in interface configuration command to enable unidirectional control, this appears in the show dot1x all command output: ControlDirection = In If you enter the dot1x control-direction in interface configuration command and the port cannot support...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x credentials (global configuration) dot1x credentials (global configuration) Use the dot1x credentials global configuration command to configure a profile on a supplicant switch. dot1x credentials profile no dot1x credentials profile...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x critical (global configuration) dot1x critical (global configuration) Use the dot1x critical global configuration command on the switch stack or on a standalone switch to configure the parameters for the inaccessible authentication bypass feature, also referred to as critical authentication or the authentication, authorization, and accounting (AAA) fail policy.
Page 195
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x critical (global configuration) Related Commands Command Description dot1x critical (interface Enables the inaccessible authentication bypass feature, and configuration) configures the access VLAN for the feature. show dot1x Displays IEEE 802.1x status for the specified port.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x critical (interface configuration) dot1x critical (interface configuration) Use the dot1x critical interface configuration command on the switch stack or on a standalone switch to enable the inaccessible-authentication-bypass feature, also referred to as critical authentication or the authentication, authorization, and accounting (AAA) fail policy.
Page 197
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x critical (interface configuration) You can configure the inaccessible authentication bypass feature and the restricted VLAN on an IEEE 802.1x port. If the switch tries to re-authenticate a critical port in a restricted VLAN and all the RADIUS servers are unavailable, the switch changes the port state to the critical authentication state, and it remains in the restricted VLAN.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x default dot1x default Use the dot1x default interface configuration command on the switch stack or on a standalone switch to reset the IEEE 802.1x parameters to their default values.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x fallback dot1x fallback Use the dot1xfallback interface configuration command on the switch stack or on a standalone switch to configure a port to use web authentication as a fallback method for clients that do not support IEEE 802.1x authentication.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x guest-vlan dot1x guest-vlan Use the dot1x guest-vlan interface configuration command on the switch stack or on a standalone switch to specify an active VLAN as an IEEE 802.1x guest VLAN. Use the no form of this command to return to the default setting.
Page 201
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x guest-vlan Any number of non-IEEE 802.1x-capable clients are allowed access when the switch port is moved to the guest VLAN. If an IEEE 802.1x-capable client joins the same port on which the guest VLAN is configured, the port is put into the unauthorized state in the RADIUS-configured or user-configured access VLAN, and authentication is restarted.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x host-mode dot1x host-mode Use the dot1x host-mode interface configuration command on the switch stack or on a standalone switch to allow a single host (client) or multiple hosts on an IEEE 802.1x-authorized port that has the dot1x port-control interface configuration command set to auto.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x initialize dot1x initialize Use the dot1x initialize privileged EXEC command on the switch stack or on a standalone switch to manually return the specified IEEE 802.1x-enabled port to an unauthorized state before initiating a new authentication session on the port.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x mac-auth-bypass dot1x mac-auth-bypass Use the dot1x mac-auth-bypass interface configuration command on the switch stack or on a standalone switch to enable the MAC authentication bypass feature. Use the no form of this command to disable MAC authentication bypass feature.
Page 205
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x mac-auth-bypass Examples This example shows how to enable MAC authentication bypass and to configure the switch to use EAP for authentication: Switch(config-if)# dot1x mac-auth-bypass eap You can verify your settings by entering the show dot1x [interface interface-id] privileged EXEC command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x max-reauth-req dot1x max-reauth-req Use the dot1x max-reauth-req interface configuration command on the switch stack or on a standalone switch to set the maximum number of times that the switch restarts the authentication process before a port changes to the unauthorized state.
Page 207
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x max-reauth-req Command Description dot1x timeout tx-period Sets the number of seconds that the switch waits for a response to an EAP-request/identity frame from the client before resending the request.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x max-req dot1x max-req Use the dot1x max-req interface configuration command on the switch stack or on a standalone switch to set the maximum number of times that the switch sends an Extensible Authentication Protocol (EAP) frame from the authentication server (assuming that no response is received) to the client before restarting the authentication process.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x pae dot1x pae Use the dot1x pae interface configuration command on the switch stack or on a standalone switch to configure the port as an IEEE 802.1x port access entity (PAE) authenticator. Use the no form of this command to disable IEEE 802.1x authentication on the port.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x port-control dot1x port-control Use the dot1x port-control interface configuration command on the switch stack or on a standalone switch to enable manual control of the authorization state of the port. Use the no form of this command to return to the default setting.
Page 211
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x port-control • Dynamic-access ports—If you try to enable IEEE 802.1x authentication on a dynamic-access (VLAN Query Protocol [VQP]) port, an error message appears, and IEEE 802.1x authentication is not enabled. If you try to change an IEEE 802.1x-enabled port to dynamic VLAN assignment, an error message appears, and the VLAN configuration is not changed.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x re-authenticate dot1x re-authenticate Use the dot1x re-authenticate privileged EXEC command on the switch stack or on a standalone switch to manually initiate a re-authentication of the specified IEEE 802.1x-enabled port.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x reauthentication dot1x reauthentication Use the dot1x reauthentication interface configuration command on the switch stack or on a standalone switch to enable periodic re-authentication of the client. Use the no form of this command to return to the default setting.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x supplicant force-multicast dot1x supplicant force-multicast Use the dot1x supplicant force-multicast global configuration command to force a supplicant switch to send only multicast Extensible Authentication Protocol over LAN (EAPOL) packets whenever it receives multicast or unicast EAPOL packets.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x test eapol-capable dot1x test eapol-capable Use the dot1x test eapol-capable privileged EXEC command on the switch stack or on a standalone switch to monitor IEEE 802.1x activity on all the switch ports and to display information about the devices that are connected to the ports that support IEEE 802.1x.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x test timeout dot1x test timeout Use the dot1x test timeout global configuration command on the switch stack or on a standalone switch to configure the timeout used to wait for EAPOL response from a port being queried for IEEE 802.1x readiness.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x timeout dot1x timeout Use the dot1x timeout interface configuration command on the switch stack or on a standalone switch to set IEEE 802.1x timers. Use the no form of this command to return to the default setting.
Page 218
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x timeout Command History Release Modification 12.2(53)SE2 This command was introduced. Usage Guidelines You should change the default value of this command only to adjust for unusual circumstances such as unreliable links or specific behavioral problems with certain clients and authentication servers.
Page 219
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x timeout Related Commands Command Description dot1x max-req Sets the maximum number of times that the switch sends an EAP-request/identity frame before restarting the authentication process. dot1x reauthentication Enables periodic re-authentication of the client.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands dot1x violation-mode dot1x violation-mode Use the dot1x violation-mode interface configuration command on the switch stack or on a standalone switch to configure the violation modes that occur when a new device connects to a port or when a new device connects to a port after the maximum number of devices are connected to that port.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands duplex duplex Use the duplex interface configuration command on the switch stack or on a standalone switch to specify the duplex mode of operation for a port. Use the no form of this command to return the port to its default value.
Page 222
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands duplex If both ends of the line support autonegotiation, we highly recommend using the default autonegotiation settings. If one interface supports autonegotiation and the other end does not, configure duplex and speed on both interfaces;...
Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_command_ reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command. Catalyst 3750-X and 3560-X Switch Command Reference 2-191...
Page 224
Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_command_ reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command. Catalyst 3750-X and 3560-X Switch Command Reference 2-192...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands errdisable detect cause errdisable detect cause Use the errdisable detect cause global configuration command on the switch stack or on a standalone switch to enable error-disabled detection for a specific cause or all causes. Use the no form of this command to disable the error-disabled detection feature.
Page 226
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands errdisable detect cause Command Default Detection is enabled for all causes. All causes, except for per-VLAN error disabling, are configured to shut down the entire port. Command Modes Global configuration...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands errdisable detect cause small-frame errdisable detect cause small-frame Use the errdisable detect cause small-frame global configuration command on the switch stack or on a standalone switch to allow any switch port to be error disabled if incoming VLAN-tagged packets are small frames (67 bytes or less) and arrive at the minimum configured rate (the threshold).
Page 228
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands errdisable detect cause small-frame Command Description show interfaces Displays the interface settings on the switch, including input and output flow control. small-frame violation rate Configures the rate (threshold) for incoming small frames to cause a port to be put into the error-disabled state.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands errdisable recovery errdisable recovery Use the errdisable recovery global configuration command on the switch stack or on a standalone switch to configure the recover mechanism variables. Use the no form of this command to return to the default setting.
Page 230
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands errdisable recovery vmps Enable the timer to recover from the VLAN Membership Policy Server (VMPS) error-disabled state. interval interval Specify the time to recover from the specified error-disabled state. The range is 30 to 86400 seconds.
Page 231
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands errdisable recovery Related Commands Command Description show errdisable recovery Displays error-disabled recovery timer information. show interfaces status Displays interface status or a list of interfaces in error-disabled err-disabled state. clear errdisable interface Clears the error-disabled state from a port or VLAN that was error disabled by the per-VLAN error disable feature.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands errdisable recovery cause small-frame errdisable recovery cause small-frame Use the errdisable recovery cause small-frame global configuration command on the switch stack or on a standalone switch to enable the recovery timer for ports to be automatically re-enabled after they are error disabled by the arrival of small frames.
This command was introduced. Usage Guidelines The basic crashinfo file includes the Cisco IOS image name and version that failed, and a list of the processor registers, and a stack trace. The extended crashinfo file includes additional information that can help determine the cause of the switch failure.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands fallback profile fallback profile Use the fallback profile global configuration command on the switch stack or on a standalone switch to create a fallback profile for web authentication. To return to the default setting, use the no form of this command.
Page 235
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands fallback profile Related Commands Command Description dot1x fallback Configure a port to use web authentication as a fallback method for clients that do not support IEEE 802.1x authentication. ip admission...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands flowcontrol flowcontrol Use the flowcontrol interface configuration command on the switch stack or on a standalone switch to set the receive flow-control state for an interface. When flow control send is operable and on for a device and it detects any congestion at its end, it notifies the link partner or the remote device of the congestion by sending a pause frame.
Page 237
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands flowcontrol Table 2-13 shows the flow control results on local and remote ports for a combination of settings. The table assumes that receive desired has the same results as using the receive on keywords.
If the switch is in a stack, the range is 1 to 9, depending on the switch member numbers in the stack. On Catalyst 3560-X switches, the switch number is always 1. message level (Optional) Specify the severity of the hardware-related messages that are stored in level the flash memory.
Page 239
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands hw-module Examples This example shows how to enable OBFL on a Catalyst 3750-X-only switch stack and to specify that all the hardware-related messages on stack member 4 are stored in the flash memory when this command...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands interface port-channel interface port-channel Use the interface port-channel global configuration command on the switch stack or on a standalone switch to access or create the port-channel logical interface. Use the no form of this command to remove the port-channel.
Page 241
Catalyst 3750-X and 3560-X Switch Cisco IOS Commands interface port-channel Follow these guidelines when you use the interface port-channel command: If you want to use the Cisco Discovery Protocol (CDP), you must configure it only on the physical • port and not on the port-channel interface.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands interface range interface range Use the interface range global configuration command on the switch stack or on a standalone switch to enter interface range configuration mode and to execute a command on multiple ports at the same time.
Page 243
Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_command _reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command. Catalyst 3750-X and 3560-X Switch Command Reference 2-211...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands interface vlan interface vlan Use the interface vlan global configuration command on the switch stack or on a standalone switch to create or access a dynamic switch virtual interface (SVI) and to enter interface configuration mode. Use the no form of this command to delete an SVI.
Page 245
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands interface vlan Examples This example shows how to create a new SVI with VLAN ID 23 and to enter interface configuration mode: Switch(config)# interface vlan 23 Switch(config-if)# You can verify your setting by entering the...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip access-group ip access-group Use the ip access-group interface configuration command on the switch stack or on a standalone switch to control access to a Layer 2 or Layer 3 interface. Use the no form of this command to remove all access groups or the specified access group from the interface.
Page 247
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip access-group • An IP ACL applied to a Layer 2 interface only filters IP packets. To filter non-IP packets, use the mac access-group interface configuration command with MAC extended ACLs.
Page 248
IOS IP Command Reference, Volume 1 of 3:Addressing and Services, Release 12.2 > IP Services Commands ip access-list Configures a named ACL. For syntax information, select Cisco IOS IP Command Reference, Volume 1 of 3:Addressing and Services, Release 12.2 > IP Services Commands.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip address ip address Use the ip address interface configuration command on the switch stack or on a standalone switch to set an IP address for the Layer 2 switch or an IP address for each switch virtual interface (SVI) or routed port on the Layer 3 switch.
Page 250
Command Description show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_comma nd_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip admission ip admission Use the ip admission interface configuration command to enable web authentication. You can also use this command in fallback-profile mode. Use the no form of this command to disable web authentication.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip admission name proxy http ip admission name proxy http Use the ip admission name proxy http global configuration command to enable web authentication. Use the no form of this command to disable web authentication.
Page 253
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip admission name proxy http Related Commands Command Description dot1x fallback Configure a port to use web authentication as a fallback method for clients that do not support IEEE 802.1x authentication.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip arp inspection filter vlan ip arp inspection filter vlan Use the ip arp inspection filter vlan global configuration command on the switch stack or on a standalone switch to permit or deny Address Resolution Protocol (ARP) requests and responses from a host configured with a static IP address when dynamic ARP inspection is enabled.
Page 255
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip arp inspection filter vlan Examples This example shows how to apply the ARP ACL static-hosts to VLAN 1 for dynamic ARP inspection: Switch(config)# ip arp inspection filter static-hosts vlan 1 You can verify your settings by entering the show ip arp inspection vlan 1 privileged EXEC command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip arp inspection limit ip arp inspection limit Use the ip arp inspection limit interface configuration command on the switch stack or on a standalone switch to limit the rate of incoming Address Resolution Protocol (ARP) requests and responses on an interface.
Page 257
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip arp inspection limit On a switch stack, the rate limit is calculated separately on each switch in the stack. For a cross-stack EtherChannel, this means that the actual rate limit might be higher than the configured value. For...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip arp inspection log-buffer ip arp inspection log-buffer Use the ip arp inspection log-buffer global configuration command on the switch stack or on a standalone switch to configure the dynamic Address Resolution Protocol (ARP) inspection logging buffer.
Page 259
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip arp inspection log-buffer In a switch stack, the log buffer configuration applies to each stack member in the stack. Each stack member has the specified logs number entries and generates system messages at the configured rate. For example, if the interval (rate) is one entry per second, up to five system messages are generated per second in a five-member switch stack.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip arp inspection trust ip arp inspection trust Use the ip arp inspection trust interface configuration command on the switch stack or on a standalone switch to configure an interface trust state that determines which incoming Address Resolution Protocol (ARP) packets are inspected.
Page 261
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip arp inspection trust Related Commands Command Description ip arp inspection Configures the dynamic ARP inspection logging buffer. log-buffer show inventory Displays the trust state and the rate limit of ARP packets for the specified interfaces interface or all interfaces.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip arp inspection validate ip arp inspection validate Use the ip arp inspection validate global configuration command on the switch stack or on a standalone switch to perform specific checks for dynamic Address Resolution Protocol (ARP) inspection. Use the no form of this command to return to the default settings.
Page 263
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip arp inspection validate Usage Guidelines You must specify at least one of the keywords. Each command overrides the configuration of the previous command; that is, if a command enables src-mac and dst-mac validations, and a second command enables IP validation only, the src-mac and dst-mac validations are disabled as a result of the second command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip arp inspection vlan ip arp inspection vlan Use the ip arp inspection vlan global configuration command on the switch stack or on a standalone switch to enable dynamic Address Resolution Protocol (ARP) inspection on a per-VLAN basis. Use the no form of this command to return to the default setting.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip arp inspection vlan logging ip arp inspection vlan logging Use the ip arp inspection vlan logging global configuration command on the switch stack or on a standalone switch to control the type of packets that are logged per VLAN. Use the no form of this command to disable this logging control.
Page 266
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip arp inspection vlan logging Usage Guidelines The term logged means that the entry is placed into the log buffer and that a system message is generated. The acl-match and dhcp-bindings keywords merge with each other; that is, when you configure an ACL match, the DHCP bindings configuration is not disabled.
ARP probe address with the ip device tracking probe command. Use the show ip device tracking all command to display information about entries in the IP device tracking table. For more information about this command, see the Cisco IOS Security Command Reference, Release 12.4T.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip device tracking maximum ip device tracking maximum Use the ip device tracking maximum command to enable IP port security binding tracking on a Layer 2 port. Use the no form of this command to disable IP port security on untrusted Layer 2 interfaces.
ARP probes in cases when the default source ip address 0.0.0.0 for switch ports is used and the ARP probes drop. Use the show ip device tracking all command to display information about entries in the IP device tracking table. For more information about this command, see the Cisco IOS Security Command Reference, Release 12.4T. Examples...
Page 270
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip device tracking probe Related Commands Command Description show ip device Displays information about the entries in the IP device tracking table. tracking all Catalyst 3750-X and 3560-X Switch Command Reference...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip dhcp snooping ip dhcp snooping Use the ip dhcp snooping global configuration command on the switch stack or on a standalone switch to globally enable DHCP snooping. Use the no form of this command to return to the default setting.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip dhcp snooping binding ip dhcp snooping binding Use the ip dhcp snooping binding privileged EXEC command on the switch stack or on a standalone switch to configure the DHCP snooping binding database and to add binding entries to the database. Use the no form of this command to delete entries from the binding database.
Page 273
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip dhcp snooping binding You can verify your settings by entering the show ip dhcp snooping binding or the show ip dhcp source binding privileged EXEC command. Related Commands Command...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip dhcp snooping database ip dhcp snooping database Use the ip dhcp snooping database global configuration command on the switch stack or on a standalone switch to configure the DHCP snooping binding database agent. Use the no form of this command to disable the agent, to reset the timeout value, or to reset the write-delay value.
Page 275
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip dhcp snooping database Usage Guidelines The DHCP snooping binding database can have up to 8192 bindings. To ensure that the lease time in the database is accurate, we recommend that Network Time Protocol...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip dhcp snooping information option ip dhcp snooping information option Use the ip dhcp snooping information option global configuration command on the switch stack or on a standalone switch to enable DHCP option-82 data insertion. Use the no form of this command to disable DHCP option-82 data insertion.
Page 277
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip dhcp snooping information option Related Commands Command Description show ip dhcp snooping Displays the DHCP snooping configuration. show ip dhcp snooping binding Displays the DHCP snooping binding information. Catalyst 3750-X and 3560-X Switch Command Reference...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip dhcp snooping information option allow-untrusted ip dhcp snooping information option allow-untrusted Use the ip dhcp snooping information option allow-untrusted global configuration command on an aggregation switch to configure it to accept DHCP packets with option-82 information that are received on untrusted ports that might be connected to an edge switch.
Page 279
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip dhcp snooping information option allow-untrusted Examples This example shows how to configure an access switch to not check the option-82 information in untrusted packets from an edge switch and to accept the packets: Switch(config)# ip dhcp snooping information option allow-untrusted You can verify your settings by entering the show ip dhcp snooping user EXEC command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip dhcp snooping information option format remote-id ip dhcp snooping information option format remote-id Use the ip dhcp snooping information option format remote-id global configuration command on the switch stack or on a standalone switch to configure the option-82 remote-ID suboption. Use the no form of this command to configure the default remote-ID suboption.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip dhcp snooping limit rate ip dhcp snooping limit rate Use the ip dhcp snooping limit rate interface configuration command on the switch stack or on a standalone switch to configure the number of DHCP messages an interface can receive per second. Use the no form of this command to return to the default setting.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip dhcp snooping trust ip dhcp snooping trust Use the ip dhcp snooping trust interface configuration command on the switch stack or on a standalone switch to configure a port as trusted for DHCP snooping purposes. Use the no form of this command to return to the default setting.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip dhcp snooping verify ip dhcp snooping verify Use the ip dhcp snooping verify global configuration command on the switch stack or on a standalone switch to configure the switch to verify on an untrusted port that the source MAC address in a DHCP packet matches the client hardware address.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip dhcp snooping vlan ip dhcp snooping vlan Use the ip dhcp snooping vlan global configuration command on the switch stack or on a standalone switch to enable DHCP snooping on a VLAN. Use the no form of this command to return to the default setting.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip dhcp snooping vlan information option format-type circuit-id string ip dhcp snooping vlan information option format-type circuit-id string Use the ip dhcp snooping vlan information option format-type circuit-id string interface configuration command on the switch stack or on a standalone switch to configure the option-82 circuit-ID suboption.
Page 286
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip dhcp snooping vlan information option format-type circuit-id string Examples This example shows how to configure the option-82 circuit-ID suboption: Switch(config-if)# ip dhcp snooping vlan 250 information option format-type circuit-id...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip igmp filter ip igmp filter Use the ip igmp filter interface configuration command on the switch stack or on a standalone switch to control whether or not all hosts on a Layer 2 interface can join one or more IP multicast groups by applying an Internet Group Management Protocol (IGMP) profile to the interface.
Page 288
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip igmp filter Command Description show running-config interface Displays the running configuration on the switch interface, including interface-id the IGMP profile (if any) that is applied to an interface. For syntax information, select Cisco IOS Configuration Fundamentals Command Reference, Release 12.2 >...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip igmp max-groups ip igmp max-groups Use the ip igmp max-groups interface configuration command on the switch stack or on a standalone switch to set the maximum number of Internet Group Management Protocol (IGMP) groups that a Layer 2 interface can join or to configure the IGMP throttling action when the maximum number of entries is in the forwarding table.
Page 290
Displays the running configuration on the switch interface, including interface-id the maximum number of IGMP groups that an interface can join and the throttling action. For syntax information, select Cisco IOS Configuration Fundamentals Command Reference, Release 12.2 > File Management Commands > Configuration File Management Commands.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip igmp profile ip igmp profile Use the ip igmp profile global configuration command on the switch stack or on a standalone switch to create an Internet Group Management Protocol (IGMP) profile and enter IGMP profile configuration mode.
Page 292
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip igmp profile Related Commands Command Description ip igmp filter Applies the IGMP profile to the specified interface. show ip igmp profile Displays the characteristics of all IGMP profiles or the specified IGMP profile number.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip igmp snooping ip igmp snooping Use the ip igmp snooping global configuration command on the switch stack or on a standalone switch to globally enable Internet Group Management Protocol (IGMP) snooping on the switch or to enable it on a per-VLAN basis.
