Page 1
Cisco ME 3400 Ethernet Access Switch Command Reference Cisco IOS Release 12.2(50)SE March 2009 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Text Part Number: OL-9640-07...
Page 2
Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company.
C O N T E N T S Preface xvii Audience xvii Purpose xvii Conventions xviii Related Publications xviii Obtaining Documentation and Submitting a Service Request Using the Command-Line Interface C H A P T E R CLI Command Modes...
Page 5
2-134 ip dhcp snooping 2-136 ip dhcp snooping binding 2-137 ip dhcp snooping database 2-139 ip dhcp snooping information option 2-141 ip dhcp snooping information option allowed-untrusted 2-143 Cisco ME 3400 Ethernet Access Switch Command Reference OL-9640-07...
Page 6
2-146 ip dhcp snooping trust 2-147 ip dhcp snooping verify mac-address 2-148 ip dhcp snooping vlan 2-149 ip dhcp snooping vlan information option format-type circuit-id string 2-150 ip igmp filter 2-152 ip igmp max-groups 2-154 ip igmp profile 2-156...
Page 8
2-327 service password-recovery 2-329 service-policy (interface configuration) 2-331 service-policy (policy-map class configuration) 2-333 set cos 2-336 set dscp 2-338 set precedence 2-340 set qos-group 2-342 setup 2-344 shape average 2-347 Cisco ME 3400 Ethernet Access Switch Command Reference viii OL-9640-07...
Page 9
2-419 show ip dhcp snooping binding 2-420 show ip dhcp snooping database 2-422 show ip dhcp snooping statistics 2-424 show ip igmp profile 2-427 show ip igmp snooping 2-428 Cisco ME 3400 Ethernet Access Switch Command Reference OL-9640-07...
Page 10
2-484 show mvr interface 2-486 show mvr members 2-488 show pagp 2-490 show parser macro 2-492 show policer aggregate 2-494 show policer cpu uni-eni 2-495 show policy-map 2-498 show port-security 2-502 Cisco ME 3400 Ethernet Access Switch Command Reference OL-9640-07...
Page 12
2-636 table-map 2-639 test cable-diagnostics tdr 2-641 traceroute mac 2-643 traceroute mac ip 2-646 udld 2-648 udld port 2-650 udld reset 2-652 uni count 2-653 uni-vlan 2-655 vlan 2-657 Cisco ME 3400 Ethernet Access Switch Command Reference OL-9640-07...
Page 13
(privileged EXEC) 2-666 vmps reconfirm (global configuration) 2-667 vmps retry 2-668 vmps server 2-669 Cisco ME 3400 Ethernet Access Switch A P P E N D I X Boot Loader Commands boot copy delete flash_init format A-10 fsck...
Page 15
B-76 debug udld B-78 debug vqpc B-80 Cisco ME 3400 Ethernet Access Switch A P P E N D I X Show Platform Commands show platform acl show platform backup interface show platform cfm show platform configuration show platform dl...
Page 16
C-43 show platform stp-instance C-44 show platform tcam C-45 show platform vlan C-48 Acknowledgments for Open-Source Software A P P E N D I X N D E X Cisco ME 3400 Ethernet Access Switch Command Reference OL-9640-07...
Page 17
(multi-VRF-CE) devices, and IP multicast routing. This guide provides the information you need about the Layer 2 and Layer 3 commands that have been created or changed for use with the Cisco ME 3400 Ethernet Access switch. For information about the standard Cisco IOS Release 12.2 commands, see the Cisco IOS documentation set available from the...
• Braces ( ) group required choices, and vertical bars ( | ) separate the alternative elements. • Braces and vertical bars within square brackets ([{ | }]) mean a required choice within an optional • element. Interactive examples use these conventions: Terminal sessions and system displays are in font.
Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.
C H A P T E R Using the Command-Line Interface The Cisco Metro Ethernet (ME) 3400 Series Ethernet Access switch is supported by Cisco IOS software. This chapter describes how to use the switch command-line interface (CLI) to configure software features.
After you access the device, you are automatically in user EXEC command mode. The EXEC commands available at the user level are a subset of those available at the privileged level. In general, use the user EXEC commands to temporarily change terminal settings, perform basic tests, and list system information.
EXEC mode, as well as the configure privileged EXEC command through which you access the remaining command modes. If your system administrator has set a password, you are prompted to enter it before being granted access to privileged EXEC mode. The password does not appear on the screen and is case sensitive.
Use this mode to configure normal-range VLANs (VLAN IDs 1 to 1005) or extended-range VLANs (VLAN IDs 1006 to 4094). The VLAN configuration is saved in the running configuration file, and you can save it to the switch startup configuration file by using the copy running-config startup-config privileged EXEC command.
Using the Command-Line Interface CLI Command Modes To exit line configuration mode and to return to global configuration mode, use the exit command. To exit line configuration mode and to return to privileged EXEC mode, enter the end command, or press Ctrl-Z.
Page 26
Chapter 1 Using the Command-Line Interface CLI Command Modes Cisco ME 3400 Ethernet Access Switch Command Reference OL-9640-07...
Page 28
This example shows how to configure IEEE 802.1x accounting: Switch(config)# aaa accounting dot1x Switch(config)# aaa accounting dot1x default start-stop group radius Switch(config)# Note The RADIUS authentication server must be properly configured to accept and log update or watchdog packets from the AAA client. Related Commands Command Description...
This example shows how to enable AAA and how to create an IEEE 802.1x-compliant authentication list. This authentication first tries to contact a RADIUS server. If this action returns an error, the user is not allowed access to the network.
Page 30
Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_command_ reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command. Cisco ME 3400 Ethernet Access Switch Command Reference OL-9640-07...
The drop and forward parameters are not used in the no form of the command. Examples This example shows how to identify and apply a VLAN access map vmap4 to VLANs 5 and 6 that causes the VLAN to forward an IP packet if the packet matches the conditions defined in access list al2:...
Page 32
Cisco IOS IP Command Reference, Volume 1 of 3:Addressing and Services, Release 12.2 > IP Services Commands. ip access-list Creates a named access list. For syntax information, select Cisco IOS IP Command Reference, Volume 1 of 3:Addressing and Services, Release 12.2 > IP Services Commands.
12.2(44)EY This command was introduced. Use the archive download-sw privileged EXEC command to download a new image from a TFTP server to the switch and to overwrite or keep the existing image. archive download-sw {/force-reload | /imageonly | /leave-old-sw | /no-set-boot |...
Page 34
If you specify the command without the /overwrite option, the download algorithm verifies that the new image is not the same as the one on the switch flash device. If the images are the same, the download does not occur. If the images are different, the old image is deleted, and the new one is downloaded.
Page 35
Related Commands Command Description archive tar Creates a tar file, lists the files in a tar file, or extracts the files from a tar file. archive upload-sw Uploads an existing image on the switch to a server. delete Deletes a file or directory on the flash memory device.
Use the archive tar privileged EXEC command to create a tar file, list files in a tar file, or extract the files from a tar file. archive tar {/create destination-url flash:/file-url} | {/table source-url} | {/xtract source-url flash:/file-url [dir/file...]}...
Page 37
TFTP server at 172.20.10.30: Switch# archive tar /create tftp:172.20.10.30/saved.tar flash:/new-configs This example shows how to display the contents of the file that is in flash memory. The contents of the tar file appear on the screen: Switch# archive tar /table flash:image_name-mz.122-release.tar...
Page 38
(1654 bytes) <output truncated> This example shows how to extract the contents of a tar file on the TFTP server at 172.20.10.30. This command extracts just the new-configs directory into the root directory on the local flash file system.
Use the upload feature only if the HTML files associated with the embedded device manager have been installed with the existing image. The files are uploaded in this sequence: the Cisco IOS image, the HTML files, and info. After these files are uploaded, the software creates the tar file.
Page 40
Downloads a new image to the switch. archive tar Creates a tar file, lists the files in a tar file, or extracts the files from a tar file. Cisco ME 3400 Ethernet Access Switch Command Reference 2-14 OL-9640-07...
Use the arp access-list global configuration command to define an Address Resolution Protocol (ARP) access control list (ACL) or to add clauses to the end of a previously defined list. Use the no form of this command to delete the specified ARP access list.
Page 42
Examples This example shows how to define an ARP access list and to permit both ARP requests and ARP responses from a host with an IP address of 1.1.1.1 and a MAC address of 0000.0000.abcd: Switch(config)# arp access-list static-hosts Switch(config-arp-nacl)# permit ip host 1.1.1.1 mac host 00001.0000.abcd...
CBWFQ derives the weight for packets belonging to the class from the bandwidth allocated to the class and uses the weight to ensure that the queue for that class is serviced fairly. Bandwidth settings are not supported in input policy maps.
Page 44
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands bandwidth The total rate of the minimum bandwidth guarantees for each queue of the policy cannot exceed the total speed for the interface. If the percent keyword is used, the sum of the class bandwidth percentages cannot exceed 100 percent.
Page 45
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands bandwidth This example shows how to set outclass1 as a priority queue, with outclass2, and outclass3 getting 50 and 20 percent, respectively, of the bandwidth remaining after the priority queue is serviced. The class class-default gets the remaining 30 percent with no guarantees.
Use the boot config-file global configuration command to specify the filename that Cisco IOS uses to read and write a nonvolatile copy of the system configuration. Use the no form of this command to return to the default setting.
This command was introduced. Usage Guidelines When you enter this command, you can interrupt the automatic boot process by pressing the break key on the console after the flash file system is initialized. The break key is different for each operating system: •...
Use the boot helper global configuration command to dynamically load files during boot loader initialization to extend or patch the functionality of the boot loader. Use the no form of this command to return to the default. boot helper filesystem:/file-url ...
Use the boot helper-config-file global configuration command to specify the name of the configuration file to be used by the Cisco IOS helper image. If this is not set, the file specified by the CONFIG_FILE environment variable is used by all versions of Cisco IOS that are loaded. Use the no form of this command to return to the default setting.
Usage Guidelines The next time you reboot the system, the switch is in boot loader mode, which is shown by the switch: prompt. To boot the system, use the boot boot loader command, and specify the name of the bootable image.
Use the boot private-config-file global configuration command to specify the filename that Cisco IOS uses to read and write a nonvolatile copy of the private configuration. Use the no form of this command to return to the default setting.
The switch attempts to automatically boot the system by using information in the BOOT environment variable. If this variable is not set, the switch attempts to load and execute the first executable image it can by performing a recursive, depth-first search throughout the flash file system. In a depth-first search of a directory, each encountered subdirectory is completely searched before continuing the search in the original directory.
Use the channel-group interface configuration command to assign an Ethernet port to an EtherChannel group. Use the no form of this command to remove an Ethernet port from an EtherChannel group. channel-group channel-group-number mode {active | {auto [non-silent] | desirable [non-silent]...
Page 54
UNIs and ENIs are disabled by default. NNIs are enabled by default. You do not have to disable the IP address that is assigned to a physical port that is part of a channel group, but we strongly recommend that you do so.
Page 55
In this case, running PAgP on a physical port prevents that port from ever becoming operational. However, it allows PAgP to operate, to attach the port to a channel group, and to use the port for transmission. Both ends of the link cannot be set to silent.
Page 56
Displays PAgP channel-group information. show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_ command_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.
Note (ENIs). If the port is a user network interface (UNI) or an ENI, you must use the no shutdown interface configuration command to enable it before using the channel-protocol command. UNIs and ENIs are disabled by default. NNIs are enabled by default.
Page 58
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands channel-protocol Related Commands Command Description channel-group Assigns an Ethernet port to an EtherChannel group. show etherchannel protocol Displays protocol information the EtherChannel. Cisco ME 3400 Ethernet Access Switch Command Reference...
Use the class policy-map configuration command to specify the name of the class whose policy you want to create or to change or to specify the system default class before you configure a policy and to enter policy-map class configuration mode. Use the no form of this command to remove the class from a policy map.
Page 60
(policy-map class configuration) policy-map class commands. priority: sets the strict scheduling priority for this class or, when used with the police keyword, sets • priority with police. For more information, see the priority policy-map class command.
This command was introduced. Usage Guidelines Use this command to specify the name of the class for which you want to create or to modify class-map match criteria and to enter class-map configuration mode. The switch supports a maximum of 1024 unique class maps.
Page 62
• no: removes a match statement from a class map. Examples This example shows how to configure the class map called class1. By default, the class map is match-all and therefore can contain no other match criteria. Switch(config)# class-map class1...
Examples This example shows how to clear the contents of the log buffer: Switch# clear ip arp inspection log You can verify that the log was cleared by entering the show ip arp inspection log privileged command. Related Commands Command...
This example shows how to clear the statistics for VLAN 1: Switch# clear ip arp inspection statistics vlan 1 You can verify that the statistics were deleted by entering the show ip arp inspection statistics vlan 1 privileged EXEC command.
This example shows how to clear the DHCP snooping statistics counters: Switch# clear ip dhcp snooping statistics You can verify that the statistics were cleared by entering the show ip dhcp snooping statistics user EXEC command. Cisco ME 3400 Ethernet Access Switch Command Reference...
Page 66
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands clear ip dhcp snooping Related Commands Command Description ip dhcp snooping Enables DHCP snooping on a VLAN. ip dhcp snooping database Configures the DHCP snooping binding database agent or the binding file.
12.2(25)EX This command was introduced. Usage Guidelines You can clear all statistics by using the clear ipc statistics command, or you can clear only the queue statistics by using the clear ipc queue-statistics command. Examples This example shows how to clear all statistics:...
{* | IPv6-address} Note This command is available only if the switch is running the metro IP access image and you have configured a dual IPv4 and IPv6 Switch Database Management (SDM) template on the switch.
Use the clear l2protocol-tunnel counters privileged EXEC command to clear the protocol counters in protocol tunnel ports. clear l2protocol-tunnel counters [interface-id] This command is supported only when the switch is running the metro IP access or metro access image. Syntax Description interface-id (Optional) Specify interface (physical interface or port channel) for which protocol counters are to be cleared.
12.2(25)EX This command was introduced. Usage Guidelines You can clear all counters by using the clear lacp counters command, or you can clear only the counters for the specified channel group by using the clear lacp channel-group-number counters command. Examples...
Use the clear mac address-table privileged EXEC command to delete from the MAC address table a specific dynamic address, all dynamic addresses on a particular interface, or all dynamic addresses on a particular VLAN. This command also clears the MAC address notification global counters.
Use the clear mac address-table move update privileged EXEC command to clear the mac address-table-move update-related counters. clear mac address-table move update This command is supported only when the switch is running the metro IP access or metro access image. Syntax Description This command has no arguments or keywords.
12.2(25)EX This command was introduced. Usage Guidelines You can clear all counters by using the clear pagp counters command, or you can clear only the counters for the specified channel group by using the clear pagp channel-group-number counters command. Examples...
You can use this command to clear statistics maintained per feature or statistics about dropped frames. You can enter the show platform policer cpu classification or show policer cpu uni drop command to view feature statistics or dropped frames before and after you use the clear command.
Use the clear port-security privileged EXEC command to delete from the MAC address table all secure addresses or all secure addresses of a specific type (configured, dynamic, or sticky) on the switch or on an interface. clear port-security {all | configured | dynamic | sticky} [[address mac-addr | interface...
Page 76
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands clear port-security You can verify that the information was deleted by entering the show port-security privileged EXEC command. Related Commands Command Description switchport port-security Enables port security on an interface.
This command was introduced. Usage Guidelines You can clear all REP counters by using the clear rep counters command, or you can clear only the counters for the interface by using the clear rep counters interface interface-id command. When you enter the clear rep counters command, only the counters visible in the output of the show interface rep detail command are cleared.
Spanning Tree Protocol (STP) is not supported on user network Note interfaces (UNIs). Though visible in the command-line help, the command has no effect on UNIs or on ENIs on which STP is not enabled. Defaults No default is defined.
IEEE 802.1D BPDUs on that port. A multiple spanning-tree (MST) switch can also detect that a port is at the boundary of a region when it receives a legacy BPDU, an MST BPDU (Version 3) associated with a different region, or a rapid spanning-tree (RST) BPDU (Version 2).
Page 80
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands clear spanning-tree detected-protocols Related Commands Command Description show spanning-tree Displays spanning-tree state information. spanning-tree link-type Overrides the default link-type setting and enables rapid spanning-tree transitions to the forwarding state.
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands clear vmps statistics clear vmps statistics Use the clear vmps statistics privileged EXEC command to clear the statistics maintained by the VLAN Query Protocol (VQP) client. clear vmps statistics Syntax Description This command has no arguments or keywords.
Use the conform-action policy-map class police configuration command to set multiple actions for a policy-map class for packets that conform to the committed information rate (CIR). Use the no form of this command to cancel the action or to return to the default action.
Page 83
This example shows how configure multiple conform actions in a policy map that sets a committed information rate of 23000 bits per second (bps) and a conform burst rate of 10000 bps. The policy map includes multiple conform actions (for DSCP and for Layer 2 CoS) and an exceed action.
CFM traffic or IP SLA CoS markings. Examples This example shows how to set the CoS value to 5, for the control plane traffic that the CPU generates. Switch(config)# cpu traffic qos cos 5 You can verify your settings by entering the show cpu traffic qos privileged EXEC command.
Page 85
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands cpu traffic qos Related Commands Command Description show cpu traffic qos Displays the QoS output for CPU-generated traffic. Cisco ME 3400 Ethernet Access Switch Command Reference 2-59 OL-9640-07...
A macro can contain up to five ranges. All interfaces in a range must be the same type; that is, all Fast Ethernet ports, all Gigabit Ethernet ports, all EtherChannel ports, or all VLANs, but you can combine multiple interface types in a macro.
Page 87
When you define a range, you must enter a space before the hyphen (-), for example: gigabitethernet0/1 - 2 You can also enter multiple ranges. When you define multiple ranges, you must enter a space after the first entry before the comma (,). The space after the comma is optional, for example:...
This command was introduced. Usage Guidelines If you use the /force keyword, you are prompted once at the beginning of the deletion process to confirm the deletion. If you use the /recursive keyword without the /force keyword, you are prompted to confirm the deletion of every file.
(Optional) Log a packet when it matches the ACE. Defaults There are no default settings. However, at the end of the ARP access list, there is an implicit deny ip any mac any command. Command Modes ARP access-list configuration...
Page 90
You can add deny clauses to drop ARP packets based on matching criteria. Examples This example shows how to define an ARP access list and to deny both ARP requests and ARP responses from a host with an IP address of 1.1.1.1 and a MAC address of 0000.0000.abcd: Switch(config)# arp access-list static-hosts Switch(config-arp-nacl)# deny ip host 1.1.1.1 mac host 0000.0000.abcd...
(IPv6 access-list configuration) deny (IPv6 access-list configuration) Use the deny command in IPv6 access list configuration mode to set deny conditions for an IPv6 access list. Use the no form of this command to remove the deny conditions. deny {protocol} {source-ipv6-prefix/prefix-length | any | host source-ipv6-address} [operator...
Page 92
The optional port-number argument is a decimal number or the name of a TCP or a UDP port. A port number is a number from 0 to 65535. TCP port names can be used only when filtering TCP. UDP port names can be used only when filtering UDP.
Page 93
(Optional) Specify an ICMP message type for filtering ICMP packets. ICMP packets can be filtered by an ICMP message type. The type is a number from 0 to 255. icmp-code (Optional) Specify an ICMP message code for filtering ICMP packets.
Page 94
You can add permit, deny, or remark statements to an existing access list without re-entering the entire list. To add a new statement somewhere other than at the end of the list, create a new statement with an appropriate entry number between two existing entry numbers to show where it belongs.
Page 95
This example configures the IPv6 access list named CISCO and applies the access list to outbound traffic on a Layer 3 interface. The first deny entry prevents all packets that have a destination TCP port number greater than 5000 from leaving the interface. The second deny entry prevents all packets that have a source UDP port number less than 5000 from leaving the interface.
(MAC access-list configuration) Use the deny MAC access-list configuration command to prevent non-IP traffic from being forwarded if the conditions are matched. Use the no form of this command to remove a deny condition from the named MAC access list.
Page 97
Though visible in the command-line help strings, appletalk is not supported as a matching condition. Note To filter IPX traffic, you use the type mask or lsap lsap mask keywords, depending on the type of IPX encapsulation being used. Filter criteria for IPX encapsulation types as specified in Novell terminology...
Page 98
If you use the host keyword, you cannot enter an address mask; if you do not use the host keyword, you must enter an address mask. When an access control entry (ACE) is added to an access control list, an implied deny-any-any condition exists at the end of the list.
Modification 12.2(25)EX This command was introduced. Examples This example shows how to reset the configurable IEEE 802.1x parameters on a port: Switch(config-if)# dot1x default You can verify your settings by entering the show dot1x [interface interface-id] privileged EXEC command. Related Commands...
This command was introduced. Usage Guidelines Use this command to limit an IEEE 802.1x-enabled port to a single client or to attach multiple clients to an IEEE 802.1x-enabled port. In multiple-hosts mode, only one of the attached hosts must be successfully authorized for all hosts to be granted network access.
Page 101
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands dot1x host-mode Related Commands Command Description show dot1x [interface interface-id] Displays IEEE 802.1x status for the specified port. Cisco ME 3400 Ethernet Access Switch Command Reference 2-75 OL-9640-07...
This command was introduced. Usage Guidelines Use this command to initialize the IEEE 802.1x state machines and to set up a fresh environment for authentication. After you enter this command, the port status becomes unauthorized. There is no no form of this command.
Examples This example shows how to set 4 as the number of times that the switch restarts the authentication process before the port transitions to the unauthorized state:...
Examples This example shows how to set 5 as the number of times that the switch sends an EAP frame from the authentication server before restarting the authentication process:...
Trunk port—If you try to enable IEEE 802.1x on a trunk port, an error message appears, and • IEEE 802.1x is not enabled. If you try to change the mode of an IEEE 802.1x-enabled port to trunk, an error message appears, and the port mode is not changed.
Page 106
IEEE 802.1x on a port that is a SPAN or RSPAN destination port. However, IEEE 802.1x is disabled until the port is removed as a SPAN or RSPAN destination. You can enable IEEE 802.1x on a SPAN or RSPAN source port.
12.2(25)EX This command was introduced. Usage Guidelines You can use this command to re-authenticate a client without waiting for the configured number of seconds between re-authentication attempts (re-authperiod) and automatic re-authentication. Examples This example shows how to manually re-authenticate the device connected to a port:...
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands dot1x reauthentication dot1x reauthentication Use the dot1x reauthentication interface configuration command to enable periodic re-authentication of the client. Use the no form of this command to return to the default setting. dot1x reauthentication no dot1x reauthentication Syntax Description This command has no arguments or keywords.
Usage Guidelines You must enable authentication, authorization, and accounting (AAA) and specify the authentication method list before globally enabling IEEE 802.1x. A method list describes the sequence and authentication methods to be queried to authenticate a user. Before globally enabling IEEE 802.1x on a switch, remove the EtherChannel configuration from the interfaces on which IEEE 802.1x and EtherChannel are configured.
