Page 1 ProSafe 7300S Managed Switches CLI Manual, Version 8.0 NETGEAR, Inc. 350 East Plumeria Drive San Jose, CA 95134 202-10528-01 July 2009...
Page 2: Statement Of Conditions
In the interest of improving internal design, operational function, and/or reliability, NETGEAR reserves the right to make changes to the products described in this document without notice. NETGEAR does not assume any liability that may occur due to the use or application of the product(s) or circuit layout(s) described herein.
Page 3 Product and Publication Details Model Number: GSM7328S, GSM7352S, GSM7328FS, GSM7328Sv2, and GSM7352Sv2 Publication Date: July 2009 Product Family: managed switch Product Name: ProSafe 7300S Series Layer-3 Managed Stackable Switch Home or Business Product: Business Language: English Publication Part Number: 202-10528-01 Publication Version Number v1.0, July 2009...
Page 4: About This Manual
About This Manual This document describes command-line interface (CLI) commands you use to view and configure 7300S Series Stackable Switch software. You can access the CLI by using a direct connection to the serial port or by using telnet or SSH over a remote network connection. Note: This document contains both standalone and stacking commands.
Page 5: Scope
7300S Managed Switches CLI Manual, Version 8.0 Scope This manual covers the layer 3 managed switches (GSM7328S, GSM7352S, GSM7328FS, GSM7328Sv2, and GSM7352Sv2). Some of the commands described in this manual can only be used on GSM7328Sv2 and GSM7352Sv2 switches. These commands are noted in text. The following figure shows the GSM7328S and GSM7352S switches.
Page 6 Warning: Ignoring this type of note may result in a malfunction or damage to the equipment. Danger: This is a safety warning. Failure to take heed of this notice may result in personal injury or death. For more information about network, Internet, firewall, and VPN technologies, go to: http:// kbserver.netgear.com. v1.0, July 2009...
Page 7: How To Print This Manual
7300S Managed Switches CLI Manual, Version 8.0 How to Print This Manual To print this manual, your computer must have the free Adobe Acrobat reader installed in order to view and print PDF files. The Acrobat reader is available on the Adobe Web site at http://www.adobe.com.
Page 8: Table Of Contents
Contents About This Manual Audience ........................... xi About Managed Switch Software ..................xi Scope ..........................xi Chapter 1 Using the Command-Line Interface Command Syntax ......................1-1 Command Conventions ....................1-2 Common Parameter Values ...................1-3 Unit/Slot/Port Naming Convention ..................1-3 Using the “No” Form of a Command ................1-4 Managed Switch Modules ....................1-5 Command Modes ......................1-5 Command Completion and Abbreviation ................1-9...
Page 9 Managed Switch CLI Manual, Release 8.0 Provisioning (IEEE 802.1p) Commands ...............3-51 Protected Ports Commands ..................3-52 Private Group Commands ....................3-54 GARP Commands ......................3-56 GVRP Commands ......................3-59 GMRP Commands .......................3-61 Port-Based Network Access Control Commands ............3-64 Storm-Control Commands ....................3-78 Port-Channel/LAG (802.3ad) Commands ..............3-90 Port Mirroring ......................3-113 Static MAC Filtering ....................3-115 DHCP Snooping Configuration Commands ...............3-120...
Page 10 Managed Switch CLI Manual, Release 8.0 Chapter 5 IP Multicast Commands Multicast Commands ......................5-1 DVMRP Commands .......................5-7 PIM-DM Commands .....................5-12 PIM-SM Commands .....................5-16 Internet Group Message Protocol (IGMP) Commands ..........5-26 IGMP Proxy Commands ....................5-35 Chapter 6 IPv6 Multicast Commands IPv6 Multicast Forwarder ....................6-2 IPv6 PIM-DM Commands ....................6-4 IPv6 PIM-SM Commands ....................6-8 IPv6 MLD Commands ....................6-16...
Page 11 Managed Switch CLI Manual, Release 8.0 Chapter 9 Utility Commands Auto Install Commands ....................9-2 Dual Image Commands ....................9-4 System Information and Statistics Commands ...............9-6 Logging Commands .....................9-18 System Utility and Clear Commands ................9-24 Simple Network Time Protocol (SNTP) Commands .............9-34 DHCP Server Commands ....................9-40 DNS Client Commands ....................9-55 Packet Capture Commands ..................9-61...
Page 12 Managed Switch CLI Manual, Release 8.0 Switching ........................11-10 QoS ..........................11-16 Routing/IPv6 Routing ....................11-17 Multicast ........................11-21 Stacking ........................11-23 Technologies ......................11-23 O/S Support ........................11-26 Chapter 12 Captive Portal Commands Capitve Portal Global Commands ................12-1 Captive Portal Configuration Commands ..............12-5 Captive Portal Status Commands ................12-14 Captive Portal Client Connection Commands ............12-19 Captive Portal Interface Commands ................12-23 Captive Portal Local User Commands ...............12-24...
Page 13: Using The Command-Line Interface
Chapter 1 Using the Command-Line Interface The command-line interface (CLI) is a text-based way to manage and monitor the system. You can access the CLI by using a direct serial connection or by using a remote logical connection with telnet or SSH. This chapter describes the CLI syntax, conventions, and modes.
Page 14: Command Conventions
Managed Switch CLI Manual, Release 8.0 • network parms is the command name. • <ipaddr> and <netmask> are parameters and represent required values that you must enter after you type the command keywords. • [gateway] is an optional parameter, so you are not required to enter a value in place of the parameter. The CLI Command Reference lists each command by the command name and provides a brief description of the command.
Page 15: Common Parameter Values
Managed Switch CLI Manual, Release 8.0 Common Parameter Values Parameter values might be names (strings) or numbers.To use spaces as part of a name parameter, enclose the name value in double quotes. For example, the expression “System Name with Spaces” forces the system to accept the spaces. Empty strings (““) are not valid user-defined strings.
Page 16: Using The "No" Form Of A Command
Managed Switch CLI Manual, Release 8.0 The slot number has two uses. In the case of physical ports, it identifies the card containing the ports. In the case of logical and CPU ports it also identifies the type of interface or port. Table 3.
Page 17: Managed Switch Modules
Managed Switch CLI Manual, Release 8.0 shutdown configuration command reverses the shutdown of an interface. Use the command without the keyword no to re-enable a disabled feature or to enable a feature that is disabled by default. Only the configuration commands are available in the no form. Managed Switch Modules Managed switch software consists of flexible modules that can be applied in various combinations to develop advanced Layer 2/3/4+ products.
Page 18 Managed Switch CLI Manual, Release 8.0 The command prompt changes in each command mode to help you identify the current mode. Table 5 describes the command modes and the prompts visible in that mode. Note: The command modes available on your switch depend on the software modules that are installed.
Page 19 Managed Switch CLI Manual, Release 8.0 Table 5. CLI Command Modes (continued) Command Mode Prompt Mode Description Router OSPFv3 Switch (Config rtr)# Contains the OSPFv3 configuration commands. Config Router RIP Config Switch (Config-router)# Contains the RIP configuration commands. Router BGP Switch (Config-router)# Contains the BGP4 configuration commands.
Page 20 Managed Switch CLI Manual, Release 8.0 Table 6. CLI Mode Access and Exit (continued) Command Mode Access Method Exit or Access Previous Mode Line Config From the Global Config mode, To exit to the Global Config mode, enter exit. To enter return to the Privileged EXEC mode, enter Ctrl- lineconfig.
Page 21: Command Completion And Abbreviation
Managed Switch CLI Manual, Release 8.0 Table 6. CLI Mode Access and Exit (continued) Command Mode Access Method Exit or Access Previous Mode TACACS Config From the Global Config mode, To exit to the Global Config mode, enter exit. To enter tacacs-server host return to the Privileged EXEC mode, enter Ctrl- <ip-addr>, where <ip-addr>...
Page 22: Cli Line-Editing Conventions
Managed Switch CLI Manual, Release 8.0 Table 7. CLI Error Messages Message Text Description % Invalid input detected at '^' marker. Indicates that you entered an incorrect or unavailable command. The carat (^) shows where the invalid text is detected. This message also appears if any of the parameters or values are not recognized.
Page 23: Using Cli Help
Managed Switch CLI Manual, Release 8.0 Table 8. CLI Editing Conventions (continued) Key Sequence Description Ctrl-Q Enables serial flow Ctrl-S Disables serial flow Ctrl-Z Return to root command prompt Tab, <SPACE> Command-line completion Exit Go to next lower command prompt List available commands, keywords, or parameters Using CLI Help Enter a question mark (?) at the command prompt to display the commands available in the current...
Page 24: Accessing The Cli
Managed Switch CLI Manual, Release 8.0 If there are no additional command keywords or parameters, or if additional parameters are optional, the following message appears in the output: <cr> Press Enter to execute the command You can also enter a question mark (?) after typing one or more characters of a word to list the available command or parameters that begin with the letters, as shown in the following example: (switch) #show m? mac-addr-table...
Page 25: Stacking Commands
Chapter 2 Stacking Commands The Stacking Commands chapter includes the following sections: • “Dedicated Port Stacking” on page 2-1 • “Front Panel Stacking Commands” on page 2-10 Note: The commands in this chapter are in one of two functional groups: Note: Show commands display switch settings, statistics, and other information.
Page 26 Managed Switch CLI Manual, Release 8.0 member This command configures a switch. The <unit> is the switch identifier of the switch to be added/removed from the stack. The <switchindex> is the index into the database of the supported switch types, indicating the type of the switch being preconfigured. The switch index is a 32-bit integer.
Page 27 Managed Switch CLI Manual, Release 8.0 switch renumber This command changes the switch identifier for a switch in the stack. The <oldunit> is the current switch identifier on the switch whose identifier is to be changed. The <newunit> is the updated value of the switch identifier.
Page 28 Managed Switch CLI Manual, Release 8.0 slot This command configures a slot in the system. The <unit/slot> is the slot identifier of the slot. The <cardindex> is the index into the database of the supported card types, indicating the type of the card being preconfigured in the specified slot. The card index is a 32-bit integer. If a card is currently present in the slot that is unconfigured, the configured information will be deleted and the slot will be re-configured with default information for the card.
Page 29: Set Slot Power
Managed Switch CLI Manual, Release 8.0 If a card or other module is present in the slot, this administrative mode will effectively be applied to the contents of the slot. If the slot is empty, this administrative mode will be applied to any module that is inserted into the slot.
Page 30: Reload (Stack)
Managed Switch CLI Manual, Release 8.0 no set slot power This command unconfigures the power mode of the slot(s) and prohibits power from being supplied to a card located in the slot. If you specify [all], the command prohibits power to all slots, otherwise the command prohibits power to the slot identified by <unit/slot>.
Page 31: Show Supported Cardtype
Managed Switch CLI Manual, Release 8.0 Term Definition Pluggable Cards are pluggable or non-pluggable in the slot. Power Down Indicates whether the slot can be powered down. If you supply a value for <unit/slot>, the following additional information appears: Term Definition Inserted Card The model identifier of the card inserted in the slot.
Page 32: Show Switch
Managed Switch CLI Manual, Release 8.0 show switch This command displays information about all units in the stack or a single unit when you specify the unit value. Format show switch [<unit>] Mode Privileged EXEC Term Definition Switch The unit identifier assigned to the switch. When you do not specify a value for <unit>, the following information appears: Term Definition...
Page 33: Show Supported Switchtype
Managed Switch CLI Manual, Release 8.0 Term Definition Switch Status The switch status. Possible values are OK, Unsupported, Code Mismatch, Config Mismatch, or Not Present. Switch The switch description. Description Expected Code The expected code version. Version Detected Code The version of code running on this switch. If the switch is not present and the data is Version from pre-configuration, then the code version is “None”.
Page 34: Front Panel Stacking Commands
Managed Switch CLI Manual, Release 8.0 Term Definition Model Identifier The model identifier for the supported switch type. Switch The description for the supported switch type. Description Front Panel Stacking Commands This section describes the commands you use to view and configure front panel stacking information.
Page 35: Show Stack-Port Counters
Managed Switch CLI Manual, Release 8.0 Term Definition Configured Stack Stack or Ethernet. Mode Running Stack Stack or Ethernet. Mode Link Status Status of the link. Link Speed Speed (Gbps) of the stack port link. show stack-port counters This command displays summary data counter information for all interfaces. Table 9: Format show stack-port counters...
Page 36 Managed Switch CLI Manual, Release 8.0 Term Definition Unit The unit number. Interface The slot and port numbers. Diagnostic Entry1 80 character string used for diagnostics. Diagnostic Entry2 80 character string used for diagnostics. Diagnostic Entry3 80 character string used for diagnostics. Stacking Commands 2-12 v1.0, July 2009...