Page 294
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip igmp snooping Command Description show ip igmp snooping mrouter Displays the IGMP snooping router ports. show ip igmp snooping querier Displays the configuration and operation information for the IGMP querier configured on a switch.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip igmp snooping last-member-query-interval ip igmp snooping last-member-query-interval Use the ip igmp snooping last-member-query-interval global configuration command on the switch stack or on a standalone switch to enable the Internet Group Management Protocol (IGMP) configurable-leave timer globally or on a per-VLAN basis.
Page 296
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip igmp snooping last-member-query-interval Related Commands Command Description ip igmp snooping Enables IGMP snooping on the switch or on a VLAN. ip igmp snooping vlan immediate-leave Enables IGMP Immediate-Leave processing.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip igmp snooping querier ip igmp snooping querier Use the ip igmp snooping querier global configuration command on the switch stack or on a standalone switch to globally enable the Internet Group Management Protocol (IGMP) querier function in Layer 2 networks.
Page 298
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip igmp snooping querier Usage Guidelines Use this command to enable IGMP snooping to detect the IGMP version and IP address of a device that sends IGMP query messages, which is also called a querier.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip igmp snooping report-suppression ip igmp snooping report-suppression Use the ip igmp snooping report-suppression global configuration command on the switch stack or on a standalone switch to enable Internet Group Management Protocol (IGMP) report suppression. Use the no form of this command to disable IGMP report suppression and to forward all IGMP reports to multicast routers.
Page 300
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip igmp snooping report-suppression Related Commands Command Description ip igmp snooping Enables IGMP snooping on the switch or on a VLAN. show ip igmp snooping Displays the IGMP snooping configuration of the switch or the VLAN.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip igmp snooping tcn ip igmp snooping tcn Use the ip igmp snooping tcn global configuration command on the switch stack or on a standalone switch to configure the Internet Group Management Protocol (IGMP) Topology Change Notification (TCN) behavior.
Page 302
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip igmp snooping tcn Related Commands Command Description ip igmp snooping Enables IGMP snooping on the switch or on a VLAN. ip igmp snooping tcn flood Specifies flooding on an interface as the IGMP snooping spanning-tree TCN behavior.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip igmp snooping tcn flood ip igmp snooping tcn flood Use the ip igmp snooping tcn flood interface configuration command on the switch stack or on a standalone switch to specify multicast flooding as the Internet Group Management Protocol (IGMP) snooping spanning-tree Topology Change Notification (TCN) behavior.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip igmp snooping vlan immediate-leave ip igmp snooping vlan immediate-leave Use the ip igmp snooping immediate-leave global configuration command on the switch stack or on a standalone switch to enable Internet Group Management Protocol (IGMP) snooping immediate-leave processing on a per-VLAN basis.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip igmp snooping vlan mrouter ip igmp snooping vlan mrouter Use the ip igmp snooping mrouter global configuration command on the switch stack or on a standalone switch to add a multicast router port or to configure the multicast learning method. Use the no form of this command to return to the default settings.
Page 306
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip igmp snooping vlan mrouter Examples This example shows how to configure a port as a multicast router port: Switch(config)# ip igmp snooping vlan 1 mrouter interface gigabitethernet1/0/2 This example shows how to specify the multicast router learning method as CGMP: Switch(config)# ip igmp snooping vlan 1 mrouter learn cgmp You can verify your settings by entering the show ip igmp snooping privileged EXEC command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip igmp snooping vlan static ip igmp snooping vlan static Use the ip igmp snooping static global configuration command on the switch stack or on a standalone switch to enable Internet Group Management Protocol (IGMP) snooping and to statically add a Layer 2 port as a member of a multicast group.
Page 308
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip igmp snooping vlan static Related Commands Command Description ip igmp snooping report-suppression Enables IGMP report suppression. show ip igmp snooping Displays the snooping configuration. show ip igmp snooping groups Displays IGMP snooping multicast information.
Command Description show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_comm and_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip source binding ip source binding Use the ip source binding global configuration command on the switch stack or on a standalone switch to configure static IP source bindings on the switch. Use the no form of this command to delete static bindings.
Page 311
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip source binding Related Commands Command Description ip verify source Enables IP source guard on an interface. show ip source binding Displays the IP source bindings on the switch. show ip verify source Displays the IP source guard configuration on the switch or on a specific interface.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip ssh ip ssh Use the ip ssh global configuration command on the switch stack or on a standalone switch to configure the switch to run Secure Shell (SSH) Version 1 or SSH Version 2. Use the no form of this command to return to the default setting.
Page 313
Features > Secure Shell Commands. show ssh Displays the status of the SSH server. For syntax information, select Cisco IOS Release 12.2 Configuration Guides and Command References > Cisco IOS Security Command Reference, Release 12.2 > Other Security Features >...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip sticky-arp (global configuration) ip sticky-arp (global configuration) Use the ip sticky-arp global configuration command to enable sticky Address Resolution Protocol (ARP) on a switch virtual interface (SVI) that belongs to a private VLAN. Use the no form of this command to disable sticky ARP.
Page 315
Command Description Adds a permanent entry in the ARP table. For syntax information, see the Cisco IOS IP Addressing Services Command Reference, Release 12.4 > ARP Commands. show arp Displays the entries in the ARP table. For syntax information, see the Cisco IOS IP Addressing Services Command Reference, Release 12.4 >...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip sticky-arp (interface configuration) ip sticky-arp (interface configuration) Use the ip sticky-arp interface configuration command to enable sticky Address Resolution Protocol (ARP) on a switch virtual interface (SVI) or a Layer 3 interface. Use the no form of this command to disable sticky ARP.
Page 317
Command Description Adds a permanent entry in the ARP table. For syntax information, see the Cisco IOS IP Addressing Services Command Reference, Release 12.4 > ARP Commands. show arp Displays the entries in the ARP table. For syntax information, see the Cisco IOS IP Addressing Services Command Reference, Release 12.4 >...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip verify source ip verify source Use the ip verify source interface configuration command on the switch stack or on a standalone switch to enable IP source guard on an interface. Use the no form of this command to disable IP source guard.
Page 319
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ip verify source Interface Filter-type Filter-mode IP-address Mac-address Vlan --------- ----------- ----------- --------------- ----------------- ---------- Gi1/0/1 ip-mac active 10.0.0.1 Gi1/0/1 ip-mac active deny-all 11-20 Switch# This example shows how to enable IP port security with IP-MAC filters on a Layer 2 access port: Switch# configure terminal Enter configuration commands, one per line.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 access-list ipv6 access-list Use the ipv6 access-list global configuration command on the switch stack or on a standalone switch to define an IPv6 access list and to place the switch in IPv6 access list configuration mode. To remove the access list, use the no form of this command.
Page 321
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 access-list Every IPv6 ACL has implicit permit icmp any any nd-na, permit icmp any any nd-ns, and deny ipv6 Note any any statements as its last match conditions. The two permit conditions allow ICMPv6 neighbor discovery.
Page 322
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 access-list Related Commands Command Description deny (IPv6 access-list Sets deny conditions for an IPv6 access list. configuration) ipv6 traffic-filter Filters incoming or outgoing IPv6 traffic on an interface. permit (IPv6 Sets permit conditions for an IPv6 access list.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 address dhcp ipv6 address dhcp Use the ipv6 address dhcp interface configuration command on the switch stack or on a standalone switch to acquire an IPv6 address on an interface from the Dynamic Host Configuration Protocol for IPv6 (DHCPv6) server.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 dhcp client request vendor ipv6 dhcp client request vendor Use the ipv6 dhcp client request interface configuration command on the switch stack or on a standalone switch to configure an IPv6 client to request an option from a Dynamic Host Configuration Protocol for IPv6 (DHCPv6) server.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 dhcp ping packets ipv6 dhcp ping packets Use the ipv6 dhcp ping packets global configuration command on the switch stack or on a standalone switch to specify the number of packets a Dynamic Host Configuration Protocol for IPv6 (DHCPv6) server sends to a pool address as part of a ping operation.
Page 326
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 dhcp ping packets Related Commands Command Description clear ipv6 dhcp Clears an address conflict from the DHCPv6 server database. conflict show ipv6 dhcp Displays address conflicts found by a DHCPv6 server, or reported through conflict a DECLINE message from a client.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 dhcp pool ipv6 dhcp pool Use the ipv6 dhcp pool global configuration command on the switch stack or on a standalone switch to enter Dynamic Host Configuration Protocol for IPv6 (DHCPv6) pool configuration mode. Use the no form of this command to return to the default settings.
Page 328
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 dhcp pool • link-address IPv6-prefix: sets a link-address IPv6 prefix. When an address on the incoming interface or a link-address in the packet matches the specified IPv6-prefix, the server uses the configuration information pool.
Page 329
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 dhcp pool Related Commands Command Description ipv6 dhcp server Enables DHCPv6 service on an interface. show ipv6 dhcp pool Displays DHCPv6 configuration pool information. Catalyst 3750-X and 3560-X Switch Command Reference...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 dhcp server ipv6 dhcp server Use the ipv6 dhcp server interface configuration command on the switch stack or on a standalone switch to enable Dynamic Host Configuration Protocol for IPv6 (DHCPv6) service on an interface. To disable DHCPv6 service on an interface, use the no form of this command.
Page 331
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 dhcp server If the packet was directly received from the client, the server performs this same matching, but it uses all the IPv6 addresses configured on the incoming interface when performing the match. Once again, the server selects the longest prefix match.
1006 to 4094), IPv6 MLD snooping must be enabled on the extended VLAN on the Catalyst 6500 switch in order for the Catalyst 3750-X or Catalyst 3560-X switch to receive queries on the VLAN. For normal-range VLANs (1 to 1005), it is not necessary to enable IPv6 MLD snooping on the VLAN on the Catalyst 6500 switch.
Page 333
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 mld snooping Examples This example shows how to globally enable MLD snooping: Switch(config)# ipv6 mld snooping This example shows how to disable MLD snooping on a VLAN: Switch(config)# no ipv6 mld snooping vlan 11 You can verify your settings by entering the show ipv6 mld snooping user EXEC command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 mld snooping last-listener-query-count ipv6 mld snooping last-listener-query-count Use the ipv6 mld snooping last-listener-query-count global configuration command on the switch stack or on a standalone switch to configure IP version 6 (IPv6) Multicast Listener Discovery Mulitcast Address Specific Queries (MASQs) or that will be sent before aging out a client.
Page 335
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 mld snooping last-listener-query-count Examples This example shows how to globally set the last-listener query count: Switch(config)# ipv6 mld snooping last-listener-query-count 1 This example shows how to set the last-listener query count for VLAN 10:...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 mld snooping last-listener-query-interval ipv6 mld snooping last-listener-query-interval Use the ipv6 mld snooping last-listener-query-interval global configuration command on the switch stack or on a standalone switch to configure IP version 6 (IPv6) Multicast Listener Discovery (MLD) snooping last-listener query interval on the switch or on a VLAN.
Page 337
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 mld snooping last-listener-query-interval Examples This example shows how to globally set the last-listener query interval to 2 seconds: Switch(config)# ipv6 mld snooping last-listener-query-interval 2000 This example shows how to set the last-listener query interval for VLAN 1 to 5.5 seconds:...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 mld snooping listener-message-suppression ipv6 mld snooping listener-message-suppression Use the ipv6 mld snooping listener-message-suppression global configuration command on the switch stack or on a standalone switch to enable IP version 6 (IPv6) Multicast Listener Discovery (MLD) snooping listener message suppression.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 mld snooping robustness-variable ipv6 mld snooping robustness-variable Use the ipv6 mld snooping robustness-variable global configuration command on the switch stack or on a standalone switch to configure the number of IP version 6 (IPv6) Multicast Listener Discovery (MLD) queries that the switch sends before deleting a listener that does not respond, or enter a VLAN ID to configure on a per-VLAN basis.
Page 340
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 mld snooping robustness-variable Examples This example shows how to configure the global robustness variable so that the switch sends out three queries before it deletes a listener port that does not respond: Switch(config)# ipv6 mld snooping robustness-variable 3 This example shows how to configure the robustness variable for VLAN 1.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 mld snooping tcn ipv6 mld snooping tcn Use the ipv6 mld snooping tcn global configuration commands on the switch stack or on a standalone switch to configure IP version 6 (IPv6) Multicast Listener Discovery (MLD) Topology Change Notifications (TCNs).
Page 342
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 mld snooping tcn Related Commands Command Description sdm prefer Configures an SDM template to support IPv6 functions. dual-ipv4-and-ipv6 show ipv6 mld snooping Displays MLD snooping configuration. Catalyst 3750-X and 3560-X Switch Command Reference...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 mld snooping vlan ipv6 mld snooping vlan Use the ipv6 mld snooping vlan global configuration command on the switch stack or on a standalone switch to configure IP version 6 (IPv6) Multicast Listener Discovery (MLD) snooping parameters on the VLAN interface.
Page 344
1006 to 4094), IPv6 MLD snooping must be enabled on the extended VLAN on the Catalyst 6500 switch in order for the Catalyst 3750-X or Catalyst 3560-X switch to receive queries on the VLAN. For normal-range VLANs (1 to 1005), it is not necessary to enable IPv6 MLD snooping on the VLAN on the Catalyst 6500 switch.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 traffic-filter ipv6 traffic-filter Use the ipv6 traffic-filter interface configuration command on the switch stack or on a standalone switch to filter IPv6 traffic on an interface. The type and direction of traffic that you can filter depends on the feature set running on the switch stack.
Page 346
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands ipv6 traffic-filter Examples This example filters inbound IPv6 traffic on an IPv6-configured interface as defined by the access list named cisco: Switch (config)# interface gigabitethernet1/0/1 Switch(config-if)# no switchport Switch(config-if)# ipv6 address 2001::/64 eui-64...
Layer 2 protocols on an access port, IEEE 802.1Q tunnel port, or a port channel. You can enable tunneling for Cisco Discovery Protocol (CDP), Spanning Tree Protocol (STP), or VLAN Trunking Protocol (VTP) packets. You can also enable point-to-point tunneling for Port Aggregation Protocol (PAgP), Link Aggregation Control Protocol (LACP), or UniDirectional Link Detection (UDLD) packets.
Page 348
When protocol tunneling is enabled, protocol packets are encapsulated with a well-known Cisco multicast address for transmission across the network. When the packets reach their destination, the well-known MAC address is replaced by the Layer 2 protocol MAC address.
Page 349
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands l2protocol-tunnel For more information about Layer 2 protocol tunneling, see the software configuration guide for this release. Examples This example shows how to enable protocol tunneling for CDP packets and to configure the shutdown...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands l2protocol-tunnel cos l2protocol-tunnel cos Use the l2protocol-tunnel cos global configuration command on the switch stack or on a standalone switch to configure class of service (CoS) value for all tunneled Layer 2 protocol packets. Use the no form of this command to return to the default setting.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands lacp port-priority lacp port-priority Use the lacp port-priority interface configuration command on the switch stack or on a standalone switch to configure the port priority for the Link Aggregation Control Protocol (LACP). Use the no form of this command to return to the default setting.
Page 352
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands lacp port-priority Examples This example shows how to configure the LACP port priority on a port: Switch(config)# interface gigabitethernet2/0/1 Switch(config-if)# lacp port-priority 1000 You can verify your settings by entering the show lacp [channel-group-number] internal privileged EXEC command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands lacp system-priority lacp system-priority Use the lacp system-priority global configuration command on the switch stack or on a standalone switch to configure the system priority for the Link Aggregation Control Protocol (LACP). Use the no form of this command to return to the default setting.
Page 354
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands lacp system-priority Related Commands Command Description channel-group Assigns an Ethernet port to an EtherChannel group. lacp port-priority Configures the LACP port priority. show lacp sys-id Displays the system identifier that is being used by LACP.
Syntax Description number (Optional) Specify the link-state group number. For a Catalyst 3750-X switch, the group number can be 1 to 10. For a Catalyst 3560-X switch, the group number can be from 1 to 2. The default is 1. upstream Configure a port as an upstream port for a specific link-state group.
Page 356
Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_command _reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command. Catalyst 3750-X and 3560-X Switch Command Reference 2-324...
Syntax Description number (Optional) Specify the link-state group number. For a Catalyst 3750-X switch, the group number can be 1 to 10. For a Catalyst 3560-X switch, the group number can be from 1 to 2. The default is 1. Defaults Link-state tracking is disabled for all groups.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands location (global configuration) location (global configuration) Use the location global configuration command to configure location information for an endpoint. Use the no form of this command to remove the location information.
Page 359
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands location (global configuration) Examples This example shows how to configure civic location information on the switch: Switch(config)# location civic-location identifier 1 Switch(config-civic)# number 3550 Switch(config-civic)# primary-road-name “Cisco Way” Switch(config-civic)# city “San Jose”...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands location (interface configuration) location (interface configuration) Use the location interface command to enter location information for an interface. Use the no form of this command to remove the interface location information.
Page 361
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands location (interface configuration) You can verify your settings by entering the show location civic interface privileged EXEC command. This example shows how to enter emergency location information for an interface:...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands logging event logging event Use the logging event interface configuration command to enable notification of interface link status changes. Use the no form of this command to disable notification. logging event {bundle-status | link-status | spanning-tree | status | trunk status}...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands logging event power-inline-status logging event power-inline-status Use the logging event power-inline-status interface configuration command to enable the logging of Power over Ethernet (PoE) events. Use the no form of this command to disable the logging of PoE status events;...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands logging file logging file Use the logging file global configuration command on the switch stack or on a standalone switch to set logging file parameters. Use the no form of this command to return to the default setting.
Page 365
Command Description show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_comma nd_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.
Usage Guidelines Use this command to allow a RADIUS server to authenticate a new user based on the host MAC address and VLAN. Use this feature on networks with the Microsoft IAS RADIUS server. The Cisco ACS ignores this command. Examples...
Page 367
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mab request format attribute 32 Command Description authentication Adds an authentication method to the port-priority list. priority authentication timer Configures the timeout and reauthentication parameters for an 802.1x-enabled port. authentication...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mac access-group mac access-group Use the mac access-group interface configuration command on the switch stack or on a standalone switch to apply a MAC access control list (ACL) to a Layer 2 interface. Use the no form of this command to remove all MAC ACLs or the specified MAC ACL from the interface.
Page 369
Displays the MAC ACLs configured on the switch. show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_com mand_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mac access-list extended mac access-list extended Use the mac access-list extended global configuration command on the switch stack or on a standalone switch to create an access list based on MAC addresses for non-IP traffic. Using this command puts you in the extended MAC access-list configuration mode.
Page 371
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mac access-list extended This example shows how to delete MAC named extended access list mac1: Switch(config)# no mac access-list extended mac1 You can verify your settings by entering the show access-lists privileged EXEC command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mac address-table aging-time mac address-table aging-time Use the mac address-table aging-time global configuration command on the switch stack or on a standalone switch to set the length of time that a dynamic entry remains in the MAC address table after the entry is used or updated.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mac address-table learning vlan mac address-table learning vlan Use the mac address-table learning global configuration command to enable MAC address learning on a VLAN. This is the default state. Use the no form of this command to disable MAC address learning on a VLAN to control which VLANs can learn MAC addresses.
Page 374
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mac address-table learning vlan If you disable MAC address learning on a VLAN that includes a secure port, MAC address learning is not disabled on the secure port. If you later disable port security on the interface, the disabled MAC address learning state is enabled.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mac address-table move update mac address-table move update Use the mac address-table move update global configuration command on the switch stack or on a standalone switch to enable the MAC address-table move update feature. Use the no form of this command to return to the default setting.
Page 376
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mac address-table move update Related Commands Command Description clear mac address-table move Clears the MAC address-table move update global counters. update debug matm move update Debugs the MAC address-table move update message processing.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mac address-table notification mac address-table notification Use the mac address-table notification global configuration command on the switch stack or on a standalone switch to enable the MAC address notification feature on the switch or the switch stack. Use the no form of this command to return to the default setting.
Page 378
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mac address-table notification When you configure the history-size option, the existing MAC address history table is deleted, and a new table is created. You enable the MAC address notification change feature by using the mac address-table notification change command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mac address-table static mac address-table static Use the mac address-table static global configuration command on the switch stack or on a standalone switch to add static addresses to the MAC address table. Use the no form of this command to remove static entries from the table.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mac address-table static drop mac address-table static drop Use the mac address-table static drop global configuration command on the switch stack or on a standalone switch to enable unicast MAC address filtering and to configure the switch to drop traffic with a specific source or destination MAC address.
Page 381
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mac address-table static drop Examples This example shows how to enable unicast MAC address filtering and to configure the switch to drop packets that have a source or destination address of c2f3.220a.12f4. When a packet is received in VLAN 4 with this MAC address as its source or destination, the packet is dropped: Switch(config)# mac address-table static c2f3.220a.12f4 vlan 4 drop...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mac sec mac sec To enable 802.1ae Media Access Control Security (MACsec) on an interface, use the macsec interface configuration command. To disable MACsec on the interface, use the no form of this command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands match (access-map configuration) match (access-map configuration) Use the match access-map configuration command on the switch stack or on a standalone switch to set the VLAN map to match packets against one or more access lists. Use the no form of this command to remove the match parameters.
Page 384
Specifies the action to be taken if the packet matches an entry in an access control list (ACL). ip access list Creates a named access list. For syntax information, select Cisco IOS IP Command Reference, Volume 1 of 3:Addressing and Services, Release 12.2 > IP Services Commands.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands match (class-map configuration) match (class-map configuration) Use the match class-map configuration command on the switch stack or on a standalone switch to define the match criteria to classify traffic. Use the no form of this command to remove the match criteria.
Page 386
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands match (class-map configuration) If you enter the class-map {match-all | match-any} class-map-name global configuration command, you can enter these match commands: match access-group acl-name • Note The ACL must be an extended named ACL.
Page 387
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands match (class-map configuration) This example shows how to specify a range of physical ports to which an interface-level class map in a hierarchical policy map applies: Switch(config)# class-map match-all class4...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mdix auto mdix auto Use the mdix auto interface configuration command on the switch stack or on a standalone switch to enable the automatic medium-dependent interface crossover (auto-MDIX) feature on the interface.