There is not a no form of this command. Examples This example shows how to enable the IEEE 802.1x readiness check on a switch to query a port. It also shows the response received from the queried port verifying that the device connected to it is IEEE 802.1x-capable:...
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands dot1x test timeout dot1x test timeout Use the dot1x test timeout global configuration command to configure the timeout used to wait for EAPOL response from a port being queried for IEEE 802.1x readiness. dot1x test timeout timeout...
Use the dot1x timeout interface configuration command to set IEEE 802.1x timers. Use the no form of this command to return to the default setting. dot1x timeout {quiet-period seconds | reauth-period seconds | server-timeout seconds |...
Page 113
Switch(config-if)# dot1x timeout supp-timeout 45 This example shows how to set 60 as the number of seconds to wait for a response to an EAP-request/identity frame from the client before re-transmitting the request: Switch(config-if)# dot1x timeout tx-period 60 You can verify your settings by entering the show dot1x privileged EXEC command.
Use the dot1x violation-mode interface configuration command to configure the violation modes that occur when a new device connects to a port or when a new device connects to a port after the maximum number of devices are connected to that port.
This command is only available when a 1000BASE-T SFP module or a 100BASE-FX MMF SFP module is in the SFP module slot. All other SFP modules operate only in full-duplex mode. When a 1000BASE-T SFP module is in the SFP module slot, you can configure duplex mode to auto or full.
Page 116
If the speed is set to auto, the switch negotiates with the device at the other end of the link for the speed setting and then forces the speed setting to the negotiated value. The duplex setting remains as configured on each end of the link, which could result in a duplex setting mismatch.
Use the errdisable detect cause global configuration command to enable error-disabled detection for a specific cause or all causes. Use the no form of this command to disable the error-disabled detection feature. errdisable detect cause {all | arp-inspection | dhcp-rate-limit | gbic-invalid | l2ptguard |...
Page 118
When a port is error-disabled, it is effectively shut down, and no traffic is sent or received on the port. For the BPDU guard and port-security features, you can configure the switch to shut down just the offending VLAN on the port when a violation occurs, instead of shutting down the entire port.
Use the errdisable detect cause small-frame global configuration command to allow any switch port to be error disabled if incoming VLAN-tagged packets are small frames (67 bytes or less) and arrive at the minimum configured rate (the threshold). Use the no form of this command to return to the default setting.
Page 120
Displays the interface settings on the switch, including input and output flow control. small-frame violation rate Configures the rate (threshold) for incoming small frames to cause a port to be put into the error-disabled state. Cisco ME 3400 Ethernet Access Switch Command Reference...
Use the errdisable recovery global configuration command to configure the recover mechanism variables. Use the no form of this command to return to the default setting. errdisable recovery {cause {all | arp-inspection | bpduguard | channel-misconfig | dhcp-rate-limit | gbic-invalid | l2ptguard | link-flap | loopback | pagp-flap |...
Page 122
If you enable the recovery for a cause, the interface is brought out of the error-disabled state and allowed to retry the operation again when all the causes have timed out.
Use the errdisable recovery cause small-frame global configuration command to enable the recovery timer for ports to be automatically re-enabled after they are error disabled by the arrival of small frames. Use the no form of this command to return to the default setting.
EVC configuration mode. Use the no form of this command to delete the EVC. ethernet evc evc-id no ethernet evc evc-id This command is available only if your switch is running the metro IP access or metro access image. Syntax Description evc-id The EVC identifier.
The ethernet lmi global command enables Ethernet LMI in PE mode on all interfaces for an entire device. The benefit of this command is that you can enable Ethernet LMI on all interfaces with one command instead of enabling Ethernet LMI separately on each interface.
Page 126
6797 To enable the switch as an Ethernet LMI CE device, you must enter both the ethernet lmi global and ethernet lmi ce commands. By default Ethernet LMI is disabled, and, when enabled the switch is in provider-edge mode unless you also enter the ethernet lmi ce command.
{vlan-id | any | default | untagged} no ethernet lmi ce-vlan map {vlan-id | any | default | untagged} This command is available only if your switch is running the metro IP access or metro access image. Syntax Description vlan-id Enter the customer VLAN ID or VLAN IDs to map to.
Page 128
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands ethernet lmi ce-vlan map Examples This example shows how to configure an E-LMI customer VLAN-to-EVC map to map EVC test to customer VLAN 101 in service instance 333 on the interface: Switch(config-if)# service instance 333 ethernet test...
{critical-event | dying-gasp | link-fault} action error-disable-interface no ethernet oam remote-failure {critical-event | dying-gasp | link-fault} action This command is available only if your switch is running the metro IP access or the metro access image. Syntax Description critical-event Configure the switch to put an interface in error-disabled mode when an unspecified critical event has occurred.
Page 130
.html Examples This example shows how to configure an Ethernet OAM template for remote-failure indication when an unrecoverable error has occurred and how to apply it to an interface: Switch(config)# template oam1 Switch(config-template)# ethernet oam remote-failure dying-gasp action error-disable...
{bundle [all-to-one] | multiplex} no ethernet uni {bundle | multiplex} This command is available only if your switch is running the metro IP access or metro access image. Syntax Description bundle Configure the UNI to support bundling without multiplexing.
Page 132
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands ethernet uni Examples This example shows how to configure bundling without multiplexing: Switch(config-if)# ethernet uni bundle To verify UNI service type, enter the show ethernet service interface detail privileged EXEC command. Related Commands Command Description...
This command was introduced. Usage Guidelines When you configure a UNI ID on a port, that ID is used as the default name for all maintenance end points (MEPs) configured on the port. You must enter the ethernet uni id name command on all ports that are directly connected to customer-edge (CE) devices.
Use the exceed-action policy-map class police configuration command to set multiple actions for a policy-map class for packets that do not conform to the committed information rate (CIR). Use the no form of this command to cancel the action or to return to the default action.
Page 135
Enhanced packet marking provides the ability to modify a QoS marking based on any incoming QoS marking and table maps. The switch also supports the ability to mark multiple QoS parameters for the same class, and to simultaneously configure conform-action marking and exceed-action marking.
When flow control receive is on for a device and it receives a pause frame, it stops sending any data packets. This prevents any loss of data packets during the congestion period.
Page 137
Does not send or receive Does not send or receive Examples This example shows how to configure the local port to not support flow control by the remote port: Switch(config)# interface gigabitethernet0/1 Switch(config-if)# flowcontrol receive off You can verify your settings by entering the show interfaces privileged EXEC command.
Caution ports that are assigned to the channel group. Do not assign bridge groups on the physical ports in a channel group used as a Layer 3 port-channel Caution interface because it creates loops. You must also disable spanning tree.
Page 139
(ENIs). • Do not configure a port that is an active member of an EtherChannel as an IEEE 802.1x port. If IEEE 802.1x is enabled on a not-yet active port of an EtherChannel, the port does not join the EtherChannel.
Use the interface range global configuration command to enter interface range configuration mode and to execute a command on multiple ports at the same time. Use the no form of this command to remove an interface range. interface range {port-range | macro name}...
Page 141
Note in the range must be active port channels. When you define a range, you must enter a space between the first entry and the hyphen (-): interface range gigabitethernet0/1 -2 When you define multiple ranges, you must still enter a space after the first entry and before the...
This command was introduced. Usage Guidelines SVIs are created the first time that you enter the interface vlan vlan-id command for a particular vlan. The vlan-id corresponds to the VLAN-tag associated with data frames on an IEEE 802.1Q encapsulated trunk or the VLAN ID configured for an access port.
Page 143
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands interface vlan You can verify your setting by entering the show interfaces and show interfaces vlan vlan-id privileged EXEC commands. Related Commands Command Description show interfaces vlan vlan-id Displays the administrative and operational status of all interfaces or the specified VLAN.
To define a numbered access list, use the access list global configuration command. You can used numbered standard access lists ranging from 1 to 99 and 1300 to 1999 or extended access lists ranging from 100 to 199 and 2000 to 2699.
Page 145
ACL applied are filtered by the port ACL. Other packets are filtered by the VLAN map. When an input port ACL is applied to an interface and a VLAN map is applied to a VLAN that the •...
Page 146
IOS IP Command Reference, Volume 1 of 3:Addressing and Services, Release 12.2 > IP Services Commands ip access-list Configures a named ACL. For syntax information, select Cisco IOS IP Command Reference, Volume 1 of 3:Addressing and Services, Release 12.2 > IP Services Commands.
Use the ip address interface configuration command to set an IP address for the Layer 2 switch or to set an IP address for each switch virtual interface (SVI) or routed port on the Layer 3 switch. Use the no form of this command to remove an IP address or to disable IP processing.
Page 148
BOOTP or the DHCP server cannot reassign the address. A Layer 3 switch can have an IP address assigned to each routed port and SVI. The number of routed ports and SVIs that you can configure is not limited by software; however, the interrelationship between this number and the number of other features being configured might have an impact on CPU utilization due to hardware limitations.
All other packet types are bridged in the ingress VLAN without validation. If the switch denies a packet because of an explicit deny statement in the ACL, the packet is dropped. If the switch denies a packet because of an implicit deny statement, the packet is then compared against the list of DHCP bindings (unless the ACL is static, which means that packets are not compared against the bindings).
Page 150
Examples This example shows how to apply the ARP ACL static-hosts to VLAN 1 for dynamic ARP inspection: Switch(config)# ip arp inspection filter static-hosts vlan 1 You can verify your settings by entering the show ip arp inspection vlan 1 privileged EXEC command.
After you configure the rate limit, the interface retains the rate limit even when its trust state is changed. If you enter the no ip arp inspection limit interface configuration command, the interface reverts to its default rate limit.
Page 152
ARP packets on all the channel members. Examples This example shows how to limit the rate of incoming ARP requests on a port to 25 pps and to set the interface monitoring interval to 5 consecutive seconds:...
Y (X/Y) system messages are sent every second. Otherwise, one system message is sent every Y divided by X (Y/X) seconds. For example, if the logs number is 20 and the interval seconds is 4, the switch generates system messages for five entries every second while there are entries in the log buffer.
Page 154
If the log buffer overflows, it means that a log event does not fit into the log buffer, and the output display for the show ip arp inspection log privileged EXEC command is affected. A -- in the output display appears in place of all data except the packet count and the time.
The command was supported in the metro base image. Usage Guidelines The switch does not check ARP packets that it receives on the trusted interface; it simply forwards the packets. For untrusted interfaces, the switch intercepts all ARP requests and responses. It verifies that the intercepted packets have valid IP-to-MAC address bindings before updating the local cache and before forwarding the packet to the appropriate destination.
Page 156
Description ip arp inspection log-buffer Configures the dynamic ARP inspection logging buffer. show ip arp inspection Displays the trust state and the rate limit of ARP packets for the interfaces specified interface or all interfaces. show ip arp inspection Displays the configuration and contents of the dynamic ARP inspection log buffer.
You must specify at least one of the keywords. Each command overrides the configuration of the previous command; that is, if a command enables src-mac and dst-mac validations, and a second command enables IP validation only, the src-mac and dst-mac validations are disabled as a result of the second command.
Page 158
• inspection validate ip command, ARP probes are dropped unless you enter the allow-zeros keyword. The no form of the command disables only the specified checks. If none of the options are enabled, all checks are disabled. Examples This example show how to enable source MAC validation:...
Use the ip arp inspection vlan global configuration command to enable dynamic Address Resolution Protocol (ARP) inspection on a per-VLAN basis. Use the no form of this command to return to the default setting. ip arp inspection vlan vlan-range...
Use the ip arp inspection vlan logging global configuration command to control the type of packets that are logged per VLAN. Use the no form of this command to disable this logging control.
Page 161
If neither the acl-match or the dhcp-bindings keywords are specified, all denied packets are logged. The implicit deny at the end of an ACL does not include the log keyword. This means that when you use the static keyword in the ip arp inspection filter vlan global configuration command, the ACL overrides the DHCP bindings.
Usage Guidelines For any DHCP snooping configuration to take effect, you must globally enable DHCP snooping. DHCP snooping is not active until you enable snooping on a VLAN by using the ip dhcp snooping vlan vlan-id global configuration command. Examples...
Use the ip dhcp snooping binding privileged EXEC command to configure the DHCP snooping binding database and to add binding entries to the database. Use the no form of this command to delete entries from the binding database.
Page 164
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands ip dhcp snooping binding Related Commands Command Description ip dhcp snooping Enables DHCP snooping on a VLAN. show ip dhcp snooping binding Displays the dynamically configured bindings in the DHCP snooping binding database and the configuration information.
Use the ip dhcp snooping database global configuration command to configure the DHCP snooping binding database agent. Use the no form of this command to disable the agent, to reset the timeout value, or to reset the write-delay value.
Page 166
Use the no ip dhcp snooping database write-delay command to reset the write-delay value. Examples This example shows how to store a binding file at an IP address of 10.1.1.1 that is in a directory called directory. A file named file must be present on the TFTP server.
ID suboption). The switch forwards the DHCP request that includes the option-82 field to the DHCP server. When the DHCP server receives the packet, it can use the remote ID, the circuit ID, or both to assign IP addresses and implement policies, such as restricting the number of IP addresses that can be assigned to a single remote ID or a circuit ID.
Page 168
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands ip dhcp snooping information option Related Commands Command Description show ip dhcp snooping Displays the DHCP snooping configuration. show ip dhcp snooping binding Displays the DHCP snooping binding information.
DHCP packets with option-82 information that are received on untrusted ports that might be connected to an edge switch. Use the no form of this command to configure the switch to drop these packets from the edge switch.
Page 170
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands ip dhcp snooping information option allowed-untrusted You can verify your settings by entering the show ip dhcp snooping privileged EXEC command. Related Commands Command Description show ip dhcp snooping Displays the DHCP snooping configuration.
When the option-82 feature is enabled, the default remote-ID suboption is the switch MAC address. This command allows you to configure either the switch hostname or a string of up to 63 ASCII characters (but no spaces) to be the remote ID.
Normally, the rate limit applies to untrusted interfaces. If you want to configure rate limiting for trusted interfaces, keep in mind that trusted interfaces might aggregate DHCP traffic on multiple VLANs (some of which might not be snooped) in the switch, and you will need to adjust the interface rate limits to a higher value.
12.2(25)EX This command was introduced. Usage Guidelines Configure as trusted ports those that are connected to a DHCP server or to other switches or routers. Configure as untrusted ports those that are connected to DHCP clients. Examples This example shows how to enable DHCP snooping trust on a port: Switch(config-if)# ip dhcp snooping trust You can verify your settings by entering the show ip dhcp snooping privileged EXEC command.
Use the ip dhcp snooping verify mac-address global configuration command to configure the switch to verify on an untrusted port that the source MAC address in a DHCP packet matches the client hardware address. Use the no form of this command to configure the switch to not verify the MAC addresses.
Use the ip dhcp snooping vlan global configuration command to enable DHCP snooping on a VLAN. Use the no form of this command to disable DHCP snooping on a VLAN. ip dhcp snooping vlan vlan-range...
DHCP snooping configuration to take effect. When the option-82 feature is enabled, the default circuit-ID suboption is the switch VLAN and the port identifier, in the format vlan-mod-port. This command allows you to configure a string of ASCII characters to be the circuit ID.
Page 177
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands ip dhcp snooping vlan information option format-type circuit-id string The show ip dhcp snooping user EXEC command only displays the global command output, including Note a remote-ID configuration. It does not display any per-interface, per-VLAN string that you have configured for the circuit ID.
You cannot apply IGMP filters to routed ports, switch virtual interfaces (SVIs), or ports that belong to an EtherChannel group. An IGMP profile can be applied to one or more switch port interfaces, but one port can have only one profile applied to it.
Page 179
Displays the running configuration on the switch interface, including interface-id the IGMP profile (if any) that is applied to an interface. For syntax information, select Cisco IOS Configuration Fundamentals Command Reference, Release 12.2 > File Management Commands >...
Use the no form of this command to set the maximum back to the default, which is to have no maximum limit, or to return to the default throttling action, which is to drop the report.
Page 181
• max-groups {deny | replace} command has no effect. Examples This example shows how to limit to 25 the number of IGMP groups that a port can join. Switch(config)# interface gigabitethernet0/2 Switch(config-if)# ip igmp max-groups 25 This example shows how to configure the switch to replace the existing group with the new group for...
• permit: specifies that matching addresses are permitted. • range: specifies a range of IP addresses for the profile. This can be a single IP address or a range • with a start and an end address. When entering a range, enter the low IP multicast address, a space, and the high IP multicast address.
Page 183
Command Description ip igmp filter Applies the IGMP profile to the specified interface. show ip dhcp snooping Displays the characteristics of all IGMP profiles or the specified statistics IGMP profile number. Cisco ME 3400 Ethernet Access Switch Command Reference 2-157...
When IGMP snooping is enabled globally, it is enabled in all the existing VLAN interfaces. When IGMP snooping is disabled globally, it is disabled on all the existing VLAN interfaces. VLAN IDs 1002 to 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in IGMP snooping.
Page 185
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands ip igmp snooping Related Commands Command Description ip igmp snooping report-suppression Enables IGMP report suppression. show ip igmp snooping Displays the snooping configuration. show ip igmp snooping groups Displays IGMP snooping multicast information.
When IGMP snooping is globally disabled, IGMP snooping is disabled on all the existing VLAN interfaces. VLAN IDs 1002 to 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in IGMP snooping. Configuring the leave timer on a VLAN overrides the global setting.
Page 187
Configures a Layer 2 port as a multicast router port. ip igmp snooping vlan static Configures a Layer 2 port as a member of a group. show ip igmp snooping Displays the IGMP snooping configuration.
Use the ip igmp snooping querier global configuration command to globally enable the Internet Group Management Protocol (IGMP) querier function in Layer 2 networks. Use the command with keywords to enable and configure the IGMP querier feature on a VLAN interface. Use the no form of this command to return to the default settings.
Page 189
Usage Guidelines Use this command to enable IGMP snooping to detect the IGMP version and IP address of a device that sends IGMP query messages, which is also called a querier. By default, the IGMP snooping querier is configured to detect devices that use IGMP Version 2 (IGMPv2) but does not detect clients that are using IGMP Version 1 (IGMPv1).
When IGMP router suppression is enabled (the default), the switch sends the first IGMP report from all hosts for a group to all the multicast routers. The switch does not send the remaining IGMP reports for the group to the multicast routers. This feature prevents duplicate reports from being sent to the multicast devices.
Page 191
Command Description ip igmp snooping Enables IGMP snooping on the switch or on a VLAN. show ip igmp snooping Displays the IGMP snooping configuration of the switch or the VLAN. Cisco ME 3400 Ethernet Access Switch Command Reference 2-165 OL-9640-07...
You can prevent the loss of the multicast traffic that might occur because of a topology change by using this command. If you set the TCN flood query count to 1 by using the ip igmp snooping tcn flood query count command, the flooding stops after receiving one general query.
This command was introduced. Usage Guidelines When the switch receives a TCN, multicast traffic is flooded to all the ports until two general queries are received. If the switch has many ports with attached hosts that are subscribed to different multicast groups, this flooding behavior might not be desirable because the flooded traffic might exceed the capacity of the link and cause packet loss.
This command was introduced. Usage Guidelines VLAN IDs 1002 to 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in IGMP snooping. You should only configure the Immediate Leave feature when there is a maximum of one receiver on every port in the VLAN.
Use the ip igmp snooping vlan vlan-id mrouter global configuration command to add a multicast router port or to configure the multicast learning method. Use the no form of this command to return to the default settings.
Page 196
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands ip igmp snooping vlan mrouter Related Commands Command Description ip igmp snooping report-suppression Enables IGMP report suppression. show ip igmp snooping Displays the snooping configuration. show ip igmp snooping groups Displays IGMP snooping multicast information.
Modification 12.2(25)EX This command was introduced. Usage Guidelines VLAN IDs 1002 to 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in IGMP snooping. The configuration is saved in NVRAM. Examples This example shows how to statically configure a port as a multicast router port: Switch(config)# ip igmp snooping vlan 1 mrouter interface gigabitethernet0/2 You can verify your settings by entering the show ip igmp snooping privileged EXEC command.
Page 198
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands ip igmp snooping vlan static Related Commands Command Description ip igmp snooping report-suppression Enables IGMP report suppression. show ip igmp snooping Displays the snooping configuration. show ip igmp snooping groups Displays IGMP snooping multicast information.
A static IP source binding entry has an IP address, its associated MAC address, and its associated VLAN number. The entry is based on the MAC address and the VLAN number. If you modify an entry by changing only the IP address, the switch updates the entry instead creating a new one.
Page 200
Enables IP source guard on an interface. show ip source binding Displays the IP source bindings on the switch. show ip verify source Displays the IP source guard configuration on the switch or on a specific interface. Cisco ME 3400 Ethernet Access Switch Command Reference 2-174...
Usage Guidelines If you do not enter this command or if you do not specify a keyword, the SSH server selects the latest SSH version supported by the SSH client. For example, if the SSH client supports SSHv1 and SSHv2, the SSH server selects SSHv2.
Page 202
Features > Secure Shell Commands. show ssh Displays the status of the SSH server. For syntax information, select Cisco IOS Release 12.2 Configuration Guides and Command References > Cisco IOS Security Command Reference, Release 12.2 > Other Security Features >...
(global configuration) Use the ip sticky-arp global configuration command to enable sticky Address Resolution Protocol (ARP) on a switch virtual interface (SVI) that belongs to a private VLAN. Use the no form of this command to disable sticky ARP.
Page 204
(global configuration) Use the no sticky-arp global configuration command to disable sticky ARP on the switch. • Use the no sticky-arp interface configuration command to disable sticky ARP on an interface when • sticky ARP is disabled on the switch.
(interface configuration) Use the ip sticky-arp interface configuration command to enable sticky Address Resolution Protocol (ARP) on a switch virtual interface (SVI) or a Layer 3 interface. Use the no form of this command to disable sticky ARP.
Page 206
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands ip sticky-arp (interface configuration) If you disconnect the switch from a device and then connect it to another device with a different • MAC address but with the same IP address, the ARP entry is not created, and this message appears: *Mar 2 00:26:06.967: %IP-3-STCKYARPOVR: Attempt to overwrite Sticky ARP entry:...
To enable IP source guard with source IP and MAC address filtering, use the ip verify source port-security interface configuration command. To enable IP source guard with source IP and MAC address filtering, you must enable port security on the interface.
To disallow ICMPv6 neighbor discovery and to deny icmp any any nd-na or icmp any any nd-ns, there must be an explicit deny entry in the ACL. For the implicit deny ipv6 any any statement to take effect, an IPv6 ACL must contain at least one entry.