Page 37: Switching Commands
Chapter 3 Switching Commands This chapter describes the switching commands available in the managed switch CLI. The Switching Commands chapter includes the following sections: • “Port Configuration Commands” on page 3-2 • “show port description” on page 3-9 • “VLAN Commands” on page 3-31 •...
Page 38: Port Configuration Commands
Managed Switch CLI Manual, Release 8.0 • “Port Security Commands” on page 3-166 • “LLDP (802.1AB) Commands” on page 3-170 • “LLDP-MED Commands” on page 3-181 • “Denial of Service Commands” on page 3-192 • “MAC Database Commands” on page 3-204 •...
Page 39: Interface Range
Managed Switch CLI Manual, Release 8.0 interface range This command gives you access to a range of port interfaces, allowing the same port configuration to be applied to a set of ports. Format interface range <unit/slot/port>-<unit/slot/port> Mode Global Config interface vlan This command gives you access to to the vlan virtual interface mode, which allows certain port configurations (for example, the IP address) to be applied to the VLAN interface.
Page 40: Auto-Negotiate All
Managed Switch CLI Manual, Release 8.0 Format auto-negotiate Mode Interface Config no auto-negotiate This command disables automatic negotiation on a port. Note: Automatic sensing is disabled when automatic negotiation is disabled. auto-negotiate all Format no auto-negotiate Mode Interface Config This command enables automatic negotiation on all ports. Default enabled Format...
Page 41 Managed Switch CLI Manual, Release 8.0 description Use this command to create an alpha-numeric description of the port. Format description <description> Mode Interface Config Use the mtu command to set the maximum transmission unit (MTU) size, in bytes, for frames that ingress or egress the interface.
Page 42 Managed Switch CLI Manual, Release 8.0 shutdown This command disables a port. Note: You can use the shutdown command on physical and port-channel (LAG) interfaces, but not on VLAN routing interfaces. Default enabled Format shutdown Mode Interface Config no shutdown This command enables a port.
Page 43: Speed All
Managed Switch CLI Manual, Release 8.0 no shutdown all This command enables all ports. Format no shutdown all Mode Global Config speed This command sets the speed and duplex setting for the interface. Format speed {<100 | 10> <half-duplex | full-duplex>} Mode Interface Config Acceptable...
Page 44: Show Port
Managed Switch CLI Manual, Release 8.0 show port This command displays port information. Format show port {<unit/slot/port> | all} Mode Privileged EXEC Term Definition Interface Valid unit, slot, and port number separated by forward slashes. Type If not blank, this field indicates that this port is a special type of port. The possible values are: •...
Page 45: Show Port Description
Managed Switch CLI Manual, Release 8.0 Term Definition Group Name The group name of an entry in the Protocol-based VLAN table. Group ID The group identifier of the protocol group. Protocol(s) The type of protocol(s) for this group. VLAN The VLAN associated with this Protocol Group. Interface(s) Lists the unit/slot/port interface(s) that are associated with this Protocol Group.
Page 46 Managed Switch CLI Manual, Release 8.0 Term Definition Physical Mode Either “Auto” or fixed speed and duplex mode. Physical Status The actual speed and duplex mode. Link Status Whether the link is Up or Down. Loop Status Whether the port is in loop state or not. Partner Flow Whether the remote side is using flow control or not.
Page 47: Spanning Tree Protocol (Stp) Commands
Managed Switch CLI Manual, Release 8.0 Spanning Tree Protocol (STP) Commands This section describes the commands you use to configure Spanning Tree Protocol (STP). STP helps prevent network loops, duplicate messages, and network instability. spanning-tree This command sets the spanning-tree operational mode to enabled. Default enabled Format...
Page 48: Spanning-Tree Bpduflood
Managed Switch CLI Manual, Release 8.0 Default enabled Format no spanning-tree bpdufilter default Mode Global Config spanning-tree bpduflood Use this command to enable BPDU Flood on the interface. Default disabled Format spanning-tree bpduflood Mode Interface Config no spanning-tree bpduflood Use this command to disable BPDU Flood on the interface. Default enabled Format...
Page 49: Spanning-Tree Bpdumigrationcheck
Managed Switch CLI Manual, Release 8.0 Default disabled Format no spanning-tree bpduguard Mode Global Config spanning-tree bpdumigrationcheck Use this command to force a transmission of rapid spanning tree (RSTP) and multiple spanning tree (MSTP) BPDUs. Use the <unit/slot/port> parameter to transmit a BPDU from a specified interface, or use the all keyword to transmit BPDUs from all interfaces.
Page 50: Spanning-Tree Configuration Revision
Managed Switch CLI Manual, Release 8.0 spanning-tree configuration revision This command sets the Configuration Identifier Revision Level for use in identifying the configuration that this switch is currently using. The Configuration Identifier Revision Level is a number in the range of 0 to 65535. Default Format spanning-tree configuration revision <0-65535>...
Page 51: Spanning-Tree Forceversion
Managed Switch CLI Manual, Release 8.0 spanning-tree forceversion This command sets the Force Protocol Version parameter to a new value. Default 802.1s Format spanning-tree forceversion <802.1d | 802.1s | 802.1w> Mode Global Config • Use 802.1d to specify that the switch transmits ST BPDUs rather than MST BPDUs (IEEE 802.1d functionality supported).
Page 52: Spanning-Tree Guard
Managed Switch CLI Manual, Release 8.0 no spanning-tree forward-time This command sets the Bridge Forward Delay parameter for the common and internal spanning tree to the default value. Format no spanning-tree forward-time Mode Global Config spanning-tree guard This command selects whether loop guard or root guard is enabled on an interface. If neither is enabled, then the port operates in accordance with the multiple spanning tree protocol.
Page 53: Spanning-Tree Max-Hops
Managed Switch CLI Manual, Release 8.0 no spanning-tree max-age This command sets the Bridge Max Age parameter for the common and internal spanning tree to the default value. Format no spanning-tree max-age Mode Global Config spanning-tree max-hops This command sets the MSTP Max Hops parameter to a new value for the common and internal spanning tree.
Page 54 Managed Switch CLI Manual, Release 8.0 If you specify the cost option, the command sets the path cost for this port within a multiple spanning tree instance or the common and internal spanning tree instance, depending on the <mstid> parameter. You can set the path cost as a number in the range of 1 to 200000000 or auto.
Page 55: Spanning-Tree Mst Instance
Managed Switch CLI Manual, Release 8.0 Format no spanning-tree mst <mstid> <cost | external-cost | port-priority> Mode Interface Config spanning-tree mst instance This command adds a multiple spanning tree instance to the switch. The parameter <mstid> is a number within a range of 1 to 4094, that corresponds to the new instance ID to be added. The maximum number of multiple instances supported by the switch is 4.
Page 56: Spanning-Tree Mst Vlan
Managed Switch CLI Manual, Release 8.0 If you specify 0 (defined as the default CIST ID) as the <mstid>, this command sets the Bridge Priority parameter to a new value for the common and internal spanning tree. The bridge priority value is a number within a range of 0 to 61440.
Page 57: Spanning-Tree Port Mode
Managed Switch CLI Manual, Release 8.0 no spanning-tree mst vlan This command removes an association between a multiple spanning tree instance and one or more VLANs so that the VLAN(s) are again associated with the common and internal spanning tree. Format no spanning-tree mst vlan <mstid>...
Page 58: Spanning-Tree Edgeport All
Managed Switch CLI Manual, Release 8.0 no spanning-tree port mode all This command sets the Administrative Switch Port State for all ports to disabled. Format no spanning-tree port mode all Mode Global Config spanning-tree edgeport all This command specifies that every port is an Edge Port within the common and internal spanning tree.
Page 59: Show Spanning-Tree
Managed Switch CLI Manual, Release 8.0 no spanning-tree bpduforwarding This command will cause the STP BPDU packets received from the network to be dropped if STP is disabled. Format no spanning-tree bpduforwarding Mode Global Config show spanning-tree This command displays spanning tree settings for the common and internal spanning tree. The following details are displayed.
Page 60: Show Spanning-Tree Brief
Managed Switch CLI Manual, Release 8.0 Term Definition Root Port Derived value. Bridge Forward Delay Hello Time Configured value of the parameter for the CST. Bridge Hold Minimum time between transmission of Configuration Bridge Protocol Data Units Time (BPDUs). Bridge Max Bridge max-hops count for the device.
Page 61: Show Spanning-Tree Interface
Managed Switch CLI Manual, Release 8.0 show spanning-tree interface This command displays the settings and parameters for a specific switch port within the common and internal spanning tree. The <unit/slot/port> is the desired switch port. The following details are displayed on execution of the command. Format show spanning-tree interface <unit/slot/port>...
Page 62: Show Spanning-Tree Mst Port Detailed
Managed Switch CLI Manual, Release 8.0 show spanning-tree mst port detailed This command displays the detailed settings and parameters for a specific switch port within a particular multiple spanning tree instance. The parameter <mstid> is a number that corresponds to the desired existing multiple spanning tree instance. The <unit/slot/port> is the desired switch port.
Page 63 Managed Switch CLI Manual, Release 8.0 Term Definition Transitions Into The number of times this interface has transitioned into loop inconsistent state. Loop Inconsistent State Transitions Out The number of times this interface has transitioned out of loop inconsistent state. of Loop Inconsistent State...
Page 64: Show Spanning-Tree Mst Port Summary
Managed Switch CLI Manual, Release 8.0 Term Definition Topology Value of flag in next Configuration Bridge Protocol Data Unit (BPDU) transmission Change indicating if a topology change is in progress for this port. Acknowledgem Hello Time The hello time in use for this port. Edge Port The configured value indicating if this port is an edge port.
Page 65: Show Spanning-Tree Mst Summary
Managed Switch CLI Manual, Release 8.0 Term Definition MST Instance ID The MST instance associated with this port. Interface Valid unit, slot, and port number separated by forward slashes. STP Mode Indicates whether spanning tree is enabled or disabled on the port. Type Currently not used.
Page 66: Show Spanning-Tree Summary
Managed Switch CLI Manual, Release 8.0 show spanning-tree summary This command displays spanning tree settings and parameters for the switch. The following details are displayed on execution of the command. Format show spanning-tree summary Mode • Privileged EXEC • User EXEC Term Definition Spanning Tree...
Page 67: Vlan Commands
Managed Switch CLI Manual, Release 8.0 Term Definition VLAN Identifier The VLANs associated with the selected MST instance. Associated Identifier for the associated multiple spanning tree instance or “CST” if associated with Instance the common and internal spanning tree. VLAN Commands This section describes the commands you use to configure VLAN settings.
Page 68: Vlan Acceptframe
Managed Switch CLI Manual, Release 8.0 vlan This command creates a new VLAN and assigns it an ID. The ID is a valid VLAN identification number (ID 1 is reserved for the default VLAN). The vlan-list contains VlanId's in range <1- 4093>.
Page 69: Vlan Ingressfilter
Managed Switch CLI Manual, Release 8.0 no vlan acceptframe This command resets the frame acceptance mode for the interface to the default value. Format no vlan acceptframe Mode Interface Config vlan ingressfilter This command enables ingress filtering. If ingress filtering is disabled, frames received with VLAN IDs that do not match the VLAN membership of the receiving interface are admitted and forwarded to ports that are members of that VLAN.
Page 70: Vlan Name
Managed Switch CLI Manual, Release 8.0 vlan name This command changes the name of a VLAN. The name is an alphanumeric string of up to 32 characters, and the ID is a valid VLAN identification number. ID range is 1-4093. Default •...
Page 71: Vlan Participation All
Managed Switch CLI Manual, Release 8.0 vlan participation all This command configures the degree of participation for all interfaces in a VLAN. The ID is a valid VLAN identification number. Format vlan participation all {exclude | include | auto} <1-4093> Mode Global Config You can use the following participation options:...
Page 72: Vlan Port Ingressfilter All
Managed Switch CLI Manual, Release 8.0 no vlan port acceptframe all This command sets the frame acceptance mode for all interfaces to Admit All. For Admit All mode, untagged frames or priority frames received on this interface are accepted and assigned the value of the interface VLAN ID for this port.
Page 73: Vlan Port Tagging All
Managed Switch CLI Manual, Release 8.0 no vlan port pvid all This command sets the VLAN ID for all interfaces to 1. Format no vlan port pvid all Mode Global Config vlan port tagging all This command configures the tagging behavior for all interfaces in a VLAN to enabled. If tagging is enabled, traffic is transmitted as tagged frames.
Page 74 Managed Switch CLI Manual, Release 8.0 vlan protocol group add protocol This command adds the <protocol> to the protocol-based VLAN identified by <groupid>. A group may have more than one protocol associated with it. Each interface and protocol combination can only be associated with one group. If adding a protocol to a group causes any conflicts with interfaces currently associated with the group, this command fails and the protocol is not added to the group.