Page 389
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mdix auto Related Commands Command Description show controllers Displays general information about internal registers of an interface, ethernet-controller including the operational state of auto-MDIX. interface-id phy Catalyst 3750-X and 3560-X Switch Command Reference...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands media-type rj45 media-type rj45 Use the media-type rj45 line configuration command to manually select the RJ-45 console connection for input, whether or not there is a device connected to the USB console port. Use the no form of this command to return to the default setting.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mka default-policy mka default-policy To apply the MACsec Key Agreement (MKA) protocol default policy on an interface, use the mka default-policy interface configuration command. This command also enables MKA on the interface if no MKAs were applied.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mka policy (global configuration) mka policy (global configuration) To create or configure a MACsec Key Agreement (MKA) Protocol policy and to enter MKA policy configuration mode, use the mka policy global configuration command, To delete the policy, use the no form of this command.
Page 393
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mka policy (global configuration) Examples This example shows what you see if you create a policy name that already exists: Switch(config)# mka policy test-policy Switch(config-mks-policy)# exit Switch(config)# mka policy test-policy %MKA policy “test-policy”...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mka policy (interface configuration) mka policy (interface configuration) To apply an existing MACsec Key Agreement (MKA) Protocol policy to an interface, use the mka policy interface configuration command. This command also enables MKA on the interface if no MKAs have been applied.
Page 395
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mka policy (interface configuration) Related Commands Command Description mka policy (global Creates an MKA policy and enters MKA policy configuration mode. configuration) show mka policy Displays MKA policies configured on the switch.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos mls qos Use the mls qos global configuration command on the switch stack or on a standalone switch to enable quality of service (QoS) for the entire switch. When the mls qos command is entered, QoS is enabled with the default parameters on all ports in the system.
Page 397
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos Examples This example shows how to enable QoS on the switch: Switch(config)# mls qos This example shows how to enable IPv6 QoS on the switch: Switch(config)# sdm prefer dual-ipv4-and-ipv6 default...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos aggregate-policer mls qos aggregate-policer Use the mls qos aggregate-policer global configuration command on the switch stack or on a standalone switch to define policer parameters, which can be shared by multiple classes within the same policy map.
Page 399
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos aggregate-policer You cannot delete an aggregate policer if it is being used in a policy map. You must first use the no police aggregate aggregate-policer-name policy-map class configuration command to delete the aggregate policer from all policy maps before using the no mls qos aggregate-policer aggregate-policer-name command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos cos mls qos cos Use the mls qos cos interface configuration command on the switch stack or on a standalone switch to define the default class of service (CoS) value of a port or to assign the default CoS to all incoming packets on the port.
Page 401
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos cos This example shows how to assign all the packets entering a port to the default port CoS value of 4 on a port: Switch(config)# interface gigabitethernet2/0/1 Switch(config-if)# mls qos cos 4 Switch(config-if)# mls qos cos override You can verify your settings by entering the show mls qos interface privileged EXEC command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos dscp-mutation mls qos dscp-mutation Use the mls qos dscp-mutation interface configuration command on the switch stack or on a standalone switch to apply a Differentiated Services Code Point (DSCP)-to-DSCP-mutation map to a DSCP-trusted port.
Page 403
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos dscp-mutation This example show how to remove the DSCP-to-DSCP-mutation map name dscpmutation1 from the port and to reset the map to the default: Switch(config-if)# no mls qos dscp-mutation dscpmutation1 You can verify your settings by entering the show mls qos maps privileged EXEC command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos map mls qos map Use the mls qos map global configuration command on the switch stack or on a standalone switch to define the class of service (CoS)-to-Differentiated Services Code Point (DSCP) map, DSCP-to-CoS map, the DSCP-to-DSCP-mutation map, the IP-precedence-to-DSCP map, and the policed-DSCP map.
Page 405
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos map Defaults Table 2-14 shows the default CoS-to-DSCP map: Table 2-14 Default CoS-to-DSCP Map CoS Value DSCP Value Table 2-15 shows the default DSCP-to-CoS map: Table 2-15 Default DSCP-to-CoS Map...
Page 406
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos map The default DSCP-to-DSCP-mutation map is a null map, which maps an incoming DSCP value to the same DSCP value. The default policed-DSCP map is a null map, which maps an incoming DSCP value to the same DSCP value.
Page 407
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos map Related Commands Command Description mls qos dscp-mutation Applies a DSCP-to-DSCP-mutation map to a DSCP-trusted port. show mls qos maps Displays quality of service (QoS) mapping information. Catalyst 3750-X and 3560-X Switch Command Reference...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos queue-set output buffers mls qos queue-set output buffers Use the mls qos queue-set output buffers global configuration command on the switch stack or on a standalone switch to allocate buffers to a queue-set (four egress queues per port). Use the no form of this command to return to the default setting.
Page 409
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos queue-set output buffers Examples This example shows how to map a port to queue-set 2. It allocates 40 percent of the buffer space to egress queue 1 and 20 percent to egress queues 2, 3, and 4:...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos queue-set output threshold mls qos queue-set output threshold Use the mls qos queue-set output threshold global configuration command on the switch stack or on a standalone switch to configure the weighted tail-drop (WTD) thresholds, to guarantee the availability of buffers, and to configure the maximum memory allocation to a queue-set (four egress queues per port).
Page 411
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos queue-set output threshold Usage Guidelines Use the mls qos queue-set output qset-id buffers global configuration command to allocate a fixed number of buffers to the four queues in a queue-set.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos rewrite ip dscp mls qos rewrite ip dscp Use the mls qos rewrite ip dscp global configuration command on the switch stack or on a standalone switch to configure the switch to change (rewrite) the Differentiated Services Code Point (DSCP) field of an incoming IP packet.
Page 413
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos rewrite ip dscp Examples This example shows how to enable DSCP transparency and configure the switch to not change the DSCP value of the incoming IP packet: Switch(config)# mls qos...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos srr-queue input bandwidth mls qos srr-queue input bandwidth Use the mls qos srr-queue input bandwidth global configuration command on the switch stack or on a standalone switch to assign shaped round robin (SRR) weights to an ingress queue. The ratio of the weights is the ratio of the frequency in which the SRR scheduler dequeues packets from each queue.
Page 415
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos srr-queue input bandwidth This example shows how to assign the ingress bandwidths for the queues in the stack. Queue 1 is the priority queue with 10 percent of the bandwidth allocated to it. The bandwidth ratio allocated to queues 1 and 2 is 4/(4+4).
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos srr-queue input buffers mls qos srr-queue input buffers Use the mls qos srr-queue input buffers global configuration command on the switch stack or on a standalone switch to allocate the buffers between the ingress queues. Use the no form of this command to return to the default setting.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos srr-queue input cos-map mls qos srr-queue input cos-map Use the mls qos srr-queue input cos-map global configuration command on the switch stack or on a standalone switch to map class of service (CoS) values to an ingress queue or to map CoS values to a queue and to a threshold ID.
Page 419
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos srr-queue input cos-map Usage Guidelines The CoS assigned at the ingress port selects an ingress or egress queue and threshold. The drop-threshold percentage for threshold 3 is predefined. It is set to the queue-full state. You can assign two weighted tail-drop (WTD) threshold percentages to an ingress queue by using the mls qos srr-queue input threshold global configuration command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos srr-queue input dscp-map mls qos srr-queue input dscp-map Use the mls qos srr-queue input dscp-map global configuration command on the switch stack or on a standalone switch to map Differentiated Services Code Point (DSCP) values to an ingress queue or to map DSCP values to a queue and to a threshold ID.
Page 421
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos srr-queue input dscp-map Usage Guidelines The DSCP assigned at the ingress port selects an ingress or egress queue and threshold. The drop-threshold percentage for threshold 3 is predefined. It is set to the queue-full state. You can assign two weighted tail-drop (WTD) threshold percentages to an ingress queue by using the mls qos srr-queue input threshold global configuration command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos srr-queue input priority-queue mls qos srr-queue input priority-queue Use the mls qos srr-queue input priority-queue global configuration command on the switch stack or on a standalone switch to configure the ingress priority queue and to guarantee bandwidth on the stack or internal ring if the ring is congested.
Page 423
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos srr-queue input priority-queue Examples This example shows how to assign the ingress bandwidths for the queues in the stack. Queue 1 is the priority queue with 10 percent of the bandwidth allocated to it. The bandwidth ratio allocated to queues 1 and 2 is 4/(4+4).
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos srr-queue input threshold mls qos srr-queue input threshold Use the mls qos srr-queue input threshold global configuration command on the switch stack or on a standalone switch to assign weighted tail-drop (WTD) threshold percentages to an ingress queue. Use the no form of this command to return to the default setting.
Page 425
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos srr-queue input threshold Related Commands Command Description mls qos srr-queue input bandwidth Assigns shaped round robin (SRR) weights to an ingress queue. mls qos srr-queue input buffers Allocates the buffers between the ingress queues.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos srr-queue output cos-map mls qos srr-queue output cos-map Use the mls qos srr-queue output cos-map global configuration command on the switch stack or on a standalone switch to map class of service (CoS) values to an egress queue or to map CoS values to a queue and to a threshold ID.
Page 427
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos srr-queue output cos-map Usage Guidelines The drop-threshold percentage for threshold 3 is predefined. It is set to the queue-full state. Note The egress queue default settings are suitable for most situations. You should change them only when you have a thorough understanding of the egress queues and if these settings do not meet your quality of service (QoS) solution.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos srr-queue output dscp-map mls qos srr-queue output dscp-map Use the mls qos srr-queue output dscp-map global configuration command on the switch stack or on a standalone switch to map Differentiated Services Code Point (DSCP) values to an egress or to map DSCP values to a queue and to a threshold ID.
Page 429
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos srr-queue output dscp-map Usage Guidelines The drop-threshold percentage for threshold 3 is predefined. It is set to the queue-full state. Note The egress queue default settings are suitable for most situations. You should change them only when you have a thorough understanding of the egress queues and if these settings do not meet your QoS solution.
(Optional) Classify an ingress packet by trusting the CoS or DSCP value sent from the Cisco IP Phone (trusted boundary), depending on the trust setting. dscp (Optional) Classify an ingress packet by using the packet DSCP value (most significant 6 bits of 8-bit service-type field).
Page 431
The trusted boundary feature prevents security problems if users disconnect their PCs from networked Cisco IP Phones and connect them to the switch port to take advantage of trusted CoS or DSCP settings. You must globally enable the Cisco Discovery Protocol (CDP) on the switch and on the port connected to the IP phone.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mls qos vlan-based mls qos vlan-based Use the mls qos vlan-based interface configuration command on the switch stack or on a standalone switch to enable VLAN-based quality of service (QoS) on the physical port. Use the no form of this command to disable this feature.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mode mode To configure power stack mode for the power stack, use the mode power-stack configuration command To return to the default settings, use the no form of the command.
Page 434
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mode In redundant mode, the largest power supply is removed from the power pool to use as backup power in case one of the other power supplies fails. The available power budget is the total power minus the largest power supply.
(such as a Cisco IDS Sensor Appliance), to add or delete interfaces or VLANs to or from an existing SPAN or RSPAN session, and to limit (filter) SPAN source traffic to specific VLANs. Use the no form of this command to remove the SPAN or RSPAN session or to remove source or destination interfaces or filters from the SPAN or RSPAN session.
Page 436
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands monitor session dot1q vlan vlan-id Accept incoming packets with IEEE 802.1Q encapsulation with the specified VLAN as the default VLAN. Specify ingress forwarding using ISL encapsulation. untagged vlan vlan-id Accept incoming packets with untagged encapsulation with the specified VLAN as the default VLAN.
Page 437
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands monitor session Defaults No monitor sessions are configured. On a source interface, the default is to monitor both received and transmitted traffic. On a trunk interface used as a source port, all VLANs are monitored.
Page 438
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands monitor session VLAN filtering refers to analyzing network traffic on a selected set of VLANs on trunk source ports. By default, all VLANs are monitored on trunk source ports. You can use the monitor session session_number filter vlan vlan-id command to limit SPAN traffic on trunk source ports to only the specified VLANs.
Page 439
Displays SPAN and RSPAN session information. show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_co mmand_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mvr (global configuration) mvr (global configuration) Use the mvr global configuration command without keywords on the switch stack or on a standalone switch to enable the multicast VLAN registration (MVR) feature on the switch. Use the command with...
Page 441
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mvr (global configuration) Command Modes Global configuration Command History Release Modification 12.2(53)SE2 This command was introduced. Usage Guidelines A maximum of 256 MVR multicast groups can be configured on a switch.
Page 442
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mvr (global configuration) Related Commands Command Description mvr (interface configuration) Configures MVR ports. show mvr Displays MVR global parameters or port parameters. show mvr interface Displays the configured MVR interfaces with their type, status, and Immediate Leave configuration.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mvr (interface configuration) mvr (interface configuration) Use the mvr interface configuration command on the switch stack or on a standalone switch to configure a Layer 2 port as a multicast VLAN registration (MVR) receiver or source port, to set the Immediate Leave feature, and to statically assign a port to an IP multicast VLAN and IP address.
Page 444
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mvr (interface configuration) Usage Guidelines Configure a port as a source port if that port should be able to both send and receive multicast data bound for the configured multicast groups. Multicast data is received on all ports configured as source ports.
Page 445
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands mvr (interface configuration) Related Commands Command Description mvr (global configuration) Enables and configures multicast VLAN registration on the switch. show mvr Displays MVR global parameters or port parameters. show mvr interface Displays the configured MVR interfaces or displays the multicast groups to which a receiver port belongs.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands network-policy network-policy Use the network-policy interface configuration command to apply a network-policy profile to an interface. Use the no form of this command to remove the policy. network-policy profile number...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands network-policy profile (global configuration) network-policy profile (global configuration) Use the network-policy profile global configuration command to create a network-policy profile and to enter network-policy configuration mode. Use the no form of this command to delete the policy and to return to global configuration mode.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands network-policy profile (network-policy configuration) network-policy profile (network-policy configuration) Use the network-policy profile configuration mode command to configure the network-policy profile created by using the network-policy profile global configuration command. Use the no form of this command without additional parameters to delete a profile.
Page 449
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands network-policy profile (network-policy configuration) This example shows how to configure the voice application type for VLAN 100 with a priority 4 CoS: Switch(config)# network-policy profile 1 Switch(config-network-policy)# voice vlan 100 cos 4...
Usage Guidelines Use the nmsp global configuration command to enable the switch to send NMSP location and attachment notifications to a Cisco Mobility Services Engine (MSE). Examples This example shows how to enable NMSP on a switch and set the location notification time to 10...
Usage Guidelines Use the nmsp attachment suppress interface configuration command to configure an interface to not send location and attachment notifications to a Cisco Mobility Services Engine (MSE). Examples This example shows how to configure an interface to not send attachment information to the MSE:...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands no authentication logging verbose no authentication logging verbose Use the no authentication logging verbose global configuration command on the switch stack or on a standalone switch to filter detailed information from authentication system messages.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands no dot1x logging verbose no dot1x logging verbose Use the no dot1x logging verbose global configuration command on the switch stack or on a standalone switch to filter detailed information from 802.1x system messages.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands no mab logging verbose no mab logging verbose Use the no mab logging verbose global configuration command on the switch stack or on a standalone switch to filter detailed information from MAC authentication bypass (MAB) system messages.
Use the nsf router configuration command on a switch stack or standalone switch to enable and configure Cisco nonstop forwarding (NSF) for Open Shortest Path First (OSPF) or Enhanced Interior Gateway Routing Protocol (EIGRP) routing. Use the no form of this command to disable NSF.
Page 456
For syntax information, select Cisco IOS IP Command Reference, Volume 2 of 3: Routing Protocols, Release 12.2 > EIGRP Commands and Cisco IOS IP Command Reference, Volume 2 of 3: Routing Protocols, Release 12.2 > OSFP Commands. Catalyst 3750-X and 3560-X Switch Command Reference...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands pagp learn-method pagp learn-method Use the pagp learn-method interface configuration command on the switch stack or on a standalone switch to learn the source address of incoming packets received from an EtherChannel port. Use the no form of this command to return to the default setting.
Page 458
Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_command_ reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command. Catalyst 3750-X and 3560-X Switch Command Reference 2-426...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands pagp port-priority pagp port-priority Use the pagp port-priority interface configuration command on the switch stack or on a standalone switch to select a port over which all Port Aggregation Protocol (PAgP) traffic through the EtherChannel is sent.
Page 460
Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_command_r eference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command. Catalyst 3750-X and 3560-X Switch Command Reference 2-428...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands permit (ARP access-list configuration) permit (ARP access-list configuration) Use the permit Address Resolution Protocol (ARP) access-list configuration command to permit an ARP packet based on matches against the Dynamic Host Configuration Protocol (DHCP) bindings. Use the no form of this command to remove the specified access control entry (ACE) from the access control list.
Page 462
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands permit (ARP access-list configuration) Command History Release Modification 12.2(53)SE2 This command was introduced. Usage Guidelines You can add permit clauses to forward ARP packets based on some matching criteria. Examples This example shows how to define an ARP access list and to permit both ARP requests and ARP responses from a host with an IP address of 1.1.1.1 and a MAC address of 0000.0000.abcd:...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands permit (IPv6 access-list configuration) permit (IPv6 access-list configuration) Use the permit IPv6 access list configuration command on the switch stack or on a standalone switch to set permit conditions for an IPv6 access list. Use the no form of this command to remove the permit conditions.
Page 464
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands permit (IPv6 access-list configuration) Syntax Description protocol Name or number of an Internet protocol. It can be one of the keywords ahp, esp, icmp, ipv6, pcp, sctp, tcp, or udp, or an integer in the range from 0 to 255 representing an IPv6 protocol number.
Page 465
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands permit (IPv6 access-list configuration) (Optional) Send an informational logging message to the console about the packet that matches the entry. (The level of messages logged to the console is controlled by the logging console command.) The message includes the access list name and sequence number;...
Page 466
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands permit (IPv6 access-list configuration) Defaults No IPv6 access list is defined. Command Modes IPv6 access-list configuration Command History Release Modification 12.2(53)SE2 This command was introduced. Usage Guidelines The permit (IPv6 access-list configuration mode) command is similar to the permit (IPv4 access-list configuration mode) command, but it is IPv6-specific.
Page 467
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands permit (IPv6 access-list configuration) This is a list of ICMP message names: beyond-scope destination-unreachable echo-reply echo-request header hop-limit mld-query mld-reduction mld-report nd-na nd-ns next-header no-admin no-route packet-too-big parameter-option parameter-problem port-unreachable...
Page 468
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands permit (IPv6 access-list configuration) Related Commands Command Description ipv6 access-list Defines an IPv6 access list and enters IPv6 access list configuration mode. ipv6 traffic-filter Filters incoming or outgoing IPv6 traffic on an interface.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands permit (MAC access-list configuration) permit (MAC access-list configuration) Use the permit MAC access-list configuration command on the switch stack or on a standalone switch to allow non-IP traffic to be forwarded if the conditions are matched. Use the no form of this command to remove a permit condition from the extended MAC access list.
Page 470
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands permit (MAC access-list configuration) lsap lsap-number mask (Optional) Use the LSAP number (0 to 65535) of a packet with 802.2 encapsulation to identify the protocol of the packet. The mask is a mask of don’t care bits applied to the LSAP number before testing for a match.
Page 471
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands permit (MAC access-list configuration) Usage Guidelines You enter MAC access-list configuration mode by using the mac access-list extended global configuration command. If you use the host keyword, you cannot enter an address mask; if you do not use the any or host keywords, you must enter an address mask.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands police police Use the police policy-map class configuration command on the switch stack or on a standalone switch to define a policer for classified traffic. A policer defines a maximum permissible rate of transmission, a maximum burst size for transmissions, and an action to take if either maximum is exceeded.
Page 473
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands police Examples This example shows how to configure a policer that drops packets if traffic exceeds 1 Mb/s average rate with a burst size of 20 KB. The DSCPs of incoming packets are trusted, and there is no packet modification.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands police aggregate police aggregate Use the police aggregate policy-map class configuration command on the switch stack or on a standalone switch to apply an aggregate policer to multiple classes in the same policy map. A policer defines a maximum permissible rate of transmission, a maximum burst size for transmissions, and an action to take if either maximum is exceeded.
Page 475
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands police aggregate Switch(config-pmap-c)# exit Switch(config-pmap)# class class3 Switch(config-pmap-c)# trust dscp Switch(config-pmap-c)# police aggregate agg_policer2 Switch(config-pmap-c)# exit You can verify your settings by entering the show mls qos aggregate-policer privileged EXEC command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands policy-map policy-map Use the policy-map global configuration command on the switch stack or on a standalone switch to create or modify a policy map that can be attached to multiple physical ports or switch virtual interfaces (SVIs) and to enter policy-map configuration mode.
Page 477
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands policy-map Only one policy map per ingress port or SVI is supported. You can apply the same policy map to multiple physical ports or SVIs. You can apply a nonhierarchical policy maps to physical ports or to SVIs. A nonhierarchical policy map is the same as a port-based policy maps in Catalyst 3750 and 3560 switches.
Page 478
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands policy-map Switch(config)# policy-map pm-test-int Switch(config-pmap)# class cm-test-int Switch(config-pmap-c)# police 18000000 8000 exceed-action drop Switch(config-pmap-c)# exit Switch(config-pmap)# exit Switch(config)# policy-map pm-test-pm-2 Switch(config-pmap)# class cm-non-int Switch(config-pmap-c)# set dscp 7 Switch(config-pmap-c)# service-policy pm-test-int...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands port-channel load-balance port-channel load-balance Use the port-channel load-balance global configuration command on the switch stack or on a standalone switch to set the load-distribution method among the ports in the EtherChannel. Use the no form of this command to return to the default setting.
Page 480
Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_comman d_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command. Catalyst 3750-X and 3560-X Switch Command Reference 2-448...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands power inline power inline To configure the power management mode on Power over Ethernet (PoE) ports, use the power inline interface configuration command. To return to the default settings, use the no form of this command.
Page 482
If a port has a Cisco powered device connected to it, you should not use the power inline never command to configure the port. A false link-up can occur, placing the port in an error-disabled state.
Page 483
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands power inline This example shows how to configure a PoE port on a switch to allow a class 1 or a class 2 powered device: Switch(config)# interface gigabitethernet1/0/2 Switch(config-if)# power inline auto max 7000...