Page 209
Use the ipv6 traffic-filter interface configuration command with the access-list-name argument to apply an IPv6 ACL to an IPv6 interface. You can apply inbound and outbound IPv6 ACLs to Layer 3 physical interfaces or to switch virtual interfaces for routed ACLs, but only inbound IPv6 ACLs to Layer 2 interfaces for port ACLs.
[rapid-commit] no ipv6 address dhcp [rapid-commit] This command is available only if the switch is running the metro IP access image and you have Note configured a dual IPv4 and IPv6 Switch Database Management (SDM) template on the switch.
This command is available only if the switch is running the metro IP access image and you have Note configured a dual IPv4 and IPv6 Switch Database Management (SDM) template on the switch.
This command is available only if the switch is running the metro IP access image and you have Note configured a dual IPv4 and IPv6 Switch Database Management (SDM) template on the switch.
16-bit values between colons. • lifetime t1 t2: sets a valid and a preferred time interval (in seconds) for the IPv6 address. The range is 5 to 4294967295 seconds. The valid default is 2 days. The preferred default is 1 day. The valid lifetime must be greater than or equal to the preferred lifetime.
Page 214
After you create the DHCPv6 configuration information pool, use the ipv6 dhcp server interface configuration command to associate the pool with a server on an interface. However, if you do not configure an information pool, you still need to use the ipv6 dhcp server interface configuration command to enable the DHCPv6 server function on an interface.
When the server receives an IPv6 DHCP packet, the server determines if it was received from a DHCP relay or if it was directly received from the client. If the packet was received from a relay, the server verifies the link-address field inside the packet associated with the first relay that is closest to the client.
Page 216
The prefix address is valid if it is in the associated local prefix address pool and it is not assigned to a device. If the allow-hint keyword is not specified, the server ignores the client hint, and an address is allocated from the free list in the pool.
(SVIs). If the switch is running the metro IP access image, you can apply an ACL to outbound or inbound traffic on Layer 3 interfaces (router ACLs), or to inbound traffic on Layer 2 interfaces (port ACLs). If the switch is running the metro base or metro access image, you can apply ACLs only to inbound management traffic on Layer 2 interfaces.
Page 218
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands ipv6 traffic-filter Examples This example filters inbound IPv6 traffic on an IPv6-configured interface as defined by the access list named cisco: Switch (config)# interface gigabitethernet0/1 Switch(config-if)# no switchport Switch(config-if)# ipv6 address 2001::/64 eui-64...
Use the l2protocol-tunnel interface configuration command to enable tunneling of Layer 2 protocols on an access port, a trunk port, an IEEE 802.1Q tunnel port, or a port channel. You can enable tunneling for Cisco Discovery Protocol (CDP), Spanning Tree Protocol (STP), or VLAN Trunking Protocol (VTP) packets.
Page 220
When no protocol option is specified with the keyword, the threshold is applied to each of the tunneled Layer 2 protocol types. If you also set a drop threshold on the interface, the shutdown-threshold value must be greater than or equal to the drop-threshold value.
Page 221
When no protocol option is specified with a keyword, the threshold is applied to each of the tunneled Layer 2 protocol types. If you also set a shutdown threshold on the interface, the drop-threshold value must be less than or equal to the shutdown-threshold value.
5. The range is 0 to 7, with 7 being the highest priority. Defaults The default is to use the CoS value configured for data on the interface. If no CoS value is configured, the default is 5 for all tunneled Layer 2 protocol packets.
The lacp port-priority interface configuration command determines which ports are bundled and which ports are put in hot-standby mode when there are more than eight ports in an LACP channel group. This command takes effect only on EtherChannel ports that are already configured for LACP. If the interface is a user network interface (UNI), you must use the port-type nni or port-type eni interface configuration command to change the interface to an NNI or ENI before configuring lacp port-priority.
Page 224
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands lacp port-priority Examples This example shows how to configure the LACP port priority on a port: Switch(config)# interface gigabitethernet0/1 Switch(config-if)# lacp port-priority 1000 You can verify your settings by entering the show lacp [channel-group-number] internal privileged EXEC command.
LACP. An LACP channel group can have up to 16 Ethernet ports of the same type. Up to eight ports can be active, and up to eight ports can be in standby mode. When there are more than eight ports in an LACP channel group, the switch on the controlling end of the link uses port priorities to determine which ports are bundled into the channel and which ports are put in hot-standby mode.
Page 226
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands lacp system-priority Examples This example shows how to set the LACP system priority: Switch(config)# lacp system-priority 20000 You can verify your settings by entering the show lacp sys-id privileged EXEC command. Related Commands Command Description channel-group Assigns an Ethernet port to an EtherChannel group.
Use the link state group interface configuration command to configure a port as a member of a link-state group. Use the no form of this command to remove the port from the link-state group.
Page 228
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands link state group Examples This example shows how to configure the interfaces as upstream in group 2: Switch# configure terminal Switch(config)# interface range gigabitethernet0/11 - 14 Switch(config-if-range)# link state group 2 downstream...
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands link state track link state track Use the link state track user EXEC command to enable a link-state group. Use the no form of this command to disable a link-state group. link state track [number] no link state track [number] This command is supported only when the switch is running the metro access or metro IP access image.
Usage Guidelines After entering the location civic-location identifier id global configuration command, you enter civic location configuration mode. In this mode, you can enter the civic location and the postal location information. Use the no lldp med-tlv-select location information interface configuration command to disable the location TLV.
Page 231
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands location (global configuration) This example shows how to configure the emergency location information location on the switch: Switch (config)# location elin-location 14085553881 identifier 1 You can verify your settings by entering the show location elin privileged EXEC command.
(interface configuration) location (interface configuration) Use the location interface command to enter location information for an interface. Use the no form of this command to remove the interface location information. location {additional-location-information word | civic-location-id id | elin-location-id id}...
Page 233
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands location (interface configuration) Related Commands Command Description location (global configuration) Configures the location information for an endpoint. show location Displays the location information for an endpoint. Cisco ME 3400 Ethernet Access Switch Command Reference...
Use the logging event interface configuration command to enable notification of interface link status changes. Use the no form of this command to disable notification. logging event {bundle-status | link-status | spanning-tree | status | trunk status}...
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands logging file logging file Use the logging file global configuration command to set logging file parameters. Use the no form of this command to return to the default setting. logging file filesystem:filename [max-file-size [min-file-size]] [severity-level-number | type]...
Page 236
Usage Guidelines The log file is stored in ASCII text format in an internal buffer on the switch. You can access logged system messages by using the switch command-line interface (CLI) or by saving them to a properly configured syslog server.
ACL replaces the previously configured one. If you apply an ACL to a Layer 2 interface on a switch, and the switch has an input Layer 3 ACL or a VLAN map applied to a VLAN that the interface is a member of, the ACL applied to the Layer 2 interface takes precedence.
Page 238
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands mac access-group Examples This example shows how to apply a MAC extended ACL named macacl2 to an interface: Switch(config)# interface gigabitethernet0/1 Switch(config-if)# mac access-group macacl2 in You can verify your settings by entering the show mac access-group privileged EXEC command. You can see configured ACLs on the switch by entering the show access-lists privileged EXEC command.
Use the mac access-list extended global configuration command to create an access list based on MAC addresses for non-IP traffic. Using this command puts you in the extended MAC access-list configuration mode. Use the no form of this command to return to the default setting.
Page 240
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands mac access-list extended Examples This example shows how to create a MAC named extended access list named mac1 and to enter extended MAC access-list configuration mode: Switch(config)# mac access-list extended mac1...
Use the mac address-table aging-time global configuration command to set the length of time that a dynamic entry remains in the MAC address table after the entry is used or updated. Use the no form of this command to return to the default setting. The aging time applies to all VLANs or a specified VLAN.
Use the mac address-table learning global configuration command to enable MAC address learning on a VLAN. This is the default state. Use the no form of this command to disable MAC address learning on a VLAN to control which VLANs can learn MAC addresses.
Page 243
You cannot disable MAC address learning on an RSPAN VLAN. The configuration is not allowed. If you disable MAC address learning on a VLAN that includes a secure port, MAC address learning is not disabled on the secure port. If you later disable port security on the interface, the disabled MAC address learning state is enabled.
Use the no form of this command to return to the default setting. mac address-table move update {receive | transmit} no mac address-table move update {receive | transmit} This command is supported only when the switch is running the metro IP access or metro access image. Syntax Description receive Specify that the switch processes MAC address-table move update messages.
Page 245
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands mac address-table move update Related Commands Command Description clear mac address-table move Clears the MAC address-table move update global counters. update debug matm move update Debugs the MAC address-table move update message processing.
This command was introduced. Usage Guidelines Whenever a new MAC address is added or an old address is deleted from the forwarding tables, the MAC address notification feature sends Simple Network Management Protocol (SNMP) traps to a network management system (NMS). MAC notifications are generated only for dynamic and secure MAC addresses.
Page 247
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands mac address-table notification You can verify your settings by entering the show mac address-table notification privileged EXEC command. Related Commands Command Description clear mac address-table notification Clears the MAC address notification global counters.
Examples This example shows how to add the static address c2f3.220a.12f4 to the MAC address table. When a packet is received in VLAN 4 with this MAC address as its destination, the packet is forwarded to the specified interface: Switch(config)# mac address-table static c2f3.220a.12f4 vlan 4 interface gigabitethernet0/1 You can verify your setting by entering the show mac address-table privileged EXEC command.
If you add a unicast MAC address as a static address and configure unicast MAC address filtering, the switch either adds the MAC address as a static address or drops packets with that MAC address, depending on which command was entered last. The second command that you entered overrides the first command.
Page 250
Examples This example shows how to enable unicast MAC address filtering and to configure the switch to drop packets that have a source or destination address of c2f3.220a.12f4. When a packet is received in VLAN 4 with this MAC address as its source or destination, the packet is dropped: Switch(config)# mac address-table static c2f3.220a.12f4 vlan 4 drop...
If a command fails because of a syntax error or a configuration error when you apply a macro, the macro continues to apply the remaining commands to the interface.
Page 252
Examples After you have created a macro by using the macro name global configuration command, you can apply it to an interface. This example shows how to apply a user-created macro called duplex to an interface: Switch(config-if)# macro apply duplex To debug a macro, use the macro trace interface configuration command to find any syntax or configuration errors in the macro as it is applied to an interface.
Use the description keyword to associate comment text, or the macro name, with an interface. When multiple macros are applied on a single interface, the description text will be from the last applied macro. This example shows how to add a description to an interface:...
If a command fails because of a syntax error or a configuration error when you apply a macro, the macro continues to apply the remaining commands to the switch.
Page 255
After you have created a new macro by using the macro name global configuration command, you can apply it to a switch. This example shows how see the snmp macro and how to apply the macro and set the hostname to test-server and set the IP precedence value to 7:...
Use the macro global description global configuration command to enter a description about the macros that are applied to the switch. Use the no form of this command to remove the description. macro global description text no macro global description text...
A macro can contain up to 3000 characters. Enter one macro command per line. Use the @ character to end the macro. Use the # character at the beginning of a line to enter comment text within the macro. You can define mandatory keywords within a macro by using a help string to specify the keywords. Enter # macro keywords word to define the keywords that are available for use with the macro.
Page 258
Switch(config)# macro name test switchport access vlan $VLANID switchport port-security maximum $MAX #macro keywords $VLANID $MAX This example shows how to display the mandatory keyword values before you apply the macro to an interface: Switch(config)# interface gigabitethernet0/1 Switch(config-if)# macro apply test ? WORD keyword to replace with a value e.g...
Examples This example shows how to define and apply a VLAN access map vmap4 to VLANs 5 and 6 that will cause the interface to drop an IP packet if the packet matches the conditions defined in access list al2.
Page 260
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands match (access-map configuration) You can verify your settings by entering the show vlan access-map privileged EXEC command. Related Commands Command Description access-list Configures a standard numbered ACL. For syntax information, select Cisco IOS IP Command Reference, Volume 1 of 3:Addressing and Services, Release 12.2 >...
Use the match access-group class-map configuration command to configure the match criteria for a class map on the basis of the specified access control list (ACL). Use the no form of this command to remove the ACL match criteria.
This command was introduced. Usage Guidelines The match cos command specifies a CoS value to use as the match criteria to determine if packets belong to the class specified by the class map. Before using the match cos command, you must enter the class-map global configuration command to specify the name of the class whose match criteria you want to establish.
You can enter up to eight DSCP values in one match statement. For example, if you wanted the DCSP values of 0, 1, 2, 3, 4, 5, 6, or 7, enter the match ip dscp 0 1 2 3 4 5 6 7 command. The packet must match only one (not all) of the specified IPv4 DSCP values to belong to the class.
Page 264
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands match ip dscp Examples This example shows how to create a class map called inclass, which matches all the incoming traffic with DSCP values of 10, 11, and 12: Switch(config)# class-map match-any in-class...
For example, the precedence value of 2 is not greater than 1, but merely indicates that a packet marked with a value of 2 is different than one marked with a value of 1. You define the treatment of these marked packets by setting QoS policies in policy-map class configuration mode.
Page 266
Related Commands Command Description class-map Creates a class map to be used for matching packets to the class whose name you specify. show class-map Displays quality of service (QoS) class maps. Cisco ME 3400 Ethernet Access Switch Command Reference...
Use the match qos-group class-map configuration command to ntify a specific quality of service (QoS) group value as a match criterion for a class. Use the no form of this command to remove the match criterion. match qos-group value...
Page 268
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands match qos-group Related Commands Command Description class-map Creates a class map to be used for matching packets to the class whose name you specify. show class-map Displays QoS class maps. Cisco ME 3400 Ethernet Access Switch Command Reference 2-242...
VLANs, and you can apply independent QoS policies to each parent-service class using any child-policy A policy is considered a parent policy map when it has one or more of its classes associated with a child policy-map. Each class within a parent policy map is called a parent class. You can configure only the match vlan command in parent classes.
Page 270
(match ip dscp, match ip precedence, match IP ACL), you must be careful to ensure that these VLANs are not carried on any port other than the one on which this per-port, per-VLAN policy is attached. Not following this restriction could result in improper QoS behavior for traffic ingressing the switch on these VLANs.
Page 271
Related Commands Command Description class-map Creates a class map to be used for matching packets to a specified class name. show class-map Displays quality of service (QoS) class maps. Cisco ME 3400 Ethernet Access Switch Command Reference 2-245...
This command was introduced. Usage Guidelines When you enable auto-MDIX on an interface, you must also set the speed and duplex on the interface to auto so that the feature operates correctly. If the port is a user network interface (UNI) or enhanced network interfaces (ENI), you must use the no shutdown interface configuration command to enable it before using the mdix auto command.
Page 273
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands mdix auto Related Commands Command Description show controllers Displays general information about internal registers of an interface, ethernet-controller including the operational state of auto-MDIX. interface-id phy Cisco ME 3400 Ethernet Access Switch Command Reference...
When you select sfp, the switch disables the RJ-45 interface. If you connect a cable to this port, it cannot attain a linkup even if the SFP module side is down or if the SFP module is not present. Based on the type of installed SFP module, you can configure the speed and duplex settings consistent with this interface type.
Page 275
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands media-type To configure speed or duplex settings on a dual-purpose port, you must first select the media type. If you configure auto-select, you cannot configure the speed and duplex interface configuration commands.
VLANs to or from an existing SPAN or RSPAN session, and to limit (filter) SPAN source traffic to specific VLANs. Use the no form of this command to remove the SPAN or RSPAN session or to remove source or destination interfaces or filters from the SPAN or RSPAN session. For destination interfaces, the encapsulation dot1q or encapsulation replicate keywords are ignored with the no form of the command.
Page 277
This command was introduced. Usage Guidelines Traffic that enters or leaves source ports or source VLANs can be monitored by using SPAN or RSPAN. Traffic routed to source ports or source VLANs cannot be monitored. You can set a combined maximum of two local SPAN sessions and RSPAN source sessions. You can have a total of 66 SPAN and RSPAN sessions on a switch.
Page 278
VSPAN, and only packets with the monitored VLAN ID are sent to the destination port. You can monitor traffic on a single port or VLAN or on a series or range of ports or VLANs. You select a series or range of interfaces or VLANs by using the [, | -] options.
Page 279
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands monitor session Examples This example shows how to create a local SPAN session 1 to monitor both sent and received traffic on source port 1 to destination port 2: Switch(config)# monitor session 1 source interface gigabitethernet0/1 both...
Use the mvr global configuration command without keywords to enable the multicast VLAN registration (MVR) feature on the switch. Use the command with keywords to set the MVR mode for a switch, configure the MVR IP multicast address, set the maximum time to wait for a query reply before removing a port from group membership, and to specify the MVR multicast VLAN.
Page 281
A maximum of 256 MVR multicast groups can be configured on a switch. Use the mvr group command to statically set up all the IP multicast addresses that will take part in MVR. Any multicast data sent to a configured multicast address is sent to all the source ports on the switch and to all receiver ports that have registered to receive data on that IP multicast address.
Page 282
MVR groups of which the interface is a member. show mvr members Displays all ports that are members of an MVR multicast group; if the group has no members, its status is shown as Inactive. Cisco ME 3400 Ethernet Access Switch Command Reference 2-256...
Use the mvr interface configuration command to configure a Layer 2 port as a multicast VLAN registration (MVR) receiver or source port, to set the Immediate Leave feature, and to statically assign a port to an IP multicast VLAN and IP address. Use the no form of this command to return to the default settings.
Page 284
Receiver ports on a switch can be in different VLANs, but should not belong to the multicast VLAN. A port that is not taking part in MVR should not be configured as an MVR receiver port or a source port.
Page 285
Switch(config)# interface fastethernet0/5 Switch(config-if)# mvr vlan 100 receiver vlan 201 This example shows how to add on port 5 the receiver VLAN 201 as a static member of the IP multicast group 239.1.1.1, with an MVR VLAN of 100: Switch(config)# interface fastethernet0/5 Switch(config-if)# mvr vlan 100 group 239.1.1.1 receiver vlan 201...
(EVC) operation, administration, and maintenance (OAM) protocol as IEEE 801.2ag Connectivity Fault Management (CFM) and to identify the service provider VLAN-ID for a CFM domain level. Use the no form of this command to remove the OAM protocol configuration for the EVC. oam protocol cfm svlan vlan-id domain domain-name no oam protocol This command is available only if your switch is running the metro IP access or metro access image.
Use the pagp learn-method interface configuration command to learn the source address of incoming packets received from an EtherChannel port. Use the no form of this command to return to the default setting. pagp learn-method {aggregation-port | physical-port} no pagp learn-method PAgP is available only on network node interfaces (NNIs) and enhanced network interfaces (ENIs).
Page 288
Only use the pagp learn-method interface configuration command in this situation. Examples This example shows how to set the learning method to learn the address on the physical port within the EtherChannel: Switch(config-if)# pagp learn-method physical-port...
This command was introduced. Usage Guidelines If the interface is a user network interface (UNI), you must enter the port-type nni or port-type eni interface configuration command before configuring pagp port-priority. The physical port with the highest operational priority and that has membership in the same EtherChannel is the one selected for PAgP transmission.
Page 290
Examples This example shows how to set the port priority to 200: Switch(config-if)# pagp port-priority 200 You can verify your setting by entering the show running-config privileged EXEC command or the show pagp channel-group-number internal privileged EXEC command. Related Commands...
Use the permit Address Resolution Protocol (ARP) access-list configuration command to permit an ARP packet based on matches against the Dynamic Host Configuration Protocol (DHCP) bindings. Use the no form of this command to remove the specified access control entry (ACE) from the access control list.
Page 292
You can add permit clauses to forward ARP packets based on some matching criteria. Examples This example shows how to define an ARP access list and to permit both ARP requests and ARP responses from a host with an IP address of 1.1.1.1 and a MAC address of 0000.0000.abcd: Switch(config)# arp access-list static-hosts Switch(config-arp-nacl)# permit ip host 1.1.1.1 mac host 0000.0000.abcd...
(IPv6 access-list configuration) permit (IPv6 access-list configuration) Use the permit IPv6 access list configuration command to set permit conditions for an IPv6 access list. Use the no form of this command to remove the permit conditions. permit {protocol} {source-ipv6-prefix/prefix-length | any | host source-ipv6-address} [operator...
Page 294
The optional port-number argument is a decimal number or the name of a TCP or a UDP port. A port number is a number from 0 to 65535. TCP port names can be used only when filtering TCP. UDP port names can be used only when filtering UDP.
Page 295
(Optional) Specify an ICMP message code for filtering ICMP packets. ICMP packets that are filtered by the ICMP message type can also be filtered by the ICMP message code. The code is a number from 0 to 255. icmp-message (Optional) Specify an ICMP message name for filtering ICMP packets.
Page 296
You can add permit, deny, or remark statements to an existing access list without re-entering the entire list. To add a new statement somewhere other than at the end of the list, create a new statement with an appropriate entry number that falls between two existing entry numbers to show where it belongs.
Page 297
Switch(config-if)# ipv6 traffic-filter OUTBOUND out Switch(config-if)# ipv6 traffic-filter INBOUND in Given that a permit any any statement is not included as the last entry in the OUTBOUND or the Note INBOUND access list, only TCP, UDP, and ICMP packets can leave or enter the interface (the implicit deny-all condition at the end of the access list denies all other packet types on the interface).
Page 299
If you use the host keyword, you cannot enter an address mask; if you do not use the any or host keywords, you must enter an address mask. Cisco ME 3400 Ethernet Access Switch Command Reference...
Page 300
After an access control entry (ACE) is added to an access control list, an implied deny-any-any condition exists at the end of the list. That is, if there are no matches, the packets are denied. However, before the first ACE is added, the list permits all packets.
A policer defines a maximum permissible rate of transmission, a maximum burst size for transmissions, and an action to take if a maximum is exceeded. In policy-map class police configuration mode, you can specify multiple actions for a packet.
Page 302
(Optional) Action to be taken for packets that do not conform to the CIR. drop Drop the packet. Defaults No policers are defined. Conform burst (bc) is automatically configured to 250 ms at the configured CIR. Command Modes Policy-map class configuration Command History...
Page 303
Examples This example shows how to configure a policer with a 1-Mbps average rate with a burst size of 20 KB. The policer sets a new DSCP precedence value if the packets conform to the rate and drops the packet if traffic exceeds the rate.
Page 304
This example shows how to configure a policer with default actions. Switch(config)# policy-map policy2 Switch(config-pmap)# class class2 Switch(config-pmap-c)# police 1000000 20000 conform-action transmit exceed-action drop Switch(config-pmap-c)# exit You can verify your settings by entering the show policy-map privileged EXEC command. Related Commands Command Description class Defines a traffic classification match criteria for the specified class-map name.
Use the policer aggregate global configuration command to create an aggregate policer to police all traffic across multiple classes in an input policy map. An aggregate policer can be shared by multiple classes in the same policy map. A policer defines a maximum permissible rate of transmission or committed information rate, a maximum burst size for transmissions, and an action to take if the maximum is met or exceeded.