Page 75: Protocol Vlan Group
Managed Switch CLI Manual, Release 8.0 Default none Format protocol group <groupid> <vlanid> Mode VLAN Config no protocol group This command removes the <vlanid> from this protocol-based VLAN group that is identified by this <groupid>. Format no protocol group <groupid> <vlanid> Mode VLAN Config protocol vlan group...
Page 76: Protocol Vlan Group All
Managed Switch CLI Manual, Release 8.0 protocol vlan group all This command adds all physical interfaces to the protocol-based VLAN identified by <groupid>. You can associate multiple interfaces with a group, but you can only associate each interface and protocol combination with one group. If adding an interface to a group causes any conflicts with protocols currently associated with the group, this command will fail and the interface(s) will not be added to the group.
Page 77: Vlan Tagging
Managed Switch CLI Manual, Release 8.0 vlan tagging This command configures the tagging behavior for a specific interface in a VLAN to enabled. If tagging is enabled, traffic is transmitted as tagged frames. If tagging is disabled, traffic is transmitted as untagged frames. The vlan-list contains VlanId's in range <1-4093>. Separate non- consecutive IDs with ',' and no spaces and no zeros in between the range;...
Page 78: Vlan Association Mac
Managed Switch CLI Manual, Release 8.0 vlan association mac This command associates a MAC address to a VLAN. Format vlan association mac <macaddr> <1-4093> Mode VLAN database no vlan association mac This command removes the association of a MAC address to a VLAN. Format no vlan association mac <macaddr>...
Page 79: Show Vlan Brief
Managed Switch CLI Manual, Release 8.0 Format show vlan <vlanid> Mode • Privileged EXEC • User EXEC Term Definition VLAN ID There is a VLAN Identifier (VID) associated with each VLAN. The range of the VLAN ID is 1 to 3965. VLAN Name A string associated with this VLAN as a convenience.
Page 80: Show Vlan Port
Managed Switch CLI Manual, Release 8.0 Format show vlan brief Mode • Privileged EXEC • User EXEC Term Definition VLAN ID There is a VLAN Identifier (vlanid) associated with each VLAN. The range of the VLAN ID is 1 to 3965. VLAN Name A string associated with this VLAN as a convenience.
Page 81: Show Vlan Association Subnet
Managed Switch CLI Manual, Release 8.0 Term Definition GVRP May be enabled or disabled. Default Priority The 802.1p priority assigned to tagged packets arriving on the port. show vlan association subnet This command displays the VLAN associated with a specific configured IP-Address and net mask. If no IP address and net mask are specified, the VLAN associations of all the configured IP- subnets are displayed.
Page 82: Double Vlan Commands
Managed Switch CLI Manual, Release 8.0 Double VLAN Commands This section describes the commands you use to configure double VLAN (DVLAN). Double VLAN tagging is a way to pass VLAN traffic from one customer domain to another through a Metro Core in a simple and cost effective manner. The additional tag on the traffic helps differentiate between customers in the MAN while preserving the VLAN identification of the individual customers when they enter their own 802.1Q domain.
Page 83: Mode Dvlan-Tunnel
Managed Switch CLI Manual, Release 8.0 mode dvlan-tunnel Use this command to enable Double VLAN Tunneling on the specified interface. Note: When you use the mode dvlan-tunnel command on an interface, it becomes a service provider port. Ports that do not have double VLAN tunneling enabled are customer ports.
Page 84: Voice Vlan Commands
Managed Switch CLI Manual, Release 8.0 Term Definition EtherType A 2-byte hex EtherType to be used as the first 16 bits of the DVLAN tunnel. There are three different EtherType tags. The first is 802.1Q, which represents the commonly used value of 0x8100.
Page 85: Voice Vlan (Interface Config)
Managed Switch CLI Manual, Release 8.0 Also the inherent isolation provided by VLANs ensures that inter-VLAN traffic is under management control and that network- attached clients cannot initiate a direct attack on voice components. QoS-based on IEEE 802.1P class of service (CoS) uses classification and scheduling to sent network traffic from the switch in a predictable manner.
Page 86: Voice Vlan Data Priority
Managed Switch CLI Manual, Release 8.0 Parameter Description none Allow the IP phone to use its own configuration to send untagged voice traffic. untagged Configure the phone to send untagged voice traffic. no voice vlan (Interface Config) Use this command to disable the Voice VLAN capability on the interface. Format no voice vlan Mode...
Page 87: Provisioning (Ieee 802.1P) Commands
Managed Switch CLI Manual, Release 8.0 Term Definition Voice VLAN Interface Mode The admin mode of the Voice VLAN on the interface. Voice VLAN ID The Voice VLAN ID Voice VLAN Priority The do1p priority for the Voice VLAN on the port. Voice VLAN Untagged The tagging option for the Voice VLAN traffic.
Page 88: Protected Ports Commands
Managed Switch CLI Manual, Release 8.0 Protected Ports Commands This section describes commands you use to configure and view protected ports on a switch. Protected ports do not forward traffic to each other, even if they are on the same VLAN. However, protected ports can forward traffic to all unprotected ports in their group.
Page 89: Switchport Protected (Interface Config)
Managed Switch CLI Manual, Release 8.0 switchport protected (Interface Config) Use this command to add an interface to a protected port group. The <groupid> parameter identifies the set of protected ports to which this interface is assigned. You can only configure an interface as protected in one group.
Page 90: Private Group Commands
Managed Switch CLI Manual, Release 8.0 Term Definition Name An optional name of the protected port group. The name can be up to 32 alphanumeric characters long, including blanks. The default is blank. List of Physical List of ports, which are configured as protected for the group identified with <groupid>. If Ports no port is configured as protected for this group, this field is blank.
Page 91: Private-Group Name
Managed Switch CLI Manual, Release 8.0 By default, a port does not belong to any private group. A port cannot be in more than one private group. An error message should return when that occurred. To change a port’s private group, first the port must be removed from its private group.
Page 92: Garp Commands
Managed Switch CLI Manual, Release 8.0 no private-group name This command is used to remove the specified private group. Format private-group name <privategroup-name> Mode Global Config show private-group This command displays the private groups’ information. Format show private-groupname [<private-group-name>|<private-group- id>|port <unit/slot/port>] Mode Priviledged EXEC Term...
Page 93: Set Garp Timer Join
Managed Switch CLI Manual, Release 8.0 set garp timer join This command sets the GVRP join time for one port (Interface Config mode) or all (Global Config mode) and per GARP. Join time is the interval between the transmission of GARP Protocol Data Units (PDUs) registering (or re-registering) membership for a VLAN or multicast group.
Page 94: Set Garp Timer Leaveall
Managed Switch CLI Manual, Release 8.0 no set garp timer leave This command sets the GVRP leave time on all ports or a single port to the default and only has an effect when GVRP is enabled. Format no set garp timer leave Mode •...
Page 95: Gvrp Commands
Managed Switch CLI Manual, Release 8.0 Format show garp Mode • Privileged EXEC • User EXEC Term Definition GMRP Admin Mode The administrative mode of GARP Multicast Registration Protocol (GMRP) for the system. GVRP Admin Mode The administrative mode of GARP VLAN Registration Protocol (GVRP) for the system.
Page 96: Set Gvrp Interfacemode
Managed Switch CLI Manual, Release 8.0 Format no set gvrp adminmode Mode Privileged EXEC set gvrp interfacemode This command enables GVRP on a single port (Interface Config mode) or all ports (Global Config mode). Default disabled Format set gvrp interfacemode Mode •...
Page 97: Gmrp Commands
Managed Switch CLI Manual, Release 8.0 Term Definition Join Timer The interval between the transmission of GARP PDUs registering (or re-registering) membership for an attribute. Current attributes are a VLAN or multicast group. There is an instance of this timer on a per-Port, per-GARP participant basis. Permissible values are 10 to 100 centiseconds (0.1 to 1.0 seconds).
Page 98 Managed Switch CLI Manual, Release 8.0 Default disabled Format set gmrp adminmode Mode Privileged EXEC no set gmrp adminmode This command disables GARP Multicast Registration Protocol (GMRP) on the system. Format no set gmrp adminmode Mode Privileged EXEC set gmrp interfacemode This command enables GARP Multicast Registration Protocol on a single interface (Interface Config mode) or all interfaces (Global Config mode).
Page 99: Show Gmrp Configuration
Managed Switch CLI Manual, Release 8.0 Format no set gmrp interfacemode Mode • Interface Config • Global Config show gmrp configuration This command displays Generic Attributes Registration Protocol (GARP) information for one or all interfaces. Format show gmrp configuration {<unit/slot/port> | all} Mode •...
Page 100: Port-Based Network Access Control Commands
Managed Switch CLI Manual, Release 8.0 show mac-address-table gmrp This command displays the GMRP entries in the Multicast Forwarding Database (MFDB) table. Format show mac-address-table gmrp Mode Privileged EXEC Term Definition Mac Address A unicast MAC address for which the switch has forwarding and or filtering information. The format is 6 or 8 two-digit hexadecimal numbers that are separated by colons, for example 01:23:45:67:89:AB.
Page 101: Dot1X Guest-Vlan
Managed Switch CLI Manual, Release 8.0 Format clear radius statistics Mode Privileged EXEC dot1x guest-vlan This command configures VLAN as guest vlan on a per port basis. The command specifies an active VLAN as an IEEE 802.1x guest VLAN. The range is 1 to the maximumVLAN ID supported by the platform.
Page 102: Dot1X Max-Req
Managed Switch CLI Manual, Release 8.0 dot1x max-req This command sets the maximum number of times the authenticator state machine on this port will transmit an EAPOL EAP Request/Identity frame before timing out the supplicant. The <count> value must be in the range 1 - 10. Default Format dot1x max-req <count>...
Page 103 Managed Switch CLI Manual, Release 8.0 dot1x port-control This command sets the authentication mode to use on the specified port. Select force- unauthorized to specify that the authenticator PAE unconditionally sets the controlled port to unauthorized. Select force-authorized to specify that the authenticator PAE unconditionally sets the controlled port to authorized.
Page 104: Dot1X Re-Authenticate
Managed Switch CLI Manual, Release 8.0 no dot1x port-control all This command sets the authentication mode on all ports to the default value. Format no dot1x port-control all Mode Global Config dot1x re-authenticate This command begins the re-authentication sequence on the specified port. This command is only valid if the control mode for the specified port is “auto”...
Page 105: Dot1X Timeout
Managed Switch CLI Manual, Release 8.0 dot1x system-auth-control Use this command to enable the dot1x authentication support on the switch. While disabled, the dot1x configuration is retained and can be changed, but is not activated. Default disabled Format dot1x system-auth-control Mode Global Config no dot1x system-auth-control...
Page 106: No Dot1X Timeout
Managed Switch CLI Manual, Release 8.0 Tokens Definition supp-timeout The value, in seconds, of the timer used by the authenticator state machine on this port to timeout the supplicant. The supp-timeout must be a value in the range 1 - 65535. server-timeout The value, in seconds, of the timer used by the authenticator state machine on this port to timeout the authentication server.
Page 107: Dot1X User
Managed Switch CLI Manual, Release 8.0 Default Format dot1x unauthenticated-vlan <vlan id> Mode Interface Config no dot1x unauthenticated-vlan This command resets the unauthenticated-vlan associated with the port to its default value. Format no dot1x unauthenticated-vlan Mode Interface Config dot1x user This command adds the specified user to the list of users with access to the specified port or all ports.
Page 108: Show Authentication Methods
Managed Switch CLI Manual, Release 8.0 show authentication methods This command displays information about the authentication methods. Format show authentication methods Mode Privileged EXEC The following is an example of this command: Login Authentication Method Lists ________________________________ Console_Default: None Network_Default:Local Enable Authentication Lists _____________________ Console_Default: Enable None...
Page 109 Managed Switch CLI Manual, Release 8.0 Term Definition Administrative Indicates whether authentication control on the switch is enabled or disabled. Mode VLAN Indicates whether assignment of an authorized port to a RADIUS assigned VLAN is Assignment allowed (enabled) or not (disabled). Mode If you use the optional parameter summary {<unit/slot/port>...
Page 110 Managed Switch CLI Manual, Release 8.0 Term Definition Backend Current state of the backend authentication state machine. Possible values are Request, Authentication Response, Success, Fail, Timeout, Idle, and Initialize. When MAC-based authentication State is enabled on the port, this parameter is deprecated. Quiet Period The timer used by the authenticator state machine on this port to define periods of time in which it will not attempt to acquire a supplicant.
Page 111 Managed Switch CLI Manual, Release 8.0 Term Definition Maximum Users The maximum number of clients that can get authenticated on the port in the MAC-based dot1x authentication mode. This value is used only when the port control mode is not MAC-based.
Page 112: Show Dot1X Clients
Managed Switch CLI Manual, Release 8.0 Term Definition Port The interface whose statistics are displayed. EAPOL Frames The number of valid EAPOL frames of any type that have been received by this Received authenticator. EAPOL Frames The number of EAPOL frames of any type that have been transmitted by this Transmitted authenticator.