This command was introduced. Usage Guidelines When Cisco powered devices are connected to PoE ports, the switch uses Cisco Discovery Protocol (CDP) to determine the CDP-specific power consumption of the devices, which is the amount of power to allocate based on the CDP messages. The switch adjusts the power budget accordingly. This does not apply to IEEE third-party powered devices.
Page 485
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands power inline consumption The initial allocation for Class 0, Class 3, and Class 4 powered devices is 15.4 W. When a device starts Note up and uses CDP or LLDP to send a request for more than 15.4 W, it can be allocated up to the maximum of 30 W.
Page 486
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands power inline consumption %CAUTION: Interface Gi1/0/2: Misconfiguring the 'power inline consumption/allocation' command may cause damage to the switch and void your warranty. Take precaution not to oversubscribe the power supply.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands power inline police power inline police To enable policing of real-time power consumption on a powered device, use the power inline police interface configuration command. To disable this feature, use the no form of this command...
Page 488
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands power inline police The switch automatically sets the power usage of the device by using CDP power negotiation or by the IEEE classification and LLPD power negotiation. Use the first or second method in the previous list to manually configure the cutoff-power value by...
Page 489
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands power inline police Examples This example shows how to enable policing of the power consumption and configuring the switch to generate a syslog message on the PoE port on a switch:...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands power-priority power-priority To configure StackPower power-priority values for a switch in a power stack and for its high-priority and low-priority PoE ports, use the power-priority switch stack-power configuration command. To return...
Page 491
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands power-priority Examples This is an example of setting the power priority for switch 1 in power stack a to 7, for the high-priority ports to 11, and for the low-priority ports to 20.
To configure and manage the Cisco Redundant Power System 2300, also referred to as the RPS 2300, connected to a Catalyst 3750-E switch in a Catalyst 3750-X and 3750-E mixed switch stack, use the power rps user EXEC command.
Page 493
In a mixed stack with Catalyst 3750-X and 3750-E switches, one or more Catalyst 3750-E switches can be connected to a Cisco Redundant Power System 2300, also known as the RPS 2300. You can use the power rps command to configure and manage an RPS 2300 connected to a Catalyst 3750-E switch.
This command was introduced. Usage Guidelines The power supply command applies to a Catalyst 3560-X switch, a Catalyst 3750-X standalone switch, or a switch stack with only Catalyst 3750-X switches. In a switch stack with only Catalyst 3750-X switches, you must specify the stack member before entering the reset {hard | soft} or slot {A | B} off or on keywords.
Page 495
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands power supply This example shows how to set the power supply in slot A of stack member 2 in a switch stack to off: Switch> power supply 2 slot A off This example shows how to set power supply B of a standalone switch to on: Switch>...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands priority-queue priority-queue Use the priority-queue interface configuration command to enable the egress expedite queue on a port. Use the no form of this command to return to the default setting.
Page 497
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands priority-queue This example shows how to disable the egress expedite queue after the SRR shaped and shared weights are configured. The shaped mode overrides the shared mode. Switch(config)# interface gigabitethernet1/0/2...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands private-vlan private-vlan Use the private-vlan VLAN configuration command on the switch stack or on a standalone switch to configure private VLANs and to configure the association between private-VLAN primary and secondary VLANs.
Page 499
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands private-vlan You can associate a secondary (isolated or community) VLAN with only one primary VLAN. A primary VLAN can have one isolated VLAN and multiple community VLANs associated with it.
Page 500
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands private-vlan Switch(config-vlan)# private-vlan association 501-503 Switch(config-vlan)# end You can verify your setting by entering the show vlan private-vlan or show interfaces status privileged EXEC command. Related Commands Command Description show interfaces...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands private-vlan mapping private-vlan mapping Use the private-vlan mapping interface configuration command on a switch virtual interface (SVI) on the switch stack or on a standalone switch to create a mapping between a private-VLAN primary and secondary VLANs so that both VLANs share the same primary VLAN SVI.
Page 502
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands private-vlan mapping Examples This example shows how to map the interface of VLAN 20 to the SVI of VLAN 18: Switch# configure terminal Switch# interface vlan 18 Switch(config-if)# private-vlan mapping 20...
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands queue-set queue-set Use the queue-set interface configuration command on the switch stack or on a standalone switch to map a port to a queue-set. Use the no form of this command to return to the default setting.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands radius-server dead-criteria radius-server dead-criteria Use the radius-server dead-criteria global configuration command on the switch stack or on a standalone switch to configure the conditions that determine when a RADIUS server is considered unavailable or dead.
Page 505
IOS Security Command Reference, Release 12.2 > Server Security Protocols > RADIUS Commands. show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/pr od_command_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands radius-server host radius-server host Use the radius-server host global configuration command on the switch stack or on a standalone switch to configure the RADIUS server parameters, including the RADIUS accounting and authentication. Use the no form of this command to return to the default settings.
Page 507
Reference, Release 12.2 > Server Security Protocols > RADIUS Commands. show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/pr od_command_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands rcommand rcommand Use the rcommand user EXEC command on the switch stack or on the cluster command switch to start a Telnet session and to execute commands on a cluster member switch from the cluster command switch or the switch stack.
Page 509
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands rcommand The Catalyst 1900 and 2820 CLI is available only on switches running Enterprise Edition Software. This command will not work if the vty lines of the cluster command switch have access-class configurations.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands reload reload Use the reload privileged EXEC command to reload the stack member and to put a configuration change into effect. reload [LINE | at | cancel | in | slot stack-member-number | standby-cpu] This command is supported only on Catalyst 3750-X switches.
Page 511
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands reload Related Commands Command Description rcommand Accesses a specific stack member. switch priority Changes the stack member priority value. switch renumber Changes the stack member number. show switch Displays information about the switch stack and its stack members.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands remote command remote command Use the remote command privileged EXEC command to monitor all or specified stack members. remote command {all | stack-member-number} LINE Note This command is supported only on Catalyst 3750-X switches.
Page 513
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands remote command Related Commands Command Description reload Accesses a specific stack member. switch priority Changes the stack member priority value. switch renumber Changes the stack member number. show switch Displays information about the switch stack and its stack members.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands remote-span remote-span Use the remote-span VLAN configuration command on the switch stack or on a standalone switch to configure a VLAN as a Remote Switched Port Analyzer (RSPAN) VLAN. Use the no form of this command to remove the RSPAN designation from the VLAN.
Page 515
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands remote-span Examples This example shows how to configure a VLAN as an RSPAN VLAN. Switch(config)# vlan 901 Switch(config-vlan)# remote-span This example shows how to remove the RSPAN feature from a VLAN.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands renew ip dhcp snooping database renew ip dhcp snooping database Use the renew ip dhcp snooping database privileged EXEC command on the switch stack or on a standalone switch to renew the DHCP snooping binding database.
Page 517
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands renew ip dhcp snooping database Related Commands Command Description ip dhcp snooping Enables DHCP snooping on a VLAN. ip dhcp snooping binding Configures the DHCP snooping binding database. show ip dhcp snooping database Displays the status of the DHCP snooping database agent.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands replay-protection replay-protection To configure replay protection for Media Access Control Security (MACsec), use the replay-protection window-size MKA policy configuration command. When replay protection is set, you must configure a window size in number of frames. Use the no form of the command to disable replay protection. Use the default form of this command to return to the default window size of 0 frames.
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands reserved-only reserved-only Use the reserved-only DHCP pool configuration mode command to allocate only reserved addresses in the Dynamic Host Configuration Protocol (DHCP) address pool. Use the no form of the command to return to the default.
Page 520
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands reserved-only Catalyst 3750-X and 3560-X Switch Command Reference 2-488 OL-21522-02 Downloaded from www.Manualslib.com manuals search engine...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands rmon collection stats rmon collection stats Use the rmon collection stats interface configuration command on the switch stack or on a standalone switch to collect Ethernet group statistics, which include usage statistics about broadcast and multicast packets, and error statistics about cyclic redundancy check (CRC) alignment errors and collisions.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands sdm prefer sdm prefer Use the sdm prefer global configuration command on the switch stack or on a standalone switch to configure the template used in Switch Database Management (SDM) resource allocation. You can use a template to allocate system resources to best support the features being used in your application.
Page 523
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands sdm prefer Usage Guidelines You must reload the switch for the configuration to take effect. If you enter the show sdm prefer command before you enter the reload privileged EXEC command, the show sdm prefer command shows the template currently in use and the template that will become active after a reload.
Page 524
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands sdm prefer Table 2-23 Approximate Number of Feature Resources Allowed by IPv4 Templates Resource Access Default Routing VLAN Unicast MAC addresses 12 K Internet Group Management Protocol (IGMP) groups and multicast routes...
Page 525
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands sdm prefer Switch# reload This example shows how to configure the routing template on a switch running the IP base or IP services feature set: Switch(config)# sdm prefer routing Switch(config)# exit...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands service password-recovery service password-recovery Use the service password-recovery global configuration command on the switch stack or on a standalone switch to enable the password-recovery mechanism (the default). This mechanism allows an end user with physical access to the switch to hold down the Mode button and interrupt the boot process while the switch is powering up and to assign a new password.
Page 527
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands service password-recovery If you use the no service password-recovery command to control end user access to passwords, we Note recommend that you save a copy of the config file in a location away from the switch in case the end user uses the password recovery procedure and sets the system back to default values.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands service-policy service-policy Use the service-policy interface configuration command on the switch stack or on a standalone switch to apply a policy map defined by the policy-map command to the input of a physical port or a switch virtual interface (SVI).
Page 529
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands service-policy Examples This example shows how to apply plcmap1 to an physical ingress port: Switch(config)# interface gigabitethernet2/0/1 Switch(config-if)# service-policy input plcmap1 This example shows how to remove plcmap2 from a physical port:...
Page 530
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands service-policy Related Commands Command Description policy-map Creates or modifies a policy map that can be attached to multiple ports to specify a service policy. show policy-map Displays QoS policy maps. show running-config Displays the operating configuration.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands session session Use the session privileged EXEC command on the stack master to access a specific stack member. session stack-member-number Note This command is supported only on Catalyst 3750-X switches. Syntax Description stack-member-number Specify the stack member number.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands Use the set policy-map class configuration command on the switch stack or on a standalone switch to classify IP traffic by setting a Differentiated Services Code Point (DSCP) or an IP-precedence value in the packet.
Page 533
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands Examples This example shows how to assign DSCP 10 to all FTP traffic without any policers: Switch(config)# policy-map policy_ftp Switch(config-pmap)# class ftp_class Switch(config-pmap-c)# set dscp 10 Switch(config-pmap)# exit You can verify your settings by entering the show policy-map privileged EXEC command.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands setup setup Use the setup privileged EXEC command to configure the switch with its initial configuration. setup Syntax Description This command has no arguments or keywords. Command Modes Privileged EXEC Command History...
Page 535
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands setup Would you like to enter basic management setup? [yes/no]: yes Configuring global parameters: Enter host name [Switch]: host-name The enable secret is a password used to protect access to privileged EXEC and configuration modes. This password, after entered, becomes encrypted in the configuration.
Page 536
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands setup cluster enable cluster-name Use this configuration? [yes/no]: yes [0] Go to the IOS command prompt without saving this config. [1] Return back to the setup without saving this config. [2] Save this configuration to nvram and exit.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands setup express setup express Use the setup express global configuration command to enable Express Setup mode on the switch stack or on a standalone switch. Use the no form of this command to disable Express Setup mode.
Page 538
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands setup express Examples This example shows how to enable Express Setup mode: Switch(config)# setup express You can verify that Express Setup mode is enabled by pressing the Mode button: • On an unconfigured switch, the LEDs above the Mode button turn solid green after 3 seconds.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show access-lists show access-lists Use the show access-lists privileged EXEC command to display access control lists (ACLs) configured on the switch. show access-lists [name | number | hardware counters | ipc] [ | {begin | exclude | include}...
Page 540
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show access-lists 10 permit 1.1.1.1 Standard IP access list videowizard_10-10-10-10 10 permit 10.10.10.10 Extended IP access list 121 10 permit ahp host 10.10.10.10 host 20.20.10.10 precedence routine Extended IP access list CMP-NAT-ACL...
Page 541
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show access-lists L2 ACL OUTPUT Statistics Drop: All frame count: 0 Drop: All bytes count: 0 Drop And Log: All frame count: 0 Drop And Log: All bytes count: 0 Bridge Only:...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show archive status show archive status Use the show archive status privileged EXEC command to display the status of a new image being downloaded to a switch with the HTTP or the TFTP protocol.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show arp access-list show arp access-list Use the show arp access-list user EXEC command to display detailed information about Address Resolution Protocol (ARP) access control (lists). show arp access-list [acl-name] [ | {begin | exclude | include} expression]...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show authentication show authentication Use the show authentication command (in either user EXEC or privileged EXEC mode) to display information about authentication manager events on the switch. show authentication {interface interface-id | registrations | sessions [session-id session-id]...
Page 545
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show authentication Table 2-25 show authentication Command Output (continued) Field Description Authc Success A method has resulted in authentication success for this session. Authc Failed A method has resulted in authentication fail for this session.
Page 546
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show authentication This is an example of the show authentication sessions command for a specified interface: Switch# show authentication sessions int gi 3/46 Interface: GigabitEthernet3/46 MAC Address: Unknown IP Address: Unknown...
Page 547
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show authentication authentication Adds an authentication method to the port-priority list. priority authentication timer Configures the timeout and reauthentication parameters for an 802.1x-enabled port. authentication Configures the violation modes that occur when a new device connects to a...
• show running-config • Examples This is an example of output from the show auto qos command after the auto qos voip cisco-phone and the auto qos voip cisco-softphone interface configuration commands are entered: Switch> show auto qos GigabitEthernet2/0/4 auto qos voip cisco-softphone...
Page 549
GigabitEthernet2/0/5 auto qos voip cisco-phone This is an example of output from the show running-config privileged EXEC command when the auto qos voip cisco-phone and the auto qos voip cisco-softphone interface configuration commands are entered: Switch# show running-config Building configuration...
Page 550
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show auto qos class-map match-all AutoQoS-VoIP-RTP-Trust match ip dscp ef class-map match-all AutoQoS-VoIP-Control-Trust match ip dscp cs3 af31 policy-map AutoQoS-Police-SoftPhone class AutoQoS-VoIP-RTP-Trust set dscp ef police 320000 8000 exceed-action policed-dscp-transmit class AutoQoS-VoIP-Control-Trust...
Page 551
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show auto qos This is an example of output from the show auto qos interface interface-id command when the auto qos voip cisco-phone interface configuration command is entered: Switch> show auto qos interface gigabitethernet1/0/2...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show boot show boot Use the show boot privileged EXEC command to display the settings of the boot environment variables. show boot [ | {begin | exclude | include} expression] Syntax Description | begin (Optional) Display begins with the line that matches the expression.
Page 553
VM mode, reboots, and joins the switch stack. NVRAM/Config file buffer size In a switch stack, displays the buffer size that Cisco IOS uses to hold a copy of the configuration file in memory. The configuration file cannot be larger than the buffer size allocation.
Page 554
Specifies the software image to use in the auto-upgrade process. auto-download-sw This command is available only on stacking-capable switches. boot config-file Specifies the filename that Cisco IOS uses to read and write a nonvolatile copy of the system configuration. boot enable-break Enables interrupting the automatic boot process.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show cable-diagnostics tdr show cable-diagnostics tdr Use the show cable-diagnostics tdr privileged EXEC command to display the Time Domain Reflector (TDR) results. show cable-diagnostics tdr interface interface-id [ | {begin | exclude | include} expression]...
Page 556
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show cable-diagnostics tdr Table 2-28 Fields Descriptions for the show cable-diagnostics tdr Command Output (continued) Field Description Pair length Location on the cable where the problem is, with respect to your switch. TDR can only...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show cdp forward show cdp forward To display the CDP forwarding table, use the show cdp forward user EXEC command. show cdp forward [entry | forward | interface interface-id | neighbor | traffic] [ | {begin | exclude | include} expression] This command is not supported on switches running the LAN base feature set.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show cisp show cisp Use the show cisp privileged EXEC command to display CISP information for a specified interface. show cisp {[interface interface-id] | clients | summary} | {[begin | exclude | include} expression]}...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show class-map show class-map Use the show class-map user EXEC command to display quality of service (QoS) class maps, which define the match criteria to classify traffic. show class-map [class-map-name] [ | {begin | exclude | include} expression]...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show cluster show cluster Use the show cluster user EXEC command to display the cluster status and a summary of the cluster to which the switch belongs. This command can be entered on the cluster command switch and cluster member switches.
Page 561
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show cluster This is an example of output when the show cluster command is entered on a cluster member switch: Switch1> show cluster Member switch for cluster “hapuna” Member number: Management IP address: 192.192.192.192...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show cluster candidates show cluster candidates Use the show cluster candidates privileged EXEC command on a switch stack or on a cluster command switch to display a list of candidate switches.
Page 563
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show cluster candidates This is an example of output from the show cluster candidates command that uses the MAC address of a cluster member switch directly connected to the cluster command switch: Switch>...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show cluster members show cluster members Use the show cluster members privileged EXEC command on a switch stack or on a cluster command switch to display information about the cluster members.
Page 565
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show cluster members This is an example of output from the show cluster members detail command: Switch# show cluster members detail Device 'StLouis1' with member number 0 (Command Switch) Device type:...
12.2(53)SE2 This command was introduced. Usage Guidelines This display provides information that might be useful for Cisco technical support representatives troubleshooting the switch. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
This display without keywords provides traffic statistics, basically the RMON statistics for all interfaces or for the specified interface. When you enter the phy or port-asic keywords, the displayed information is useful primarily for Cisco technical support representatives troubleshooting the switch.
Page 569
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show controllers ethernet-controller Examples This is an example of output from the show controllers ethernet-controller command for an interface. Table 2-29 describes the Transmit fields, and Table 2-30 describes the Receive fields.
Page 570
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show controllers ethernet-controller Table 2-29 Transmit Field Descriptions (continued) Field Description 5 collision frames The number of frames that are successfully sent on an interface after five collisions occur. 6 collision frames The number of frames that are successfully sent on an interface after six collisions occur.
Page 571
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show controllers ethernet-controller Table 2-30 Receive Field Descriptions (continued) Field Description Unicast bytes The total amount of memory (in bytes) used by unicast frames received on an interface, including the FCS value and the incorrectly formed frames. This value excludes the frame header bits.
Page 572
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show controllers ethernet-controller Table 2-30 Receive Field Descriptions (continued) Field Description System FCS error frames The total number of frames received on an interface that have a valid length (in bytes) but that do not have the correct FCS values.
Page 573
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show controllers ethernet-controller Bit encoding:0x1 =NRZ Normal BitRate in multiple of 1M b/s :0x2848 Protocol Type:0x1 =10GgE Standards Compliance Codes : 10GbE Code Byte 0 :0x4 =10GBASE-ER 10GbE Code Byte 1 :0x0...
Page 574
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show controllers ethernet-controller This is an example of output from the show controllers ethernet-controller port-asic statistics command: Switch# show controllers ethernet-controller port-asic statistics =========================================================================== Switch 1, PortASIC 0 Statistics --------------------------------------------------------------------------- 0 RxQ-0, wt-0 enqueue frames...
This command was introduced. Usage Guidelines The output display provides information that might be useful for Cisco technical support representatives troubleshooting the switch. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Page 576
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show controllers ethernet-controller fastethernet Examples This is an example of output from the show controllers ethernet-controller fastethernet 0 command. Table 2-29 Table 2-30 for descriptions of the Transmit and Receive fields.
Page 577
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show controllers ethernet-controller fastethernet malrxeobisr 0x80000000 0x112 malrxdeir 0x00000000 0x113 maltxctp0r 0x0F027880 0x120 malrxctp0r 0x0F0272C0 0x140 malrcbs0 0x00000060 0x160 <output truncated> This is an example of output from the show controllers ethernet-controller fastethernet 0 stack...
12.2(53)SE2 This command was introduced. Usage Guidelines The displayed information is useful s for Cisco technical support representatives troubleshooting the switch. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Page 579
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show controllers ethernet phy macsec IGR_LATE : 0x0 IGR_INVLD : 0x0 IGR_NOTVLD : 0x0 ========== Active TX SA ========== ELU Entry : 0x22BDCF9A010002 : 0x0000 NextPN : 0x0022 Encrypt Key : 0x1E902BE3AF08549BAC995474C5F55526...
Page 580
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show controllers ethernet phy macsec Related Commands Command Description debug macsec Enables MACsec debugging. show macsec Displays MACsec information. Catalyst 3750-X and 3560-X Switch Command Reference 2-548 OL-21522-02 Downloaded from www.Manualslib.com...
Though visible on all switches, this command is valid only for PoE switches. It provides no information for switches that do not support PoE. The output provides information that might be useful for Cisco technical support representatives troubleshooting the switch.
Page 582
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show controllers power inline Disconnect : N N N N N N N N N N N N N N N N Detection Status : 55 55 55 55 55 55 55 55...
12.2(53)SE2 This command was introduced. Usage Guidelines This display provides information that might be useful for Cisco technical support representatives troubleshooting the switch. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show controllers utilization show controllers utilization Use the show controllers utilization user EXEC command to display bandwidth utilization on the switch or specific ports. show controllers [interface-id] utilization [ | {begin | exclude | include} expression]...
Page 586
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show controllers utilization This is an example of output from the show controllers utilization command on a specific port: Switch> show controllers gigabitethernet1/0/1 utilization Receive Bandwidth Percentage Utilization Transmit Bandwidth Percentage Utilization...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show diagnostic show diagnostic Use the show diagnostic user EXEC command to display the online diagnostic test results and the supported test suites. show diagnostic content switch [number | all] [ | {begin | exclude | include} expression]...
Page 588
On Catalyst 3750-X switches, the show diagnostic result switch [number | all] [detail] command output is the same as the show diagnostic switch [number | all] [detail] command output. On Catalyst 3560-X switches, the show diagnostic result [detail] command output is the same as the show diagnostic switch [detail] command output.