Page 306
(Optional) Action to be taken on packets that do not conform to the CIR. drop Drop the packet. Defaults No aggregate policers are defined. When you configure an aggregate policer, conform burst (bc) is automatically configured at 250 ms at the configured CIR. Command Modes Global configuration Command History Release Modification 12.2(25)EX...
Page 307
If burst size (bc) is not specified, the system calculates an appropriate burst size value that equals the number of bytes that can be sent in 250 ms at the CIR rate. In most cases, the automatically calculated value is appropriate; enter a new value only if you are aware of all implications.
Page 308
Defines a traffic classification match criteria for the specified class-map name. policy-map Creates or modifies a policy map that can be attached to multiple ports to specify a service policy. show policer aggregate Displays the aggregate policer configuration. Cisco ME 3400 Ethernet Access Switch Command Reference...
A policer defines a maximum permissible rate of transmission, a maximum burst size for transmissions, and an action to take if either maximum is exceeded. Use the no form of this command to remove the specified policer.
Page 310
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands police aggregate (policy-map class configuration) You can verify your settings by entering the show aggregate policer privileged EXEC command. Related Commands Command Description class Defines a traffic classification match criteria for the specified class-map name.
Use the policer cpu uni global configuration command to enable or disable CPU protection and to configure the CPU policing threshold for all user network interfaces (UNIs) and enhanced network interfaces (ENIs) on the switch. Use the no form of this command to return to the default rate or to disable CPU protection.
Page 312
Note processing overload and storm control through software. You can enter the show policer cpu uni-eni {drop | rate} privileged EXEC command to see if CPU protection is enabled. For more information about control-plane security, see the software configuration guide for this release.
If you enter the no policy-map configuration command or the no policy-map policy-map-name global configuration command to delete a policy map that is attached to an interface, a warning message appears that lists any interfaces from which the policy map is being detached. The policy map is then detached and deleted. For example:...
Page 314
You can create input policy maps and output policy maps, and you can assign one input policy map and one output policy map to a port. The input policy map acts on incoming traffic on the port; the output policy map acts on outgoing traffic.
Page 315
Switch(config-pmap-c)# police 20000000 Switch(config-pmap-c)# exit This example shows how to configure an output policy map that provides priority with rate limiting to the gold class and guarantees a minimum remaining bandwidth percent of 20 percent to the silver class and 10 percent to the bronze class:...
Use the port-channel load-balance global configuration command to set the load-distribution method among the ports in the EtherChannel. Use the no form of this command to return to the default setting. port-channel load-balance {dst-ip | dst-mac | src-dst-ip | src-dst-mac | src-ip | src-mac}...
Page 317
Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_comman d_reference_list.html Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command. Cisco ME 3400 Ethernet Access Switch Command Reference 2-291...
ENI port. A port configured as an ENI has the same defaults as a UNI port, but the you can configure control protocols (CDP, STP, LLDP, LACP and PAgP) on ENIs. These protocols are not supported on UNIs.
Page 319
Every port on the switch can be a UNI or ENI, but when the switch is running the metro base or metro access image, only four ports can be NNIs at the same time. If the switch is running the metro IP access image, you can configure all ports as NNIs.
Use the power-supply dual global configuration command to enable power supply alarm indications (LED state, MIB state, and MIB traps) when a power supply on an ME 3400-12CS switch is not providing power. Use the no form of this command when running the switch on a single power supply to suppress the power-supply alarm for the second power supply.
Page 321
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands power-supply dual Related Commands Command Description show env {all | power} Displays the power-supply alarm setting for the switch. Cisco ME 3400 Ethernet Access Switch Command Reference 2-295 OL-9640-07...
You can use priority with the police {rate-bps | cir cir-bps} policy-map command to reduce the bandwidth used by the priority queue. This is the only form of policing that is supported in output policy maps. Using this combination of commands configures a maximum rate on the priority queue and allows you to use the bandwidth and shape average policy-map commands for other classes to allocate traffic rates on other queues.
Page 323
You cannot configure priority and any other scheduling action (shape average or bandwidth) in the same class. The priority command uses a default queue limit for the class. You can change the queue limit by using the queue-limit policy-map class command, overriding the default set by the priority command.
Page 324
Defines a policer for classified traffic. policy-map Creates or modifies a policy map that can be attached to multiple ports to specify a service policy. show policy-map Displays quality of service (QoS) policy maps. Cisco ME 3400 Ethernet Access Switch Command Reference...
This command was introduced. Usage Guidelines You must manually configure private VLANs on all switches in the Layer 2 network to merge their Layer 2 databases and to prevent flooding of private-VLAN traffic. You cannot include VLAN 1 or VLANs 1002 to 1005 in the private-VLAN configuration. Extended VLANs (VLAN IDs 1006 to 4094) can be configured as private VLANs.
Page 326
A private VLAN cannot be a user network interface-enhanced network interface (UNI-ENI) VLAN. If the VLAN is a UNI-ENI isolated VLAN (the default), you can change it to a private VLAN by entering the private-vlan VLAN configuration command. If a VLAN has been configured as a UNI-ENI community VLAN, you must first enter the no uni-vlan VLAN configuration command before configuring it as a private VLAN.
Page 327
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands private-vlan You can verify your setting by entering the show vlan private-vlan or show interfaces status privileged EXEC command. Related Commands Command Description show interfaces status Displays the status of interfaces, including the VLANs to which they belong.
VLAN. The secondary_vlan_list parameter cannot contain spaces. It can contain multiple comma-separated items. Each item can be a single private-VLAN ID or a hyphenated range of private-VLAN IDs. The list can contain one isolated VLAN and multiple community VLANs.
Page 329
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands private-vlan mapping Examples This example shows how to map the interface of VLAN 20 to the SVI of VLAN 18: Switch# configure terminal Switch# interface vlan 18 Switch(config-if)# private-vlan mapping 20...
Use the queue-limit policy-map class configuration command to set the queue maximum threshold for Weighted Tail Drop (WTD) in an output policy map. Use the no form of this command to return to the default. queue-limit [cos value | dscp value | precedence value | qos-group value] number-of-packets...
Page 331
When you use the queue-limit command to configure thresholds within a class map, the WTD thresholds must be less than or equal to the maximum threshold of the queue. This means that the queue size configured without a qualifier must be larger than any of the queue sizes configured with a qualifier.
Page 332
The example also shows how if outclass1 matches to dscp 46, 56, 57, 58, 60, 63, a DSCP value of 46 gets a queue size of 32 (256-byte) packets; DSCP values 56, 57, and 58 get queue sizes of 48 (256-byte) packets;...
This command was introduced. Usage Guidelines Valid RSPAN VLAN IDs are 2 to 1001 and 1006 to 4094. The RSPAN VLAN cannot be VLAN 1 (the default VLAN) or VLAN IDs 1002 to 1005 (reserved for Token Ring and FDDI VLANs).
Page 334
Switch(config-vlan)# remote-span This example shows how to remove the RSPAN feature from a VLAN. Switch(config)# vlan 901 Switch(config-vlan)# no remote-span You can verify your settings by entering the show vlan remote-span user EXEC command. Related Commands Command Description monitor session Enables Switched Port Analyzer (SPAN) and RSPAN monitoring on a port and configures a port as a source or destination port.
This command was introduced. Usage Guidelines If you do not specify a URL, the switch tries to read the file from the configured URL. Examples This example shows how to renew the DHCP snooping binding database without checking CRC values: Switch# renew ip dhcp snooping database validation none You can verify settings by entering the show ip dhcp snooping database privileged EXEC command.
These messages are flooded to the whole network, not just the REP segment. Switches that do not belong to the segment treat them as data traffic. Configuring an administrative VLAN for the whole domain can control flooding of these messages.
VLANs at the primary edge port. This behavior remains until you configure the rep block port command. If the primary edge port cannot determine which port is to be the alternate port, the default action is no preemption and no VLAN load balancing.
Page 338
Each port in a segment has a unique port ID. The port ID format is similar to the one used by the spanning tree algorithm: a port number (unique on the bridge) associated to a MAC address (unique in the network).
Page 339
Switch (config-if)# rep block port id 0080001647FB1780 vlan 1-100 Switch (config-if)# exit This example shows how to configure VLAN load balancing by using a neighbor offset number and how to verify the configuration by entering the show interfaces rep detail privileged EXEC command:...
Usage Guidelines The LSL hello timer is set to the age timer value divided by 3 so that there should be at least two LSL hellos sent within the LSL age timer period. If no hellos are received within that time, the REP link is brought down.
Set the number of seconds to delay REP preemption. The range is 15 to 300. Defaults No preemption delay is set. If you do not enter the rep preempt delay command, the default is manual preemption with no delay. Command Modes...
Page 342
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands rep preempt delay Related Commands Command Description rep block port Configures VLAN load balancing. show interfaces rep Displays REP configuration and status for all interfaces or a specified interface. Cisco ME 3400 Ethernet Access Switch Command Reference 2-316 OL-9640-07...
If you do not configure VLAN load balancing, entering this command results in the default behavior—the primary edge port blocks all VLANs. You configure VLAN load balancing by entering the rep block port {id port-id | neighbor_offset | preferred} vlan {vlan-list | all} interface configuration command on the REP primary edge port before you manually start preemption.
Use the rep segment interface configuration command to enable Resilient Ethernet Protocol (REP) on the interface and to assign a segment ID to it. Use the no form of this command to disable REP on the interface. rep segment segment-id [edge [no-neighbor] [primary]] [preferred]...
Page 345
(UNIs) or enhanced network interfaces (ENIs). You must configure two edge ports on each REP segment, a primary edge port and a port to act as a secondary edge port. If you configure two ports in a segment as the primary edge port, for example ports on different switches, the configuration is allowed, but the REP selects one of them to serve as the segment primary edge port.
Page 346
Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands rep segment You can verify your settings by entering the show interfaces rep privileged EXEC command. To verify which port in the segment is the primary edge port, enter the show rep topology privileged EXEC command. Related Commands...
Enter this command on a segment edge port. You use this command to notify other portions of the Layer 2 network of topology changes that occur in the local REP segment. This removes obsolete entries in the Layer 2 forwarding table in other parts of the network, which allows faster network convergence.
Entering the reserved-only command restricts assignments from the DHCP pool to preconfigured reservations. Unreserved addresses that are part of the network or on pool ranges are not offered to the client, and other clients are not served by the pool.
Use the rmon collection stats interface configuration command to collect Ethernet group statistics, which include usage statistics about broadcast and multicast packets, and error statistics about cyclic redundancy check (CRC) alignment errors and collisions. Use the no form of this command to return to the default setting.
Layer 2 and Layer 3 functionality, or you can maximize system usage to support only Layer 2 features in hardware. You can also select the dual IPv4 and IPv6 template to support IPv6 forwarding. Use the no form of this command to return to the default template.
Page 351
IP access image. The values in the template are based on eight routed interfaces and approximately 1024 VLANs and represent the approximate hardware boundaries set when a template is selected. If a section of a hardware resource is full, all processing overflow is sent to the CPU, seriously impacting switch performance.
Page 352
Switch(config)# sdm prefer layer-2 Switch(config)# exit Switch# reload This is an example of an output display when you have changed the template to the layer-2 template and have not reloaded the switch: Switch# show sdm prefer The current template is "default" template.
[evc-id] no service instance id This command is available only if your switch is running the metro IP access or metro access image. Syntax Description Define a service instance identifier, a per-interface service identifier that does not map to a VLAN.
Page 354
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands service instance Related Commands Command Description show ethernet service Displays information about configured Ethernet service instances. instance Cisco ME 3400 Ethernet Access Switch Command Reference 2-328 OL-9640-07...
(the default). This mechanism allows an end user with physical access to the switch to press the break key on the console terminal to interrupt the boot process while the switch is powering up and to assign a new password.
Page 356
If the user chooses not to reset the system to the default configuration, the normal boot process continues as if the break key had not been pressed. If you choose to reset the system to the default configuration, the configuration file in flash memory is deleted, and the VLAN database file, flash:vlan.dat (if present), is deleted.
QoS: Configuration failed. Maximum number of allowable unique queue-limit configurations exceeded. You can attach input or output policy maps to a Fast Ethernet or Gigabit Ethernet port. You cannot attach policy maps to switch virtual interfaces (SVIs) and EtherChannel interfaces.
Page 358
You can verify your settings by entering the show running-config privileged EXEC command. Related Commands Command Description policy-map Creates or modifies a policy map that can be attached to multiple ports to specify a service policy. show policy-map Displays quality of service (QoS) policy maps. show policy-map...
Use the service-policy policy-map class configuration command to configure a quality of service (Q0S) service policy for an input or output policy map or a per-port, per-VLAN policy map. Use the no form of this command to disable a service policy as a QoS policy within a policy map.
Page 360
Examples This example shows how to define the service policy and to attach it to a parent policy map to set the maximum bandwidth (shape) for an output queue at 90000000 bits per second: Switch(config)# policy-map out-policy-parent...
Page 361
Defines a traffic classification match criteria for the specified class-map name. policy-map Creates or modifies a policy map that can be attached to multiple ports to specify a service policy. show policy-map Displays quality of service (QoS) policy maps.
Use the set cos command if you want to mark a packet that is being sent to a switch. Switches can leverage Layer 2 header information including a CoS value marking.
Page 363
(QoS) based on the CoS markings. You can also configure Layer 2 to Layer 3 mapping by matching on the CoS value because switches can already match and set CoS values.
Use the set [ip] dscp policy-map class configuration command to mark IPv4 traffic by setting a Differentiated Services Code Point (DSCP) value in the type of service (ToS) byte of the packet. Use the no form of this command to remove traffic marking.
Page 365
If you specify a from-field category, but do not specify the table keyword and table-map-name, the default action is to copy the value associated with the from-field category as the DSCP value. For example, if you enter the set dscp cos command, the CoS value is copied and used as the DSCP value. Examples...
Use the set [ip] precedence policy-map class configuration command to mark IPv4 traffic by setting an IP-precedence value in the packet. Use the no form of this command to remove traffic marking. set [ip] precedence {precedence_value | from-field [table table-map-name]} no set [ip] precedence {precedence_value | from-field [table table-map-name]} Entering ip precedence is the same as entering precedence.
Page 367
You can configure set precedence with other marking actions, specifically set cos and set qos-group, for the same class. Support was also added for the ability to configure more than one marking action with enhanced packet marking by using table maps for the same class.
Use the set qos-group policy-map class configuration command to set a a quality of service (QoS) group identifier that can be used later to classify packets. Use the no form of this command to remove the group identifier.
Page 369
Description class Defines a traffic classification match criteria for the specified class-map name. policy-map Creates or modifies a policy map that can be attached to multiple ports to specify a service policy. show policy-map Displays QoS policy maps. Cisco ME 3400 Ethernet Access Switch Command Reference...
EXEC command. Help text is provided for each prompt. To access help text, press the question mark (?) key at a prompt. To return to the privileged EXEC prompt without making changes and without running through the entire System Configuration Dialog, press Ctrl-C.
Page 371
Enter virtual terminal password: terminal-password Configure SNMP Network Management? [no]: yes Community string [public]: Current interface summary Any interface listed with OK? value “NO” does not have a valid configuration Interface IP-Address OK? Method Status Protocol Vlan1 172.20.135.202...
Page 372
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands setup Use this configuration? [yes/no]: yes [0] Go to the IOS command prompt without saving this config. [1] Return back to the setup without saving this config. [2] Save this configuration to nvram and exit.
(PIR) for that class. Configuring traffic shaping for the class class-default when it is the only class in the policy map that is attached to an interface sets the PIR for the interface (port shaping).
Page 374
This example shows how to configure traffic shaping for outgoing traffic on a Fast Ethernet port so that outclass1, outclass2, and outclass3 get a maximum of 50, 20, and 10 Mbps of the buffer size. The class class-default gets the remaining bandwidth.
Use the show access-lists privileged EXEC command to display access control lists (ACLs) configured on the switch. show access-lists [name | number | hardware counters | ipc] [ | {begin | exclude | include} expression] Syntax Description name (Optional) Name of the ACL.
Page 376
10 permit 10.10.10.10 Extended IP access list 121 10 permit ahp host 10.10.10.10 host 20.20.10.10 precedence routine This is an example of output from the show access-lists hardware counters command: Switch# show access-lists hardware counters L2 ACL INPUT Statistics Drop:...
Page 377
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show access-lists Bridge Only And Log: All bytes count: 0 Forwarding To CPU: All frame count: 0 Forwarding To CPU: All bytes count: 0 Forwarded: All frame count: 514434...
Use the show archive status privileged EXEC command to display the status of a new image being downloaded to a switch with the HTTP or the TFTP protocol. show archive status [ |{begin | exclude | include} expression]...
The command was supported in the metro base image. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed. Examples This is an example of output from the show arp access-list command: Switch>...
12.2(25)EX This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed. Examples This is an example of output from the show boot command. Switch#...
Page 381
Enable Break Displays whether a break during booting is enabled or disabled. If it is set to yes, on, or 1, you can interrupt the automatic boot process by pressing the Break key on the console after the flash file system is initialized.
This command was introduced. Usage Guidelines TDR is supported only on copper Ethernet 10/100 ports on the Cisco ME switch. It is not supported on small form-factor pluggable (SFP)-module ports. For more information about TDR, see the software configuration guide for this release.
Page 383
The cable has a short. • Remote pair Name of the pair of wires to which the local pair is connected. TDR can learn about the remote pair only when the cable is properly connected and the link is up. Pair status The status of the pair of wires on which TDR is running: Normal—The pair of wires is properly connected.
12.2(25)EX This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed. Examples This is an example of output from the show class-map command: Switch>...
This display provides information that might be useful for Cisco technical support representatives troubleshooting the switch. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
When you enter the phy or port-asic keywords, the displayed information is useful primarily for Cisco technical support representatives troubleshooting the switch. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Page 388
Deferred frames The number of frames that are not sent after the time exceeds 2*maximum-packet time. MTU exceeded frames The number of frames that are larger than the maximum allowed frame size. 1 collision frames The number of frames that are successfully sent on an interface after one collision occurs.
Page 389
The number of frames that could not be sent on an interface after 16 collisions occur. Late collisions After a frame is sent, the number of frames dropped because late collisions were detected while the frame was sent. VLAN discard frames The number of frames dropped on an interface because the CFI bit is set.
Page 390
The total number of frames received on an interface that have alignment errors. FCS errors The total number of frames received on an interface that have a valid length (in bytes) but do not have the correct FCS values. Oversize frames The number of frames received on an interface that are larger than the maximum allowed frame size.
Page 391
Field Description System FCS error frames The total number of frames received on an interface that have a valid length (in bytes) but that do not have the correct FCS values. RxPortFifoFull drop The total number of frames received on an interface that are dropped because the ingress queue frames is full.
Page 392
SneakPortFifoInfo : 00000000 MacInfo : 0EC0801C 00000001 0EC0801B 00000001 00C0001D 00000001 00C0001E 00000001 <output truncated> This is an example of output from the show controllers ethernet-controller port-asic statistics command: Switch# show controllers ethernet-controller port-asic statistics =========================================================================== PortASIC 0 Statistics ---------------------------------------------------------------------------...
Page 393
<output truncated> Related Commands Command Description show controllers Displays the state of the CPU network ASIC and send and receive statistics cpu-interface for packets reaching the CPU. show controllers tcam Displays the state of registers for all ternary content addressable memory (TCAM) in the system and for TCAM interface ASICs that are CAM controllers.
Use the show controllers tcam privileged EXEC command to display the state of the registers for all ternary content addressable memory (TCAM) in the system and for all TCAM interface ASICs that are CAM controllers.
Page 395
00000000 00012800 00012900 Related Commands Command Description show controllers Displays the state of the CPU network ASIC and send and receive statistics cpu-interface for packets reaching the CPU. show controllers Displays per-interface send and receive statistics read from the hardware or ethernet-controller the interface internal registers.
12.2(25)EX This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear. Examples This is an example of output from the show controllers utilization command.
Page 397
Transmit Bandwidth Displays the transmitted bandwidth usage of the switch, which is the Percentage Utilization sum of the transmitted traffic on all the ports divided it by the switch transmit capacity. Fabric Percentage Utilization Displays the average of the transmitted and received bandwidth usage of the switch.
Use the show cpu traffic qos user EXEC command to display the Quality of Service (QoS) marking parameters for CPU-generated traffic. show cpu traffic qos [ | {begin | exclude | include} expression]...
Use the show dot1q-tunnel user EXEC command to display information about IEEE 802.1Q tunnel ports. show dot1q-tunnel [interface interface-id] [ | {begin | exclude | include} expression] This command is visible only when the switch is running the metro IP access or metro access image. Syntax Description interface interface-id (Optional) Specify the interface for which to display IEEE 802.1Q tunneling...
This command was introduced. Usage Guidelines If you do not specify a port, global parameters and a summary appear. If you specify a port, details for that port appear. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output appear.
Page 401
= 30 Seconds SuppTimeout = 30 Seconds TxPeriod = 30 Seconds Guest-Vlan This is an example of output from the show dot1x interface interface-id privileged EXEC command: Switch# show dot1x interface gigabitethernet0/1 Supplicant MAC 00d0.b71b.35de AuthSM State = AUTHENTICATED BendSM State...
Page 402
Number of EAPOL frames that have been received and have an unrecognized frame type. RxLenError Number of EAPOL frames that have been received in which the packet body length field is invalid. RxTotal Number of valid EAPOL frames of any type that have been received.
The command output shows the green and yellow states as OK and the red state as FAULTY. If you enter the show env all command on this switch, the command output is the same as the show env temperature status command output.
Page 404
Output are displayed. Examples Displays for the Cisco ME 3400G-12CS or ME 3400 2CS switch are different than those for other Cisco ME 3400 switches. This is an example of output from the show env all command for the Cisco ME 3400G-12CS switch: Switch>...
Page 405
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show env These are examples of output from the show env temperature command for the Cisco ME 3400G-12CS or ME-3400-2CS switch: Switch> show env temperature TEMPERATURE is OK Switch> show env temperature status...
Reason (SFP) interface. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed. Examples This is an example of output from the show errdisable detect command: Switch>...
Page 407
Enabled port vmps Enabled port Though visible in the output, the dtp-flap, ilpower, storm-control, and unicast-flood fields are not valid. Note Related Commands Command Description errdisable detect cause Enables error-disable detection for a specific cause or all causes.
The Flaps column in the display shows how many changes to the state within the specified time interval will cause an error to be detected and a port to be disabled. For example, the display shows that an error will be assumed and the port shut down if three Dynamic Trunking Protocol (DTP)-state (port mode access/trunk) or Port Aggregation Protocol (PAgP) flap changes occur during a 30-second interval, or if 5 link-state (link up/down) changes occur during a 10-second interval.