Page 113: Show Dot1X Users
Managed Switch CLI Manual, Release 8.0 Format show dot1x clients {<unit/slot/port> | all} Mode Privileged EXEC Term Definition Logical The logical port number associated with a client. Interface Interface The physical port to which the supplicant is associated. User Name The user name used by the client to authenticate to the server.
Page 114: Storm-Control Commands
Managed Switch CLI Manual, Release 8.0 Storm-Control Commands This section describes commands you use to configure storm-control and view storm-control configuration information. A traffic storm is a condition that occurs when incoming packets flood the LAN, which creates performance degredation in the network. The Storm-Control feature protects against this condition.
Page 115: Storm-Control Broadcast Level
Managed Switch CLI Manual, Release 8.0 Default enabled Format storm-control broadcast Mode Interface Config no storm-control broadcast Use this command to disable broadcast storm recovery mode for a specific interface. Format no storm-control broadcast Mode Interface Config storm-control broadcast level Use this command to configure the broadcast storm recovery threshold for an interface as a percentage of link speed and enable broadcast storm recovery.
Page 116: Storm-Control Broadcast Rate
Managed Switch CLI Manual, Release 8.0 storm-control broadcast rate Use this command to configure the broadcast storm recovery threshold for an interface in packets per second. If the mode is enabled, broadcast storm recovery is active, and if the rate of L2 broadcast traffic ingressing on an interface increases beyond the configured threshold, the traffic is dropped.
Page 117: Storm-Control Broadcast Level (Global Config)
Managed Switch CLI Manual, Release 8.0 Format no storm-control broadcast Mode Global Config storm-control broadcast level (Global Config) This command configures the broadcast storm recovery threshold for all interfaces as a percentage of link speed and enables broadcast storm recovery. If the mode is enabled, broadcast storm recovery is active, and if the rate of L2 broadcast traffic ingressing on an interface increases beyond the configured threshold, the traffic will be dropped.
Page 118: Storm-Control Multicast
Managed Switch CLI Manual, Release 8.0 Format storm-control broadcast rate <0-14880000> Mode Global Config no storm-control broadcast rate This command sets the broadcast storm recovery threshold to the default value for all interfaces and disables broadcast storm recovery. Format no storm-control broadcast rate Mode Global Config storm-control multicast...
Page 119: Storm-Control Multicast Level
Managed Switch CLI Manual, Release 8.0 storm-control multicast level This command configures the multicast storm recovery threshold for an interface as a perecentage of link speed and enables multicast storm recovery mode. If the mode is enabled, multicast storm recovery is active, and if the rate of L2 multicast traffic ingressing on an interface increases beyond the configured threshold, the traffic will be dropped.
Page 120: Storm-Control Multicast (Global Config)
Managed Switch CLI Manual, Release 8.0 Format no storm-control multicast rate Mode Interface Config storm-control multicast (Global Config) This command enables multicast storm recovery mode for all interfaces. If the mode is enabled, multicast storm recovery is active, and if the rate of L2 multicast traffic ingressing on an interface increases beyond the configured threshold, the traffic will be dropped.
Page 121: Storm-Control Multicast Rate (Global Config)
Managed Switch CLI Manual, Release 8.0 no storm-control multicast level This command sets the multicast storm recovery threshold to the default value for all interfaces and disables multicast storm recovery. Format no storm-control multicast level Mode Global Config storm-control multicast rate (Global Config) Use this command to configure the multicast storm recovery threshold for all interfaces in packets per second.
Page 122: Storm-Control Unicast Level
Managed Switch CLI Manual, Release 8.0 Default disabled Format storm-control unicast Mode Interface Config no storm-control unicast This command disables unicast storm recovery mode for an interface. Format no storm-control unicast Mode Interface Config storm-control unicast level This command configures the unicast storm recovery threshold for an interface as a percentage of link speed, and enables unicast storm recovery.
Page 123: Storm-Control Unicast Rate
Managed Switch CLI Manual, Release 8.0 storm-control unicast rate Use this command to configure the unicast storm recovery threshold for an interface in packets per second. If the mode is enabled, unicast storm recovery is active, and if the rate of L2 broadcast traffic ingressing on an interface increases beyond the configured threshold, the traffic is dropped.
Page 124: Storm-Control Unicast Level (Global Config)
Managed Switch CLI Manual, Release 8.0 Format no storm-control unicast Mode Global Config storm-control unicast level (Global Config) This command configures the unicast storm recovery threshold for all interfaces as a percentage of link speed, and enables unicast storm recovery. If the mode is enabled, unicast storm recovery is active, and if the rate of unknown L2 unicast (destination lookup failure) traffic ingressing on an interface increases beyond the configured threshold, the traffic will be dropped.
Page 125 Managed Switch CLI Manual, Release 8.0 no storm-control unicast rate This command sets the multicast storm recovery threshold to the default value for an interface and disables multicast storm recovery. Format no storm-control unicast rate Mode Global Config storm-control flowcontrol This command enables 802.3x flow control for the switch and only applies to full-duplex mode ports.
Page 126: Port-Channel/Lag (802.3Ad) Commands
Managed Switch CLI Manual, Release 8.0 show storm-control This command displays switch configuration information. If you do not use any of the optional parameters, this command displays global storm control configuration parameters: • Broadcast Storm Control Mode may be enabled or disabled. The factory default is disabled. •...
Page 127 Managed Switch CLI Manual, Release 8.0 shares traffic based upon the source and destination MAC address.Assign the port-channel (LAG) VLAN membership after you create a port-channel. If you do not assign VLAN membership, the port-channel might become a member of the management VLAN which can result in learning and switching issues.
Page 128: Deleteport (Global Config)
Managed Switch CLI Manual, Release 8.0 addport This command adds one port to the port-channel (LAG). The interface is a logical unit/slot/port number or a group ID of a configured port-channel. Note: Before adding a port to a port-channel, set the physical mode of the port. For more information, see “speed”...
Page 129: Lacp Admin Key
Managed Switch CLI Manual, Release 8.0 lacp admin key Use this command to configure the administrative value of the key for the port-channel. The value range of <key> is 0 to 65535. Default 0x8000 Format lacp admin key <key> Mode Interface Config Note: This command is only applicable to port-channel interfaces.
Page 130: Lacp Actor Admin
Managed Switch CLI Manual, Release 8.0 no lacp collector max delay Use this command to configure the default port-channel collector max delay. Format no lacp collector max-delay Mode Interface Config lacp actor admin Use this command to configure the LACP actor admin parameters. lacp actor admin key Use this command to configure the administrative value of the LACP actor admin key.
Page 131: Lacp Actor Admin State Individual
Managed Switch CLI Manual, Release 8.0 lacp actor admin state individual Use this command to set LACP actor admin state to individual. Format lacp actor admin state individual Mode Interface Config Note: This command is only applicable to physical interfaces. no lacp actor admin state individual Use this command to set the LACP actor admin state to aggregation.
Page 132: Lacp Actor Admin State Passive
Managed Switch CLI Manual, Release 8.0 no lacp actor admin state longtimeout Use this command to set the LACP actor admin state to short timeout. Format no lacp actor admin state longtimeout Mode Interface Config Note: This command is only applicable to physical interfaces. lacp actor admin state passive Use this command to set the LACP actor admin state to passive.
Page 133: Lacp Actor Port Priority
Managed Switch CLI Manual, Release 8.0 lacp actor port priority Use this command to configure the priority value assigned to the Aggregation Port. The valid range for <priority> is 0 to 255. Default 0x80 Format lacp actor port priority <priority> Mode Interface Config Note: This command is only applicable to physical interfaces.
Page 134: Lacp Partner Admin Key
Managed Switch CLI Manual, Release 8.0 no lacp actor system priority Use this command to configure the priority value associated with the Actor’s SystemID. Format no lacp actor system priority Mode Interface Config lacp partner admin key Use this command to configure the administrative value of the Key for the protocol partner. The valid range for <key>...
Page 135: Lacp Partner Admin State Longtimeout
Managed Switch CLI Manual, Release 8.0 Note: This command is only applicable to physical interfaces. no lacp partner admin state individual Use this command to set the LACP partner admin state to aggregation. Format no lacp partner admin state individual Mode Interface Config lacp partner admin state longtimeout...
Page 136: Lacp Partner Admin State Passive
Managed Switch CLI Manual, Release 8.0 lacp partner admin state passive Use this command to set the LACP partner admin state to passive. Format lacp partner admin state passive Mode Interface Config Note: This command is only applicable to physical interfaces. no lacp partner admin state passive Use this command to set the LACP partner admin state to active.
Page 137: Lacp Partner Port Priority
Managed Switch CLI Manual, Release 8.0 no lacp partner port id Use this command to set the LACP partner port id to the default. Format no lacp partner portid Mode Interface Config lacp partner port priority Use this command to configure the LACP partner port priority. The valid range for <priority> is 0 to 255.
Page 138 Managed Switch CLI Manual, Release 8.0 lacp partner system id Use this command to configure the 6-octet MAC Address value representing the administrative value of the Aggregation Port’s protocol Partner’s System ID. The valid range of <system-id> is 00:00:00:00:00:00 - FF:FF:FF:FF:FF. Default 00:00:00:00:00:00 Format...
Page 139: Port-Channel Static
Managed Switch CLI Manual, Release 8.0 Note: This command is only applicable to physical interfaces. no lacp partner system priority Use this command to configure the default administrative value of priority associated with the Partner’s System ID. Format no lacp partner system priority Mode Interface Config port-channel static...
Page 140: Port Lacpmode
Managed Switch CLI Manual, Release 8.0 port lacpmode This command enables Link Aggregation Control Protocol (LACP) on a port. Default enabled Format port lacpmode Mode Interface Config no port lacpmode This command disables Link Aggregation Control Protocol (LACP) on a port. Format no port lacpmode Mode...
Page 141: Port Lacptimeout (Global Config)
Managed Switch CLI Manual, Release 8.0 port lacptimeout (Interface Config) This command sets the timeout on a physical interface of a particular device type (actor or partner) to either long or short timeout. Default long Format port lacptimeout {actor | partner} {long | short} Mode Interface Config no port lacptimeout...
Page 142 Managed Switch CLI Manual, Release 8.0 port-channel adminmode This command enables a port-channel (LAG). This command sets every configured port-channel with the same administrative mode setting. Format port-channel adminmode all Mode Global Config no port-channel adminmode This command disables a port-channel (LAG). This command clears every configured port- channel with the same administrative mode setting.
Page 143 Managed Switch CLI Manual, Release 8.0 hashing-mode This command sets the hashing algorithm on Trunk ports. The command is available in the interface configuration mode for a port-channel. The mode range is in the range 1-6 as follows: 1. Source MAC, VLAN, EtherType, and port ID 2.
Page 144 Managed Switch CLI Manual, Release 8.0 Load-balancing is not supported on every device. The range of options for load-balancing may vary per device. Default Format port-channel load-balance { 1 | 2 | 3 | 4 | 5 | 6 } {<unit/slot/ port>...
Page 145: Port-Channel Name
Managed Switch CLI Manual, Release 8.0 port-channel name This command defines a name for the port-channel (LAG). The interface is a logical unit/slot/port for a configured port-channel, and <name> is an alphanumeric string up to 15 characters. Format port-channel name {<logical unit/slot/port> | all | <name>} Mode Global Config port-channel system priority...
Page 146: Show Lacp Partner
Managed Switch CLI Manual, Release 8.0 Parameter Description Admin Key The administrative value of the Key. Port Priority The priority value assigned to the Aggregation Port. Admin State The administrative values of the actor state as transmitted by the Actor in LACPDUs. show lacp partner Use this command to display LACP partner attributes.
Page 147: Show Port-Channel
Managed Switch CLI Manual, Release 8.0 For each port-channel the following information is displayed: Term Definition Logical The unit/slot/port of the logical interface. Interface Port-channel The name of port-channel (LAG) interface. Name Link-State Shows whether the link is up or down. Trap Flag Shows whether trap flags are enabled or disabled.
Page 148: Show Port-Channel System Priority
Managed Switch CLI Manual, Release 8.0 show port-channel This command displays an overview of all port-channels (LAGs) on the switch. Format show port-channel {<logical unit/slot/port> | all} Mode • Privileged EXEC • User EXEC Term Definition Logical Valid unit, slot, and port number separated by forward slashes. Interface Port-Channel The name of this port-channel (LAG).
Page 149: Port Mirroring
Managed Switch CLI Manual, Release 8.0 Port Mirroring Port mirroring, which is also known as port monitoring, selects network traffic that you can analyze with a network analyzer, such as a SwitchProbe device or other Remote Monitoring (RMON) probe. monitor session This command configures a probe port and a monitored port for monitor session (port monitoring).