Page 589
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show diagnostic 3) TestPortAsicCam -----------------> B*D*X**IR* not configured 4) TestPortAsicRingLoopback --------> B*D*X**IR* not configured 5) TestMicRingLoopback -------------> B*D*X**IR* not configured 6) TestPortAsicMem -----------------> B*D*X**IR* not configured 7) TestInlinePwrCtlr ---------------> B*D*X**IR* not configured <output truncated>...
Page 590
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show diagnostic This example shows how to display the detailed switch results for all the switches in stack. You can also use the show diagnostic result switch all detail command to display these results.
Page 591
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show diagnostic Total run count -------------> 0 Last test execution time ----> n/a First test failure time -----> n/a Last test failure time ------> n/a Last test pass time ---------> n/a Total failure count --------->...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show dot1q-tunnel show dot1q-tunnel Use the show dot1q-tunnel user EXEC command to display information about IEEE 802.1Q tunnel ports. show dot1q-tunnel [interface interface-id] [ | {begin | exclude | include} expression] This command is not supported on switches running the LAN base feature set.
Page 593
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show dot1q-tunnel Related Commands Command Description show vlan dot1q tag native Displays IEEE 802.1Q native VLAN tagging status. switchport mode dot1q-tunnel Configures an interface as an IEEE 802.1Q tunnel port. Catalyst 3750-X and 3560-X Switch Command Reference...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show dot1x show dot1x Use the show dot1x user EXEC command to display IEEE 802.1x statistics, administrative status, and operational status for the switch or for the specified port. show dot1x [{all [summary] | interface interface-id} [details | statistics]] [ | {begin | exclude |...
Page 595
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show dot1x This is an example of output from the show dot1x all user EXEC command: Switch> show dot1x all Sysauthcontrol Enabled Dot1x Protocol Version Critical Recovery Delay Critical EAPOL Disabled...
Page 596
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show dot1x SuppTimeout = 30 ReAuthPeriod = 3600 (Locally configured) ReAuthMax MaxReq TxPeriod = 30 RateLimitPeriod Dot1x Authenticator Client List Empty This is an example of output from the show dot1x interface interface-id details commmand when a port...
Page 597
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show dot1x Table 2-32 show dot1x statistics Field Descriptions (continued) Field Description RxInvalid Number of EAPOL frames that have been received and have an unrecognized frame type. RxLenError Number of EAPOL frames that have been received in which the packet body length field is invalid.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show dtp show dtp Use the show dtp privileged EXEC command to display Dynamic Trunking Protocol (DTP) information for the switch or for a specified interface. show dtp [interface interface-id] [ | {begin | exclude | include} expression]...
Page 599
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show dtp Statistics ---------- 3160 packets received (3160 good) 0 packets dropped 0 nonegotiate, 0 bad version, 0 domain mismatches, 0 bad TLVs, 0 other 6320 packets output (6320 good) 3160 native, 3160 software encap isl, 0 isl hardware native...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show eap show eap Use the show eap privileged EXEC command to display Extensible Authentication Protocol (EAP) registration and session information for the switch or for the specified port. show eap {{registrations [method [name] | transport [name]]} | {sessions [credentials name...
Page 601
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show eap When you use the show eap sessions privileged EXEC command with these keywords, the command output shows this information: None—All active EAP sessions. • credentials name keyword—The specified credentials profile.
Page 602
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show eap This is an example of output from the show eap sessions interface interface-id privileged EXEC command: Switch# show eap sessions gigabitethernet1/0/1 Role: Authenticator Decision: Fail Lower layer: Dot1x-AuthenticaInterface: Gi1/0/1...
Catalyst 3750-E—Cisco Redundant Power System 2300, also referred to as • the RPS 2300. Catalyst 3750 switch—the RPS 2300 or Cisco RPS 675 Redundant Power • System, also referred to as the RPS 675. Catalyst 3750-X and 3560-X switches do not connect to redundant power Note systems.
Page 604
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show env Usage Guidelines Use the show env user EXEC command to display the information for the switch being accessed—a standalone switch or the stack master. Use this command with the stack and switch keywords to display all information for the stack or for the specified stack member.
Page 605
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show env This is an example of output from the show env stack command on a stack master: Switch> show env stack SWITCH: 1 FAN 1 is OK FAN 2 is OK...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show errdisable detect show errdisable detect Use the show errdisable detect user EXEC command to display error-disabled detection status. show errdisable detect [ | {begin | exclude | include} expression] Syntax Description | begin (Optional) Display begins with the line that matches the expression.
Page 607
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show errdisable detect lsgroup Enabled port pagp-flap Enabled port psecure-violation Enabled port/vlan security-violatio Enabled port sfp-config-mismat Enabled port storm-control Enabled port udld Enabled port vmps Enabled port Related Commands Command Description errdisable detect cause Enables error-disabled detection for a specific cause or all causes.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show errdisable flap-values show errdisable flap-values Use the show errdisable flap-values user EXEC command to display conditions that cause an error to be recognized for a cause. show errdisable flap-values [ | {begin | exclude | include} expression]...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show errdisable recovery show errdisable recovery Use the show errdisable recovery user EXEC command to display the error-disabled recovery timer information. show errdisable recovery [ | {begin | exclude | include} expression]...
Page 610
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show errdisable recovery Timer interval:300 seconds Interfaces that will be enabled at the next timeout: Interface Errdisable reason Time left(sec) --------- ----------------- -------------- Gi1/0/2 link-flap Though visible in the output, the unicast-flood field is not valid.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show etherchannel show etherchannel Use the show etherchannel user EXEC command to display EtherChannel information for a channel. show etherchannel [channel-group-number {detail | port | port-channel | protocol | summary}] {detail | load-balance | port | port-channel | protocol | summary} [ | {begin | exclude |...
Page 612
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show etherchannel Examples This is an example of output from the show etherchannel 1 detail command: Switch> show etherchannel 1 detail Group state = L2 Ports: 2 Maxports = 16 Port-channels: 1 Max Port-channels = 16...
Page 613
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show etherchannel This is an example of output from the show etherchannel 1 summary command: Switch> show etherchannel 1 summary Flags: D - down P - in port-channel I - stand-alone s - suspended...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show fallback profile show fallback profile Use the show fallback profile privileged EXEC command to display the fallback profiles that are configured on a switch. show fallback profile [append | begin | exclude | include | {[redirect | tee] url} expression]...
Page 615
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show fallback profile Related Commands Command Description dot1x fallback Configure a port to use web authentication as a fallback method for clients that do not support IEEE 802.1x authentication. fallback profile Create a web authentication fallback profile.
On Catalyst 3750-X switches, the range is 1 to 9. On Catalyst 3560-X switches, the only valid module number is 1. This option is not available if you have entered a specific interface ID. | begin (Optional) Display begins with the line that matches the expression.
Page 617
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show flowcontrol Examples This is an example of output from the show flowcontrol command. Switch> show flowcontrol Port Send FlowControl Receive FlowControl RxPause TxPause admin oper admin oper --------- -------- -------- -------- --------...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show idprom interface show idprom interface Use the show idprom user EXEC command to display the IDPROM information for the specified interface. show idprom interface interface-id [detail] [ | {begin | exclude | include} expression]...
(depending on preceding keyword) of all interfaces on the switch or specified stack member. On Catalyst 3750-X switches, the range is 1 to 9. On Catalyst 3560-X switches, the only valid module number is 1. This option is not available if you entered a specific interface ID. counters...
Page 621
• On Catalyst 3560-X switches, use the show interface switchport module 1 to display the switch port characteristics of all interfaces on the switch. Any other number is invalid.
Page 622
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show interfaces Examples This is an example of output from the show interfaces command for an interface on stack member 3: Switch# show interfaces gigabitethernet3/0/2 GigabitEthernet3/0/2 is down, line protocol is down Hardware is Gigabit Ethernet, address is 0009.43a7.d085 (bia 0009.43a7.d085)
Page 623
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show interfaces No traffic sent or received on this interface. GigabitEthernet1/0/2 Protocol Pkts In Chars In Pkts Out Chars Out No traffic sent or received on this interface. <output truncated> This is an example of output from the show interfaces capabilities command for an interface.
Page 624
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show interfaces Interface Secondary VLAN Type --------- -------------- ----------------- vlan10 isolated vlan10 community This is an example of output from the show interfaces interface-id pruning command when pruning is enabled in the VTP domain:...
Page 625
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show interfaces This is an example of output from the show interfaces switchport command for a port. Table 2-34 describes the fields in the display. Private VLAN trunks are not supported in this release, so those fields are not applicable.
Page 626
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show interfaces Table 2-34 show interfaces switchport Field Descriptions (continued) Field Description Pruning VLANs Enabled Lists the VLANs that are pruning-eligible. Protected Displays whether or not protected port is enabled (True) or disabled (False) on the interface.
Page 627
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show interfaces This is an example of output from the show interfaces interface-id pruning command: Switch# show interfaces gigibitethernet1/0/2 pruning Port Vlans pruned for lack of request by neighbor This is an example of output from the show interfaces switchport backup command. In this example,...
Page 628
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show interfaces Switch#show interfaces switchport backup Switch Backup Interface Pairs: Active Interface Backup Interface State ------------------------------------------------------------------------ GigabitEthernet2/0/6 GigabitEthernet2/0/8 Active Down/Backup Up Vlans Preferred on Active Interface: 1-50 Vlans Preferred on Backup Interface: 60, 100-120 This is an example of output from the show interfaces interface-id trunk command.
Page 629
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show interfaces High Alarm High Warn Low Warn Low Alarm Current Threshold Threshold Threshold Threshold Port (milliamperes) (mA) (mA) (mA) (mA) ------- ----------------- ---------- --------- --------- --------- Gi2/0/3 31.0 84.0 70.0...
Page 630
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show interfaces Name : Te1/0/1 Administrative Speed: 10000 Administrative Duplex: full Administrative Auto-MDIX: on Administrative Power Inline: N/A Operational Speed: 10000 Operational Duplex: full Operational Auto-MDIX: off Media Type: 10GBase-LR Related Commands...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show interfaces counters show interfaces counters Use the show interfaces counters privileged EXEC command to display various counters for the switch or for a specific interface. show interfaces [interface-id | vlan vlan-id] counters [errors | etherchannel | module switch-...
Page 632
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show interfaces counters Examples This is an example of partial output from the show interfaces counters command. It displays all counters for the switch. Switch# show interfaces counters Port InOctets InUcastPkts...
Page 633
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show interfaces counters This is an example of output from the show interfaces counters trunk command. It displays trunk counters for all interfaces. Switch# show interfaces counters trunk Port TrunkFramesTx TrunkFramesRx...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show interfaces transceivers show interfaces transceivers Use the show interfaces transceivers privileged EXEC command to display the physical properties of a small form-factor pluggable (SFP) module interface. show interfaces [interface-id] transceiver [detail | dom-supported-list | module number |...
Page 635
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show interfaces transceivers This is an example of output from the show interfaces interface-id transceiver detail command: Switch# show interfaces gigabitethernet1/0/3 transceiver detail ITU Channel not available (Wavelength not available), Transceiver is externally calibrated.
Page 636
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show interfaces transceivers XFP_ER XENPAK_LR 10-1838-04 X2_LR <output truncated> This is an example of output from the show interfaces transceiver threshold-table command: Optical Tx Optical Rx Temp Laser Bias Voltage current...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show inventory show inventory Use the show inventory user EXEC command to display product identification (PID) information for the hardware. show inventory [entity-name | raw] [ | {begin | exclude | include} expression]...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip arp inspection show ip arp inspection Use the show ip arp inspection privileged EXEC command to display the configuration and the operating state of dynamic Address Resolution Protocol (ARP) inspection or the status of this feature for all VLANs or for the specified interface or VLAN.
Page 639
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip arp inspection Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Page 640
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip arp inspection Gi1/0/1 0001.c940.1112 10.10.10.2 DHCP Deny 19:39:04 UTC Mon Mar 1 1993 Gi1/0/1 0001.c940.1114 173.1.1.1 DHCP Deny 19:39:06 UTC Mon Mar 1 1993 Gi1/0/1 0001.c940.1115 173.1.1.2 DHCP Deny...
Page 641
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip arp inspection This is an example of output from the show ip arp inspection vlan 5 command. It shows the configuration and the operating state of dynamic ARP inspection for VLAN 5.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip dhcp snooping show ip dhcp snooping Use the show ip dhcp snooping user EXEC command to display the DHCP snooping configuration. show ip dhcp snooping [ | {begin | exclude | include} expression]...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip dhcp snooping binding show ip dhcp snooping binding Use the show ip dhcp snooping binding user EXEC command to display the DHCP snooping binding database and configuration information for all interfaces on a switch.
Page 644
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip dhcp snooping binding This example shows how to display the DHCP snooping binding entries for a specific IP address: Switch> show ip dhcp snooping binding 10.1.2.150 MacAddress IpAddress Lease(sec)
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip dhcp snooping database show ip dhcp snooping database Use the show ip dhcp snooping database user EXEC command to display the status of the DHCP snooping binding database agent.
Page 646
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip dhcp snooping database This is an example of output from the show ip dhcp snooping database detail command: Switch# show ip dhcp snooping database detail Agent URL : tftp://10.1.1.1/directory/file...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip dhcp snooping statistics show ip dhcp snooping statistics Use the show ip dhcp snooping statistics user EXEC command to display DHCP snooping statistics in summary or detail form. show ip dhcp snooping statistics [detail] [ | {begin | exclude | include} expression]...
Page 648
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip dhcp snooping statistics Table 2-36 shows the DHCP snooping statistics and their descriptions: Table 2-36 DHCP Snooping Statistics DHCP Snooping Statistic Description Packets Processed by DHCP Snooping Total number of packets handled by DHCP snooping, including forwarded and dropped packets.
Page 649
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip dhcp snooping statistics Table 2-36 DHCP Snooping Statistics (continued) DHCP Snooping Statistic Description Interface Down Number of times the packet is a reply to the DHCP relay agent, but the SVI interface for the relay agent is down.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip igmp profile show ip igmp profile Use the show ip igmp profile privileged EXEC command to display all configured Internet Group Management Protocol (IGMP) profiles or a specified IGMP profile.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip igmp snooping show ip igmp snooping Use the show ip igmp snooping user EXEC command to display the Internet Group Management Protocol (IGMP) snooping configuration of the switch or the VLAN.
Page 652
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip igmp snooping Vlan 1: -------- IGMP snooping :Enabled Immediate leave :Disabled Multicast router learning mode :pim-dvmrp Source only learning age timer CGMP interoperability mode :IGMP_ONLY Last member query interval : 100 This is an example of output from the show ip igmp snooping command.
Page 653
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip igmp snooping Command Description ip igmp snooping vlan static Statically adds a Layer 2 port as a member of a multicast group. show ip igmp snooping groups Displays the IGMP snooping multicast table for the switch.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip igmp snooping groups show ip igmp snooping groups Use the show ip igmp snooping groups privileged EXEC command to display the Internet Group Management Protocol (IGMP) snooping multicast table for the switch or the multicast information. Use with the vlan keyword to display the multicast table for a specified multicast VLAN or specific multicast information.
Page 655
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip igmp snooping groups Examples This is an example of output from the show ip igmp snooping groups command without any keywords. It displays the multicast table for the switch.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip igmp snooping mrouter show ip igmp snooping mrouter Use the show ip igmp snooping mrouter privileged EXEC command to display the Internet Group Management Protocol (IGMP) snooping dynamically learned and manually configured multicast router ports for the switch or for the specified multicast VLAN.
Page 657
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip igmp snooping mrouter Related Commands Command Description ip igmp snooping Enables IGMP snooping on the switch or on a VLAN. ip igmp snooping vlan mrouter Adds a multicast router port.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip igmp snooping querier show ip igmp snooping querier Use the show ip igmp snooping querier detail user EXEC command to display the configuration and operation information for the IGMP querier configured on a switch.
Page 659
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip igmp snooping querier Examples This is an example of output from the show ip igmp snooping querier command: Switch> show ip igmp snooping querier Vlan IP Address IGMP Version...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip source binding show ip source binding Use the show ip source binding user EXEC command to display the IP source bindings on the switch. show ip source binding [ip-address] [mac-address] [dhcp-snooping | static] [interface interface-id] [vlan vlan-id] [ | {begin | exclude | include} expression] This command is available only if your switch is running the IP services feature set.
Page 661
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip source binding Related Commands Command Description ip dhcp snooping binding Configures the DHCP snooping binding database. ip source binding Configures static IP source bindings on the switch. Catalyst 3750-X and 3560-X Switch Command Reference...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip verify source show ip verify source Use the show ip verify source user EXEC command to display the IP source guard configuration on the switch or on a specific interface.
Page 663
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ip verify source • On the Gigabit Ethernet 1/0/4 interface, IP source guard with source IP and MAC address filtering is enabled, and static IP source bindings are configured on VLANs 10 and 11. For VLANs 12 to 20, the default port ACL is applied on the interface for the VLANs on which IP source guard is not configured.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ipc show ipc Use the show ipc user EXEC command to display Interprocess Communications Protocol (IPC) configuration, status, and statistics on a switch stack or a standalone switch. show ipc {mcast {appclass | groups | status} | nodes | ports [open] | queue | rpc | session {all | rx | tx} [verbose] | status [cumlulative] | zones} [ | {begin | exclude | include} expression] This command is not supported on switches running the LAN base feature set.
Page 665
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ipc Command History Release Modification 12.2(53)SE2 This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Page 666
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ipc This example shows how to display the contents of the IPC retransmission queue: Switch> show ipc queue There are 0 IPC messages waiting for acknowledgement in the transmit queue.
Page 667
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ipc Total via Unreliable Connection-Less Service 12783 Total via Unreliable Sequenced Connection-Less Svc Total via Reliable Connection-Oriented Service <output truncated> Related Commands Command Description clear ipc Clears the IPC multicast routing statistics.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ipv6 access-list show ipv6 access-list Use the show ipv6 access-list user EXEC command to display the contents of all current IPv6 access lists. show ipv6 access-list [access-list-name] Syntax Description access-list-name (Optional) Name of access list.
Page 669
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ipv6 access-list Table 2-37 show ipv6 access-list Field Descriptions (continued) Field Description bgp (matches) Border Gateway Protocol. The protocol type that the packet is equal to and the number of matches.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ipv6 dhcp conflict show ipv6 dhcp conflict Use the show ipv6 dhcp conflict privileged EXEC command on the switch stack or on a standalone switch to display address conflicts found by a Dynamic Host Configuration Protocol for IPv6 (DHCPv6) server when addresses are offered to the client.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ipv6 mld snooping show ipv6 mld snooping Use the show ipv6 mld snooping user EXEC command to display IP version 6 (IPv6) Multicast Listener Discovery (MLD) snooping configuration of the switch or the VLAN.
Page 672
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ipv6 mld snooping Explicit host tracking : Enabled Multicast router learning mode : pim-dvmrp Robustness variable Last listener query count Last listener query interval : 1000 This is an example of output from the show ipv6 mld snooping command. It displays snooping characteristics for all VLANs on the switch.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ipv6 mld snooping address show ipv6 mld snooping address Use the show ipv6 mld snooping address user EXEC command to display all or specified IP Version 6 (IPv6) multicast address information maintained by Multicast Listener Discovery (MLD) snooping.
Page 674
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ipv6 mld snooping address Examples This is an example of output from the show snooping address user EXEC command: Switch> show ipv6 mld snooping address Vlan Group Type Version Port List...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ipv6 mld snooping mrouter show ipv6 mld snooping mrouter Use the show ipv6 mld snooping mrouter user EXEC command to display dynamically learned and manually configured IP version 6 (IPv6) Multicast Listener Discovery (MLD) router ports for the switch or a VLAN.
Page 676
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ipv6 mld snooping mrouter Related Commands Command Description ipv6 mld snooping Enables and configures MLD snooping on the switch or on a VLAN. ipv6 mld snooping vlan mrouter Configures multicast router ports for a VLAN.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ipv6 mld snooping querier show ipv6 mld snooping querier Use the show ipv6 mld snooping querier user EXEC command to display IP version 6 (IPv6) Multicast Listener Discovery (MLD) snooping querier-related information most recently received by the switch or the VLAN.
Page 678
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ipv6 mld snooping querier To configure the dual IPv4 and IPv6 template, enter the sdm prefer dual-ipv4-and-ipv6 {default | vlan) global configuration command and reload the switch. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show ipv6 route updated show ipv6 route updated Use the show ipv6 route updated command in user EXEC command to display the current contents of the IPv6 routing table. show ipv6 route [protocol] updated [boot-up] {hh:mm | day{month [hh:mm]} [{hh:mm | day{month [hh:mm]}] [ | {begin | exclude | include} expression] This command is not supported on switches running the LAN base feature set.
Page 680
Displays the current contents of the IPv6 routing table. For syntax information, select Cisco IOS Software > Command References for the Cisco IOS Software Releases 12.3 Mainline > Cisco IOS IPv6 Command Reference > IPv6 Commands: show ipv6 nat translations...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show l2protocol-tunnel show l2protocol-tunnel Use the show l2protocol-tunnel user EXEC command to display information about Layer 2 protocol tunnel ports. Displays information for interfaces with protocol tunneling enabled. show l2protocol-tunnel [interface interface-id] [summary] [ | {begin | exclude | include} expression] This command is not supported on switches running the LAN base feature set.
Page 682
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show l2protocol-tunnel Examples This is an example of output from the show l2protocol-tunnel command: Switch> show l2protocol-tunnel COS for Encapsulated Packets: 5 Drop Threshold for Encapsulated Packets: 0 Port Protocol Shutdown...
Page 683
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show l2protocol-tunnel Related Commands Command Description clear l2protocol-tunnel counters Clears counters for protocol tunneling ports. l2protocol-tunnel Enables Layer 2 protocol tunneling for CDP, STP, or VTP packets on an interface. l2protocol-tunnel cos Configures a class of service (CoS) value for tunneled Layer 2 protocol packets.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show lacp show lacp Use the show lacp user EXEC command to display Link Aggregation Control Protocol (LACP) channel-group information. show lacp [channel-group-number] {counters | internal | neighbor | sys-id} [ | {begin | exclude |...
Page 685
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show lacp Examples This is an example of output from the show lacp counters user EXEC command. Table 2-38 describes the fields in the display. Switch> show lacp counters LACPDUs Marker...
Page 686
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show lacp Table 2-39 show lacp internal Field Descriptions (continued) Field Description Admin Key Administrative key assigned to this port. LACP automatically generates an administrative key value as a hexadecimal number. The administrative key defines the ability of a port to aggregate with other ports.