Page 409
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show errdisable flap-values Related Commands Command Description errdisable detect cause Enables error-disable detection for a specific cause or all causes. show errdisable detect Displays error-disable detection status. show errdisable recovery Displays error-disable recovery timer information.
This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed. A gbic-invalid error-disable reason refers to an invalid small form-factor pluggable (SFP) module interface.
Page 411
Interface Errdisable reason Time left(sec) --------- ----------------- -------------- Gi0/2 link-flap Though visible in the output, the unicast-flood and DTP fields are not valid. Note Related Commands Command Description errdisable recovery Configures the recover mechanism variables. show errdisable detect Displays error-disabled detection status.
In the output, the Passive port list field is displayed only for Layer 3 port channels. This field means that the physical port, which is still not up, is configured to be in the channel group (and indirectly is in the only port channel in the channel group).
Page 413
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show etherchannel Examples This is an example of output from the show etherchannel 1 detail command: Switch> show etherchannel 1 detail Group state = L2 Ports: 2 Maxports = 16...
Page 414
Port-channel Protocol Ports ------+-------------+-----------+---------------------------------------- Po1(SU) LACP Gi0/1(P) Gi0/2(P) This is an example of output from the show etherchannel 1 port-channel command: Switch> show etherchannel 1 port-channel Port-channels in the group: ---------------------- Port-channel: Po1 (Primary Aggregator) ------------ Age of the Port-channel...
[id evc-id | interface interface-id] [detail] [ | {begin | exclude | include} expression] This command is available only if your switch is running the metro IP access or metro access image. Syntax Description id evc-id (Optional) Display EVC information for the specified service.
Page 416
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show ethernet service evc Related Commands Command Description ethernet evc evc-id Defines an EVC and enters EVC configuration mode. Cisco ME 3400 Ethernet Access Switch Command Reference 2-390 OL-9640-07...
Ethernet customer-service instances. show ethernet service instance [id id] [interface interface-id] [detail] [ | {begin | exclude | include} expression] This command is available only if your switch is running the metro IP access or metro access image. Syntax Description id id (Optional) Display information for the specified service-instance identifier, a per-interface service identifier that does not map to a VLAN.
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show ethernet service instance FastEthernet0/11 100-200,1000,1999-4094 FastEthernet0/12 FastEthernet0/12 FastEthernet0/13 FastEthernet0/13 FastEthernet0/13 FastEthernet0/13 FastEthernet0/14 200,222 FastEthernet0/14 FastEthernet0/14 Related Commands Command Description service instance id ethernet Defines an Ethernet service instance and enters Ethernet service configuration mode.
Ethernet customer-service instances for all interfaces or a specified interface. show ethernet service interface [interface-id] [detail] [ | {begin | exclude | include} expression] This command is available only if your switch is running the metro IP access or metro access image. Syntax Description interface-id (Optional) Display service-instance information for the specified interface.
Page 420
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show ethernet service interface Interface: GigabitEthernet0/1 ID: PE2-G101 CE-VLANS: 10,20,30 EVC Map Type: Bundling-Multiplexing Associated EVCs: EVC-ID CE-VLAN WHITE 30 RED 20 BLUE 10 Associated Service Instances: Service-Instance-ID CE-VLAN...
This command was introduced. Usage Guidelines Use this command to display the flow control status and statistics on the switch or for a specific interface. Use the show flowcontrol command to display information about all the switch interfaces. The output from the show flowcontrol command is the same as the output from the show flowcontrol module number command.
Page 422
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show flowcontrol This is an example of output from the show flowcontrol interface interface-id command: Switch> show flowcontrol interface gigabitethernet0/2 Port Send FlowControl Receive FlowControl RxPause TxPause admin oper...
This command applies only to Gigabit Ethernet interfaces and displays information about SFPs inserted in the SFP module slot. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Page 424
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show idprom Embedded PHY : not present SFP presence index SFP iter cnt : 697918 SFP failed oper flag : 0x0 IIC error cnt IIC error dsb cnt IIC max sts cnt...
Page 426
• interfaces on the switch. Entering any other number is invalid. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed. Examples...
Page 427
Chars In Pkts Out Chars Out No traffic sent or received on this interface. <output truncated> This is an example of output from the show interfaces capabilities command for an interface. Switch# show interfaces gigabitethernet0/2 capabilities GigabitEthernet0/2 Model: modell-ic Type:...
Page 428
570800 91731594 Route cache Total 1165354 136205310 570800 91731594 This is an example of partial output from the show interfaces status command. It displays the status of all interfaces. Switch# show interfaces status Port Name Status Vlan Duplex Speed Type...
Page 429
These are examples of output from the show interfaces status command for a specific interface when private VLANs are configured. Port 22 is configured as a private-VLAN host port. It is associated with primary VLAN 20 and secondary VLAN 25.
Page 430
Displays the VLAN ID to which the port is configured. Trunking Native Mode VLAN Lists the VLAN ID of the trunk that is in native mode. Administrative Native VLAN tagging Displays whether or not VLAN tagging is enabled. Administrative private-vlan...
Page 431
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show interfaces This is an example of output from the show interfaces switchport command for a port configured as a private VLAN promiscuous port. The primary VLAN 20 is mapped to secondary VLANs 25, 30 and 35:...
Page 432
When a Flex Link interface goes down (LINK_DOWN), VLANs preferred on this interface are moved to the peer interface of the Flex Link pair. In this example, if interface Gi0/6 goes down, Gi0/8 carries all VLANs of the Flex Link pair.
If you do not enter any keywords, all counters for all interfaces are included. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Page 434
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show interfaces counters This is an example of partial output from the show interfaces counters protocol status command for all interfaces. Switch# show interfaces counters protocol status Protocols allocated:...
This command was introduced. Usage Guidelines In the output for the show interface rep [detail] command, in addition to an Open, Fail, or AP (alternate port) state, the Port Role might show as Fail Logical Open (FailLogOpen) or Fail No Ext Neighbor (FailNoNbr).
Page 436
Open FastEthernet 0/4 INIT_DOWN Fail This is sample output from the show interface rep command when the edge port is configured to have no REP neighbor. Note the asterisk (*) next to Primary Edge. Switch# show interface rep Interface Seg-id Type...
12.2(44)SE The dom-supported-list and threshold-table keywords were added. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed. Examples This is an example of output from the show interfaces interface-id transceiver properties command:...
Page 438
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show interfaces transceivers This is an example of output from the show interfaces interface-id transceiver detail command: Switch# show interfaces gigabitethernet0/3 transceiver detail ITU Channel not available (Wavelength not available), Transceiver is externally calibrated.
Page 439
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show interfaces transceivers This is an example of output from the show interfaces transceiver threshold-table command: Optical Tx Optical Rx Temp Laser Bias Voltage current ------------- ------------- ------ ------------...
If there is no PID, no output appears when you enter the show inventory command. Note Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Use the show ip arp inspection privileged EXEC command to display the configuration and the operating state of dynamic Address Resolution Protocol (ARP) inspection or the status of this feature for all VLANs or for the specified interface or VLAN.
Page 442
-------------- Gi0/1 Untrusted This is an example of output from the show ip arp inspection log command. It shows the contents of the log buffer before the buffers are cleared: Switch# show ip arp inspection log Total Log Buffer Size : 32 Syslog rate : 10 entries per 300 seconds.
Page 443
Mon Mar 1 1993 If the log buffer overflows, it means that a log event does not fit into the log buffer, and the display for the show ip arp inspection log privileged EXEC command is affected. A -- in the display appears in place of all data except the packet count and the time.
Page 444
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show ip arp inspection This is an example of output from the show ip arp inspection vlan 5 command. It shows the configuration and the operating state of dynamic ARP inspection for VLAN 5.
12.2(25)EX This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear. Examples This is an example of output from the show ip dhcp snooping command.
Use the show ip source binding privileged EXEC command to display the dynamically and statically configured bindings in the DHCP snooping binding database. If DHCP snooping is enabled and an interface changes to the down state, the switch does not delete the statically configured bindings.
Page 447
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show ip dhcp snooping binding This example shows how to display the DHCP snooping binding entries for a specific IP address: Switch> show ip dhcp snooping binding 10.1.2.150 MacAddress...
Use the show ip dhcp snooping database user EXEC command to display the status of the DHCP snooping binding database agent. show ip dhcp snooping database [detail] [ | {begin | exclude | include} expression]...
Page 449
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show ip dhcp snooping database Last Succeded Time : None Last Failed Time : 17:14:25 UTC Sat Jul 7 2001 Last Failed Reason : Unable to access URL. Total Attempts...
12.2(37)SE This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear. Examples This is an example of output from the show ip dhcp snooping statistics command: Switch>...
Page 451
Interface is in errdisabled Number of times a packet was received on a port that has been marked as error disabled. This might happen if packets are in the processing queue when a port is put into the error-disabled state and those packets are subsequently processed.
Page 452
DHCP Snooping Statistic Description Interface Down Number of times the packet is a reply to the DHCP relay agent, but the SVI interface for the relay agent is down. This is an unlikely error that occurs if the SVI goes down between sending the client request to the DHCP server and receiving the response.
12.2(25)EX This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed. Examples These are examples of output from the show ip igmp profile privileged EXEC command, with and without specifying a profile number.
Usage Guidelines Use this command to display snooping configuration for the switch or for a specific VLAN. VLAN IDs 1002 to 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in IGMP snooping. Although visible in the output display, output lines for source-only learning are not valid.
Page 455
Source-only learning are not supported, and information appearing for this feature is not valid. Note This is an example of output from the show ip igmp snooping command. It displays snooping characteristics for all VLANs on the switch. Switch> show ip igmp snooping...
Usage Guidelines Use this command to display multicast information or the multicast table. VLAN IDs 1002 to 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in IGMP snooping. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Page 457
224.1.4.3 igmp Gi0/1, Gi0/2 This is an example of output from the show ip igmp snooping groups count command. It displays the total number of multicast groups on the switch. Switch# show ip igmp snooping groups count Total number of multicast groups: 2 This is an example of output from the show ip igmp snooping groups dynamic command.
Usage Guidelines Use this command to display multicast router ports on the switch or for a specific VLAN. VLAN IDs 1002 to 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in IGMP snooping. When multicast VLAN registration (MVR) is enabled, the show ip igmp snooping mrouter command displays MVR multicast router information and IGMP snooping information.
Page 459
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show ip igmp snooping mrouter Related Commands Command Description ip igmp snooping Enables and configures IGMP snooping on the switch or a VLAN. ip igmp snooping vlan mrouter Adds a multicast router port to a multicast VLAN.
The show ip igmp snooping querier command output also shows the VLAN and interface on which the querier was detected. If the querier is the switch, the output shows the Port field as Router. If the querier is a router, the output shows the port number on which the querier is learned in the Port field.
Page 461
IP Address IGMP Version Port --------------------------------------------------- 172.20.50.11 Gi0/1 172.20.40.20 Router This is an example of output from the show ip igmp snooping querier detail command: Switch> show ip igmp snooping querier detail Vlan IP Address IGMP Version Port ------------------------------------------------------------- 1.1.1.1...
Use the show ip source binding user EXEC command to display the IP source bindings on the switch. show ip source binding [ip-address] [mac-address] [dhcp-snooping | static] [vlan vlan-id] [interface interface-id] [ | {begin | exclude | include} expression]...
VLANs 10 to 20. For VLAN 10, IP source guard with IP address filtering is configured on the interface, and a binding is on the interface. For VLANs 11 to 20, the second entry shows that a default port access control list (ACL) is applied on the interface for the VLANs on which IP source guard is not configured.
Page 464
• enabled, and static IP source bindings are configured on VLANs 10 and 11. For VLANs 12 to 20, the default port ACL is applied on the interface for the VLANs on which IP source guard is not configured. On the Fast Ethernet 0/5 interface, IP source guard with source IP and MAC address filtering is •...
{mcast {appclass | groups | status} | nodes | ports [open] | queue | rpc | session {all | rx | tx} [verbose] | status [cumlulative] | zones} [ | {begin | exclude | include} expression] This command is available only if your switch is running the metro IP access image.
Page 466
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show ipc Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear. Examples This example shows how to display the IPC routing status: Switch>...
Page 467
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show ipc This example shows how to display the contents of the IPC retransmission queue: Switch> show ipc queue There are 0 IPC messages waiting for acknowledgement in the transmit queue.
Page 468
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show ipc Total via Unreliable Connection-Less Service 12783 Total via Unreliable Sequenced Connection-Less Svc Total via Reliable Connection-Oriented Service <output truncated> Related Commands Command Description clear ipc Clears the IPC multicast routing statistics.
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show ipv6 access-list show ipv6 access-list Use the show ipv6 access-list user EXEC command to display the contents of all current IPv6 access lists. show ipv6 access-list [access-list-name] Note This command is available only if you have configured a dual IPv4 and IPv6 Switch Database Management (SDM) template on the switch.
Page 470
Table 2-15 show ipv6 access-list Field Descriptions (continued) Field Description bgp (matches) Border Gateway Protocol. The protocol type that the packet is equal to and the number of matches. sequence 10 Sequence in which an incoming packet is compared to lines in an access list.
DECLINE message. If an address conflict is detected, the address is removed from the pool, and the address cannot be assigned until it is removed from the conflict list.
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show ipv6 route updated show ipv6 route updated Use the show ipv6 route updated user EXEC command to display the current contents of the IPv6 routing table. show ipv6 route [protocol] updated [boot-up] {hh:mm | day{month [hh:mm]} [{hh:mm |...
Page 473
B - BGP, R - RIP, I1 - ISIS L1, I2 - ISIS L2 IA - ISIS interarea, IS - ISIS summary O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2...
This command was introduced. Usage Guidelines After enabling Layer 2 protocol tunneling on an access port, a trunk port, or an IEEE 802.1Q tunnel port by using the l2protocol-tunnel interface configuration command, you can configure some or all of these...
Page 475
242500 lacp ---- 485320 udld ---- 44899 448980 This is an example of output from the show l2protocol-tunnel summary command: Switch> show l2protocol-tunnel summary COS for Encapsulated Packets: 5 Drop Threshold for Encapsulated Packets: 0 Port Protocol Shutdown Drop Status...
You can enter the channel-group-number option to specify a channel group for all keywords except sys-id. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Page 477
• LACP Port Priority Port priority setting. LACP uses the port priority to put ports s in standby mode when there is a hardware limitation that prevents all compatible ports from aggregating. Cisco ME 3400 Ethernet Access Switch Command Reference...
Page 478
The administrative key defines the ability of a port to aggregate with other ports. A port’s ability to aggregate with other ports is determined by the port physical characteristics (for example, data rate and duplex capability) and configuration restrictions that you establish.
Page 479
Switch> show lacp sys-id 32765,0002.4b29.3a00 The system identification is made up of the system priority and the system MAC address. The first two bytes are the system priority, and the last six bytes are the globally administered individual MAC address associated to the system.
Use the show link state group global configuration command to display the link-state group information. show link state group [number] [detail] [ | {begin | exclude | include} expression] This command is available only if your switch is running the metro IP access or metro access image. Syntax Description number (Optional) Number of the link-state group.
Page 481
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show link state group This is an example of output from the show link state group detail command: Switch> show link state group detail (Up):Interface up (Dwn):Interface Down (Dis):Interface disabled...
Usage Guidelines Use the show location command to display location information for an endpoint. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Page 483
City : San Jose State : CA Country : US This is an example of output from the show location civic-location command that displays all the civic location information: Switch> show location civic-location static Civic location information -------------------------- Identifier County...
Page 484
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show location This is an example of output from the show location elin static command that displays all emergency location information: Switch> show location elin static Elin location information...
12.2(25)EX This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear. Examples This is an example of output from the show mac-access group user EXEC command. In this display, Fast Ethernet interface 0/2 has the MAC access list macl_e1 applied to inbound traffic;...
Page 486
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show mac access-group This is an example of output from the show mac access-group interface fastethernet0/1 command: Switch# show mac access-group interface fastethernet0/1 Interface FastEthernet0/1: Inbound access-list is macl_e1...
Use the show mac address-table user EXEC command to display a specific MAC address table static and dynamic entry or the MAC address table static and dynamic entries on a specific interface or VLAN. show mac address-table [ | {begin | exclude | include} expression]...
Page 488
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show mac address-table Related Commands Command Description clear mac address-table dynamic Deletes from the MAC address table a specific dynamic address, all dynamic addresses on a particular interface, or all dynamic addresses on a particular VLAN.
12.2(25)EX This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear. Examples This is an example of output from the show mac address-table address command: Switch# show mac address-table address 0002.4b28.c482...
Page 490
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show mac address-table address Related Commands Command Description show mac address-table aging-time Displays the aging time in all VLANs or the specified VLAN. show mac address-table count Displays the number of addresses present in all VLANs or the specified VLAN.
Use the show mac address-table aging-time user EXEC command to display the aging time of a specific address table instance, all address table instances on a specified VLAN or, if a specific VLAN is not specified, on all VLANs.
Page 492
Command Description mac address-table aging-time Sets the length of time that a dynamic entry remains in the MAC address table after the entry is used or updated. show mac address-table address Displays MAC address table information for the specified MAC address.
If no VLAN number is specified, the address count for all VLANs appears. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Page 494
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show mac address-table count Related Commands Command Description show mac address-table address Displays MAC address table information for the specified MAC address. show mac address-table aging-time Displays the aging time in all VLANs or the specified VLAN.
12.2(25)EX This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear. Examples This is an example of output from the show mac address-table dynamic command: Switch>...
Page 496
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show mac address-table dynamic Related Commands Command Description clear mac address-table dynamic Deletes from the MAC address table a specific dynamic address, all dynamic addresses on a particular interface, or all dynamic addresses on a particular VLAN.
12.2(25)EX This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear. Examples This is an example of output from the show mac address-table interface command: Switch>...
Page 498
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show mac address-table interface Related Commands Command Description show mac address-table address Displays MAC address table information for the specified MAC address. show mac address-table aging-time Displays the aging time in all VLANs or the specified VLAN.
VLANs or the specified VLAN. show mac address-table learning [vlan vlan-id] [ | {begin | exclude | include} expression] This command is available only when the switch is running the metro IP access or metro access image. Syntax Description vlan vlan-id (Optional) Display information for a specific VLAN.
[ | {begin | exclude | include} expression] This command is available only when the switch is running the metro IP access or metro access image. Syntax Description | begin (Optional) Display begins with the line that matches the expression.
Page 501
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show mac address-table move update Related Commands Command Description clear mac address-table move Clears the MAC address-table move update counters. update mac address-table move update Configures MAC address-table move update on the switch.
MAC notification interval, the maximum number of entries allowed in the history table, and the history table contents. Use the interface keyword to display the flags for all interfaces. If the interface-id is included, only the flags for that interface appear.
Page 503
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show mac address-table notification Operation: Added Vlan: 2 MAC Addr: 0000.0000.0001 Module: 0 Port: 1 History Index 1, Entry Timestamp 1038254, Despatch Timestamp 1038254 MAC Changed Message : Operation: Added Vlan: 2 MAC Addr: 0000.0000.0000 Module: 0...
12.2(25)EX This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear. Examples This is an example of output from the show mac address-table static command: Switch>...
Page 505
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show mac address-table static Related Commands Command Description mac address-table static Adds static addresses to the MAC address table. mac address-table static drop Enables unicast MAC address filtering and configures the switch to drop traffic with a specific source or destination MAC address.
12.2(25)EX This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear. Examples This is an example of output from the show mac address-table vlan 1 command: Switch>...
Page 507
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show mac address-table vlan Related Commands Command Description show mac address-table address Displays MAC address table information for the specified MAC address. show mac address-table aging-time Displays the aging time in all VLANs or the specified VLAN.
(SPAN) and Remote SPAN (RSPAN) sessions on the switch. Use the command with keywords to show a specific session, all sessions, all local sessions, or all remote sessions. show monitor [session {session_number | all | local | range list | remote} [detail]] [ | {begin | exclude | include} expression]...
Page 509
:Remote Source Session Source Ports: Source VLANs: TX Only: Both: Dest RSPAN VLAN: This is an example of output for the show monitor user EXEC command for RSPAN source session 1: Switch# show monitor session 1 Session 1 --------- Type :Local Session...
MVR Global query response time: 5 (tenths of sec) MVR Mode: compatible In the preceding display, the maximum number of multicast groups is fixed at 256. The MVR mode is either compatible (for interoperability with Catalyst 2900 XL and Catalyst 3500 XL switches) or dynamic (where operation is consistent with IGMP snooping operation and dynamic MVR membership on source ports is supported).
Page 511
Displays all ports that are members of an MVR multicast group or, if there are no members, means the group is inactive. Cisco ME 3400 Ethernet Access Switch Command Reference...
The Mode and VLAN fields were added to the output display. Usage Guidelines If the entered port identification is a non-MVR port or a source port, the command returns an error message. For receiver ports, it displays the port type, per port status, and Immediate-Leave setting.
Page 513
------- --------------- Fa0/10 RECEIVER Trunk ACTIVE/DOWN DISABLED This is an example of output from the show mvr interface fastethernet0/1 command. In this example, the port is not an MVR member: switch# show mvr interface fa0/1 Port Type Mode VLAN Status...
Use the show mvr members privileged EXEC command to display all receiver and source ports that are currently members of an IP multicast group. show mvr members [ip-address] [ | {begin | exclude | include} expression]...
Page 515
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show mvr members This is an example of output from the show mvr members 239.255.0.2 command. It shows how to view the members of the IP multicast group 239.255.0.2: Switch# show mvr members 239.255.0.2...
You can enter any show pagp command to display the active channel-group information. To display the nonactive information, enter the show pagp command with a channel-group number. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output are appear.
Page 517
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show pagp This is an example of output from the show pagp 1 internal command: Switch> show pagp 1 internal Flags: S - Device is sending Slow hello. C - Device is in Consistent state.
12.2(25)EX This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear. Examples This is a partial output example from the show parser macro command:...
Page 519
Related Commands Command Description macro apply Applies a macro on an interface or applies and traces a macro on an interface. macro description Adds a description about the macros that are applied to an interface. macro global Applies a macro on a switch or applies and traces a macro on a switch.
12.2(25)EX This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed. Examples This is an example of output from the show policer aggregate command: Switch>...
This command displays policer information that applies to UNIs and ENIs on the switch. Rate-limiting and policers are the same on both port types, except on ENIs on which a Layer 2 control protocol (CDP, STP, LLDP, LACP, or PAgP) has been enabled.
Page 522
Policer rate: 160000 bps In frames: 48014 Drop frames: 28630 This is an example of output from the show policer cpu uni-eni rate command when the default rate is used. Switch> show policer cpu uni-eni rate CPU UNI/ENI port police rate = 160000 bps This is an example of the show command output when CPU protection is disabled.
Page 523
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show policer cpu uni-eni Related Commands Command Description policer cpu uni Configures a CPU policer threshold rate for the switch or enables or disables CPU protection. show platform policer cpu Displays allocated policer indexes and the corresponding features for all ports or the specified port.