Page 150: No Monitor
Managed Switch CLI Manual, Release 8.0 Format no monitor session <session-id> [{source interface <unit/slot/port> | destination interface <unit/slot/port> | mode}] Mode Global Config no monitor This command removes all the source ports and a destination port for the and restores the default value for mirroring session mode for all the configured sessions.
Page 151: Static Mac Filtering
Managed Switch CLI Manual, Release 8.0 Term Definition Admin Mode Indicates whether the Port Mirroring feature is enabled or disabled for the session identified with <session-id>. The possible values are Enabled and Disabled. Probe Port Probe port (destination port) for the session identified with <session-id>. If probe port is not set then this field is blank.
Page 152 Managed Switch CLI Manual, Release 8.0 • Multicast MAC and source ports and destination ports (max=20) Format macfilter <macaddr> <vlanid> Mode Global Config no macfilter This command removes all filtering restrictions and the static MAC filter entry for the MAC address <macaddr>...
Page 153 Managed Switch CLI Manual, Release 8.0 no macfilter adddest This command removes a port from the destination filter set for the MAC filter with the given <macaddr> and VLAN of <vlanid>. The <macaddr> parameter must be specified as a 6- byte hexadecimal number in the format of b1:b2:b3:b4:b5:b6.
Page 154 Managed Switch CLI Manual, Release 8.0 macfilter addsrc This command adds the interface to the source filter set for the MAC filter with the MAC address of <macaddr> and VLAN of <vlanid>. The <macaddr> parameter must be specified as a 6-byte hexadecimal number in the format of b1:b2:b3:b4:b5:b6.
Page 155: Show Mac-Address-Table Static
Managed Switch CLI Manual, Release 8.0 The <vlanid> parameter must identify a valid VLAN. Format no macfilter addsrc all <macaddr> <vlanid> Mode Global Config show mac-address-table static This command displays the Static MAC Filtering information for all Static MAC Filters. If you select <all>, all the Static MAC Filters in the system are displayed.
Page 156: Dhcp Snooping Configuration Commands
Managed Switch CLI Manual, Release 8.0 Term Definition Mac Address A unicast MAC address for which the switch has forwarding and or filtering information. As the data is gleaned from the MFDB, the address will be a multicast address. The format is 6 or 8 two-digit hexadecimal numbers that are separated by colons, for example 01:23:45:67:89:AB.
Page 157: Ip Dhcp Snooping Verify Mac-Address
Managed Switch CLI Manual, Release 8.0 Default disabled Format ip dhcp snooping vlan <vlan-list> Mode Global Config no ip dhcp snooping vlan Use this command to disable DHCP Snooping on VLANs. Format no ip dhcp snooping vlan <vlan-list> Mode Global Config ip dhcp snooping verify mac-address Use this command to enable verification of the source MAC address with the client hardware address in the received DCHP message.
Page 158: Ip Dhcp Snooping Database Write-Delay
Managed Switch CLI Manual, Release 8.0 Default local Format ip dhcp snooping database {local|tftp://hostIP/filename} Mode Global Config ip dhcp snooping database write-delay Use this command to configure the interval in seconds at which the DHCP Snooping database will be persisted. The interval value ranges from 15 to 86400 seconds. Default 300 seconds Format...
Page 159: Ip Verify Binding
Managed Switch CLI Manual, Release 8.0 Format no ip dhcp snooping binding <mac-address> Mode Global Config ip verify binding Use this command to configure static IP source guard (IPSG) entries. Format ip verify binding <mac-address> vlan <vlan id> <ip address> interface <interface id>...
Page 160: Ip Dhcp Snooping Log-Invalid
Managed Switch CLI Manual, Release 8.0 Format no ip dhcp snooping limit Mode Interface Config ip dhcp snooping log-invalid Use this command to control the logging DHCP messages filtration by the DHCP Snooping application. Default disabled Format ip dhcp snooping log-invalid Mode Interface Config no ip dhcp snooping log-invalid...
Page 161: Ip Verify Source
Managed Switch CLI Manual, Release 8.0 Format no ip dhcp snooping trust Mode Interface Config ip verify source Use this command to configure the IPSG source ID attribute to filter the data traffic in the hardware. Source ID is the combination of IP address and MAC address. Normal command allows data traffic filtration based on the IP address.
Page 162: Show Ip Dhcp Snooping Binding
Managed Switch CLI Manual, Release 8.0 Term Definition Interface The interface for which data is displayed. Trusted If it is enabled, DHCP snooping considers the port as trusted. The factory default is disabled. Log Invalid Pkts If it is enabled, DHCP snooping application logs invalid packets on the specified interface.
Page 163: Show Ip Dhcp Snooping Database
Managed Switch CLI Manual, Release 8.0 Term Definition MAC Address Displays the MAC address for the binding that was added. The MAC address is the key to the binding database. IP Address Displays the valid IP address for the binding rule. VLAN The VLAN for the binding rule.
Page 164: Show Ip Dhcp Snooping Statistics
Managed Switch CLI Manual, Release 8.0 agent url: /10.131.13.79:/sai1.txt write-delay: 5000 show ip dhcp snooping statistics Use this command to list statistics for DHCP Snooping security violations on untrusted ports. Format show ip dhcp snooping statistics Mode • Privileged EXEC •...
Page 165: Clear Ip Dhcp Snooping Binding
Managed Switch CLI Manual, Release 8.0 1/0/14 1/0/15 1/0/16 1/0/17 1/0/18 1/0/19 1/0/20 clear ip dhcp snooping binding Use this command to clear all DHCP Snooping bindings on all interfaces or on a specific interface. Format clear ip dhcp snooping binding [interface <unit/slot/port>] Mode •...
Page 166: Show Ip Source Binding
Managed Switch CLI Manual, Release 8.0 Term Definition Filter Type Is one of two values: • ip-mac: User has configured MAC address filtering on this interface. • ip: Only IP address filtering on this interface. IP Address IP address of the interface MAC Address If MAC address filtering is not configured on the interface, the MAC Address field is empty.
Page 167: Dynamic Arp Inspection Commands
Managed Switch CLI Manual, Release 8.0 Example: The following shows example CLI display output for the command. (switch) #show ip source binding MAC Address IP Address Type Vlan Interface ----------------- --------------- ------------- ----- ------------- 00:00:00:00:00:08 1.2.3.4 dhcp-snooping 1/0/1 00:00:00:00:00:09 1.2.3.4 dhcp-snooping 1/0/1 00:00:00:00:00:0A...
Page 168: Ip Arp Inspection Validate
Managed Switch CLI Manual, Release 8.0 Format no ip arp inspection vlan vlan-list Mode Global Config ip arp inspection validate Use this command to enable additional validation checks like source-mac validation, destination- mac validation, and ip address validation on the received ARP packets. Each command overrides the configuration of the previous command.
Page 169: Ip Arp Inspection Trust
Managed Switch CLI Manual, Release 8.0 no ip arp inspection vlan logging Use this command to disable logging of invalid ARP packets on a list of comma-separated VLAN ranges. Format no ip arp inspection vlan vlan-list logging Mode Global Config ip arp inspection trust Use this command to configure an interface as trusted for Dynamic ARP Inspection.
Page 170: Ip Arp Inspection Filter
Managed Switch CLI Manual, Release 8.0 Default 15 pps for rate and 1 second for burst-interval Format ip arp inspection limit {rate pps [burst interval seconds] | none} Mode Interface Config no ip arp inspection limit Use this command to set the rate limit and burst interval values for an interface to the default values of 15 pps and 1 second, respectively.
Page 171: Arp Access-List
Managed Switch CLI Manual, Release 8.0 arp access-list Use this command to create an ARP ACL. Format arp access-list acl-name Mode Global Config no arp access-list Use this command to delete a configured ARP ACL. Format no arp access-list acl-name Mode Global Config permit ip host mac host...
Page 172: Show Ip Arp Inspection
Managed Switch CLI Manual, Release 8.0 show ip arp inspection Use this command to display the Dynamic ARP Inspection global configuration and configuration on all the VLANs. With the vlan-list argument (i.e. comma separated VLAN ranges), the command displays the global configuration and configuration on all the VLANs in the given VLAN list.
Page 173: Show Ip Arp Inspection Statistics
Managed Switch CLI Manual, Release 8.0 show ip arp inspection statistics Use this command to display the statitstics of the ARP packets processed by Dynamic ARP Inspection. Give the vlan-list argument and the command displays the statistics on all DAI-enabled VLANs in that list.
Page 174: Clear Ip Arp Inspection Statistics
Managed Switch CLI Manual, Release 8.0 clear ip arp inspection statistics Use this command to reset the statistics for Dynamic ARP Inspection on all VLANs. Default none Format clear ip arp inspection statistics Mode Privileged EXEC show ip arp inspection interfaces Use this command to display the Dynamic ARP Inspection configuration on all the DAI-enabled interfaces.
Page 175: Igmp Snooping Configuration Commands
Managed Switch CLI Manual, Release 8.0 Untrusted show arp access-list Use this command to display the configured ARP ACLs with the rules. Giving an ARP ACL name as the argument will display on ly the rules in that ARP ACL. Format show arp access-list [acl-name] Mode...
Page 176 Managed Switch CLI Manual, Release 8.0 If an interface has IGMP Snooping enabled and you enable this interface for routing or enlist it as a member of a port-channel (LAG), IGMP Snooping functionality is disabled on that interface. IGMP Snooping functionality is re-enabled if you disable routing or remove port-channel (LAG) membership from an interface that has IGMP Snooping enabled.
Page 177: Set Igmp Interfacemode
Managed Switch CLI Manual, Release 8.0 set igmp interfacemode This command enables IGMP Snooping on all interfaces. If an interface has IGMP Snooping enabled and you enable this interface for routing or enlist it as a member of a port-channel (LAG), IGMP Snooping functionality is disabled on that interface.
Page 178: Set Igmp Groupmembership-Interval
Managed Switch CLI Manual, Release 8.0 no set igmp fast-leave This command disables IGMP Snooping fast-leave admin mode on a selected interface. Format no set igmp fast-leave Mode Interface Config Format no set igmp fast-leave <vlan_id> Mode VLAN Config set igmp groupmembership-interval This command sets the IGMP Group Membership Interval time on a VLAN, one interface or all interfaces.
Page 179: Set Igmp Maxresponse
Managed Switch CLI Manual, Release 8.0 set igmp maxresponse This command sets the IGMP Maximum Response time for the system, or on a particular interface or VLAN. The Maximum Response time is the amount of time in seconds that a switch will wait after sending a query on an interface because it did not receive a report for a particular group in that interface.
Page 180: Set Igmp Mrouter
Managed Switch CLI Manual, Release 8.0 Format set igmp mcrtrexpiretime <0-3600> Mode • Global Config • Interface Config Format set igmp mcrtrexpiretime <vlan_id> <0-3600> Mode VLAN Config no set igmp mcrtrexpiretime This command sets the Multicast Router Present Expiration time to 0. The time is set for the system, on a particular interface or a VLAN.
Page 181: Set Igmp Mrouter Interface
Managed Switch CLI Manual, Release 8.0 set igmp mrouter interface This command configures the interface as a multicast router interface. When configured as a multicast router interface, the interface is treated as a multicast router interface in all VLANs. Default disabled Format set igmp mrouter interface...
Page 182: Show Igmpsnooping
Managed Switch CLI Manual, Release 8.0 show igmpsnooping This command displays IGMP Snooping information. Configured information is displayed whether or not IGMP Snooping is enabled. Format show igmpsnooping [<unit/slot/port> | <vlan_id>] Mode Privileged EXEC When the optional arguments <unit/slot/port> or <vlan_id> are not used, the command displays the following information: Term Definition...
Page 183: Show Igmpsnooping Mrouter Interface
Managed Switch CLI Manual, Release 8.0 When you specify a value for <vlan_id>, the following information appears: Term Definition VLAN ID The VLAN ID. IGMP Snooping Indicates whether IGMP Snooping is active on the VLAN. Admin Mode Fast Leave Indicates whether IGMP Snooping Fast-leave is active on the VLAN. Mode Group The amount of time in seconds that a switch will wait for a report from a particular group...
Page 184: Igmp Snooping Querier Commands
Managed Switch CLI Manual, Release 8.0 Format show igmpsnooping mrouter vlan <unit/slot/port> Mode Privileged EXEC Term Definition Interface The port on which multicast router information is being displayed. VLAN ID The list of VLANs of which the interface is a member. show mac-address-table igmpsnooping This command displays the IGMP Snooping entries in the MFDB table.
Page 185: Set Igmp Querier
Managed Switch CLI Manual, Release 8.0 This section describes commands used to configure and display information on IGMP Snooping Queriers on the network and, separately, on VLANs. set igmp querier Use this command to enable IGMP Snooping Querier on the system, using Global Config mode, or on a VLAN.