Page 687
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show lacp This is an example of output from the show lacp sys-id command: Switch> show lacp sys-id 32765,0002.4b29.3a00 The system identification is made up of the system priority and the system MAC address. The first two bytes are the system priority, and the last six bytes are the globally administered individual MAC address associated to the system.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show link state group show link state group Use the show link state group privileged EXEC command to display the link-state group information. show link state group [number] [detail] [ | {begin | exclude | include} expression]...
Page 689
Enables a link-state group. show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_comm and_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show lldp show lldp The show lldp command is documented at http://www.cisco.com/en/US/docs/ios/cether/command/reference/ce_04.html#wp1095571. Catalyst 3750-X and 3560-X Switch Command Reference 2-658 OL-21522-02 Downloaded from www.Manualslib.com manuals search engine...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show location show location Use the show location user EXEC command to display location information for an endpoint. show location admin-tag | [ | {begin | exclude | include} expression] show location civic-location {identifier id number | interface interface-id | static} | {begin |...
Page 692
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show location Examples This is an example of output from the show location civic-location command that displays location information for an interface: Switch> show location civic interface gigabitethernet2/0/1 Civic location information...
Page 693
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show location This is an example of output from the show location elin static command that displays all emergency location information: Switch> show location elin static Elin location information -------------------------- Identifier : 1...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show logging onboard show logging onboard Use the show logging onboard privileged EXEC command to display the on-board failure logging (OBFL) information. show logging onboard [module [switch-number]] {{clilog | environment | message | poe |...
Page 695
OBFL information about the stack members that support OBFL. • On a Catalyst 3560-X switch, if you enter the module keyword, you must enter the switch-number value of 1. Use the start and end keywords to display data collected only during a particular time period. When specifying the start and end times, follow these guidelines: •...
Page 696
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show logging onboard 05/12/2006 15:33:32 show logging onboard poe detail 05/12/2006 16:14:09 show logging onboard temperature summary <output truncated> ..05/16/2006 13:07:53 no hw-module module logging onboard message level 05/16/2006 13:16:13 show logging onboard uptime continuous...
Page 697
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show logging onboard This is an example of output from the show logging onboard status command: Switch# show logging onboard status Devices registered with infra Slot no.: 0 Subslot no.: 0, Device obfl0:...
Page 698
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show logging onboard 05/13/2006 07:25:24 05/13/2006 08:25:24 <output truncated> This is an example of output from the show logging onboard uptime summary command: Switch# show logging onboard uptime summary -------------------------------------------------------------------------------- UPTIME SUMMARY INFORMATION...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mac access-group show mac access-group Use the show mac access-group user EXEC command to display the MAC access control lists (ACLs) configured for an interface or a switch. show mac access-group [interface interface-id] [ | {begin | exclude | include} expression]...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands \show mac address-table show mac address-table Use the show mac address-table user EXEC command to display a specific MAC address table static and dynamic entry or the MAC address table static and dynamic entries on a specific interface or VLAN.
Page 701
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands \show mac address-table Related Commands Command Description clear mac address-table dynamic Deletes from the MAC address table a specific dynamic address, all dynamic addresses on a particular interface, or all dynamic addresses on a particular VLAN.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mac address-table address show mac address-table address Use the show mac address-table address user EXEC command to display MAC address table information for the specified MAC address. show mac address-table address mac-address [interface interface-id] [vlan vlan-id] [ | {begin |...
Page 703
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mac address-table address Related Commands Command Description show mac address-table aging-time Displays the aging time in all VLANs or the specified VLAN. show mac address-table count Displays the number of addresses present in all VLANs or the specified VLAN.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mac address-table aging-time show mac address-table aging-time Use the show mac address-table aging-time user EXEC command to display the aging time of a specific address table instance, all address table instances on a specified VLAN or, if a specific VLAN is not specified, on all VLANs.
Page 705
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mac address-table aging-time Related Commands Command Description mac address-table aging-time Sets the length of time that a dynamic entry remains in the MAC address table after the entry is used or updated.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mac address-table count show mac address-table count Use the show mac address-table count user EXEC command to display the number of addresses present in all VLANs or the specified VLAN.
Page 707
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mac address-table count Related Commands Command Description show mac address-table address Displays MAC address table information for the specified MAC address. show mac address-table aging-time Displays the aging time in all VLANs or the specified VLAN.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mac address-table dynamic show mac address-table dynamic Use the show mac address-table dynamic user EXEC command to display only dynamic MAC address table entries. show mac address-table dynamic [address mac-address] [interface interface-id] [vlan vlan-id]...
Page 709
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mac address-table dynamic Related Commands Command Description clear mac address-table dynamic Deletes from the MAC address table a specific dynamic address, all dynamic addresses on a particular interface, or all dynamic addresses on a particular VLAN.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mac address-table interface show mac address-table interface Use the show mac address-table interface user command to display the MAC address table information for the specified interface in the specified VLAN.
Page 711
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mac address-table interface Related Commands Command Description show mac address-table address Displays MAC address table information for the specified MAC address. show mac address-table aging-time Displays the aging time in all VLANs or the specified VLAN.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mac address-table learning show mac address-table learning Use the show mac address-table learning user EXEC command to display the status of MAC address learning for all VLANs or the specified VLAN.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mac address-table move update show mac address-table move update Use the show mac address-table move update user EXEC command to display the MAC address-table move update information on the switch.
Page 714
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mac address-table move update Related Commands Command Description clear mac address-table move Clears the MAC address-table move update counters. update mac address-table move update Configures MAC address-table move update on the switch.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mac address-table notification show mac address-table notification Use the show mac address-table notification user EXEC command to display the MAC address notification settings for all interfaces or the specified interface.
Page 716
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mac address-table notification Examples This is an example of output from the show mac address-table notification change command: Switch> show mac address-table notification change MAC Notification Feature is Enabled on the switch...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mac address-table static show mac address-table static Use the show mac address-table static user EXEC command to display only static MAC address table entries. show mac address-table static [address mac-address] [interface interface-id] [vlan vlan-id]...
Page 718
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mac address-table static Related Commands Command Description mac address-table static Adds static addresses to the MAC address table. mac address-table static drop Enables unicast MAC address filtering and configures the switch to drop traffic with a specific source or destination MAC address.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mac address-table vlan show mac address-table vlan Use the show mac address-table vlan user EXEC command to display the MAC address table information for the specified VLAN. show mac address-table vlan vlan-id [ | {begin | exclude | include} expression]...
Page 720
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mac address-table vlan Related Commands Command Description show mac address-table address Displays MAC address table information for the specified MAC address. show mac address-table aging-time Displays the aging time in all VLANs or the specified VLAN.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show macsec show macsec To display 802.1ae Media Access Control Security (MACsec) information, use the show macsec privileged EXEC command. show macsec {interface interface-id | summary} [ | {begin | exclude | include} expression]...
Page 722
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show macsec Cipher : GCM-AES-128 Confidentiality Offset : 0 Capabilities Max. Rx SA : 16 Max. Tx SA : 16 Validate Frames : strict PN threshold notification support : Yes Ciphers supported : GCM-AES-128...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mka default-policy show mka default-policy To display information about the MACsec Key Agreement (MKA) Protocol default policy, use the show mka default-policy privileged EXEC command show mka default-policy [sessions] [detail] [ | {begin | exclude | include} expression]...
Page 724
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mka default-policy Replay Protection..YES Replay Window Size..0 Confidentiality Offset. 0 Applied Interfaces... GigabitEthernet1/0/5 This is sample output of the show mka default-policy sessions command: Switch# show mka default-policy sessions Summary of All Active MKA Sessions with MKA Policy "*DEFAULT POLICY*"...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mka policy show mka policy To display a summary of all defined MACsec Key Agreement (MKA) protocol policies, including the MKA default policy, or to display a summary of a specified policy, use the show mka policy privileged EXEC command.
Page 726
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mka policy Table 2-41 show mka policy Output FIelds Field Description Policy Name The string identifier of the policy. KS Priority The set value of the priority for becoming the key server (KS). The range is 0 to 255, with 0 as the highest priority and 255 as the lowest priority.
Page 727
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mka policy Related Commands Command Description mka policy (global Creates an MKA policy and enters MKA policy configuration mode. configuration) mka policy (interface Applies an MKA policy to the interface.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mka session show mka session To display a summary of active MACsec Key Agreement (MKA) Protocol sessions, use the show mka session privileged EXEC command. show mka session [interface interface-id] [port-id port-id]] [local-sci sci] [ | {begin | exclude |...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mka statistics show mka statistics To display global MACsec Key Agreement (MKA) Protocol statistics and error counters from active and previous MKA sessions, use the show mka statistics privileged EXEC command...
Page 732
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mka statistics Pairwise CAKs Derived..32 Pairwise CAK Rekeys..31 Group CAKs Generated..0 Group CAKs Received..0 SA Statistics SAKs Generated..... 32 SAKs Rekeyed....31 SAKs Received....0 SAK Responses Received..32 MKPDU Statistics MKPDUs Validated &...
Page 733
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mka statistics Table 2-43 show mka Global Statistics Output Fields (continued) Field Description Group CAKs Received Received group CAKs while acting as a nonkey server member in a group SAK Rekeys Secure association key (SAK) rekeys that have been initiated as key servers or received as nonkey server members.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mka summary show mka summary To display a summary of MACsec Key Agreement (MKA) sessions and global statistics, use the show mka summary privileged EXEC command. show mka summary [ | {begin | exclude | include} expression]...
Page 736
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mka summary Table 2-44 show mka summary Output Fields Field Description Group CAKs Generated Generated group CAKs while acting as a key server in a group CA. Group CAKs Received...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mls qos show mls qos Use the show mls qos user EXEC command to display global quality of service (QoS) configuration information. show mls qos [ | {begin | exclude | include} expression]...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mls qos aggregate-policer show mls qos aggregate-policer Use the show mls qos aggregate-policer user EXEC command to display the quality of service (QoS) aggregate policer configuration. A policer defines a maximum permissible rate of transmission, a maximum burst size for transmissions, and an action to take if either maximum is exceeded.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mls qos input-queue show mls qos input-queue Use the show mls qos input-queue user EXEC command to display quality of service (QoS) settings for the ingress queues. show mls qos input-queue [ | {begin | exclude | include} expression]...
Page 740
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mls qos input-queue Related Commands Command Description mls qos srr-queue input bandwidth Assigns shaped round robin (SRR) weights to an ingress queue. mls qos srr-queue input buffers Allocates the buffers between the ingress queues.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mls qos interface show mls qos interface Use the show mls qos interface user EXEC command to display quality of service (QoS) information at the port level. show mls qos interface [interface-id] [buffers | queueing | statistics]...
Page 742
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mls qos interface DSCP Mutation Map:Default DSCP Mutation Map Trust device:none qos mode:vlan-based This is an example of output from the show mls qos interface interface-id command when VLAN-based QoS is disabled: Switch>...
Page 744
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mls qos interface Command Description mls qos srr-queue input threshold Assigns WTD threshold percentages to an ingress queue. mls qos srr-queue output cos-map Maps CoS values to an egress queue or maps CoS values to a queue and to a threshold ID.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mls qos maps show mls qos maps Use the show mls qos maps user EXEC command to display quality of service (QoS) mapping information. During classification, QoS uses the mapping tables to represent the priority of the traffic and to derive a corresponding class of service (CoS) or Differentiated Services Code Point (DSCP) value from the received CoS, DSCP, or IP precedence value.
Page 746
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mls qos maps The DSCP input queue threshold and the DSCP output queue threshold maps appear as a matrix. The d1 column specifies the most-significant digit of the DSCP number. The d2 row specifies the least-significant digit in the DSCP number.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mls qos queue-set show mls qos queue-set Use the show mls qos queue-set user EXEC command to display quality of service (QoS) settings for the egress queues. show mls qos queue-set [qset-id] [ | {begin | exclude | include} expression]...
Page 749
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mls qos queue-set Related Commands Command Description mls qos queue-set output buffers Allocates buffers to the queue-set. mls qos queue-set output threshold Configures the weighted tail-drop (WTD) thresholds, guarantees the availability of buffers, and configures the maximum memory allocation of the queue-set.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mls qos vlan show mls qos vlan Use the show mls qos vlan user EXEC command to display the policy maps attached to a switch virtual interface (SVI). show mls qos vlan vlan-id [ | {begin | exclude | include} expression]...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show monitor show monitor Use the show monitor user EXEC command to display information about all Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN) sessions on the switch. Use the command with keywords to show a specific session, all sessions, all local sessions, or all remote sessions.
Page 752
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show monitor Examples This is an example of output for the show monitor user EXEC command: Switch# show monitor Session 1 --------- Type : Local Session Source Ports : RX Only : Gi4/0/1...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mvr show mvr Use the show mvr privileged EXEC command without keywords to display the current Multicast VLAN Registration (MVR) global parameter values, including whether or not MVR is enabled, the MVR multicast VLAN, the maximum query response time, the number of multicast groups, and the MVR mode (dynamic or compatible).
Page 754
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mvr Related Commands Command Description mvr (global configuration) Enables and configures multicast VLAN registration on the switch. mvr (interface configuration) Configures MVR ports. show mvr interface Displays the configured MVR interfaces, status of the specified interface, or all multicast groups to which the interface belongs when the interface and members keywords are appended to the command.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mvr interface show mvr interface Use the show mvr interface privileged EXEC command without keywords to display the Multicast VLAN Registration (MVR) receiver and source ports. Use the command with keywords to display MVR parameters for a specific receiver port.
Page 756
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mvr interface In the preceding display, Status is defined as follows: Active means the port is part of a VLAN. • • Up/Down means that the port is forwarding/nonforwarding. Inactive means that the port is not yet part of any VLAN.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mvr members show mvr members Use the show mvr members privileged EXEC command to display all receiver and source ports that are currently members of an IP multicast group. show mvr members [ip-address] [ | {begin | exclude | include} expression]...
Page 758
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show mvr members This is an example of output from the show mvr members ip-address command. It displays the members of the IP multicast group with that address: Switch# show mvr members 239.255.0.2 239.255.003.--22...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show network-policy profile show network-policy profile Use the show network policy profile privileged EXEC command to display the network-policy profiles. show network-policy profile [profile number] [detail] [ | {begin | exclude | include} expression]...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show nmsp show nmsp Use the show nmsp privileged EXEC command to display the Network Mobility Services Protocol (NMSP) information for the switch. show nmsp {attachment suppress interface | capability | notification interval | statistics...
Page 761
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show nmsp Examples This is an example of output from the show nmsp attachment suppress interface command: Switch# show nmsp attachment suppress interface NMSP Attachment Suppression Interfaces -------------------------------------- GigabitEthernet1/1 GigabitEthernet1/2 This is an example of output from the show nmsp capability command:...
Page 762
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show nmsp This is an example of output from the show nmsp status command: Switch# show nmsp status NMSP Status ---------------- NMSP: enabled MSE IP Address TxEchoResp RxEchoReq TxData RxData 172.19.35.109...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show pagp show pagp Use the show pagp user EXEC command to display Port Aggregation Protocol (PAgP) channel-group information. show pagp [channel-group-number] {counters | dual-active | internal | neighbor} [ | {begin |...
Page 764
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show pagp This is an example of output from the show pagp dual-active command: Switch> show pagp dual-active PAgP dual-active detection enabled: Yes PAgP dual-active version: 1.1 Channel group 1 Dual-Active...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show policy-map show policy-map Use the show policy-map user EXEC command to display quality of service (QoS) policy maps, which define classification criteria for incoming traffic. Policy maps can include policers that specify the bandwidth limitations and the action to take if the limits are exceeded.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show port-security show port-security Use the show port-security privileged EXEC command to display port-security settings for an interface or for the switch. show port-security [interface interface-id] [address | vlan] [ | {begin | exclude | include}...
Page 767
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show port-security Examples This is an example of the output from the show port-security command: Switch# show port-security Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action (Count) (Count) (Count) ------------------------------------------------------------------------------- Gi1/0/1 Shutdown...
Page 768
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show port-security Related Commands Command Description clear port-security Deletes from the MAC address table a specific type of secure address or all the secure addresses on the switch or an interface.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show power inline show power inline Use the show power inline user EXEC command to display the Power over Ethernet (PoE) status for the specified PoE port, the specified stack member, or for all PoE ports in the switch stack.
Page 770
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show power inline Examples This is an example of output from the show power inline command. Table 2-46 describes the output fields. Switch> show power inline Module Available Used Remaining (Watts)
Page 771
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show power inline <output truncated> Table 2-46 show power inline Field Descriptions Field Description Available The total amount of configured power on the PoE switch in watts (W). Used The amount of configured power that is allocated to PoE ports in watts.
Page 772
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show power inline Gi3/0/9 Gi3/0/10 <output truncated> This is an example of output from the show power inline police command on a Catalyst 3750-X switch. Table 2-47 describes the output fields.
Page 773
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show power inline • The Gi1/0/12 port is up and connected to a powered device, and policing is enabled with a policing action to shut down the port. The policing action does not take effect because the real-time power consumption is less than the cutoff value.
Page 774
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show power inline Table 2-47 show power inline police Field Descriptions (continued) Field Description Cutoff Power The maximum power allocated on the port. When the real-time power consumption is greater than this value, the switch takes the configured policing action.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show sdm prefer show sdm prefer Use the show sdm prefer privileged EXEC command to display information about the Switch Database Management (SDM) templates that can be used to maximize system resources for a particular feature, or use the command without a keyword to display the template in use.
Page 776
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show sdm prefer Examples This is an example of output from the show sdm prefer command, displaying the template in use. Note On switches running the LAN base feature set, routing values shown in all templates are not valid.
Page 777
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show sdm prefer This is an example of output from the show sdm prefer vlan command: Switch# show sdm prefer vlan "desktop vlan" template: The selected template optimizes the resources in the switch to support this level of features for 8 routed interfaces and 1024 VLANs.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show setup express show setup express Use the show setup express privileged EXEC command to display if Express Setup mode is active on the switch. show setup express [ | {begin | exclude | include} expression]...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show spanning-tree show spanning-tree Use the show spanning-tree user EXEC command to display spanning-tree state information. show spanning-tree [bridge-group | active [detail] | backbonefast | blockedports | bridge | detail [active] | inconsistentports | interface interface-id | mst | pathcost method | root | summary...
Page 780
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show spanning-tree mst [configuration (Optional) Display the multiple spanning-tree (MST) region [digest]] [instance-id configuration and status (available only in privileged EXEC mode). [detail | interface The keywords have these meanings: interface-id [detail]] •...
Page 781
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show spanning-tree | begin (Optional) Display begins with the line that matches the expression. | exclude (Optional) Display excludes lines that match the expression. | include (Optional) Display includes lines that match the specified expression.
Page 782
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show spanning-tree Port 1 (GigabitEthernet2/0/1) of VLAN0001 is forwarding Port path cost 3019, Port priority 128, Port Identifier 128.24. Designated root has priority 32768, address 0001.42e2.cdd0 Designated bridge has priority 32768, address 00d0.bbf5.c680 Designated port id is 128.25, designated path cost 19...
Page 783
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show spanning-tree This is an example of output from the show spanning-tree mst configuration command: Switch# show spanning-tree mst configuration Name [region1] Revision Instance Vlans Mapped -------- ------------------ 1-9,21-4094 10-20 ----------------------------...
Page 784
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show spanning-tree Command Description spanning-tree loopguard default Prevents alternate or root ports from becoming the designated port because of a failure that leads to a unidirectional link. spanning-tree mst configuration Enters multiple spanning-tree (MST) configuration mode through which the MST region configuration occurs.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show stack-power show stack-power To display the members of all StackPower stacks or the specified power stack and the power mode of the stack, use the show stack-power user EXEC command.
Page 786
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show stack-power Switch 2: Power budget: 206 Low port priority value: 13 High port priority value: 12 Switch priority value: 2 Port A status: Not shut Port B status: Not shut Neighbor on port A: 0022.bdd0.6d00...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show storm-control show storm-control Use the show storm-control user EXEC command to display broadcast, multicast, or unicast storm control settings on the switch or on the specified interface or to display storm-control history.
Page 788
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show storm-control This is an example of output from the show storm-control command for a specified interface. Because no traffic-type keyword was entered, the broadcast storm control settings appear. Switch> show storm-control gigabitethernet 1/0/1...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show switch show switch Use the show switch user EXEC command to display information related to the stack member or the switch stack. show switch [stack-member-number | detail | neighbors | stack-ports [summary]| stack-ring activity [detail] | speed] [ | {begin | exclude | include} expression] This command is supported only on Catalyst 3750-X switches.
Page 790
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show switch Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Page 791
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show switch Switch> show switch detail Switch/Stack Mac Address : 0013.c4db.7e00 Mac persistency wait time: 4 mins Current Switch# Role Mac Address Priority Version State ---------------------------------------------------------- Master 0013.c4db.7e00 Ready Member 0000.000.0000 Provisioned Member 0003.e31a.1e00...
Page 792
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show switch Table 2-49 show switch stack-ports summary Command Output Field Description Switch#/Port# Member number and its stack port number. Stack Port Status • Absent—No cable is detected on the stack port.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show system mtu show system mtu Use the show system mtu privileged EXEC command to display the global maximum transmission unit (MTU) or maximum packet size set for the switch. show system mtu [ | {begin | exclude | include} expression]...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show udld show udld Use the show udld user EXEC command to display UniDirectional Link Detection (UDLD) administrative and operational status for all ports or the specified port. show udld [interface-id] [ | {begin | exclude | include} expression]...
Page 796
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show udld Table 2-50 show udld Field Descriptions Field Description Interface The interface on the local device configured for UDLD. Port enable administrative How UDLD is configured on the port. If UDLD is enabled or...
Page 797
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show udld Related Commands Command Description udld Enables aggressive or normal mode in UDLD or sets the configurable message timer time. udld port Enables UDLD on an individual interface or prevents a fiber-optic interface from being enabled by the udld global configuration command.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show version show version Use the show version user EXEC command to display version information for the hardware and firmware and software license information. show version [ | {begin | exclude | include} expression]...
Page 799
If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html If you require further assistance please contact us by sending email to export@cisco.com.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show vlan show vlan Use the show vlan user EXEC command to display the parameters for all configured VLANs or one VLAN (if the VLAN ID or name is specified) on the switch.