12.2(25)EX This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear. Examples This is an example of output from the show policy-map command: Switch>...
Page 525
Class ip1 police cir 20000000 bc 625000 conform-action transmit exceed-action drop This is an example of output from the show policy-map interface command for an interface with a two-level output policy map applied: Switch> show policy-map interface fastethernet0/3 FastEthernet0/3 Service-policy output: top2...
Page 526
200562 packets Match: any 56 packets Output Queue: Tail Packets Drop: 191028 This is an example of output from the show policy-map interface command for an interface with an input policy applied: Switch> show policy-map interface gigabitethernet0/1 GigabitEthernet0/1 Service-policy input: pin-police...
Page 527
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show policy-map Table 2-18 describes the fields in the show policy-map interface display. The fields in the table are grouped according to the relevant QoS feature. Table 2-18 show policy-map interface Field Descriptions...
If you enter the vlan keyword, the command displays the configured maximum and the current number of secure MAC addresses for all VLANs on the interface. This option is visible only on interfaces that have the switchport mode set to trunk.
Page 529
---- ----- ------------- 0006.0700.0800 SecureConfigured Gi0/2 ------------------------------------------------------------------- Total Addresses: 1 This is an example of output from the show port-security interface interface-id vlan command: Switch# show port-security interface gigabitethernet0/2 vlan Default maximum:not set, using 5120 VLAN Maximum Current default default...
Page 530
Deletes from the MAC address table a specific type of secure address or all the secure addresses on the switch or an interface. switchport port-security Enables port security on a port, restricts the use of the port to a user-defined group of stations, and configures secure MAC addresses.
Usage Guidelines If you enter the command without keywords, the output includes the interface type information for all ports on the switch. If you specify the port type (eni, nni, or uni), the output includes information for the specified port type.
Page 532
Fa0/24 User Network Interface (uni) Gi0/1 Network Node Interface (nni) Gi0/2 Network Node Interface (nni) This is an example of output from the show port-type command using keywords: Switch# show port-type nni | exclude Gigabitethernet0/1 Port Name Vlan Port Type...
Usage Guidelines In the show rep topology command output, ports configured as edge no-neighbor are designated with an asterisk (*) in front of Pri or Sec. In the output of the show rep topology detail command, No-Neighbor is spelled out.
Page 534
Gi1/1/2 Open sw2_multseg_3750 Gi1/1/1 Open sw1_multseg_3750 Gi1/1/2 Open This is a sample output from the show rep topology command when the edge ports are configured to have no REP neighbor: Switch # show rep topology REP Segment 2 BridgeName PortName...
Page 535
Enables REP on an interface and assigns a segment ID. This command is also used to configure a port as an edge port, a primary edge port, or a preferred port. Cisco ME 3400 Ethernet Access Switch Command Reference...
When you change the SDM template by using the sdm prefer global configuration command, you must reload the switch for the configuration to take effect. If you enter the show sdm prefer command before you enter the reload privileged EXEC command, the show sdm prefer command shows the template currently in use and the template that will become active after a reload.
Page 537
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show sdm prefer Examples This is an example of output from the show sdm prefer command, displaying the template in use: Switch# show sdm prefer The current template is ''layer-2'' template.
Page 539
• instance-id—You can specify a single instance ID, a range of IDs separated by a hyphen, or a series of IDs separated by a comma. The range is 1 to 4094. The display shows the number of currently configured instances.
Page 540
If the vlan-id variable is omitted, the command applies to the spanning-tree instance for all VLANs. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Page 541
Number of transitions to forwarding state: 1 Link type is point-to-point by default BPDU: sent 0, received 72364 <output truncated> This is an example of output from the show spanning-tree interface interface-id command: Switch# show spanning-tree interface gigabitethernet0/1 Vlan Role Sts Cost Prio.Nbr Type...
Page 542
Instance Vlans Mapped -------- ------------------ 1-9,21-4094 10-20 ---------------------------- This is an example of output from the show spanning-tree mst configuration digest command: Switch# show spanning-tree mst configuration % Switch is not in mst mode Name Revision Instances configured 1 Digest...
Page 543
Sets the path cost for spanning-tree calculations. spanning-tree extend system-id Enables the extended system ID feature. spanning-tree guard Enables the root guard or the loop guard feature for all the VLANs associated with the selected interface. spanning-tree link-type Overrides the default link-type setting for rapid spanning-tree transitions to the forwarding state.
When you enter an interface-id, the storm control thresholds appear for the specified interface. If you do not enter an interface-id, settings appear for one traffic type for all ports on the switch. If you do not enter a traffic type, settings appear for broadcast storm control.
Page 545
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show storm-control This is an example of output from the show storm-control command for a specified interface. Because no traffic-type keyword was entered, the broadcast storm control settings appear.
This command was introduced. Usage Guidelines If you have used the system mtu or system mtu jumbo global configuration command to change the MTU setting, the new setting does not take effect until you reset the switch. The system MTU refers to ports operating at 10/100 Mbps; the system jumbo MTU refers to Gigabit ports;...
12.2(25)EX This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed. Examples This is an example of output from the show table-map command: Switch>...
Page 548
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show table-map This is an example of output from the show table-map command for a specific table map name: Switch> show table-map tm Table Map tm from 1 to 62...
If you do not enter an interface-id, administrative and operational UDLD status for all interfaces appear. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Page 550
Operational state that shows whether UDLD is actually running on this port. Current bidirectional state The bidirectional state of the link. An unknown state appears if the link is down or if it is connected to an UDLD-incapable device. A bidirectional state appears if the link is a normal two-way connection to a UDLD-capable device.
Page 551
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show udld Related Commands Command Description udld Enables aggressive or normal mode in UDLD or sets the configurable message timer time. udld port Enables UDLD on an individual interface or prevents a fiber-optic interface from being enabled by the udld global configuration command.
12.2(25)EX This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear. Examples This is an example of output from the show version command:...
Page 553
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands show version The password-recovery mechanism is enabled. 512K bytes of flash-simulated non-volatile configuration memory. Base ethernet MAC Address : 00:0B:FC:FF:32:80 Power supply part number : 341-0149-01 Motherboard serial number...
VLAN (if the VLAN ID or name is specified) on the switch. show vlan [access-map | brief | dot1q tag native | filter | id vlan-id | internal usage | mtu | name vlan-name | private-vlan [type] | remote-span | summary | uni-vlan [type]] [ | {begin |...
Page 555
VLAN have the same MTU. When yes appears in this column, it means that the VLAN has ports with different MTUs. Packets that are switched from a port with a larger MTU to a port with a smaller MTU might be dropped. If the VLAN does not have a switch virtual interface (SVI), the hyphen (-) symbol appears in the SVI_MTU column.
Page 556
Displays any configured UNI-ENI VLANs, the type (community or isolated), and the ports that belong to it. This is an example of output from the show vlan dot1q tag native command: Switch> show vlan dot1q tag native dot1q native vlan tagging is disabled...
Page 557
Fa0/13, Fa0/20, Fa0/21, Gi0/1, community Fa0/13, Fa0/20, Fa0/23, Fa0/33. Gi0/1, non-operational 2000 2500 isolated Fa0/5, Fa0/10, Fa0/15 This is an example of output from the show vlan private-vlan type command: Switch> show vlan private-vlan type Vlan Type ---- ----------------- primary isolated community normal This is an example of output from the show vlan uni-vlan type command: Switch>...
Page 558
This is an example of output from the show vlan internal usage command. It shows that VLANs 1025 and 1026 are being used as internal VLANs for Fast Ethernet routed ports 23 and 24. If you want to use one of these VLAN IDs, you must first shut down the routed port, which releases the internal VLAN, and then create the extended-range VLAN.
12.2(25)EX This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear. Examples This is an example of output from the show vlan access-map command: Switch# show vlan access-map Vlan access-map "SecWiz"...
12.2(25)EX This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear. Examples This is an example of output from the show vlan filter command:...
12.2(25)EX This command was introduced. Usage Guidelines Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear. Examples This is an example of output from the show vmps statistics command.
Page 562
Number of times the VMPS is unable to answer the request because of a resource availability problem. Resource If the retry limit has not yet been reached, the client repeats the request with the same server or with the next alternate server, depending on whether the per-server retry count has been reached.
Network node interfaces (NNIs) are enabled by default. The no shutdown command has no effect if the port is a static-access port assigned to a VLAN that has been deleted, suspended, or shut down. The port must first be a member of an active VLAN before it can be re-enabled.
Syntax Description vlan-id ID of the VLAN to be locally shut down. The range is 2 to 1001. VLANs defined as default VLANs (1 and 1002 to 1005), as well as extended-range VLANs (greater than 1005) cannot be shut down.
Use the small-frame violation rate pps interface configuration command to configure the rate (threshold) for an interface to be error disabled when it receives VLAN-tagged packets that are small frames (67 bytes or less) at the specified rate. Use the no form of this command to return to the default setting.
Page 566
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands small-frame violation rate Related Commands Command Description errdisable detect cause small-frame Allows any switch port to be put into the error-disabled state if an incoming frame is smaller than the minimum size and arrives at the specified rate (threshold).
Use the snmp mib rep trap-rate global configuration command to configure the sending of Resilient Ethernet Protocol (REP) SNMP traps when there is a link operational status or port role change. Use the no version of the command to disable sending of the REP trap.
Page 569
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands snmp-server enable traps dot1x [auth-fail-vlan | (Optional) Enable IEEE 802.1x traps. The keywords have these meanings: guest-vlan | auth-fail-vlan—(Optional) Generate a trap when the port moves to the •...
Page 570
(Optional) Enable storm-control traps. Use the trap-rate keyword to set the trap-rate value maximum number of storm-control traps sent per minute. The range is from 0 to 1000; the default is 0 (no limit is imposed; a trap is sent at every storm-control occurrence). stpx [inconsistency] (Optional) Enable SNMP STPX MIB traps.
Page 571
When supported, use the snmp-server enable traps command to enable sending of traps or informs. Informs are not supported in SNMPv1. Note To enable more than one type of trap, you must enter a separate snmp-server enable traps command for each trap type. Examples...
Page 573
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands snmp-server host notification-type (Optional) Type of notification to be sent to the host. If no type is specified, all notifications are sent. The notification type can be one or more of the these keywords:...
Page 574
Defaults This command is disabled by default. No notifications are sent. If you enter this command with no keywords, the default is to send all trap types to the host. No informs are sent to this host. If no version keyword is present, the default is Version 1.
Page 575
The community string is defined as comaccess: Switch(config)# snmp-server enable traps Switch(config)# snmp-server host myhost.cisco.com comaccess snmp This example shows how to enable the switch to send all traps to the host myhost.cisco.com by using the community string public: Switch(config)# snmp-server enable traps Switch(config)# snmp-server host myhost.cisco.com public...
Examples This example shows how to enable the MAC notification trap when a MAC address is added to a port: Switch(config)# interface gigabitethernet0/2 Switch(config-if)# snmp trap mac-notification added You can verify your settings by entering the show mac address-table notification interface privileged EXEC command.
Page 577
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands snmp trap mac-notification Related Commands Command Description clear mac address-table notification Clears the MAC address notification global counters. mac address-table notification Enables the MAC address notification feature. show mac address-table notification...
This command is supported only on ENIs and on EtherChannel port channels that contain ENIs. STP is not supported on user network interfaces (UNIs) and it is disabled by default on ENIs. Use this command to enable SPT on an ENI. To set a port as an ENI, enter the port-type eni interface configuration command.
Page 579
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands spanning-tree Related Commands Command Description show spanning-tree interface Display spanning-tree information for the specified interface. interface-id Cisco ME 3400 Ethernet Access Switch Command Reference 2-553 OL-9640-07...
Spanning Tree Protocol (STP) is not supported on user network interfaces (UNIs). You can configure BPDU filtering only on NNIs or on ENIs on which STP has been enabled. To set a port as an NNI or ENI, enter the port-type {nni | eni} interface configuration command. To enable STP on an ENI, enter the spanning-tree interface configuration command.
Page 581
Port Fast-enabled STP ports or enables the Port Fast feature on all nontrunking STP ports. spanning-tree portfast (interface Enables the Port Fast feature on an STP port and all its associated configuration) VLANs. Cisco ME 3400 Ethernet Access Switch Command Reference...
Spanning Tree Protocol (STP) is not supported on user network interfaces (UNIs). You can configure BPDU guard only on NNIs or on ENIs on which STP has been enabled. To set a port as an NNI or ENI, enter the port-type {nni | eni} interface configuration command. To enable STP on an ENI, enter the spanning-tree interface configuration command.
Page 583
Port Fast-enabled STP ports or enables the Port Fast feature on all nontrunking STP ports. spanning-tree portfast (interface Enables the Port Fast feature on an STP port and all its associated configuration) VLANs. Cisco ME 3400 Ethernet Access Switch Command Reference...
(ENI) with STP enabled to set the path cost for spanning-tree calculations. If a loop occurs, spanning tree considers the path cost when selecting an interface to place in the forwarding state. Use the no form of this command to return to the default setting.
Page 585
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands spanning-tree cost This example shows how to set a path cost to 300 for VLANs 10, 12 to 15, and 20: Switch(config-if)# spanning-tree vlan 10,12-15,20 cost 300 You can verify your settings by entering the show spanning-tree interface interface-id privileged EXEC command.
(NNIs) or enhanced network interfaces (ENIs) on which STP has been enabled. To set a port as an NNI or ENI, enter the port-type {nni | eni} interface configuration command. To enable STP on an ENI, enter the spanning-tree interface configuration command.
Page 587
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands spanning-tree etherchannel guard misconfig Related Commands Command Description errdisable recovery cause Enables the timer to recover from the EtherChannel channel-misconfig misconfiguration error-disable state. show etherchannel summary Displays EtherChannel information for a channel as a one-line summary per channel-group.
If your network consists of switches that do not support the extended system ID and switches that do support it, it is unlikely that the switch with the extended system ID support will become the root switch. The extended system ID increases the switch priority value every time the VLAN number is greater than the priority of the connected switches.
Page 589
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands spanning-tree extend system-id Related Commands Command Description show spanning-tree summary Displays a summary of spanning-tree interface states. spanning-tree mst root Configures the MST root switch priority and timers based on the network diameter.
(blocked) state to prevent the customer’s switch from becoming the root switch or being in the path to the root. The root port provides the best path from the switch to the root switch.
Page 591
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands spanning-tree guard ports. When the switch is operating in MST mode, BPDUs are not sent on nonboundary interfaces if the interface is blocked by loop guard in all MST instances. On a boundary interface, loop guard blocks the interface in all MST instances.
Spanning Tree Protocol (STP) is not supported on user network interfaces (UNIs). You can configure spanning-tree link type only on NNIs or on ENIs on which STP has been enabled. To set a port as an NNI or ENI, enter the port-type {eni | nni} interface configuration command. To enable STP on an ENI, enter the spanning-tree interface configuration command.
Page 593
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands spanning-tree link-type Related Commands Command Description clear spanning-tree detected-protocols Restarts the protocol migration process (force the renegotiation with neighboring switches) on all interfaces or on the specified interface. show spanning-tree...
Spanning Tree Protocol (STP) is supported only on NNIs or on ENIs on which STP has been enabled. To set a port as an NNI or ENI, enter the port-type {eni | nni} interface configuration command. To enable STP on an ENI, enter the spanning-tree interface configuration command.
Page 595
Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command. spanning-tree guard loop Enables the loop guard feature on all the VLANs associated with the specified STP port. Cisco ME 3400 Ethernet Access Switch Command Reference 2-569...
Spanning Tree Protocol (STP) is supported on the switch only on network node interfaces (NNIs) or on enhanced network interfaces (ENIs) on which STP has been enabled. To set a port as an NNI or ENI, enter the port-type {eni | nni} interface configuration command. To enable STP on an ENI, enter the spanning-tree interface configuration command.
Page 597
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands spanning-tree mode You can verify your setting by entering the show running-config privileged EXEC command. Related Commands Command Description show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page:...
On the Cisco ME switch, spanning-tree MST configuration is supported only on network node interfaces (NNIs) or on enhanced network interfaces (ENIs) on which STP has been enabled. To set a port as an NNI or ENI, enter the port-type {eni | nni} interface configuration command. To enable STP on an ENI, enter the spanning-tree interface configuration command.
Page 599
VLANs that were previously mapped. To specify a range, use a hyphen; for example, instance 1 vlan 1-63 maps VLANs 1 to 63 to MST instance 1. To specify a series, use a comma; for example, instance 1 vlan 10, 20, 30 maps VLANs 10, 20, and 30 to MST instance 1.
Spanning Tree Protocol (STP) is not supported on user network interfaces (UNIs). You can configure path cost only on NNIs or on ENIs on which STP has been enabled. To set a port as an NNI or ENI, enter the port-type {eni | nni} interface configuration command. To enable STP on an ENI, enter the spanning-tree interface configuration command.
Page 601
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands spanning-tree mst cost Related Commands Command Description show spanning-tree Displays MST information for the specified interface. interface interface-id spanning-tree mst Configures an interface priority. port-priority spanning-tree mst priority Configures the switch priority for the specified spanning-tree instance.
(NNIs) or on enhanced network interfaces (ENIs) on which Spanning-Tree Protocol (STP) has been enabled. To set a port as an NNI or ENI, enter the port-type {nni | eni} interface configuration command. To enable STP on an ENI, enter the spanning-tree interface configuration command.
(NNIs) or on enhanced network interfaces (ENIs) on which Spanning-Tree Protocol (STP) has been enabled. To set a port as an NNI or ENI, enter the port-type {eni | nni} interface configuration command. To enable STP on an ENI, enter the spanning-tree interface configuration command.
Page 604
Sets the interval between messages that the spanning tree receives from the root switch. spanning-tree mst max-hops Sets the number of hops in a region before the BPDU is discarded. Cisco ME 3400 Ethernet Access Switch Command Reference 2-578 OL-9640-07...
Use the spanning-tree mst max-age global configuration command to set the interval between messages that the spanning tree receives from the root switch. If a switch does not receive a bridge protocol data unit (BPDU) message from the root switch within this interval, it recomputes the spanning-tree topology.
Page 606
Sets the interval between hello BPDUs sent by root switch configuration messages. spanning-tree mst max-hops Sets the number of hops in a region before the BPDU is discarded. Cisco ME 3400 Ethernet Access Switch Command Reference 2-580...
User network interfaces (UNIs) do not participate in STP. The root switch of the instance always sends a BPDU (or M-record) with a cost of 0 and the hop count set to the maximum value. When a switch receives this BPDU, it decrements the received remaining hop count by one and propagates the decremented count as the remaining hop count in the generated M-records.
Page 608
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands spanning-tree mst max-hops Related Commands Command Description show spanning-tree Displays MST information. spanning-tree mst forward-time Sets the forward-delay time for all MST instances. spanning-tree mst hello-time Sets the interval between hello BPDUs sent by root switch configuration messages.
Spanning Tree Protocol (STP) is not supported on user network interfaces (UNIs). You can configure spanning-tree MST port priority only on NNIs or on ENIs on which STP has been enabled. To set a port as an ENI or NNI, enter the port-type {eni | nni} interface configuration command. To enable STP on an ENI, enter the spanning-tree interface configuration command.
Page 610
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands spanning-tree mst port-priority Related Commands Command Description show spanning-tree mst interface Displays MST information for the specified interface. interface-id spanning-tree mst cost Sets the path cost for MST calculations.
The port can accept both prestandard and standard BPDUs. If the neighbor types are mismatched, only the common and internal spanning tree (CIST) runs on this interface. If a switch port is connected to a switch running prestandard Cisco IOS software, you must use the Note spanning-tree mst pre-standard interface configuration command on the port.
(NNIs) or on enhanced network interfaces (ENIs) on which STP has been enabled. To set a port as an ENI or NNI, enter the port-type {eni | nni} interface configuration command. To enable STP on an ENI, enter the spanning-tree interface configuration command.
Page 613
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands spanning-tree mst priority Related Commands Command Description show spanning-tree mst instance-id Displays MST information for the specified interface. spanning-tree mst cost Sets the path cost for MST calculations. spanning-tree mst port-priority Configures an interface priority.
Because of the extended system ID support, the switch sets the switch priority for the instance to 24576 if this value will cause Cisco ME 3400 Ethernet Access Switch Command Reference...
Page 615
If any root switch for the specified instance has a switch priority lower than 24576, the switch sets its own priority to 4096 less than the lowest switch priority.
STP is not supported on user network interfaces (UNIs). You can configure spanning-tree port priority only on NNIs or on ENIs on which STP has been enabled. To set a port as an ENI or NNI, enter the port-type {eni | nni} interface configuration command. To enable STP on an ENI, enter the spanning-tree interface configuration command.
Page 617
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands spanning-tree port-priority This example shows how to set the port-priority value on VLANs 20 to 25: Switch(config-if)# spanning-tree vlan 20-25 port-priority 0 You can verify your settings by entering the show spanning-tree interface interface-id privileged EXEC command.
STP is not supported on user network interfaces (UNIs) on the switch. Spanning-tree configuration affects only NNIs or ENIs on which STP has been enabled. To set a port as an ENI or NNI, enter the port-type {eni | nni} interface configuration command. To enable STP on an ENI, enter the spanning-tree interface configuration command.
Page 619
BPDUs. You should globally enable BPDU filtering on a switch so that hosts connected to switch STP ports do not receive BPDUs. If a BPDU is received on a Port Fast-enabled STP port, the interface loses its Port Fast-operational status and BPDU filtering is disabled.
Page 620
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands spanning-tree portfast (global configuration) You can verify your settings by entering the show running-config privileged EXEC command. Related Commands Command Description show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference...
STP is not supported on user network interfaces (UNIs). You can enable the spanning-tree Port Fast feature only on NNIs or on ENIs on which STP has been enabled. To set a port as an NNI or ENI, enter the port-type {nni | eni} interface configuration command. To enable STP on an ENI, enter the spanning-tree interface configuration command.
Page 622
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands spanning-tree portfast (interface configuration) If you configure the spanning-tree portfast default global configuration command, you can disable Port Fast on an STP port that is not a trunk interface by using the spanning-tree portfast disable interface configuration command. Examples...
VLAN range associated with a spanning-tree instance. You can specify a single VLAN identified by VLAN ID number, a range of VLANs separated by a hyphen, or a series of VLANs separated by a comma. The range is 1 to 4094.
Page 624
The VLAN does not detect and prevent loops when STP is disabled. You can disable the STP on a VLAN that is not currently active and verify the change by using the show running-config or the show spanning-tree vlan vlan-id privileged EXEC command. The setting takes effect when the VLAN is activated.
Page 625
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands spanning-tree vlan This example shows how to set the spanning-tree hello-delay time to 3 seconds for VLANs 20 to 24: Switch(config)# spanning-tree vlan 20-24 hello-time 3 This example shows how to set spanning-tree max-age to 30 seconds for VLAN 20:...