Page 186: Set Igmp Querier Query-Interval
Managed Switch CLI Manual, Release 8.0 set igmp querier query-interval Use this command to set the IGMP Querier Query Interval time. It is the amount of time in seconds that the switch waits before sending another general query. Default disabled Format set igmp querier query-interval <1-18000>...
Page 187: Set Igmp Querier Version
Managed Switch CLI Manual, Release 8.0 set igmp querier version Use this command to set the IGMP version of the query that the snooping switch is going to send periodically. Default Format set igmp querier version <1-2> Mode Global Config no set igmp querier version Use this command to set the IGMP Querier version to its default value.
Page 188: Show Igmpsnooping Querier
Managed Switch CLI Manual, Release 8.0 show igmpsnooping querier Use this command to display IGMP Snooping Querier information. Configured information is displayed whether or not IGMP Snooping Querier is enabled. Format show igmpsnooping querier [{detail | vlan <vlanid>}] Mode Privileged EXEC When the optional argument <vlanid>...
Page 189: Mld Snooping Commands
Managed Switch CLI Manual, Release 8.0 Field Description Last Querier Indicates the IP address of the most recent Querier from which a Query was received. Address Last Querier Indicates the IGMP version of the most recent Querier from which a Query was received Version on this VLAN.
Page 190: Set Mld Interfacemode
Managed Switch CLI Manual, Release 8.0 Default disabled Format set mld Mode Global Config Interface Config Default disabled Format set mld <vlanid> Mode VLAN Mode no set mld Use this command to disable MLD Snooping on the system. Format no set mld Mode Global Config Interface Config...
Page 191: Set Mld Fast-Leave
Managed Switch CLI Manual, Release 8.0 no set mld interfacemode Use this command to disable MLD Snooping on all interfaces. Format no set mld interfacemode Mode Global Config set mld fast-leave Use this command to enable MLD Snooping fast-leave admin mode on a selected interface or VLAN.
Page 192: Set Mld Groupmembership-Interval
Managed Switch CLI Manual, Release 8.0 no set mld fast-leave Use this command to disable MLD Snooping fast-leave admin mode on a selected interface. Format no set mld fast-leave <vlanid> Mode • VLAN Mode Format no set mld fast-leave <vlanid> Mode •...
Page 193: Set Mld Maxresponse
Managed Switch CLI Manual, Release 8.0 Format no set mld groupmembership-interval Mode • Interface Config • Global Config set mld maxresponse Use this command to set the MLD Maximum Response time for the system, on a particular interface or VLAN. The Maximum Response time is the amount of time in seconds that a switch will wait after sending a query on an interface because it did not receive a report for a particular group in that interface.
Page 194: Set Mld Mcrtexpiretime
Managed Switch CLI Manual, Release 8.0 set mld mcrtexpiretime Use this command to set the Multicast Router Present Expiration time. The time is set for the system, on a particular interface or VLAN. This is the amount of time in seconds that a switch waits for a query to be received on an interface before the interface is removed from the list of interfaces with multicast routers attached.
Page 195: Set Mld Mrouter Interface
Managed Switch CLI Manual, Release 8.0 no set mld mrouter Use this command to disable multicast router attached mode for a VLAN with a particular VLAN Format no set mld mrouter <vlanid> Mode Interface Config set mld mrouter interface Use this command to configure the interface as a multicast router-attached interface. When configured as a multicast router interface, the interface is treated as a multicast router-attached interface in all VLANs.
Page 196 Managed Switch CLI Manual, Release 8.0 When the optional arguments <unit/slot/port> or <vlanid> are not used, the command displays the following information. Term Definition Admin Mode Indicates whether or not MLD Snooping is active on the switch. Interfaces Interfaces on which MLD Snooping is enabled. Enabled for MLD Snooping MLD Control...
Page 197: Show Mldsnooping Mrouter
Managed Switch CLI Manual, Release 8.0 show mldsnooping mrouter Use this command to display information about statically configured multicast router attached interfaces. Format show mldsnooping mrouter <unit/slot/port> Mode Privileged EXEC Term Definition Interface Shows the interface on which multicast router information is being displayed. Multicast Indicates whether multicast router is statically enabled on the interface.
Page 198: Mld Snooping Querier Commands
Managed Switch CLI Manual, Release 8.0 Term Definition MAC Address A multicast MAC address for which the switch has forwarding or filtering information. The format is two-digit hexadecimal numbers that are separated by colons, for example 33:33:45:67:89:AB. In an IVL system, the MAC address is displayed as a MAC address and a VLAN ID combination of 8 bytes.
Page 199: Set Mld Querier Query_Interval
Managed Switch CLI Manual, Release 8.0 Format set mld querier <address ipv6_address> Mode • Global Config Default disabled Format set mld querier [<vlan-id>] [address ipv6_address] Mode • VLAN Mode no set mld querier Use this command to disable MLD Snooping Querier on the system. Use the optional parameter address to reset the querier address.
Page 200: Set Mld Querier Timer Expiry
Managed Switch CLI Manual, Release 8.0 set mld querier timer expiry Use this command to set the MLD Querier timer expiration period. It is the time period that the switch remains in Non-Querier mode once it has discovered that there is a Multicast Querier in the network.
Page 201: Show Mldsnooping Querier
Managed Switch CLI Manual, Release 8.0 Format no set mld querier election participate <vlanid> Mode VLAN Config show mldsnooping querier Use this command to display MLD Snooping Querier information. Configured information is displayed whether or not MLD Snooping Querier is enabled. Format show mldsnooping querier [{detail | vlan <vlanid>}] Mode...
Page 202: Port Security Commands
Managed Switch CLI Manual, Release 8.0 Field Description VLAN Indicates the time to wait before removing a Leave from a host upon receiving a Leave Operational request. This value is calculated dynamically from the Queries received from the Max Response network.
Page 203: Port-Security Max-Dynamic
Managed Switch CLI Manual, Release 8.0 port-security This command enables port locking at the system level (Global Config) or port level (Interface Config) Default disabled Format port-security Mode • Global Config • Interface Config no port-security This command disables port locking for one (Interface Config) or all (Global Config) ports. Format no port-security Mode...
Page 204: Port-Security Max-Static
Managed Switch CLI Manual, Release 8.0 port-security max-static This command sets the maximum number of statically locked MAC addresses allowed on a port. Default Format port-security max-static <maxvalue> Mode Interface Config no port-security max-static This command sets maximum number of statically locked MAC addresses to the default value. Format no port-security max-static Mode...
Page 205: Port-Security Mac-Address Move
Managed Switch CLI Manual, Release 8.0 port-security mac-address move This command converts dynamically locked MAC addresses to statically locked addresses. Format port-security mac-address move Mode Interface Config show port-security This command displays the port-security settings. If you do not use a parameter, the command displays the settings for the entire system.
Page 206: Lldp (802.1Ab) Commands
Managed Switch CLI Manual, Release 8.0 Term Definition MAC Address MAC Address of dynamically locked MAC. show port-security static This command displays the statically locked MAC addresses for port. Format show port-security static <unit/slot/port> Mode Privileged EXEC Term Definition MAC Address MAC Address of statically locked MAC.
Page 207 Managed Switch CLI Manual, Release 8.0 lldp transmit Use this command to enable the LLDP advertise capability. Default enabled Format lldp transmit Mode Interface Config no lldp transmit Use this command to return the local data transmission capability to the default. Format no lldp transmit Mode...
Page 208: Lldp Transmit-Tlv
Managed Switch CLI Manual, Release 8.0 multiplier on the transmit interval that sets the TTL in local data LLDPDUs. The multiplier range is 2-10. The <reinit-seconds> is the delay before re-initialization, and the range is 1-0 seconds. Default • interval—30 seconds •...
Page 209: Lldp Transmit-Mgmt
Managed Switch CLI Manual, Release 8.0 no lldp transmit-tlv Use this command to remove an optional TLV from the LLDPDUs. Use the command without parameters to remove all optional TLVs from the LLDPDU. Format no lldp transmit-tlv [sys-desc] [sys-name] [sys-cap] [port-desc] Mode Interface Config lldp transmit-mgmt...
Page 210: Lldp Notification-Interval
Managed Switch CLI Manual, Release 8.0 no lldp notification Use this command to disable notifications. Default disabled Format no lldp notification Mode Interface Config lldp notification-interval Use this command to configure how frequently the system sends remote data change notifications. The <interval>...
Page 211: Clear Lldp Remote-Data
Managed Switch CLI Manual, Release 8.0 clear lldp remote-data Use this command to delete all information from the LLDP remote data table, including MED- related information. Format clear lldp remote-data Mode Global Config show lldp Use this command to display a summary of the current LLDP configuration. Format show lldp Mode...
Page 212: Show Lldp Statistics
Managed Switch CLI Manual, Release 8.0 Term Definition Transmit Shows whether the interface transmits LLDPDUs. Receive Shows whether the interface receives LLDPDUs. Notify Shows whether the interface sends remote data change notifications. TLVs Shows whether the interface sends optional TLVs in the LLDPDUs. The TLV codes can be 0 (Port Description), 1 (System Name), 2 (System Description), or 3 (System Capability).
Page 213: Show Lldp Remote-Device
Managed Switch CLI Manual, Release 8.0 Term Definition Errors The number of invalid LLDP frames received on the port. Ageouts Total number of times a complete remote data entry was deleted for the port because the Time to Live interval expired. TLV Discards The number of TLVs discarded.
Page 214 Managed Switch CLI Manual, Release 8.0 (switch) #show lldp remote-device all LLDP Remote Device Summary Local Interface RemID Chassis ID Port ID System Name ------- ------- -------------------- ------------------ ------------------ 00:FC:E3:90:01:0F 00:FC:E3:90:01:11 00:FC:E3:90:01:0F 00:FC:E3:90:01:12 00:FC:E3:90:01:0F 00:FC:E3:90:01:13 00:FC:E3:90:01:0F 00:FC:E3:90:01:14 00:FC:E3:90:01:0F 00:FC:E3:90:03:11 00:FC:E3:90:01:0F 00:FC:E3:90:04:11 0/10 0/11...
Page 215 Managed Switch CLI Manual, Release 8.0 Term Definition Port ID The port number that transmitted the LLDPDU. System Name The system name of the remote device. System Describes the remote system by identifying the system name and versions of hardware, Description operating system, and networking software supported in the device.
Page 216: Show Lldp Local-Device
Managed Switch CLI Manual, Release 8.0 show lldp local-device Use this command to display summary information about the advertised LLDP local data. This command can display summary information or detail for each interface. Format show lldp local-device {<unit/slot/port> | all} Mode Privileged EXEC Term...
Page 217: Lldp-Med Commands
Managed Switch CLI Manual, Release 8.0 Term Definition System Shows which of the supported system capabilities are enabled. Capabilities Enabled Management The type of address and the specific address the local LLDP agent uses to send and Address receive information. LLDP-MED Commands Link Layer Discovery Protocol - Media Endpoint Discovery (LLDP-MED) (ANSI-TIA-1057) provides an extension to the LLDP standard.
Page 218: Lldp Med Confignotification
Managed Switch CLI Manual, Release 8.0 lldp med confignotification Use this command to configure all the ports to send the topology change notification. Default enabled Format lldp med confignotification Mode Interface Config no ldp med confignotification Use this command to disable notifications. Format no lldp med confignotification Mode...
Page 219: Lldp Med All
Managed Switch CLI Manual, Release 8.0 no lldp med transmit-tlv Use this command to remove a TLV. Format no lldp med transmit-tlv [capabilities] [network-policy] [ex-pse] [ex-pd] [location] [inventory] Mode Interface Config lldp med all Use this command to configure LLDP-MED on all the ports Format lldp med all Mode...
Page 220: Lldp Med Faststartrepeatcount
Managed Switch CLI Manual, Release 8.0 lldp med faststartrepeatcount Use this command to set the value of the fast start repeat count. [count] is the number of LLDP PDUs that will be transmitted when the product is enabled. The range is 1 to 10. Default Format lldp med faststartrepeatcount [count]...
Page 221: Show Lldp Med
Managed Switch CLI Manual, Release 8.0 no lldp med transmit-tlv Use this command to remove a TLV. Format no lldp med transmit-tlv all [capabilities] [network-policy] [ex-pse] [ex-pd] [location] [inventory] Mode Global Config show lldp med Use this command to display a summary of the current LLDP MED configuration. Format show lldp med Mode...
Page 222: Show Lldp Med Interface
Managed Switch CLI Manual, Release 8.0 show lldp med interface Use this command to display a summary of the current LLDP MED configuration for a specific interface. <unit/slot/port> indicates a specific physical interface. all indicates all valid LLDP interfaces. Format show lldp med interface {<unit/slot/port>...