Page 801
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show vlan Usage Guidelines In the show vlan mtu command output, the MTU_Mismatch column shows whether all the ports in the VLAN have the same MTU. When yes appears in this column, it means that the VLAN has ports with different MTUs, and packets that are switched from a port with a larger MTU to a port with a smaller MTU might be dropped.
Page 802
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show vlan Remote SPAN VLANs ------------------------------------------------------------------------------ Primary Secondary Type Ports ------ --------- ----------------- ------------------------------------------ Primary Secondary Type Ports ------- --------- ----------------- ------------------------------------------ isolated Gi1/0/1,Gi3/0/1 community Gi1/0/1, Gi3/0/1 community Gi1/0/1, Gi3/0/1 <output truncated>...
Page 804
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show vlan Related Commands Command Description private-vlan Configures a VLAN as a community, isolated, or primary VLAN or associates a primary VLAN with secondary VLANs. switchport mode Configures the VLAN membership mode of a port.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show vlan access-map show vlan access-map Use the show vlan access-map privileged EXEC command to display information about a particular VLAN access map or for all VLAN access maps. show vlan access-map [mapname] [ | {begin | exclude | include} expression] This command is not supported on switches running the LAN base feature set.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show vlan filter show vlan filter Use the show vlan filter privileged EXEC command to display information about all VLAN filters or about a particular VLAN or VLAN access map. show vlan filter [access-map name | vlan vlan-id] [ | {begin | exclude | include} expression] This command is not supported on switches running the LAN base feature set.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show vmps show vmps Use the show vmps user EXEC command without keywords to display the VLAN Query Protocol (VQP) version, reconfirmation interval, retry count, VLAN Membership Policy Server (VMPS) IP addresses, and the current and primary servers, or use the statistics keyword to display client-side statistics.
Page 808
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show vmps Wrong Version: Insufficient Resource: 0 Table 2-52 show vmps statistics Field Descriptions Field Description VQP Queries Number of queries sent by the client to the VMPS. VQP Responses Number of responses sent to the client from the VMPS.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show vtp show vtp Use the show vtp user EXEC command to display general information about the VLAN Trunking Protocol (VTP) management domain, status, and counters. show vtp {counters | devices [conflicts] | interface [interface-id] | password | status} [ | {begin |...
Page 810
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show vtp Examples This is an example of output from the show vtp devices command. A in the column means Conflict that the responding server is in conflict with the local server for the feature; that is, when two switches in the same domain do not have the same primary server for a database.
Page 811
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show vtp Table 2-53 show vtp counters Field Descriptions (continued) Field Description Request advertisements Number of advertisement requests sent by this switch on its trunk ports. Advertisement transmitted requests normally request information on all VLANs. They can also request information on a subset of VLANs.
Page 812
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show vtp Table 2-54 show vtp status Field Descriptions Field Description VTP Version Displays the VTP version operating on the switch. By default, the switch implements Version 1 but can be set to Version 2.
Page 813
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show vtp Feature VLAN: -------------- VTP Operating Mode : Server Number of existing VLANs Number of existing extended VLANs : 0 Configuration Revision Primary ID : 0000.0000.0000 Primary Description MD5 digest...
Page 814
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands show vtp Catalyst 3750-X and 3560-X Switch Command Reference 2-782 OL-21522-02 Downloaded from www.Manualslib.com manuals search engine...
2 V ] Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands shutdown shutdown Use the shutdown interface configuration command on the switch stack or on a standalone switch to disable an interface. Use the no form of this command to restart a disabled interface.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands shutdown vlan shutdown vlan Use the shutdown vlan global configuration command on the switch stack or on a standalone switch to shut down (suspend) local traffic on the specified VLAN. Use the no form of this command to restart local traffic on the VLAN.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands small-frame violation rate small-frame violation rate Use the small-frame violation rate pps interface configuration command on the switch stack or on a standalone switch to configure the rate (threshold) for an interface to be error disabled when it receives VLAN-tagged packets that are small frames (67 bytes or less) at the specified rate.
Page 818
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands small-frame violation rate Related Commands Command Description errdisable detect cause small-frame Allows any switch port to be put into the error-disabled state if an incoming frame is smaller than the minimum size and arrives at the specified rate (threshold).
Page 820
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands snmp-server enable traps dot1x [auth-fail-vlan | (Optional) Enable IEEE 802.1x traps. The keywords have these meanings: guest-vlan | auth-fail-vlan—(Optional) Generate a trap when the port moves to the • no-auth-fail-vlan | configured restricted VLAN.
Page 821
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands snmp-server enable traps ospf [cisco-specific | (Optional) Enable Open Shortest Path First (OSPF) traps. The keywords have errors | lsa | rate-limit | these meanings: retransmit | cisco-specific—(Optional) Enable Cisco-specific traps.
Page 823
Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_command _reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command. snmp-server host Specifies the host that receives SNMP traps.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands snmp-server host snmp-server host Use the snmp-server host global configuration command on the switch stack or on a standalone switch to specify the recipient (host) of a Simple Network Management Protocol (SNMP) notification operation.
Page 825
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands snmp-server host notification-type (Optional) Type of notification to be sent to the host. If no type is specified, all notifications are sent. The notification type can be one or more of the these keywords: •...
Page 826
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands snmp-server host Defaults This command is disabled by default. No notifications are sent. If you enter this command with no keywords, the default is to send all trap types to the host. No informs are sent to this host.
Page 827
The community string is defined as comaccess: Switch(config)# snmp-server enable traps Switch(config)# snmp-server host myhost.cisco.com comaccess snmp This example shows how to enable the switch to send all traps to the host myhost.cisco.com by using the community string public: Switch(config)# snmp-server enable traps Switch(config)# snmp-server host myhost.cisco.com public...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands snmp trap mac-notification change snmp trap mac-notification change Use the snmp trap mac-notification change interface configuration command on the switch stack or on a standalone switch to enable the Simple Network Management Protocol (SNMP) MAC address notification trap on a specific Layer 2 interface.
Page 829
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands snmp trap mac-notification change Related Commands Command Description clear mac address-table notification Clears the MAC address notification global counters. mac address-table notification Enables the MAC address notification feature. show mac address-table notification...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree backbonefast spanning-tree backbonefast Use the spanning-tree backbonefast global configuration command on the switch stack or on a standalone switch to enable the BackboneFast feature. Use the no form of the command to return to the default setting.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree bpdufilter spanning-tree bpdufilter Use the spanning-tree bpdufilter interface configuration command on the switch stack or on a standalone switch to prevent an interface from sending or receiving bridge protocol data units (BPDUs).
Page 832
Related Commands Command Description show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod _command_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree bpduguard spanning-tree bpduguard Use the spanning-tree bpduguard interface configuration command on the switch stack or on a standalone switch to put an interface in the error-disabled state when it receives a bridge protocol data unit (BPDU).
Page 834
Related Commands Command Description show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod _command_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree cost spanning-tree cost Use the spanning-tree cost interface configuration command on the switch stack or on a standalone switch to set the path cost for spanning-tree calculations. If a loop occurs, spanning tree considers the path cost when selecting an interface to place in the forwarding state.
Page 836
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree cost Related Commands Command Description show spanning-tree interface Displays spanning-tree information for the specified interface. interface-id spanning-tree port-priority Configures an interface priority. spanning-tree vlan priority Sets the switch priority for the specified spanning-tree instance.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree etherchannel guard misconfig spanning-tree etherchannel guard misconfig Use the spanning-tree etherchannel guard misconfig global configuration command to display an error message when the switch detects an EtherChannel misconfiguration. Use the no form of this command to disable the feature.
Page 838
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree etherchannel guard misconfig Related Commands Command Description errdisable recovery cause Enables the timer to recover from the EtherChannel channel-misconfig misconfiguration error-disabled state. show etherchannel summary Displays EtherChannel information for a channel as a one-line summary per channel-group.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree extend system-id spanning-tree extend system-id Use the spanning-tree extend system-id global configuration command on the switch stack or on a standalone switch to enable the extended system ID feature. spanning-tree extend system-id Though visible in the command-line help strings, the no version of this command is not supported.
Page 840
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree extend system-id Related Commands Command Description show spanning-tree summary Displays a summary of spanning-tree interface states. spanning-tree mst root Configures the MST root switch priority and timers based on the network diameter.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree guard spanning-tree guard Use the spanning-tree guard interface configuration command on the switch stack or on a standalone switch to enable root guard or loop guard on all the VLANs associated with the selected interface. Root guard restricts which interface is allowed to be the spanning-tree root port or the path-to-the root for the switch.
Page 842
Related Commands Command Description show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/pr od_command_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree link-type spanning-tree link-type Use the spanning-tree link-type interface configuration command on the switch stack or on a standalone switch to override the default link-type setting, which is determined by the duplex mode of the interface, and to enable rapid spanning-tree transitions to the forwarding state.
Page 844
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree link-type Related Commands Command Description clear spanning-tree detected-protocols Restarts the protocol migration process (force the renegotiation with neighboring switches) on all interfaces or on the specified interface. show spanning-tree interface...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree loopguard default spanning-tree loopguard default Use the spanning-tree loopguard default global configuration command on the switch stack or on a standalone switch to prevent alternate or root ports from becoming designated ports because of a failure that leads to a unidirectional link.
Page 846
Command Description show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_com mand_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree mode spanning-tree mode Use the spanning-tree mode global configuration command on the switch stack or on a standalone switch to enable per-VLAN spanning-tree plus (PVST+), rapid PVST+, or multiple spanning tree (MST) on your switch.
Page 848
Command Description show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_comm and_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree mst configuration spanning-tree mst configuration Use the spanning-tree mst configuration global configuration command on the switch stack or on a standalone switch to enter multiple spanning-tree (MST) configuration mode through which you configure the MST region.
Page 850
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree mst configuration When you map VLANs to an MST instance, the mapping is incremental, and VLANs specified in the command are added to or removed from the VLANs that were previously mapped. To specify a range, use a hyphen;...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree mst cost spanning-tree mst cost Use the spanning-tree mst cost interface configuration command on the switch stack or on a standalone switch to set the path cost for multiple spanning-tree (MST) calculations. If a loop occurs, spanning tree considers the path cost when selecting an interface to put in the forwarding state.
Page 852
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree mst cost Related Commands Command Description show spanning-tree Displays MST information for the specified interface. interface interface-id spanning-tree mst Configures an interface priority. port-priority spanning-tree mst priority Configures the switch priority for the specified spanning-tree instance.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree mst forward-time spanning-tree mst forward-time Use the spanning-tree mst forward-time global configuration command on the switch stack or on a standalone switch to set the forward-delay time for all multiple spanning-tree (MST) instances. The forwarding time specifies how long each of the listening and learning states last before the interface begins forwarding.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree mst hello-time spanning-tree mst hello-time Use the spanning-tree mst hello-time global configuration command on the switch stack or on a standalone switch to set the interval between hello bridge protocol data units (BPDUs) sent by root switch configuration messages.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree mst max-age spanning-tree mst max-age Use the spanning-tree mst max-age global configuration command on the switch stack or on a standalone switch to set the interval between messages that the spanning tree receives from the root switch.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree mst max-hops spanning-tree mst max-hops Use the spanning-tree mst max-hops global configuration command on the switch stack or on a standalone switch to set the number of hops in a region before the bridge protocol data unit (BPDU) is discarded and the information held for an interface is aged.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree mst port-priority spanning-tree mst port-priority Use the spanning-tree mst port-priority interface configuration command on the switch stack or on a standalone switch to configure an interface priority. If a loop occurs, the Multiple Spanning Tree Protocol (MSTP) can find the interface to put in the forwarding state.
Page 858
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree mst port-priority Related Commands Command Description show spanning-tree mst interface Displays MST information for the specified interface. interface-id spanning-tree mst cost Sets the path cost for MST calculations. spanning-tree mst priority Sets the switch priority for the specified spanning-tree instance.
The port can accept both prestandard and standard BPDUs. If the neighbor types are mismatched, only the common and internal spanning tree (CIST) runs on this interface. If a switch port is connected to a switch running prestandard Cisco IOS software, you must use the Note spanning-tree mst pre-standard interface configuration command on the port.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree mst priority spanning-tree mst priority Use the spanning-tree mst priority global configuration command on the switch stack or on a standalone switch to set the switch priority for the specified spanning-tree instance. Use the no form of this command to return to the default setting.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree mst root spanning-tree mst root Use the spanning-tree mst root global configuration command on the switch stack or on a standalone switch to configure the multiple spanning-tree (MST) root switch priority and timers based on the network diameter.
Page 862
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree mst root When you enter the spanning-tree mst instance-id root secondary command, because of support for the extended system ID, the software changes the switch priority from the default value (32768) to 28672.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree port-priority spanning-tree port-priority Use the spanning-tree port-priority interface configuration command on the switch stack or on a standalone switch to configure an interface priority. If a loop occurs, spanning tree can find the interface to put in the forwarding state.
Page 864
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree port-priority Examples This example shows how to increase the likelihood that a port will be put in the forwarding state if a loop occurs: Switch(config)# interface gigabitethernet2/0/2 Switch(config-if)# spanning-tree vlan 20 port-priority 0...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree portfast (global configuration) spanning-tree portfast (global configuration) Use the spanning-tree portfast global configuration command on the switch stack or on a standalone switch to globally enable bridge protocol data unit (BPDU) filtering on Port Fast-enabled interfaces, the BPDU guard feature on Port Fast-enabled interfaces, or the Port Fast feature on all nontrunking interfaces.
Page 866
Related Commands Command Description show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod _command_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.
Page 867
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree portfast (global configuration) Command Description spanning-tree bpduguard Puts an interface in the error-disabled state when it receives a BPDU. spanning-tree portfast (interface Enables the Port Fast feature on an interface in all its associated configuration) VLANs.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree portfast (interface configuration) spanning-tree portfast (interface configuration) Use the spanning-tree portfast interface configuration command on the switch stack or on a standalone switch to enable the Port Fast feature on an interface in all its associated VLANs. When the Port Fast feature is enabled, the interface changes directly from a blocking state to a forwarding state without making the intermediate spanning-tree state changes.
Page 869
Related Commands Command Description show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_c ommand_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree transmit hold-count spanning-tree transmit hold-count Use the spanning-tree transmit hold-count global configuration command to configure the number of bridge protocol data units (BPDUs) sent every second. Use the no form of this command to return to the default setting.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree uplinkfast spanning-tree uplinkfast Use the spanning-tree uplinkfast global configuration command on the switch stack or on a standalone switch to accelerate the choice of a new root port when a link or switch fails or when the spanning tree reconfigures itself.
Page 872
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree uplinkfast Do not enable the root guard on interfaces that will be used by the UplinkFast feature. With UplinkFast, the backup interfaces (in the blocked state) replace the root port in the case of a failure. However, if root guard is also enabled, all the backup interfaces used by the UplinkFast feature are placed in the root-inconsistent state (blocked) and prevented from reaching the forwarding state.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree vlan spanning-tree vlan Use the spanning-tree vlan global configuration command on the switch stack or on a standalone switch to configure spanning tree on a per-VLAN basis. Use the no form of this command to return to the default setting.
Page 874
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree vlan Defaults Spanning tree is enabled on all VLANs. The forward-delay time is 15 seconds. The hello time is 2 seconds. The max-age is 20 seconds. The primary root switch priority is 24576.
Page 875
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands spanning-tree vlan Examples This example shows how to disable the STP on VLAN 5: Switch(config)# no spanning-tree vlan 5 You can verify your setting by entering the show spanning-tree privileged EXEC command. In this instance, VLAN 5 does not appear in the list.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands speed speed Use the speed interface configuration command on the switch stack or on a standalone switch to specify the speed of a 10/100 Mb/s or 10/100/1000 Mb/s port. Use the no or default form of this command to return the port to its default value.
Page 877
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands speed For guidelines on setting the switch speed and duplex parameters, see the “Configuring Interface Characteristics” chapter in the software configuration guide for this release. Examples This example shows how to set speed on a port to 100 Mb/s:...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands srr-queue bandwidth limit srr-queue bandwidth limit Use the srr-queue bandwidth limit interface configuration command on the switch stack or on a standalone switch to limit the maximum output on a port. Use the no form of this command to return to the default setting.
Page 879
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands srr-queue bandwidth limit Related Commands Command Description mls qos queue-set output buffers Allocates buffers to the queue-set. mls qos srr-queue output cos-map Maps class of service (CoS) values to egress queue or maps CoS values to a queue and to a threshold ID.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands srr-queue bandwidth shape srr-queue bandwidth shape Use the srr-queue bandwidth shape interface configuration command on the switch stack or on a standalone switch to assign the shaped weights and to enable bandwidth shaping on the four egress queues mapped to a port.
Page 881
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands srr-queue bandwidth shape Examples This example shows how to configure the queues for the same port for both shaping and sharing. Because the weight ratios for queues 2, 3, and 4 are set to 0, these queues operate in shared mode. The bandwidth weight for queue 1 is 1/8, which is 12.5 percent.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands srr-queue bandwidth share srr-queue bandwidth share Use the srr-queue bandwidth share interface configuration command on the switch stack or on a standalone switch to assign the shared weights and to enable bandwidth sharing on the four egress queues mapped to a port.
Page 883
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands srr-queue bandwidth share Examples This example shows how to configure the weight ratio of the SRR scheduler running on an egress port. Four queues are used. The bandwidth ratio allocated for each queue in shared mode is 1/(1+2+3+4), 2/(1+2+3+4), 3/(1+2+3+4), and 4/(1+2+3+4), which is 10 percent, 20 percent, 30 percent, and 40 percent for queues 1, 2, 3, and 4.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands stack-mac persistent timer stack-mac persistent timer Use the stack-mac persistent timer global configuration command on the switch stack or on a standalone switch to enable the persistent MAC address feature. When this feature is enabled, if the stack master changes, the stack MAC address does not change for approximately four minutes, for an indefinite time period, or for a configured time value.
Page 885
Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_command _reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command. Catalyst 3750-X and 3560-X Switch Command Reference 2-853...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands stack-power stack-power To configure StackPower parameters for the power stack or for a switch in the power stack, use the stack power global configuration command. To return to the default setting, use the no form of the command,...
Page 887
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands stack-power • power-priority: sets the power priority for the switch and the switch ports. See the power-priority command. stack-id name: enter the name of the power stack to which the switch belongs. If you do not enter •...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands storm-control storm-control Use the storm-control interface configuration command on the switch stack or on a standalone switch to enable broadcast, multicast, or unicast storm control and to set threshold levels on an interface. Use the no form of this command to return to the default setting.
Page 889
When the storm control threshold for multicast traffic is reached, all multicast traffic except control Note traffic, such as bridge protocol data unit (BDPU) and Cisco Discovery Protocol (CDP) frames, are blocked. However, the switch does not differentiate between routing updates, such as Open Shortest Path First (OSPF) and regular multicast data traffic, so both types of traffic are blocked.
Page 890
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands storm-control If you configure the action to be taken as shutdown (the port is error-disabled during a storm) when a packet storm is detected, you must use the no shutdown interface configuration command to bring the interface out of this state.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switch switch Use the switch privileged EXEC on a stack member to disable or enable the specified stack port on the member. switch stack-member-number stack port port-number {disable | enable} Syntax Description stack-member-number Specify the current stack member number.
Page 892
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switch Examples This example shows how to disable stack port 2 on member 4: Switch# switch 4 stack port 2 disable Related Commands Command Description show switch Displays information about the switch stack and the stack members.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switch priority switch priority Use the switch priority global configuration command on the stack master to change the stack member priority value. switch stack-member-number priority new-priority-value This command is supported only on Catalyst 3750-X switches.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switch provision switch provision Use the switch provision global configuration command on the stack master to provision (to supply a configuration to) a new switch before it joins the switch stack. Use the no form of this command to delete all configuration information associated with the removed switch (a stack member that has left the stack).
Page 895
Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_command _reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command. show switch Displays information about the switch stack and its stack members.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switch renumber switch renumber Use the switch renumber global configuration command on the stack master to change the stack member number. switch current-stack-member-number renumber new-stack-member-number This command is supported only on Catalyst 3750-X switches.
Page 897
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switch renumber Related Commands Command Description reload Reloads the stack member and puts a configuration change into effect. session Accesses a specific stack member. switch priority Changes the stack member priority value.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport switchport Use the switchport interface configuration command with no keywords on the switch stack or on a standalone switch to put an interface that is in Layer 3 mode into Layer 2 mode for Layer 2 configuration.
Page 899
This example shows how to cause an interface to cease operating as a Layer 2 port and become a Cisco-routed port: Switch(config-if)# no switchport This example shows how to cause the port interface to cease operating as a Cisco-routed port and convert to a Layer 2 switched interface: Switch(config-if)# switchport...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport access switchport access Use the switchport access interface configuration command on the switch stack or on a standalone switch to configure a port as a static-access or dynamic-access port. If the switchport mode is set to access, the port operates as a member of the specified VLAN.
Page 901
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport access These restrictions apply to dynamic-access ports: The software implements the VLAN Query Protocol (VQP) client, which can query a VMPS such • as a Catalyst 6000 series switch. The Catalyst 3750-X and 3560-X switches are not VMPS servers.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport autostate exclude switchport autostate exclude Use the switchport autostate exclude interface configuration command to exclude an interface from the VLAN interface (switch virtual interface) line-state up or down calculation. Use the no form of this command to return to the default setting.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport backup interface switchport backup interface Use the switchport backup interface interface configuration command on a Layer 2 interface on the switch stack or on a standalone switch to configure Flex Links, a pair of interfaces that provide backup to each other.
Page 905
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport backup interface Usage Guidelines With Flex Links configured, one link acts as the primary interface and forwards traffic, while the other interface is in standby mode, ready to begin forwarding traffic if the primary link shuts down. The interface being configured is referred to as the active link;...
Page 906
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport backup interface This example shows how to configure the Gigabit Ethernet interface as the MMU primary VLAN: Switch# configure terminal Switch(conf)# interface gigabitethernet1/0/1 Switch(conf-if)# switchport backup interface gigabitethernet1/0/2 mmu primary vlan 1021...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport block switchport block Use the switchport block interface configuration command on the switch stack or on a standalone switch to prevent unknown multicast or unicast packets from being forwarded. Use the no form of this command to allow forwarding unknown multicast or unicast packets.