Use the speed interface configuration command to specify the speed of a 10/100 Mbps or 10/100/1000 Mbps port. Use the no or default form of this command to return the port to its default value. speed {10 | 100 | 1000 | auto [10 | 100 | 1000] | nonegotiate} no speed For speed configurations restrictions on small form-factor pluggable (SFP) module ports, see the “Usage...
Page 627
(nonegotiate). If the speed is set to auto, the switch negotiates with the device at the other end of the link for the speed setting and then forces the speed setting to the negotiated value. The duplex setting remains as configured on each end of the link, which could result in a duplex setting mismatch.
Use the storm-control interface configuration command to enable broadcast, multicast, or unicast storm control and to set threshold levels on an interface. Use the no form of this command to return to the default setting. storm-control {{broadcast | multicast | unicast} level {level [level-low] | bps bps [bps-low] | pps...
Page 629
The storm-control suppression level can be entered as a percentage of total bandwidth of the port, as a rate in packets per second at which traffic is received, or as a rate in bits per second at which traffic is received.
Page 630
When a storm occurs and the action is to filter traffic, if the falling suppression level is not specified, the switch blocks all traffic until the traffic rate drops below the rising suppression level. If the falling suppression level is specified, the switch blocks traffic until the traffic rate drops below this level.
Use the switchport interface configuration command with no keywords to put an interface that is in Layer 3 mode into Layer 2 mode for Layer 2 configuration. Use the no form of this command to put an interface in Layer 3 mode.
Page 632
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands switchport Related Commands Command Description show interfaces switchport Displays the administrative and operational status of a switching (nonrouting) port, including port blocking and port protection settings. show running-config Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page:...
If the switchport mode is set to access (by using the switchport mode interface configuration command), use this command to set the port to operate as a member of the specified VLAN or to specify that the port uses VLAN Membership Policy Server (VMPS) protocol where VLAN assignment based on the incoming packets it receives.
Page 634
– Monitor ports. Examples This example shows how to change a Layer 2 interface in access mode to operate in VLAN 2 instead of the default VLAN. Switch(config-if)# switchport access vlan 2 You can verify your setting by entering the show interfaces interface-id switchport privileged EXEC command and examining information in the Administrative Mode and Operational Mode rows.
Use the switchport backup interface interface configuration command on a Layer 2 interface on the switch stack or on a standalone switch to configure Flex Links, a pair of interfaces that provide backup to each other. Use the no form of this command to remove the Flex Links configuration.
Page 636
• interface from the active interface. • An interface can belong to only one Flex Link pair. An interface can be a backup link for only one active link. An active link cannot belong to another Flex Link pair. •...
Page 637
When a Flex Link interface goes down (LINK_DOWN), VLANs preferred on this interface are moved to the peer interface of the Flex Link pair. In this example, if interface Gi0/6 goes down, Gi0/8 carries all VLANs of the Flex Link pair.
Page 638
Switch(config)# interface gigabitEthernet 0/11 Switch(config-if)# switchport backup interface gigabitEthernet 0/12 multicast fast-convergence Switch(config-if)# end You can verify your setting by entering the show interfaces switchport backup detail privileged EXEC command. Switch# show interfaces switchport backup detail Switch Backup Interface Pairs:...
If the port is a user network interface (UNI) or enhanced network interface (ENI), you must use the no shutdown interface configuration command to enable it before using the switchport block command.
Page 640
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands switchport block Related Commands Command Description show interfaces switchport Displays the administrative and operational status of a switching (nonrouting) port, including port blocking and port protection settings. Cisco ME 3400 Ethernet Access Switch Command Reference...
This command was introduced. Usage Guidelines To optimize the port for a host connection, the switchport host command sets switch port mode to access, enables spanning tree Port Fast, and disables channel grouping. Only an end station can accept this configuration.
When you enter trunk mode, the interface changes to permanent trunking mode and negotiates to convert the link into a trunk link even if the interface connecting to it does not agree to the change. If you do not intend to trunk across those links, use the switchport mode access interface configuration command to disable trunking.
Page 643
• If an IP ACL is applied to a trunk port in a VLAN that includes tunnel ports, or if a VLAN map is applied to a VLAN that includes tunnel ports, packets received from the tunnel port are treated as non-IP packets and are filtered with MAC access lists.
Page 644
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands switchport mode Related Commands Command Description show interfaces switchport Displays the administrative and operational status of a switching (nonrouting) port, including port blocking and port protection settings. switchport access vlan Configures a port as a static-access or dynamic-access port.
This command was introduced. Usage Guidelines A private-VLAN promiscuous port must be an NNI. To configure a UNI or an ENI as an NNI, enter the port-type nni interface configuration command. A private-VLAN host or promiscuous port cannot be a Switched Port Analyzer (SPAN) destination port.
Page 646
This example shows how to configure an interface as a private-VLAN host port and associate it to primary VLAN 20. The interface is a member of secondary isolated VLAN 501 and primary VLAN 20. When you configure an NNI as a private VLAN host port, you should also enable BPDU guard and Port Note Fast by using the spanning-tree portfast bpduguard default global configuration command and the spanning-tree portfast interface configuration command.
Page 647
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands switchport mode private-vlan Related Commands Command Description private-vlan Configures a VLAN as a community, isolated, or primary VLAN or associates a primary VLAN with secondary VLANs. show interfaces switchport Displays the administrative and operational status of a switching (nonrouting) port, including private VLAN configuration.
Use the keywords to configure secure MAC addresses, sticky MAC address learning, a maximum number of secure MAC addresses, or the violation mode. Use the no form of this command to disable port security or to set the parameters to their default states.
Page 649
This command was introduced. Usage Guidelines If the port is a user network interface (UNI) or enhanced network interface (ENI), you must use the no shutdown interface configuration command to enable it before using the switchport port-security command. UNIs and ENIs are disabled by default. Network node interfaces (NNIs) are enabled by default.
Page 650
A security violation occurs when the maximum number of secure MAC addresses are in the address table and a station whose MAC address is not in the address table attempts to access the interface or when a station whose MAC address is configured as a secure MAC address on another secure port attempts to access the interface.
Page 651
MAC address is not added to the running configuration. Examples This example shows how to enable port security on a port and to set the maximum number of secure addresses to 5. The violation mode is the default, and no secure MAC addresses are configured.
Usage Guidelines To enable secure address aging for a particular port, set the aging time to a value other than 0 for that port. If the port is a user network interface (UNI) or enhanced network interface (ENI), you must use the no shutdown interface configuration command to enable it before using the switchport port-security aging command.
Page 653
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands switchport port-security aging Examples This example sets the aging time as 2 hours for absolute aging for all the secure addresses on the port. Switch(config)# interface gigabitethernet0/1 Switch(config-if)# switchport port-security aging time 120 This example sets the aging time as 2 minutes for inactivity aging type with aging enabled for configured secure addresses on the port.
Use the switchport private-vlan interface configuration command to define a private-VLAN association for an isolated or community port or a mapping for a promiscuous port. Use the no form of this command to remove the private-VLAN association or mapping from the port.
Page 655
A promiscuous port must be an NNI; UNIs or ENIs cannot be configured as promiscuous ports. To configure a port as a UNI, enter the port-type uni interface configuration command. If the port is in private-VLAN host or promiscuous mode but the VLANs do not exist, the command is allowed, but the port is made inactive.
Use the switchport protected interface configuration command to isolate unicast, multicast, and broadcast traffic at Layer 2 from other protected ports on the same switch. Use the no form of this command to disable protection on the port.
Page 657
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands switchport protected Related Commands Command Description show interfaces Displays the administrative and operational status of a switching (nonrouting) switchport port, including port blocking and port protection settings. switchport block Prevents unknown multicast or unicast traffic on the interface.
Use the switchport trunk interface configuration command to set the trunk characteristics when the interface is in trunking mode. Use the no form of this command to reset a trunking characteristic to the default. switchport trunk {allowed vlan vlan-list | native vlan vlan-id}...
Page 659
All untagged traffic received on an IEEE 802.1Q trunk port is forwarded with the native VLAN • configured for the port. If a packet has a VLAN ID that is the same as the sending-port native VLAN ID, the packet is sent • without a tag; otherwise, the switch sends the packet with a tag.
For example, if the red threshold is 66 degrees C and you want to configure the yellow threshold as 51 degrees C, set the difference between the thresholds as 15 by using the system env temperature threshold yellow 15 command.
Page 661
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands system env temperature threshold yellow Related Commands Command Description show env temperature status Displays the switch temperature status and thresholds. Cisco ME 3400 Ethernet Access Switch Command Reference 2-635...
OSPF. Defaults The default MTU size for all ports is 1500 bytes. However, if you configure a different value for the system MTU, that configured value becomes the default MTU size for routed ports when it is applied following a switch reset.
Page 663
When the configuration change takes effect, the routing MTU size defaults to the new system MTU size. If you enter a value that is outside the range for the specific type of switch, the value is not accepted. Note The switch does not support setting the MTU on a per-interface basis.
Page 664
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands system mtu Related Commands Command Description show system mtu Displays the packet size set for Fast Ethernet and Gigabit Ethernet ports. Cisco ME 3400 Ethernet Access Switch Command Reference...
This command was introduced. Usage Guidelines Use this command to specify the name of the table map that you want to create or to modify and to enter table-map configuration mode. You use the table-map command to create a mapping table, which is a type of conversion chart used for establishing a to-from relationship between packet-marking types or categories.
Page 666
You cannot use table maps in output policy maps. Examples This example shows how to create a table map to map DSCP to CoS values, setting those DSCP values that are not mapped to a CoS value of 4: Switch(config)# table-map dscp-to-cos...
Note TDR is supported only on the copper Ethernet 10/100 or 10/100/100 ports on the Cisco ME switch. This includes dual-purpose ports on the ME 3400-12CS or ME 3400-2CS switches that are configured as 10/100/1000 ports by using the RJ-45 connector.
Page 668
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands test cable-diagnostics tdr Related Commands Command Description show cable-diagnostics tdr Displays the TDR results. Cisco ME 3400 Ethernet Access Switch Command Reference 2-642 OL-9640-07...
Layer 2 traceroute is available only on NNIs. Note When the switch detects a device in the Layer 2 path that does not support Layer 2 traceroute, the switch continues to send Layer 2 trace queries and lets them time out.
Page 670
If the source or destination MAC address belongs to multiple VLANs, you must specify the VLAN to which both the source and destination MAC addresses belong. If the VLAN is not specified, the path is not identified, and an error message appears.
Page 671
Gi0/2 [auto, auto] => Fa0/1 [auto, auto] Destination 0000.0201.0201 found on con2[WS-C3550-24] (2.2.2.2) Layer 2 trace completed. This example shows the Layer 2 path when the switch cannot find the destination port for the source MAC address: Switch# traceroute mac 0000.0011.1111 0000.0201.0201 Error:Source Mac address not found.
Layer 2 traceroute is available only on network node interfaces (NNIs). Note When the switch detects an device in the Layer 2 path that does not support Layer 2 traceroute, the switch continues to send Layer 2 trace queries and lets them time out.
Page 673
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands traceroute mac ip If an ARP entry does not exist, the switch sends an ARP query and tries to resolve the IP address. • The IP addresses must be in the same subnet. If the IP address is not resolved, the path is not identified, and an error message appears.
Use the udld global configuration command to enable aggressive or normal mode in the UniDirectional Link Detection (UDLD) and to set the configurable message timer time. Use the no form of the command to disable aggressive or normal mode UDLD on all fiber-optic ports.
Page 675
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands udld The no udld port interface configuration command followed by the udld port or udld port • aggressive interface configuration command to re-enable UDLD on the specified interface •...
To enable UDLD in normal mode, use the udld port interface configuration command. To enable UDLD in aggressive mode, use the udld port aggressive interface configuration command. Use the no udld port command on fiber-optic ports to return control of UDLD to the udld enable global configuration command or to disable UDLD on nonfiber-optic ports.
Page 677
This example shows how to enable UDLD on an port: Switch(config)# interface gigabitethernet0/1 Switch(config-if)# udld port This example shows how to disable UDLD on a fiber-optic interface despite the setting of the udld global configuration command: Switch(config)# interface gigabitethernet0/1 Switch(config-if)# no udld port You can verify your settings by entering the show running-config or the show udld interface privileged EXEC command.
12.2(25)EX This command was introduced. Usage Guidelines If the interface configuration is still enabled for UDLD, these ports begin to run UDLD again and are disabled for the same reason if the problem has not been corrected. Examples This example shows how to reset all interfaces disabled by UDLD: Switch# udld reset 1 ports shutdown by UDLD were reset.
UNI count value greater than the actual number of endpoints, the UNI status shows as partially active even if all endpoints are up. If you enter a UNI count less than the actual number of endpoints, UNI status shows as active, even if all endpoints are not up.
Page 680
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands uni count Examples This example shows how to a UNI count of two with point-to-multipoint service: Switch(config)# ethernet evc test1 Switch(config-evc)# uni count 2 multipoint Related Commands Command Description...
VLAN can exchange packets with one another; UNIs and ENIs in an isolated VLAN cannot exchange packets. Use the no form of this command to return the VLAN to the default UNI-ENI isolated VLAN.
Page 682
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands uni-vlan To change a UNI-ENI isolated VLAN to an RSPAN VLAN or a private VLAN, enter the rspan-vlan or private-vlan VLAN configuration command. This overwrites the default isolated VLAN configuration.
VLAN ID, you receive an error message and do not enter VLAN configuration mode. When you enter the VLAN ID of an existing VLAN, you do not create a new VLAN, but you can modify VLAN parameters for that VLAN. The specified VLANs are added or modified when you exit VLAN configuration mode.
Page 684
1500 to 18190. The default is 1500 bytes. • name vlan-name: names the VLAN with an ASCII string from 1 to 32 characters that must be unique within the administrative domain. The default is VLANxxxx where xxxx represents four numeric digits (including leading zeros) equal to the VLAN ID number.
Page 685
VLAN is translationally bridged. Translational VLANs translate FDDI or Token Ring to Ethernet, for example. The range is 0 to 1005. If no value is specified, 0 (no transitional bridging) is assumed. uni-vlan {community | isolated}: configures the VLAN as a user network interface-enhanced •...
VLAN access-map configuration, where you can use the match access-map configuration command to specify the access lists for IP or non-IP traffic to match and use the action command to set whether a match causes the packet to be forwarded or dropped.
Page 687
For more information about VLAN map entries, see the software configuration guide for this release. Note Examples This example shows how to create a VLAN map named vac1 and apply matching conditions and actions to it. If no other entries already exist in the map, this will be entry 10. Switch(config)# vlan access-map vac1...
Use the vlan dot1q tag native global configuration command to enable tagging of native VLAN frames on all IEEE 802.1Q trunk ports. Use the no form of this command to return to the default setting. vlan dot1q tag native...
Page 689
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands vlan dot1q tag native Related Commands Command Description show vlan dot1q tag native Displays 802.1Q native VLAN tagging status. Cisco ME 3400 Ethernet Access Switch Command Reference 2-663 OL-9640-07...
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands vlan filter vlan filter Use the vlan filter global configuration command to apply a VLAN map to one or more VLANs. Use the no form of this command to remove the map. vlan filter mapname vlan-list {list | all}...
Page 691
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands vlan filter Related Commands Command Description show vlan access-map Displays information about a particular VLAN access map or all VLAN access maps. show vlan filter Displays information about all VLAN filters or about a particular VLAN or VLAN access map.
This example shows how to immediately send VQP queries to the VMPS: Switch# vmps reconfirm You can verify your setting by entering the show vmps privileged EXEC command and examining the VMPS Action row of the Reconfirmation Status section. The show vmps command shows the result of the last time the assignments were reconfirmed either because the reconfirmation timer expired or because the vmps reconfirm command was entered.
(global configuration) Use the vmps reconfirm global configuration command to change the reconfirmation interval for the VLAN Query Protocol (VQP) client. Use the no form of this command to return to the default setting. vmps reconfirm interval no vmps reconfirm...
Use the vmps retry global configuration command to configure the per-server retry count for the VLAN Query Protocol (VQP) client. Use the no form of this command to return to the default setting. vmps retry count no vmps retry...
Use the vmps server global configuration command to configure the primary VLAN Membership Policy Server (VMPS) and up to three secondary servers. Use the no form of this command to remove a VMPS server. vmps server ipaddress [primary]...
Page 696
Chapter 2 Cisco ME 3400 Ethernet Access Switch Cisco IOS Commands vmps server Related Commands Command Description show vmps Displays VQP and VMPS information. Cisco ME 3400 Ethernet Access Switch Command Reference 2-670 OL-9640-07...
During normal boot loader operation, you are not presented with the boot loader command-line prompt. You gain access to the boot loader command line if the switch is set to manually boot, if an error occurs during power-on self-test (POST) DRAM testing, or if an error occurs while loading the operating system (a corrupted Cisco IOS image).
The switch attempts to automatically boot the system by using information in the BOOT environment variable. If this variable is not set, the switch attempts to load and execute the first executable image it can by performing a recursive, depth-first search throughout the flash file system. In a depth-first search of a directory, each encountered subdirectory is completely searched before continuing the search in the original directory.
Page 699
Cisco ME 3400 Ethernet Access Switch Boot Loader Commands boot Related Commands Command Description Sets the BOOT environment variable to boot a specific image when the BOOT keyword is appended to the command. Cisco ME 3400 Ethernet Access Switch Command Reference OL-9640-07...
Appendix A Cisco ME 3400 Ethernet Access Switch Boot Loader Commands Use the cat boot loader command to display the contents of one or more files. cat filesystem:/file-url ... Syntax Description filesystem: Alias for a flash file system. Use flash: for the system board flash device.
Appendix A Cisco ME 3400 Ethernet Access Switch Boot Loader Commands copy copy Use the copy boot loader command to copy a file from a source to a destination. copy [-b block-size] filesystem:/source-file-url filesystem:/destination-file-url Syntax Description -b block-size (Optional) This option is used only for internal development and testing.
Page 702
Appendix A Cisco ME 3400 Ethernet Access Switch Boot Loader Commands delete delete Use the delete boot loader command to delete one or more files from the specified file system. delete filesystem:/file-url ... Syntax Description filesystem: Alias for a flash file system. Use flash: for the system board flash device.
Appendix A Cisco ME 3400 Ethernet Access Switch Boot Loader Commands Use the dir boot loader command to display a list of files and directories on the specified file system. dir filesystem:/file-url ... Syntax Description filesystem: Alias for a flash file system. Use flash: for the system board flash device.
Page 704
Cisco ME 3400 Ethernet Access Switch Boot Loader Commands Table A-1 dir Field Descriptions Field Description Index number of the file. -rwx File permission, which can be any or all of the following: d—directory • r—readable • w—writable • x—executable •...
Usage Guidelines During the normal boot process, the flash file system is automatically initialized. Use this command to manually initialize the flash file system. For example, you use this command during the recovery procedure for a lost or forgotten password.
Appendix A Cisco ME 3400 Ethernet Access Switch Boot Loader Commands format format Use the format boot loader command to format the specified file system and destroy all data in that file system. format filesystem: Syntax Description filesystem: Alias for a flash file system. Use flash: for the system board flash device.
Modification 12.2(25)EX This command was introduced. Usage Guidelines To stop an in-progress file system consistency check, disconnect the switch power and then reconnect the power. Examples This example shows how to perform an extensive file system check on flash memory:...
Boot loader Command History Release Modification 12.2(25)EX This command was introduced. Usage Guidelines You can also use the question mark (?) to display a list of available boot loader commands. Cisco ME 3400 Ethernet Access Switch Command Reference A-12 OL-9640-07...
Text Beginning and ending address of the text storage area. Rotext Beginning and ending address of the read-only text storage area. This part of the data segment is grouped with the Text entry. Data Beginning and ending address of the data segment storage area.
Appendix A Cisco ME 3400 Ethernet Access Switch Boot Loader Commands mkdir mkdir Use the mkdir boot loader command to create one or more new directories on the specified file system. mkdir filesystem:/directory-url ... Syntax Description filesystem: Alias for a flash file system. Use flash: for the system board flash device.
Appendix A Cisco ME 3400 Ethernet Access Switch Boot Loader Commands more more Use the more boot loader command to display the contents of one or more files. more filesystem:/file-url ... Syntax Description filesystem: Alias for a flash file system. Use flash: for the system board flash device.
Usage Guidelines Filenames and directory names are case sensitive. Directory names are limited to 45 characters between the slashes (/); the name cannot contain control characters, spaces, deletes, slashes, quotes, semicolons, or colons. Filenames are limited to 45 characters; the name cannot contain control characters, spaces, deletes, slashes, quotes, semicolons, or colons.
Cisco ME 3400 Ethernet Access Switch Boot Loader Commands reset reset Use the reset boot loader command to perform a hard reset on the system. A hard reset is similar to power-cycling the switch, clearing the processor, registers, and memory. reset Syntax Description This command has no arguments or keywords.
Appendix A Cisco ME 3400 Ethernet Access Switch Boot Loader Commands rmdir rmdir Use the rmdir boot loader command to remove one or more empty directories from the specified file system. rmdir filesystem:/directory-url ... Syntax Description filesystem: Alias for a flash file system. Use flash: for the system board flash device.
Break key on the console. Valid values are 1, yes, on, 0, no, and off. If it is set to 1, yes, or on, you can interrupt the automatic boot process by pressing the Break key on the console after the flash file system has initialized.
Page 716
A variable has no value if it is not listed in this file; it has a value if it is listed in the file even if the value is a null string.
The HELPER_CONFIG_FILE environment variable can also be set by using the boot helper-config-file filesystem:/file-url global configuration command. The boot loader prompt string (PS1) can be up to 120 printable characters except the equal sign (=). Examples This example shows how to change the boot loader prompt:...
Page 718
Appendix A Cisco ME 3400 Ethernet Access Switch Boot Loader Commands type type Use the type boot loader command to display the contents of one or more files. type filesystem:/file-url ... Syntax Description filesystem: Alias for a flash file system. Use flash: for the system board flash device.
Page 719
HELPER_CONFIG_FILE—Resets the name of the configuration file to be used by the Cisco IOS helper image. If this is not set, the file specified by the CONFIG_FILE environment variable is used by all versions of Cisco IOS that are loaded, including the helper image. This variable is used only for internal development and testing.
Page 720
The MANUAL_BOOT environment variable can also be reset by using the no boot manual global configuration command. The BOOT environment variable can also be reset by using the no boot system global configuration command. The ENABLE_BREAK environment variable can also be reset by using the no boot enable-break global configuration command.
Appendix A Cisco ME 3400 Ethernet Access Switch Boot Loader Commands version version Use the version boot loader command to display the boot loader version. version Syntax Description This command has no arguments or keywords. Command Modes Boot loader Command History...