Page 223: Show Lldp Med Local-Device Detail
Managed Switch CLI Manual, Release 8.0 TLV Codes: 0- Capabilities, 1- Network Policy 2- Location, 3- Extended PSE 4- Extended Pd, 5- Inventory --More-- or (q)uit (Switch) #show lldp med interface 1/0/2 Interface Link configMED operMED ConfigNotify TLVsTx --------- ------ --------- -------- ------------ ----------- 1/0/2...
Page 224 Managed Switch CLI Manual, Release 8.0 Example: The following shows example CLI display output for the command. (Switch) #show lldp med local-device detail 1/0/8 LLDP MED Local Device Detail Interface: 1/0/8 Network Policies Media Policy Application Type : voice Vlan ID: 10 Priority: 5 DSCP: 1 Unknown: False...
Page 225: Show Lldp Med Remote-Device
Managed Switch CLI Manual, Release 8.0 Source: local Priority: low show lldp med remote-device This command displays summary information about remote devices that transmit current LLDP MED data to the system. You can show information about LLDP remote data received on all ports or on a specific port.
Page 226: Show Lldp Med Remote-Device Detail
Managed Switch CLI Manual, Release 8.0 show lldp med remote-device detail Use this command to display detailed information about remote devices that transmit current LLDP MED data to an interface on the system. Format show lldp med remote-device detail <unit/slot/port> Mode Privileged EXEC Term...
Page 227 Managed Switch CLI Manual, Release 8.0 Term Definition Sub Type Shows the type of location information. Location Shows the location information as a string for a given type of location id Information Device Type Shows the remote device’s PoE device type connected to this port. Available Shows the romote port’s PSE power value in tenths of a watt.
Page 228: Denial Of Service Commands
Managed Switch CLI Manual, Release 8.0 Software Rev: xxx xxx xxx Serial Num: xxx xxx xxx Mfg Name: xxx xxx xxx Model Name: xxx xxx xxx Asset ID: xxx xxx xxx Location Subtype: elin Info: xxx xxx xxx Extended POE Device Type: pseDevice Extended POE PSE Available: 0.3 Watts...
Page 229: Dos-Control All
Managed Switch CLI Manual, Release 8.0 dos-control all This command enables Denial of Service protection checks globally. Default disabled Format dos-control all Mode Global Config no dos-control all This command disables Denial of Service prevention checks globally. Format no dos-control all Mode Global Config dos-control sipdip...
Page 230: Dos-Control Firstfrag
Managed Switch CLI Manual, Release 8.0 dos-control firstfrag This command enables Minimum TCP Header Size Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress having a TCP Header Size smaller then the configured value, the packets will be dropped if the mode is enabled.The default is disabled.
Page 231: Dos-Control Tcpflag
Managed Switch CLI Manual, Release 8.0 dos-control tcpflag This command enables TCP Flag Denial of Service protections. If the mode is enabled, Denial of Service prevention is active for this type of attacks. If packets ingress having TCP Flag SYN set and a source port less than 1024 or having TCP Control Flags set to 0 and TCP Sequence Number set to 0 or having TCP Flags FIN, URG, and PSH set and TCP Sequence Number set to 0 or having TCP Flags SYN and FIN both set, the packets will be dropped if the mode is enabled.
Page 232: Dos-Control Icmp
Managed Switch CLI Manual, Release 8.0 no dos-control l4port This command disables L4 Port Denial of Service protections. Format no dos-control l4port Mode Global Config dos-control icmp This command enables Maximum ICMP Packet Size Denial of Service protections. If the mode is enabled, Denial of Service prevention is active for this type of attack.
Page 233 Managed Switch CLI Manual, Release 8.0 no dos-control smacdmac This command disables Source MAC address = Destination MAC address (SMAC=DMAC) Denial of Service protection. This command is only available on FSM72xxRS switches. Format no dos-control smacdmac Mode Global Config dos-control tcpport This command enables TCP L4 source = destination port number (Source TCP Port =Destination TCP Port) Denial of Service protection.
Page 234: Dos-Control Tcpflagseq
Managed Switch CLI Manual, Release 8.0 Default disabled Format dos-control udppport Mode Global Config no dos-control udpport This command disables UDP L4 source = destination port number (Source UDP Port =Destination UDP Port) Denial of Service protection. This command is only available on FSM72xxRS switches.
Page 235: Dos-Control Tcpoffset
Managed Switch CLI Manual, Release 8.0 dos-control tcpoffset This command enables TCP Offset Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress having TCP Header Offset equal to one (1), the packets will be dropped if the mode is enabled.
Page 236: Dos-Control Tcpsynfin
Managed Switch CLI Manual, Release 8.0 Format no dos-control tcpsyn Mode Global Config dos-control tcpsynfin This command enables TCP SYN and FIN Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress having TCP flags SYN and FIN set, the packets will be dropped if the mode is enabled.
Page 237: Dos-Control Icmpv
Managed Switch CLI Manual, Release 8.0 Format dos-control tcpfinurgpsh Mode Global Config no dos-control tcpfinurgpsh This command sets disables TCP FIN and URG and PSH and SEQ=0 checking Denial of Service protections. This command is only available on FSM72xxRS switches. dos-control icmpv4 Format no dos-control tcpfinurgpsh...
Page 238 Managed Switch CLI Manual, Release 8.0 dos-control icmpv6 This command enables Maximum ICMPv6 Packet Size Denial of Service protections. If the mode is enabled, Denial of Service prevention is active for this type of attack. If ICMPv6 Echo Request (PING) packets ingress having a size greater than the configured value, the packets will be dropped if the mode is enabled.
Page 239: Show Dos-Control
Managed Switch CLI Manual, Release 8.0 Format no dos-control icmpfrag Mode Global Config show dos-control This command displays Denial of Service configuration information. Format show dos-control Mode Privileged EXEC Note: Not all messages below are available in all 7000series managed switches. Term Definition First Fragment...
Page 240: Mac Database Commands
Managed Switch CLI Manual, Release 8.0 Term Definition TCP FIN&URG& May be enabled or disabled. The factory default is disabled. PSH Mode TCP Flag & May be enabled or disabled. The factory default is disabled. Sequence Mode TCP SYN Mode May be enabled or disabled.
Page 241: Show Forwardingdb Agetime
Managed Switch CLI Manual, Release 8.0 show forwardingdb agetime This command displays the timeout for address aging. Default Format show forwardingdb agetime Mode Privileged EXEC Term Definition Address Aging • This parameter displays the address aging timeout for the associated forwarding Timeout database.
Page 242: Isdp Commands
Managed Switch CLI Manual, Release 8.0 show mac-address-table stats This command displays the Multicast Forwarding Database (MFDB) statistics. Format show mac-address-table stats Mode Privileged EXEC Term Definition Max MFDB The total number of entries that can possibly be in the Multicast Forwarding Database Table Entries table.
Page 243: Isdp Holdtime
Managed Switch CLI Manual, Release 8.0 isdp holdtime This command configures the hold time for ISDP packets that the switch transmits. The hold time specifies how long a receiving device should store information sent in the ISDP packet before discarding it. The range is given in seconds. Default 180 seconds Format...
Page 244: Isdp Enable
Managed Switch CLI Manual, Release 8.0 isdp enable This command enables ISDP on the interface. Default Enabled Format isdp enable Mode Interface Config no isdp enable This command disables ISDP on the interface. Format no isdp enable Mode Interface Config clear isdp counters This command clears ISDP counters.
Page 245: Show Isdp Interface
Managed Switch CLI Manual, Release 8.0 Term Definition Timer The frequency with which this device sends ISDP packets. This value is given in seconds. Hold Time The length of time the receiving device should save information sent by this device. This value is given in seconds.
Page 246: Show Isdp Entry
Managed Switch CLI Manual, Release 8.0 show isdp entry This command displays ISDP entries. If the device id is specified, then only entries for that device are shown. Format show isdp entry {all | deviceid} Mode Privileged EXEC Term Definition Device ID The device ID associated with the neighbor which advertised the information.
Page 247: Show Isdp Traffic
Managed Switch CLI Manual, Release 8.0 Term Definition Port ID The port ID of the interface from which the neighbor sent the advertisement. Hold Time The hold time advertised by the neighbor. Advertisement The version of the advertisement packet received from the neighbor. Version Entry Last Displays when the entry was last modified.
Page 248: Debug Isdp Packet
Managed Switch CLI Manual, Release 8.0 Term Definition ISDPv2 Packets Total number of ISDPv2 packets transmitted Transmitted ISDP Bad Header Number of packets received with a bad header ISDP Checksum Error Number of packets received with a checksum error ISDP Transmission Failure Number of packets which failed to transmit ISDP Invalid Format Number of invalid packets received...
Page 249: Routing Commands
Chapter 4 Routing Commands This chapter describes the routing commands available in the 7000 series CLI. The Routing Commands chapter contains the following sections: • “Address Resolution Protocol (ARP) Commands” on page 4-1 • “IP Routing Commands” on page 4-8 •...
Page 250: Ip Proxy-Arp
Managed Switch CLI Manual, Release 8.0 This command creates an ARP entry. The value for <ipaddress> is the IP address of a device on a subnet attached to an existing routing interface. <macaddr> is a unicast MAC address for that device. The format of the MAC address is 6 two-digit hexadecimal numbers that are separated by colons, for example 00:06:29:32:81:40.
Page 251: Arp Cachesize
Managed Switch CLI Manual, Release 8.0 no ip proxy-arp This command disables proxy ARP on a router interface. Format no ip proxy-arp Mode Interface Config arp cachesize This command configures the ARP cache size. The ARP cache size value is a platform specific integer value.
Page 252: Arp Purge
Managed Switch CLI Manual, Release 8.0 arp purge This command causes the specified IP address to be removed from the ARP cache. Only entries of type dynamic or gateway are affected by this command. Format arp purge <ipaddr> Mode Privileged EXEC arp resptime This command configures the ARP request response timeout.
Page 253: Arp Timeout
Managed Switch CLI Manual, Release 8.0 no arp retries This command configures the default ARP count of maximum request for retries. Format no arp retries Mode Global Config arp timeout This command configures the ARP entry ageout time. The value for <seconds> is a valid positive integer, which represents the IP ARP entry ageout time in seconds.
Page 254: Clear Arp-Switch
Managed Switch CLI Manual, Release 8.0 clear arp-switch Use this command to clear the contents of the switch’s Address Resolution Protocol (ARP) table that contains entries learned through the Management port. To observe whether this command is successful, ping from the remote system to the DUT. Issue the show arp switch command to see the ARP entries.
Page 255: Show Arp Brief
Managed Switch CLI Manual, Release 8.0 Term Definition MAC Address The hardware MAC address of that device. Interface The routing unit/slot/port associated with the device ARP entry. Type The type that is configurable. The possible values are Local, Gateway, Dynamic and Static.
Page 256: Ip Routing Commands
Managed Switch CLI Manual, Release 8.0 Term Definition IP Address The IP address of a device on a subnet attached to the switch. MAC Address The hardware MAC address of that device. Interface The routing unit/slot/port associated with the device’s ARP entry. IP Routing Commands This section describes the commands you use to enable and configure IP routing on the switch.
Page 257: Ip Address
Managed Switch CLI Manual, Release 8.0 no ip routing This command disables the IP Router Admin Mode for the master switch. Format no ip routing Mode Global Config ip address This command configures an IP address on an interface. You can also use this command to configure one or more secondary IP addresses on the interface.The value for <ipaddr>...
Page 258: Ip Route Default
Managed Switch CLI Manual, Release 8.0 entered into the forwarding database. By specifying the preference of a static route, you control whether a static route is more or less preferred than routes from dynamic routing protocols. The preference also controls whether a static route is more or less preferred than other static routes to the same destination.
Page 259: Ip Route Distance
Managed Switch CLI Manual, Release 8.0 no ip route default This command deletes all configured default routes. If the optional <nexthopip> parameter is designated, the specific next hop is deleted from the configured default route and if the optional preference value is designated, the preference of the configured default route is reset to its default. Format no ip route default [{<nexthopip>...
Page 260: Ip Mtu
Managed Switch CLI Manual, Release 8.0 Format ip netdirbcast Mode Interface Config no ip netdirbcast This command disables the forwarding of network-directed broadcasts. When disabled, network directed broadcasts are dropped. Format no ip netdirbcast Mode Interface Config ip mtu This command sets the IP Maximum Transmission Unit (MTU) on a routing interface. The IP MTU is the size of the largest IP packet that can be transmitted on the interface without fragmentation.
Page 261: Clear Ip Route All
Managed Switch CLI Manual, Release 8.0 no ip mtu This command resets the ip mtu to the default value. Format no ip mtu <mtu> Mode Interface Config encapsulation This command configures the link layer encapsulation type for the packet. The encapsulation type can be ethernet or snap.