Page 908
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport block Related Commands Command Description show interfaces switchport Displays the administrative and operational status of a switching (nonrouting) port, including port blocking and port protection settings. Catalyst 3750-X and 3560-X Switch Command Reference...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport host switchport host Use the switchport host interface configuration command on the switch stack or on a standalone switch to optimize a Layer 2 port for a host connection. The no form of this command has no affect on the system.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport mode switchport mode Use the switchport mode interface configuration command on the switch stack or on a standalone switch to configure the VLAN membership mode of a port. Use the no form of this command to reset the mode to the appropriate default for the device.
Page 911
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport mode When you enter dynamic desirable mode, the interface becomes a trunk interface if the neighboring interface is set to trunk, desirable, or auto mode. To autonegotiate trunking, the interfaces must be in the same VLAN Trunking Protocol (VTP) domain.
Page 912
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport mode Examples This example shows how to configure a port for access mode: Switch(config)# interface gigabitethernet2/0/1 Switch(config-if)# switchport mode access This example shows how set the port to dynamic desirable mode:...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport mode private-vlan switchport mode private-vlan Use the switchport mode private-vlan interface configuration command on the switch stack or on a standalone switch to configure a port as a promiscuous or host private VLAN port. Use the no form of this command to reset the mode to the appropriate default for the device.
Page 914
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport mode private-vlan A private-VLAN port cannot be a secure port and should not be configured as a protected port. For more information about private-VLAN interaction with other features, see the software configuration guide for this release.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport nonegotiate switchport nonegotiate Use the switchport nonegotiate interface configuration command on the switch stack or on a standalone switch to specify that Dynamic Trunking Protocol (DTP) negotiation packets are not sent on the Layer 2 interface.
Page 916
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport nonegotiate Examples This example shows how to cause a port to refrain from negotiating trunking mode and to act as a trunk or access port (depending on the mode set):...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport port-security switchport port-security Use the switchport port-security interface configuration command without keywords on the switch stack or on a standalone switch to enable port security on the uplink interface. Use the keywords to configure secure MAC addresses, sticky MAC address learning, a maximum number of secure MAC addresses, or the violation mode.
Page 918
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport port-security vlan [vlan-list] (Optional) For trunk ports, you can set the maximum number of secure MAC addresses on a VLAN. If the vlan keyword is not entered, the default value is used.
Page 919
IP phone requires one MAC address. The Cisco IP phone address is learned on the voice VLAN, but is not learned on the access VLAN. If you connect a single PC to the Cisco IP phone, no additional MAC addresses are required. If you connect more than one PC to the Cisco IP phone, you must configure enough secure addresses to allow one for each PC and one for the Cisco IP phone.
Page 920
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport port-security Sticky secure MAC addresses have these characteristics: When you enable sticky learning on an interface by using the switchport port-security • mac-address sticky interface configuration command, the interface converts all the dynamic secure...
Page 921
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport port-security Related Commands Command Description clear port-security Deletes from the MAC address table a specific type of secure address or all the secure addresses on the switch or an interface.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport port-security aging switchport port-security aging Use the switchport port-security aging interface configuration command on the switch stack or on a standalone switch to set the aging time and type for secure address entries or to change the aging behavior for secure addresses on a particular port.
Page 923
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport port-security aging Examples This example sets the aging time as 2 hours for absolute aging for all the secure addresses on the port: Switch(config)# interface gigabitethernet1/0/1 Switch(config-if)# switchport port-security aging time 120...
IP phone how to send data packets from the device attached to the access port on the Cisco IP Phone. You must enable CDP on the switch port connected to the Cisco IP Phone to send the configuration to the Cisco IP Phone.
Page 925
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport priority extend Related Commands Command Description show interfaces Displays the administrative and operational status of a switching (nonrouting) port. switchport voice vlan Configures the voice VLAN on the port. Catalyst 3750-X and 3560-X Switch Command Reference...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport private-vlan switchport private-vlan Use the switchport private-vlan interface configuration command on the switch stack or on a standalone switch to define a private-VLAN association for an isolated or community port or a mapping for a promiscuous port.
Page 927
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport private-vlan Usage Guidelines Private-VLAN association or mapping has no effect on the port unless the port has been configured as a private-VLAN host or promiscuous port by using the switchport mode private-vlan {host | promiscuous} interface configuration command.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport protected switchport protected Use the switchport protected interface configuration command on the switch stack or on a standalone switch to isolate unicast, multicast, and broadcast traffic at Layer 2 from other protected ports on the same switch.
Page 929
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport protected Related Commands Command Description show interfaces Displays the administrative and operational status of a switching (nonrouting) switchport port, including port blocking and port protection settings. switchport block Prevents unknown multicast or unicast traffic on the interface.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport trunk switchport trunk Use the switchport trunk interface configuration command on the switch stack or on a standalone switch to set the trunk characteristics when the interface is in trunking mode. Use the no form of this command to reset a trunking characteristic to the default.
Page 931
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands switchport trunk • remove removes the defined list of VLANs from those currently set instead of replacing the list. Valid IDs are from 1 to 1005; extended-range VLAN IDs are valid in some cases.
Page 932
VLAN trunk port by removing VLAN 1 from the allowed list. When you remove VLAN 1 from a trunk port, the interface continues to send and receive management traffic, for example, Cisco Discovery Protocol (CDP), Port Aggregation Protocol (PAgP), Link Aggregation Control Protocol (LACP), Dynamic Trunking Protocol (DTP), and VLAN Trunking Protocol (VTP) in VLAN 1.
Use the switchport voice detect interface configuration command on the switch stack or on a standalone switch to detect and recognize a Cisco IP phone. Use the no form of this command to return to the default setting.
You should configure voice VLAN on Layer 2 access ports. You must enable Cisco Discovery Protocol (CDP) on the switchport connected to the Cisco IP phone for the switch to send configuration information to the phone. CDP is enabled by default globally and on the interface.
Page 935
IP phone requires one MAC address. The Cisco IP phone address is learned on the voice VLAN, but is not learned on the access VLAN. If you connect a single PC to the Cisco IP phone, no additional MAC addresses are required.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands system env temperature threshold yellow system env temperature threshold yellow Use the system env temperature threshold yellow global configuration command on the switch stack or on a standalone switch to configure the difference between the yellow and red temperature thresholds that determines the value of yellow threshold.
Page 937
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands system env temperature threshold yellow Examples This example sets 15 as the difference between the yellow and red thresholds: Switch(config)# system env temperature threshold yellow 15 Switch(config)# Related Commands Command Description...
Catalyst 3750 members. The range is 1500 to 1998 bytes; the default is 1500 bytes. This keyword does not apply to Catalyst 3560-X switches. Switch Note stacks running the LAN base feature set do not support mixed hardware stacks.
Page 939
Unlike the system MTU routing configuration, the MTU settings that you enter with the system mtu and system mtu jumbo commands are not saved in the switch Cisco IOS configuration file, even if you enter the copy running-config startup-config privileged EXEC command.
Page 940
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands system mtu Table 2-56 System MTU Values (continued) Configuration system mtu command system jumbo mtu command system routing mtu command Mixed hardware stack Use the system mtu bytes Use the system mtu jumbo...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands test cable-diagnostics tdr test cable-diagnostics tdr Use the test cable-diagnostics tdr privileged EXEC command on the switch stack or on a standalone switch to run the Time Domain Reflector (TDR) feature on an interface.
This command was introduced. Usage Guidelines For Layer 2 traceroute to function properly, Cisco Discovery Protocol (CDP) must be enabled on all the switches in the network. Do not disable CDP. When the switch detects a device in the Layer 2 path that does not support Layer 2 traceroute, the switch continues to send Layer 2 trace queries and lets them time out.
Page 943
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands traceroute mac The Layer 2 traceroute feature is not supported when multiple devices are attached to one port through hubs (for example, multiple CDP neighbors are detected on a port). When more than one CDP neighbor is detected on a port, the Layer 2 path is not identified, and an error message appears.
Page 944
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands traceroute mac This example shows the Layer 2 path when the switch cannot find the destination port for the source MAC address: Switch# traceroute mac 0000.0011.1111 0000.0201.0201 Error:Source Mac address not found.
This command was introduced. Usage Guidelines For Layer 2 traceroute to function properly, Cisco Discovery Protocol (CDP) must be enabled on all the switches in the network. Do not disable CDP. When the switch detects an device in the Layer 2 path that does not support Layer 2 traceroute, the switch continues to send Layer 2 trace queries and lets them time out.
Page 946
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands traceroute mac ip The Layer 2 traceroute feature is not supported when multiple devices are attached to one port through hubs (for example, multiple CDP neighbors are detected on a port). When more than one CDP neighbor is detected on a port, the Layer 2 path is not identified, and an error message appears.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands trust trust Use the trust policy-map class configuration command on the switch stack or on a standalone switch to define a trust state for traffic classified through the class policy-map configuration or the class-map global configuration command.
Page 948
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands trust If you specify trust ip-precedence, QoS uses the IP precedence value from the ingress packet and the IP-precedence-to-DSCP map. For non-IP packets that are tagged, QoS uses the received CoS value; for non-IP packets that are untagged, QoS uses the default port CoS value.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands udld udld Use the udld global configuration command on the switch stack or on a standalone switch to enable aggressive or normal mode in the UniDirectional Link Detection (UDLD) and to set the configurable message timer time.
Page 950
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands udld • The no udld port interface configuration command followed by the udld port or udld port aggressive interface configuration command to re-enable UDLD on the specified interface The errdisable recovery cause udld and errdisable recovery interval interval global •...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands udld port udld port Use the udld port interface configuration command on the switch stack or on a standalone switch to enable the UniDirectional Link Detection (UDLD) on an individual interface or prevent a fiber-optic interface from being enabled by the udld global configuration command.
Page 952
Command Description show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_com mand_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.
Command Description show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_com mand_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands usb-inactivity-timeout usb-inactivity-timeout To configure an inactivity timeout on the USB console, use the usb-inactivity-timeout command in console line configuration mode. To remove the inactivity timeout use the no form of this command.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vlan (global configuration) vlan (global configuration) Use the vlan global configuration command to add a VLAN and to enter the VLAN configuration mode. Use the no form of this command to delete the VLAN. Configuration information for normal-range VLANs (VLAN IDs 1 to 1005) is always saved in the VLAN database.
Page 956
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vlan (global configuration) With VTP version 1 and version 2, if you try to create an extended-range VLAN when the switch is not in VTP transparent mode, the VLAN is rejected, and you receive an error message.
Page 957
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vlan (global configuration) • mtu mtu-size: specifies the maximum transmission unit (MTU) (packet size in bytes). The range is 1500 to 18190. The default is 1500 bytes. name vlan-name: names the VLAN with an ASCII string from 1 to 32 characters that must be unique •...
Page 958
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vlan (global configuration) Table 2-57 Valid Commands and Syntax for Different Media Types Media Type Valid Syntax Ethernet name vlan-name, media ethernet, state {suspend | active}, said said-value, mtu mtu-size, remote-span, tb-vlan1 tb-vlan1-id, tb-vlan2 tb-vlan2-id...
Page 959
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vlan (global configuration) Table 2-58 VLAN Configuration Rules (continued) Configuration Rule VTP v2 mode is enabled, and you Specify a bridge number. Do not leave this field blank. are configuring a TrBRF VLAN media type.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vlan access-map vlan access-map Use the vlan access-map global configuration command on the switch stack or on a standalone switch to create or modify a VLAN map entry for VLAN packet filtering. This entry changes the mode to the VLAN access-map configuration.
Page 961
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vlan access-map You can use the no vlan access-map name [number] command with a sequence number to delete a single entry. In global configuration mode, use the vlan filter interface configuration command to apply the map to one or more VLANs.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vlan dot1q tag native vlan dot1q tag native Use the vlan dot1q tag native global configuration command on the switch stack or on a standalone switch to enable tagging of native VLAN frames on all IEEE 802.1Q trunk ports. Use the no form of this command to return to the default setting.
Page 963
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vlan dot1q tag native Related Commands Command Description show vlan dot1q tag native Displays IEEE 802.1Q native VLAN tagging status. Catalyst 3750-X and 3560-X Switch Command Reference 2-931 OL-21522-02 Downloaded from www.Manualslib.com...
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vlan filter vlan filter Use the vlan filter global configuration command on the switch stack or on a standalone switch to apply a VLAN map to one or more VLANs. Use the no form of this command to remove the map.
Page 965
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vlan filter Related Commands Command Description show vlan access-map Displays information about a particular VLAN access map or all VLAN access maps. show vlan filter Displays information about all VLAN filters or about a particular VLAN or VLAN access map.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vmps reconfirm (privileged EXEC) vmps reconfirm (privileged EXEC) Use the vmps reconfirm privileged EXEC command on the switch stack or on a standalone switch to immediately send VLAN Query Protocol (VQP) queries to reconfirm all dynamic VLAN assignments with the VLAN Membership Policy Server (VMPS).
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vmps reconfirm (global configuration) vmps reconfirm (global configuration) Use the vmps reconfirm global configuration command on the switch stack or on a standalone switch to change the reconfirmation interval for the VLAN Query Protocol (VQP) client. Use the no form of this command to return to the default setting.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vmps retry vmps retry Use the vmps retry global configuration command on the switch stack or on a standalone switch to configure the per-server retry count for the VLAN Query Protocol (VQP) client. Use the no form of this command to return to the default setting.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vmps server vmps server Use the vmps server global configuration command on the switch stack or on a standalone switch to configure the primary VLAN Membership Policy Server (VMPS) and up to three secondary servers. Use the no form of this command to remove a VMPS server.
Page 970
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vmps server This example shows how to delete the server with IP address 191.10.49.21: Switch(config)# no vmps server 191.10.49.21 You can verify your setting by entering the show vmps privileged EXEC command and examining information in the VMPS Domain Server row.
VTP administrative domain for the switch. The domain name is case sensitive. file filename Specify the Cisco IOS file system file where the VTP VLAN configuration is stored. interface name Specify the name of the interface providing the VTP ID updated for this device.
Page 972
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vtp (global configuration) vlan (Optional) Set the mode for VLAN VTP database. This is the default (only VTP version 3). password password Set the administrative domain password for the generation of the 16-byte secret value used in MD5 digest calculation to be sent in VTP advertisements and to validate received VTP advertisements.
Page 973
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vtp (global configuration) Follow these guidelines when configuring a VTP domain name: The switch is in the no-management-domain state until you configure a domain name. While in the • no-management-domain state, the switch does not send any VTP advertisements even if changes occur to the local VLAN configuration.
Page 974
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vtp (global configuration) Follow these guidelines when setting VTP pruning: VTP pruning removes information about each pruning-eligible VLAN from VTP updates if there • are no stations belonging to that VLAN.
Page 975
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vtp (global configuration) This example shows how to enable pruning in the VLAN database: Switch(config)# vtp pruning Pruning switched ON This example shows how to enable Version 2 mode in the VLAN database: Switch(config)# vtp version 2 You can verify your settings by entering the show vtp status privileged EXEC command.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vtp (interface configuration) vtp (interface configuration) Use the vtp interface configuration command to enable the VLAN Trunking Protocol (VTP) on a per-port basis. Use the no form of this command to disable VTP on the interface.
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vtp primary vtp primary Use the vtp primary privileged EXEC command to configure a switch as the VLAN Trunking Protocol (VTP) primary server. vtp primary [mst | vlan] [force] There is no no form of the command.
Page 978
Chapter 2 Catalyst 3750-X and 3560-X Cisco IOS Commands vtp primary Examples This example shows how to configure the switch as the primary VTP server for VLANs: Switch# vtp primary vlan Setting device to VTP TRANSPARENT mode. You can verify your settings by entering the show vtp status privileged EXEC command.
You gain access to the boot loader command line if the switch is set to manually boot, if an error occurs during power-on self test (POST) DRAM testing, or if an error occurs while loading the operating system (a corrupted Cisco IOS image). You can also access the boot loader if you have lost or forgotten the switch password.
Appendix A Catalyst 3750-X and 3560-X Switch Boot Loader Commands Use the arp boot loader command to display the contents the Address Resolution Protocol (ARP) table. arp [ip_address] Syntax Description ip_address (Optional) Show the ARP table or the mapping for a specific IP address. Command Modes Boot loader Command History...
(Optional) Run the loaded image with an extended or comprehensive power-on self-test (POST). Using this keyword causes POST to take longer to complete. (Optional) Pause for the Cisco IOS debugger immediately after starting. (Optional) Pause for the JTAG debugger right after loading the image.
Page 982
Appendix A Catalyst 3750-X and 3560-X Switch Boot Loader Commands boot Related Commands Command Description Sets the BOOT environment variable to boot a specific image when the BOOT keyword is appended to the command. Catalyst 3750-X and 3560-X Switch Command Reference OL-21522-02 Downloaded from www.Manualslib.com...
Appendix A Catalyst 3750-X and 3560-X Switch Boot Loader Commands Use the cat boot loader command to display the contents of one or more files. cat filesystem:/file-url ... Syntax Description filesystem: Alias for a flash file system. Use flash: for the system board flash device. /file-url Path (directory) and name of the files to display.
Appendix A Catalyst 3750-X and 3560-X Switch Boot Loader Commands copy copy Use the copy boot loader command to copy a file from a source to a destination. copy [-b block-size] filesystem:/source-file-url filesystem:/destination-file-url Syntax Description -b block-size (Optional) This option is used only for internal development and testing. filesystem: Alias for a flash file system.
Page 985
Appendix A Catalyst 3750-X and 3560-X Switch Boot Loader Commands delete delete Use the delete boot loader command to delete one or more files from the specified file system. delete filesystem:/file-url ... Syntax Description filesystem: Alias for a flash file system. Use flash: for the system board flash device. /file-url Path (directory) and filename to delete.
Appendix A Catalyst 3750-X and 3560-X Switch Boot Loader Commands Use the dir boot loader command to display a list of files and directories on the specified file system. dir filesystem:/file-url ... Syntax Description filesystem: Alias for a flash file system. Use flash: for the system board flash device. /file-url (Optional) Path (directory) and directory name whose contents you want to display.
Page 987
Appendix A Catalyst 3750-X and 3560-X Switch Boot Loader Commands Table A-1 dir Field Descriptions (continued) Field Description <date> Last modification date. env_vars Filename. Related Commands Command Description mkdir Creates one or more directories. rmdir Removes one or more directories. Catalyst 3750-X and 3560-X Switch Command Reference OL-21522-02 Downloaded from...
Appendix A Catalyst 3750-X and 3560-X Switch Boot Loader Commands flash_init flash_init Use the flash_init boot loader command to initialize the flash file system. flash_init Syntax Description This command has no arguments or keywords. Defaults The flash file system is automatically initialized during normal system operation. Command Modes Boot loader Command History...
Appendix A Catalyst 3750-X and 3560-X Switch Boot Loader Commands format format Use the format boot loader command to format the specified file system and destroy all data in that file system. format filesystem: Syntax Description filesystem: Alias for a flash file system. Use flash: for the system board flash device. Command Modes Boot loader Command History...
Appendix A Catalyst 3750-X and 3560-X Switch Boot Loader Commands fsck fsck Use the fsck boot loader command to check the file system for consistency. fsck [-test | -f] filesystem: Syntax Description -test (Optional) Initialize the file system code and perform extra POST on flash memory. An extensive, nondestructive memory test is performed on every byte that makes up the file system.
Appendix A Catalyst 3750-X and 3560-X Switch Boot Loader Commands help help Use the help boot loader command to display the available commands. help Syntax Description This command has no arguments or keywords. Command Modes Boot loader Command History Release Modification 12.2(53)SE2 This command was introduced.
Appendix A Catalyst 3750-X and 3560-X Switch Boot Loader Commands memory memory Use the memory boot loader command to display memory heap utilization information. memory Syntax Description This command has no arguments or keywords. Command Modes Boot loader Command History Release Modification 12.2(53)SE2...
Appendix A Catalyst 3750-X and 3560-X Switch Boot Loader Commands memory Table A-2 memory Field Descriptions (continued) Field Description Stack Beginning and ending address of the area in memory allocated to the software to store automatic variables, return addresses, and so forth. Heap Beginning and ending address of the area in memory that memory is dynamically allocated to and freed from.
Appendix A Catalyst 3750-X and 3560-X Switch Boot Loader Commands mgmt_clr mgmt_clr Use the mgmt_clr boot loader command to clear the Ethernet management port statistics. mgmt_clr Syntax Description This command has no arguments or keywords. Command Modes Boot loader Command History Release Modification 12.2(53)SE2...
Appendix A Catalyst 3750-X and 3560-X Switch Boot Loader Commands mgmt_init mgmt_init Use the mgmt_init boot loader command to initialize the Ethernet management port. mgmt_init Syntax Description This command has no arguments or keywords. Command Modes Boot loader Command History Release Modification 12.2(53)SE2...
Appendix A Catalyst 3750-X and 3560-X Switch Boot Loader Commands mgmt_show mgmt_show Use the mgmt_show boot loader command to display the Ethernet management port statistics. mgmt_show Syntax Description This command has no arguments or keywords. Command Modes Boot loader Command History Release Modification 12.2(53)SE2...
Appendix A Catalyst 3750-X and 3560-X Switch Boot Loader Commands mkdir mkdir Use the mkdir boot loader command to create one or more new directories on the specified file system. mkdir filesystem:/directory-url ... Syntax Description filesystem: Alias for a flash file system. Use flash: for the system board flash device. /directory-url Name of the directories to create.
Appendix A Catalyst 3750-X and 3560-X Switch Boot Loader Commands more more Use the more boot loader command to display the contents of one or more files. more filesystem:/file-url ... Syntax Description filesystem: Alias for a flash file system. Use flash: for the system board flash device. /file-url Path (directory) and name of the files to display.
Appendix A Catalyst 3750-X and 3560-X Switch Boot Loader Commands rename rename Use the rename boot loader command to rename a file. rename filesystem:/source-file-url filesystem:/destination-file-url Syntax Description filesystem: Alias for a flash file system. Use flash: for the system board flash device. /source-file-url Original path (directory) and filename.
Appendix A Catalyst 3750-X and 3560-X Switch Boot Loader Commands reset reset Use the reset boot loader command to perform a hard reset on the system. A hard reset is similar to power-cycling the switch, clearing the processor, registers, and memory. reset Syntax Description This command has no arguments or keywords.