Page 722
Appendix A Cisco ME 3400 Ethernet Access Switch Boot Loader Commands version Cisco ME 3400 Ethernet Access Switch Command Reference A-26 OL-9640-07...
This appendix describes the debug privileged EXEC commands that have been created or changed for use with the Cisco ME 3400 Ethernet Access switch. These commands are helpful in diagnosing and resolving internetworking problems and should be enabled only under the guidance of Cisco technical support staff.
{all | errors | events | vlan-load-balancing} no debug backup {all | errors | events | vlan-load-balancing} This command is available only when the switch is running the metro access or metro IP access image. Syntax Description Display all backup interface debug messages.
Use the debug dot1x privileged EXEC command to enable debugging of the IEEE 802.1x feature. Use the no form of this command to disable debugging. debug dot1x {all | errors | events | packets | registry | state-machine}...
Use the debug etherchannel privileged EXEC command to enable debugging of the EtherChannel/PAgP shim. This shim is the software module that is the interface between the Port Aggregation Protocol (PAgP) software module and the port manager software module. Use the no form of this command to disable debugging.
{all | api | error | evc [id evc-id] | instance [id id interface-id | interface interface-id] | interface [interface-id] | oam-mgr} no debug ethernet service {all | api | error | evc [id evc-id] | instance [id id interface-id | interface interface-id] | interface [interface-id] | oam-mgr} This command is available only if your switch is running the metro IP access or metro access image.
Page 728
Appendix B Cisco ME 3400 Ethernet Access Switch Debug Commands debug ethernet service Related Commands Command Description show debugging Displays information about the types of debugging that are enabled. Cisco ME 3400 Ethernet Access Switch Command Reference OL-9640-07...
{mac-address | agent | event | packet} no debug ip dhcp snooping {mac-address | agent | event | packet} This command is available only when the switch is running the metro access or metro IP access image. Syntax Description mac-address Display debug messages for a DHCP packet with the specified MAC address.
Use the no form of this command to disable debugging. debug ip verify source packet no debug ip verify source packet This command is available only when the switch is running the metro access or metro IP access image. Syntax Description This command has no arguments or keywords.
Cisco ME 3400 Ethernet Access Switch Debug Commands debug interface debug interface Use the debug interface privileged EXEC command to enable debugging of interface-related activities. Use the no form of this command to disable debugging. debug interface {interface-id | null interface-number | port-channel port-channel-number |...
Release Modification 12.2(25)EX This command was introduced. Usage Guidelines The undebug ip igmp filter command is the same as the no debug ip igmp filter command. Related Commands Command Description show debugging Displays information about the types of debugging that are enabled.
Command History Release Modification 12.2(25)EX This command was introduced. Usage Guidelines The undebug ip igmp max-groups command is the same as the no debug ip igmp max-groups command. Related Commands Command Description show debugging Displays information about the types of debugging that are enabled.
Release Modification 12.2(25)EX This command was introduced. Usage Guidelines The undebug ip igmp snooping command is the same as the no debug ip igmp snooping command. Related Commands Command Description debug platform ip Displays information about platform-dependent IGMP snooping activity.
Use the debug lacp privileged EXEC command to enable debugging of Link Aggregation Control Protocol (LACP) activity. Use the no form of this command to disable debugging. debug lacp [all | event | fsm | misc | packet] no debug lacp [all | event | fsm | misc | packet] LACP is available only on network node interfaces (NNIs) and enhanced network interfaces (ENIs).
Cisco ME 3400 Ethernet Access Switch Debug Commands debug mac-notification debug mac-notification Use the debug mac-notification privileged EXEC command to enable debugging of MAC notification events. Use the no form of this command to disable debugging. debug mac-notification no debug mac-notification Syntax Description This command has no arguments or keywords.
Cisco ME 3400 Ethernet Access Switch Debug Commands debug matm debug matm Use the debug matm privileged EXEC command to enable debugging of platform-independent MAC address management. Use the no form of this command to disable debugging. debug matm no debug matm Syntax Description This command has no arguments or keywords.
This command is supported only when the switch is running the metro IP access or metro access image. Syntax Description This command has no arguments or keywords.
Use the debug mvrdbg privileged EXEC command to enable debugging of Multicast VLAN Registration (MVR). Use the no form of this command to disable debugging. debug mvrdbg {all | events | igmpsn | management | ports}...
Cisco ME 3400 Ethernet Access Switch Debug Commands debug nvram debug nvram Use the debug nvram privileged EXEC command to enable debugging of NVRAM activity. Use the no form of this command to disable debugging. debug nvram no debug nvram Syntax Description This command has no arguments or keywords.
Use the debug pagp privileged EXEC command to enable debugging of Port Aggregation Protocol (PAgP) activity. Use the no form of this command to disable debugging. debug pagp [all | event | fsm | misc | packet] no debug pagp [all | event | fsm | misc | packet] PAgP is available only on network node interfaces (NNIs) and enhanced network interfaces (ENIs).
Connectivity Fault Management (CFM) service. Use the no form of this command to disable debugging. debug platform cfm no debug platform cfm This command is supported only when the switch is running the metro IP access or metro access image. Syntax Description This command has no arguments or keywords.
Links platform backup interface. Use the no form of this command to disable debugging. debug platform backup interface no debug platform backup interface This command is supported only when the switch is running the metro access or metro IP access image. Syntax Description This command has no arguments or keywords.
Use the debug platform cpu-queues privileged EXEC command to enable debugging of platform central processing unit (CPU) receive queues. Use the no form of this command to disable debugging. debug platform cpu-queues {broadcast-q | cbt-to-spt-q | cpuhub-q | host-q | icmp-q |...
Page 747
Appendix B Cisco ME 3400 Ethernet Access Switch Debug Commands debug platform cpu-queues Related Commands Command Description show debugging Displays information about the types of debugging that are enabled. Cisco ME 3400 Ethernet Access Switch Command Reference B-25 OL-9640-07...
Cisco ME 3400 Ethernet Access Switch Debug Commands debug platform dot1x debug platform dot1x Use the debug platform dot1x privileged EXEC command to enable debugging of IEEE 802.1x events. Use the no form of this command to disable debugging. debug platform dot1x {initialization | interface-configuration | rpc}...
Command History Release Modification 12.2(25)EX This command was introduced. Usage Guidelines The undebug platform etherchannel command is the same as the no debug platform etherchannel command. Related Commands Command Description show debugging Displays information about the types of debugging that are enabled.
12.2(25)EX This command was introduced. 12.2(50)SE The command was supported in the metro base image. Usage Guidelines The undebug platform ip arp inspection command is the same as the no debug platform ip arp inspection command. Related Commands Command Description show ip arp inspection Displays the dynamic ARP inspection configuration and operating state.
Use the debug platform ip dhcp privileged EXEC command to debug DHCP events. Use the no form of this command to disable debugging. debug platform ip dhcp [all | error | event | packet | rpc]...
{all | di | error | event | group | mgmt | pak | retry | rpc | warn} debug platform ip igmp snooping pak {ip-address | error | ipopt | leave| query | report | rx | svi...
Page 754
Command History Release Modification 12.2(25)EX This command was introduced. Usage Guidelines The undebug platform ip igmp snooping command is the same as the no debug platform ip igmp snooping command. Related Commands Command Description debug ip igmp Displays information about platform-independent IGMP snooping activity.
{acl-full-events | all | mdb | mdfs-rp-retry | midb | mroute-rp | resources | retry | rpf-throttle | snoop-events | software-forward | swidb-events | vlan-locks} This command is available only when the switch is running the metro access or metro IP access image Syntax Description acl-full-events Display IP-multicast output ACL full debug messages.
Page 756
Appendix B Cisco ME 3400 Ethernet Access Switch Debug Commands debug platform ip multicast Related Commands Command Description show debugging Displays information about the types of debugging that are enabled. Cisco ME 3400 Ethernet Access Switch Command Reference B-34 OL-9640-07...
Use the debug platform ip source-guard privileged EXEC command to debug IP source guard events. Use the no form of this command to disable debugging. debug platform ip source-guard {all | error | event}...
| retry | route | rpc | standby | statistics} no debug platform ip unicast {adjacency | all | arp | dhcp | errors | events | interface | mpath | registries | retry | route | rpc | standby | statistics} This command is available only when the switch is running the metro access or metro IP access image.
Page 759
Release Modification 12.2(25)EX This command was introduced. Usage Guidelines The undebug platform ip unicast command is the same as the no debug platform ip unicast command. Related Commands Command Description show debugging Displays information about the types of debugging that are enabled.
{all | init | receive | send | trace} no debug platform {all | init | receive | send | trace} This command is available only when the switch is running the metro access or metro IP access image. Syntax Description Display all platform IPC debug messages.
Release Modification 12.2(25)EX This command was introduced. Usage Guidelines The undebug platform led command is the same as the no debug platform led command. Related Commands Command Description show debugging Displays information about the types of debugging that are enabled.
MAC address management. Use the no form of this command to disable debugging. debug platform matm {aging | all | ec-aging | errors | learning | rpc | secure-address | warnings} no debug platform matm {aging | all | ec-aging | errors | learning | rpc | secure-address |...
Use the debug platform messaging application privileged EXEC command to enable debugging of application messaging activity. Use the no form of this command to disable debugging. debug platform messaging application {all | badpak | cleanup | events | memerr | messages | usererr}...
Page 765
Appendix B Cisco ME 3400 Ethernet Access Switch Debug Commands debug platform phy Usage Guidelines The undebug platform phy command is the same as the no debug platform phy command. Related Commands Command Description show debugging Displays information about the types of debugging that are enabled.
Page 767
Release Modification 12.2(25)EX This command was introduced. Usage Guidelines The undebug platform pm command is the same as the no debug platform pm command. Related Commands Command Description show debugging Displays information about the types of debugging that are enabled.
The command was changed from debug platform policer cpu uni to debug platform policer cpu uni-eni. Usage Guidelines The undebug platform policer cpu uni-eni command is the same as the no debug platform policer cpu uni-eni command. Related Commands Command...
Release Modification 12.2(25)EX This command was introduced. Usage Guidelines The undebug platform port-asic command is the same as the no debug platform port-asic command. Related Commands Command Description show debugging Displays information about the types of debugging that are enabled.
Cisco ME 3400 Ethernet Access Switch Debug Commands debug platform remote-commands debug platform remote-commands Use the debug platform remote-commands privileged EXEC command to enable debugging of remote commands. Use the no form of this command to disable debugging. debug platform remote-commands...
Release Modification 12.2(40)SE This command was introduced. Usage Guidelines The undebug platform rep command is the same as the no debug platform rep command. Related Commands Command Description show debugging Displays information about the types of debugging that are enabled.
Release Modification 12.2(25)EX This command was introduced. Usage Guidelines The undebug platform snmp command is the same as the no debug platform snmp command. Related Commands Command Description show debugging Displays information about the types of debugging that are enabled.
Release Modification 12.2(25)EX This command was introduced. Usage Guidelines The undebug platform span command is the same as the no debug platform span command. Related Commands Command Description show debugging Displays information about the types of debugging that are enabled.
Use the debug platform supervisor-asic privileged EXEC command to enable debugging of the supervisor application-specific integrated circuit (ASIC). Use the no form of this command to disable debugging. debug platform supervisor-asic {all | errors | receive | send}...
Use the debug platform sw-bridge privileged EXEC command to enable debugging of the software bridging function. Use the no form of this command to disable debugging. debug platform sw-bridge {broadcast | control | multicast | packet | unicast}...
{acl {input | output} | local | qos} no debug platform tcam log l3 {acl {input | output} | local | qos | secondary} no debug platform tcam read {reg | ssram | tcam}...
Page 780
TCAM-register write debug messages. tcam—Display TCAM-write debug messages. Though visible in the command-line help strings, the log l3 ipv6 {acl {input | output} | local | qos | Note secondary} keywords are not supported.
Release Modification 12.2(25)EX This command was introduced. Usage Guidelines The undebug platform udld command is the same as the no debug platform udld command. Related Commands Command Description show debugging Displays information about the types of debugging that are enabled.
Use the debug platform vlan privileged EXEC command to enable debugging of the VLAN manager software. Use the no form of this command to disable debugging. debug platform vlan {errors | mvid | rpc}...
Use the no form of this command to disable debugging. debug pm {all | assert | card | cookies | etherchnl | hatable | messages | port | registry | sm | span | split | vlan | vp}...
Page 784
Appendix B Cisco ME 3400 Ethernet Access Switch Debug Commands debug pm Related Commands Command Description show debugging Displays information about the types of debugging that are enabled. Cisco ME 3400 Ethernet Access Switch Command Reference B-62 OL-9640-07...
Use the debug port-security privileged EXEC command to enable debugging of the allocation and states of the port security subsystem. Use the no form of this command to disable debugging. debug port-security no debug port-security Syntax Description This command has no arguments or keywords.
Cisco ME 3400 Ethernet Access Switch Debug Commands debug qos-manager debug qos-manager Use the debug qos-manager privileged EXEC command to enable debugging of the quality of service (QoS) manager software. Use the no form of this command to disable debugging. debug qos-manager {all | event | verbose}...
Use the no form of this command to disable debugging. debug spanning-tree {all | bpdu | bpdu-opt | config | etherchannel | events | exceptions | general | mstp | pvst+ | root | snmp | switch | synchronization}...
Page 789
Command History Release Modification 12.2(25)EX This command was introduced. Usage Guidelines The undebug spanning-tree command is the same as the no debug spanning-tree command. Related Commands Command Description show debugging Displays information about the types of debugging that are enabled.
Use the debug spanning-tree bpdu privileged EXEC command to enable debugging of sent and received spanning-tree bridge protocol data units (BPDUs). Use the no form of this command to disable debugging. debug spanning-tree bpdu [receive | transmit]...
Use the debug spanning-tree bpdu-opt privileged EXEC command to enable debugging of optimized spanning-tree bridge protocol data units (BPDUs) handling. Use the no form of this command to disable debugging. debug spanning-tree bpdu-opt [detail | packet]...
Spanning Tree Protocol (MSTP) software. Use the no form of this command to disable debugging. debug spanning-tree mstp {all | boundary | bpdu-rx | bpdu-tx | errors | flush | init | migration | pm | proposals | region | roles | sanity_check | sync | tc | timers}...
Page 793
Appendix B Cisco ME 3400 Ethernet Access Switch Debug Commands debug spanning-tree mstp Usage Guidelines The undebug spanning-tree mstp command is the same as the no debug spanning-tree mstp command. Related Commands Command Description show debugging Displays information about the types of debugging that are enabled.
Page 795
Appendix B Cisco ME 3400 Ethernet Access Switch Debug Commands debug spanning-tree switch Usage Guidelines The undebug spanning-tree switch command is the same as the no debug spanning-tree switch command. Related Commands Command Description show debugging Displays information about the types of debugging that are enabled.
Use the debug sw-vlan privileged EXEC command to enable debugging of VLAN manager activities. Use the no form of this command to disable debugging. debug sw-vlan {badpmcookies | cfg-vlan {bootup | cli} | events | ifs | management | notification | packets | registries}...
Use the debug sw-vlan notification privileged EXEC command to enable debugging of the activation and deactivation of VLAN IDs. Use the no form of this command to disable debugging. debug sw-vlan notification {accfwdchange | allowedvlancfgchange | fwdchange | linkchange |...
Page 799
Displays information about the types of debugging that are enabled. show vlan Displays the parameters for all configured VLANs or one VLAN (if the VLAN name or ID is specified) in the administrative domain. Cisco ME 3400 Ethernet Access Switch Command Reference...
For debug udld packets, these debugging messages appear: General packet processing program flow on receipt of an incoming packet • Indications of the contents of the various pieces of packets received (such as type length versions • [TLVs]) as they are examined by the packet reception code Packet transmission attempts and the outcome •...
Related Commands Command Description show debugging Displays information about the types of debugging that are enabled. show udld Displays UDLD administrative and operational status for all ports or the specified port. Cisco ME 3400 Ethernet Access Switch Command Reference B-79 OL-9640-07...
Use the debug vqpc privileged EXEC command to enable debugging of the VLAN Query Protocol (VQP) client. Use the no form of this command to disable debugging. debug vqpc [all | cli | events | learn | packet]...
This appendix describes the show platform privileged EXEC commands that have been created or changed for use with the Cisco ME 3400 Ethernet Access switch. These commands display information helpful in diagnosing and resolving internetworking problems and should be used only under the guidance of Cisco technical support staff.
Do not use this command unless a technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Do not use this command unless a technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Ethernet networks. show platform cfm [ | {begin | exclude | include} expression] This command is supported only when the switch is running the metro IP access or metro access image. Syntax Description | begin (Optional) Display begins with the line that matches the expression.
Do not use this command unless a technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Do not use this command unless a technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Do not use this command unless a technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Do not use this command unless a technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Do not use this command unless a technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Internet Group Management Protocol (IGMP) snooping information. show platform ip igmp snooping {all | control [di] | counters | flood [vlan vlan-id] | group ip-address | hardware | retry [count | local [count] | remote [count]]} [ | {begin | exclude | include} expression] Syntax Description Display all IGMP snooping platform IP multicast information.
Page 814
Do not use this command unless a technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Do not use this command unless a technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Page 817
Do not use this command unless a technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Do not use this command unless a technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
| route [ipv6-prefix/prefix length | tcam] [detail] | statistics | table [detail] | trace} [| {begin | exclude | include} expression] This command is available only if the switch is running the metro IP access image and you have Note configured a dual IPv4 and IPv6 Switch Database Management (SDM) template on the switch.
Page 820
Do not use this command unless a technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Do not use this command unless a technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Do not use this command unless a technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Do not use this command unless a technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Do not use this command unless a technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Do not use this command unless a technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Do not use this command unless your technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
27 CPU protection policers, numbered 0 to 26. A policer of 26 means a drop policer; any traffic type shown as 26 on any port is dropped. A policer of a value of 0 to 25 means that a rate-limiting policer is assigned to the port for the control protocol.
Page 829
UNI. Because the port is Fast Ethernet 1, the identifier for rate-limited protocols is 0; a display for Fast Ethernet port 5 would display an identifier of 4. The Policer Index refers to the specific protocol. The ASIC number indicates when the policer is on a different ASIC.
Page 830
This example shows the policers assigned to a ENI when control protocols are enabled on the interface. A value of 22 indicates that protocol packets are rate-limited for that protocol. When the protocol is not enabled, the defaults are the same as for a UNI.
Page 831
Appendix C Cisco ME 3400 Ethernet Access Switch Show Platform Commands show platform policer cpu Related CommandsS Command Description show policer cpu uni-eni Displays control-plane policer information for the switch. Cisco ME 3400 Ethernet Access Switch Command Reference C-29 OL-9640-07...
[asic number | port number [asic number]] | global-status [asic number | port number [asic number]] | learning [asic number | port number [asic number]] | mac-info [asic number | port number [asic number]] | mvid [asic number] |...
Page 833
ASIC. The number is always 0. port number—(Optional) Display information for the • specified port and ASIC number. The range is 0 to 27, where 0 is the supervisor and 1 to 25 are the ports. learning [asic number | port Display entries in the learning cache.
Page 834
ASIC. The number is always 0. port number—(Optional) Display information for the • specified port and ASIC number. The range is 0 to 27, where 0 is the supervisor and 1 to 25 are the ports. prog-parser [asic number | port Display the programmable parser tables.
Page 835
Expression in the output to use as a reference point. Though visible in the command-line help strings, the stack {control | dest-map | learning | messages | Note mvid | prog-parser | span | stats [asic number | port number [asic number]] keywords are not supported.
Do not use this command unless your technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Cisco ME 3400 Ethernet Access Switch Show Platform Commands show platform qos show platform qos Use the show platform qos privileged EXEC command to display platform-dependent quality of service (QoS) information. show platform qos debug [aggregate-policer aggregate-policer-name | global-config |...
Page 838
(Optional) Display excludes lines that match the expression. | include (Optional) Display includes lines that match the specified expression. expression Expression in the output to use as a reference point. Command Modes Privileged EXEC Cisco ME 3400 Ethernet Access Switch Command Reference C-36...
Page 839
Do not use this command unless your technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Page 841
Do not use this command unless your technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Do not use this command unless your technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Do not use this command unless your technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Do not use this command unless a technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Do not use this command unless your technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Use the show platform tcam privileged EXEC command to display platform-dependent ternary content addressable memory (TCAM) driver information. show platform tcam {handle number | log-results | table {acl | all | equal-cost-route | local | mac-address | multicast-expansion | qos | secondary | station | vlan-list} | usage} [asic...
Page 847
(Optional) Display includes lines that match the specified expression. expression Expression in the output to use as a reference point. Though visible in the command-line help strings, the ipv6, multicast-expansion and usage keywords Note are not supported. Command Modes Privileged EXEC...
Page 848
Do not use this command unless your technical support representative asks you to do so. Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
All rights reserved. This software is not subject to any license of the American Telephone and Telegraph Company or of the Regents of the University of California. Permission is granted to anyone to use this software for any purpose on any computer system, and to alter it and redistribute it, subject to the following restrictions: The author is not responsible for the consequences of use of this software, no matter how awful, even if they arise from flaws in it.
Page 859
Index IGMP snooping Internet Group Management Protocol adding ports as a static member of a group See IGMP 2-171 displaying invalid GBIC 2-428, 2-432, 2-434 enabling error detection for 2-158 2-91 enabling the configurable-leave timer 2-160 error recovery timer 2-95...
Page 860
Layer 2 protocol ports, displaying 2-171 2-448 IP multicast addresses 2-254 Layer 2 protocol-tunnel IP precedence, as match criteria for QoS groups error detection for 2-239 2-91 ip source binding command error recovery timer 2-173...
Page 861
2-223 monitor session command 2-250 macro description command more (boot loader) command 2-227 A-15 macro global command 2-228 macro global description command 2-230 macro name command 2-231 Cisco ME 3400 Ethernet Access Switch Command Reference IN-9 OL-9640-07...
Page 866
2-336 show ip dhcp snooping binding command 2-420 set dscp command 2-338 show ip dhcp snooping command 2-419 set precedence command 2-340 show ip dhcp snooping database command 2-422, 2-424 Cisco ME 3400 Ethernet Access Switch Command Reference IN-14 OL-9640-07...
Page 867
2-490 2-507 show parser macro command show sdm prefer command 2-492 2-510 show platform acl command show spanning-tree command 2-512 show platform backup interface command show storm-control command 2-518 Cisco ME 3400 Ethernet Access Switch Command Reference IN-15 OL-9640-07...
Page 869
2-377 shutting down Port Fast-enabled ports 2-592 templates, system resources 2-324 state information display 2-512 test cable-diagnostics tdr command 2-641 VLAN options 2-586, 2-597 traceroute mac command 2-643 Cisco ME 3400 Ethernet Access Switch Command Reference IN-17 OL-9640-07...