Page 262: Show Ip Interface
Managed Switch CLI Manual, Release 8.0 Format show ip brief Modes • Privileged EXEC • User EXEC Term Definition Default Time to Live The computed TTL (Time to Live) of forwarding a packet from the local router to the final destination. Routing Mode Shows whether the routing mode is enabled or disabled.
Page 263 Managed Switch CLI Manual, Release 8.0 Term Definition Routing Determine the operational status of IPv4 routing Interface. The possible values are Up or Interface Status Down. Primary IP The primary IP address and subnet masks for the interface. This value appears only if you Address configure it.
Page 264: Show Ip Interface Brief
Managed Switch CLI Manual, Release 8.0 Routing Mode........Disable Administrative Mode......Enable Forward Net Directed Broadcasts....Disable Proxy ARP........Enable Local Proxy ARP........ Disable Active State........Inactive Link Speed Data Rate......Inactive MAC Address........00:10:18:82:0C:68 Encapsulation Type......Ethernet IP MTU......... 1500 Bandwidth........
Page 265 Managed Switch CLI Manual, Release 8.0 prefixes keyword, the <ip-address> and <mask> pair becomes the prefix, and the command displays the routes to the addresses that match that prefix. Use the <protocol> parameter to specify the protocol that installed the routes. The value for <protocol> can be connected, ospf, rip, or static.
Page 266: Show Ip Route Summary
Managed Switch CLI Manual, Release 8.0 To administratively control the traffic destined to a particular network and prevent it from being forwarded through the router, you can configure a static reject route on the router. Such traffic would be discarded and the ICMP destination unreachable message is sent back to the source. This is typically used for preventing routing loops.
Page 267: Show Ip Route Preferences
Managed Switch CLI Manual, Release 8.0 Term Definition Reject Routes Total number of reject routes installed by all protocols. Total Routes Total number of routes in the routing table. The following shows example CLI display output for the command. (Switch) #show ip route summary Connected Routes......1 Static Routes.........7 RIP Routes........0...
Page 268: Router Discovery Protocol Commands
Managed Switch CLI Manual, Release 8.0 show ip stats This command displays IP statistical information. Refer to RFC 1213 for more information about the fields that are displayed. Format show ip stats Modes • Privileged EXEC • User EXEC Router Discovery Protocol Commands This section describes the commands you use to view and configure Router Discovery Protocol settings on the switch.
Page 269: Ip Irdp Address
Managed Switch CLI Manual, Release 8.0 ip irdp address This command configures the address that the interface uses to send the router discovery advertisements. The valid values for <ipaddr> are 224.0.0.1, which is the all-hosts IP multicast address, and 255.255.255.255, which is the limited broadcast address. Default 224.0.0.1 Format...
Page 270: Ip Irdp Maxadvertinterval
Managed Switch CLI Manual, Release 8.0 ip irdp maxadvertinterval This command configures the maximum time, in seconds, allowed between sending router advertisements from the interface. The range for maxadvertinterval is 4 to 1800 seconds. Default Format ip irdp maxadvertinterval <4-1800> Mode Interface Config no ip irdp maxadvertinterval...
Page 271: Ip Irdp Preference
Managed Switch CLI Manual, Release 8.0 ip irdp preference This command configures the preferability of the address as a default router address, relative to other router addresses on the same subnet. Default Format ip irdp preference <-2147483648 to 2147483647> Mode Interface Config no ip irdp preference This command configures the default preferability of the address as a default router address,...
Page 272: Virtual Lan Routing Commands
Managed Switch CLI Manual, Release 8.0 Term Definition Preference The preference of the address as a default router address, relative to other router addresses on the same subnet. Virtual LAN Routing Commands This section describes the commands you use to view and configure VLAN routing and to view VLAN routing status information.
Page 273: Virtual Router Redundancy Protocol Commands
Managed Switch CLI Manual, Release 8.0 Term Definition VLAN ID The identifier of the VLAN. Logical Interface The logical unit/slot/port associated with the VLAN routing interface. IP Address The IP address associated with this VLAN. Subnet Mask The subnet mask that is associated with this VLAN. Virtual Router Redundancy Protocol Commands This section describes the commands you use to view and configure Virtual Router Redundancy Protocol (VRRP) and to view VRRP status information.
Page 274: Ip Vrrp (Interface Config)
Managed Switch CLI Manual, Release 8.0 ip vrrp (Interface Config) Use this command in Interface Config mode to create a virtual router associated with the interface. The parameter <vrid> is the virtual router ID, which has an integer value range from 1 to 255. Format ip vrrp <vrid>...
Page 275: Ip Vrrp Ip
Managed Switch CLI Manual, Release 8.0 ip vrrp ip This command sets the virtual router IP address value for an interface. The value for <ipaddr> is the IP address which is to be configured on that interface for VRRP. The parameter <vrid> is the virtual router ID which has an integer value range from 1 to 255.
Page 276: Ip Vrrp Preempt
Managed Switch CLI Manual, Release 8.0 ip vrrp preempt This command sets the preemption mode value for the virtual router configured on a specified interface. The parameter <vrid> is the virtual router ID, which is an integer from 1 to 255. Default enabled Format...
Page 277: Ip Vrrp Timers Advertise
Managed Switch CLI Manual, Release 8.0 no ip vrrp priority This command sets the default priority value for the virtual router configured on a specified interface. Format no ip vrrp <vrid> priority Mode Interface Config ip vrrp timers advertise This command sets the frequency, in seconds, that an interface on the specified virtual router sends a virtual router advertisement.
Page 278: Ip Vrrp Track Ip Route
Managed Switch CLI Manual, Release 8.0 The default priority of the virtual router is 100, and the default decrement priority is 10. By default, no interfaces are tracked. If you specify just the interface to be tracked, without giving the optional priority, then the default priority will be set.
Page 279: Show Ip Vrrp Interface Stats
Managed Switch CLI Manual, Release 8.0 no ip vrrp track ip route Use this command to remove the route from the tracked list or to restore the priority decrement to its default. When removing a tracked IP route from the tracked list, the priority should be incremented by the decrement value if the route is not reachable.
Page 280: Show Ip Vrrp
Managed Switch CLI Manual, Release 8.0 Term Definition Invalid Type The total number of VRRP packets received by the virtual router with invalid 'type' field. Packets Received Address List The total number of VRRP packets received for which address list does not match the Errors locally configured list for the virtual router.
Page 281: Show Ip Vrrp Interface
Managed Switch CLI Manual, Release 8.0 show ip vrrp interface This command displays all configuration information and VRRP router statistics of a virtual router configured on a specific interface. Use the output of the command to verify the track interface and track IP route configurations.
Page 282: Dhcp And Bootp Relay Commands
Managed Switch CLI Manual, Release 8.0 <1/0/1> down TrackRoute (pfx/len) State DecrementPriority ------------------------ ------ ------------------ 10.10.10.1/255.255.255.0 down show ip vrrp interface brief This command displays information about each virtual router configured on the switch. This command takes no options. It displays information about each virtual router. Format show ip vrrp interface brief Modes...
Page 283: Bootpdhcprelay Maxhopcount
Managed Switch CLI Manual, Release 8.0 no bootpdhcprelay cidoptmode This command disables the circuit ID option mode for BootP/DHCP Relay on the system. Format no bootpdhcprelay cidoptmode Mode Global Config bootpdhcprelay maxhopcount This command configures the maximum allowable relay agent hops for BootP/DHCP Relay on the system.
Page 284: Show Bootpdhcprelay
Managed Switch CLI Manual, Release 8.0 no bootpdhcprelay minwaittime This command configures the default minimum wait time in seconds for BootP/DHCP Relay on the system. Format no bootpdhcprelay minwaittime Mode Global Config show bootpdhcprelay This command displays the BootP/DHCP Relay information. Format show bootpdhcprelay Modes...
Page 285: Ip Helper Commands
Managed Switch CLI Manual, Release 8.0 IP Helper Commands This section describes the commands to configure a DHCP relay agent with multiple DHCP server addresses per routing interface, and to use different server addresses for client packets arriving on different interfaces on the relay agent. ip helper-address (Global Config) Use the Global Configuration ip helper-address command to have the switch forward User Datagram Protocol (UDP) broadcasts received on an interface.
Page 286: Ip Helper-Address
Managed Switch CLI Manual, Release 8.0 Format no ip helper-address {<ip-address>} {<1-65535>|dhcp|domain|isakmp|mobile-ip|nameserver| netbios-dgm|netbios-ns|ntp|pim-auto-rip|rip|tacacs|tftp|time} Mode GlobalConfig ip helper-address Use this command to add a unicast helper address to the list of helper addresses on an interface. This is the address of a DHCP server. This command can be applied multiple times on the routing interface to form the helper addresses list until the list reaches the maximum supported helper addresses.
Page 287: Open Shortest Path First (Ospf) Commands
Managed Switch CLI Manual, Release 8.0 no ip helper-address discard Use this command to permit the matching packets. Format no ip helper-address discard {<1-65535>|dhcp|domain|isakmp|mobile-ip|nameserver| netbios-dgm|netbios-ns|ntp|pim-auto-rip|rip|tacacs|tftp|time} Mode Interface Config show ip helper-address Use this command to display the configured helper addresses on the given interface. Format show ip helper-address <interface>...
Page 288: Enable (Ospf)
Managed Switch CLI Manual, Release 8.0 enable (OSPF) This command resets the default administrative mode of OSPF in the router (active). Default enabled Format enable Mode Router OSPF Config no enable (OSPF) This command sets the administrative mode of OSPF in the router to inactive. Format no enable Mode...
Page 289: Ip Ospf Area
Managed Switch CLI Manual, Release 8.0 ip ospf area Use this command to enable OSPFv2 and set the area ID of an interface. The <area-id> is an IP address formatted as a 4-digit dotted-decimal number or a decimal value in the range of <0- 4294967295>.
Page 290: Area Default-Cost (Ospf)
Managed Switch CLI Manual, Release 8.0 area default-cost (OSPF) This command configures the default cost for the stub area. You must specify the area ID and an integer value between 1-16777215. Format area <areaid> default-cost <1-16777215> Mode Router OSPF Config area nssa (OSPF) This command configures the specified areaid to function as an NSSA.
Page 291: Area Nssa No-Redistribute (Ospf)
Managed Switch CLI Manual, Release 8.0 no area nssa default-info-originate (OSPF) This command disables the default route advertised into the NSSA. Format no area <areaid> nssa default-info-originate [<metric>] [{comparable | non-comparable}] Mode Router OSPF Config area nssa no-redistribute (OSPF) This command configures the NSSA Area Border router (ABR) so that learned external routes will not be redistributed to the NSSA.
Page 292: Area Nssa Translator-Role (Ospf)
Managed Switch CLI Manual, Release 8.0 area nssa translator-role (OSPF) This command configures the translator role of the NSSA. A value of always causes the router to assume the role of the translator the instant it becomes a border router and a value of candidate causes the router to participate in the translator election process when it attains border router status.
Page 293: Area Range (Ospf)
Managed Switch CLI Manual, Release 8.0 area range (OSPF) This command creates a specified area range for a specified NSSA. The <ipaddr> is a valid IP address. The <subnetmask> is a valid subnet mask. The LSDB type must be specified by either summarylink or nssaexternallink, and the advertising of the area range can be allowed or suppressed.
Page 294: Area Stub No-Summary (Ospf)
Managed Switch CLI Manual, Release 8.0 area stub no-summary (OSPF) This command configures the Summary LSA mode for the stub area identified by <areaid>. Use this command to prevent LSA Summaries from being sent. Default disabled Format area <areaid> stub no-summary Mode Router OSPF Config no area stub no-summary...
Page 295: Area Virtual-Link Authentication
Managed Switch CLI Manual, Release 8.0 area virtual-link authentication This command configures the authentication type and key for the OSPF virtual interface identified by <areaid> and <neighbor>. The <neighbor> parameter is the Router ID of the neighbor. The value for <type> is either none, simple, or encrypt. The [key] is composed of standard displayable, non-control keystrokes from a Standard 101/102-key keyboard.
Page 296 Managed Switch CLI Manual, Release 8.0 no area virtual-link dead-interval This command configures the default dead interval for the OSPF virtual interface on the virtual interface identified by <areaid> and <neighbor>. The <neighbor> parameter is the Router ID of the neighbor. Format no area <areaid>...
Page 297 Managed Switch CLI Manual, Release 8.0 no area virtual-link retransmit-interval This command configures the default retransmit interval for the OSPF virtual interface on the virtual interface identified by <areaid> and <neighbor>. The <neighbor> parameter is the Router ID of the neighbor. Format no area <areaid>...
Page 298 Managed Switch CLI Manual, Release 8.0 Use the auto-cost command to change the reference bandwidth, specifying the reference bandwidth in megabits per second (Mbps). The reference bandwidth range is 1-4294967 Mbps. The different reference bandwidth can be independently configured for OSPFv2 and OSPFv3. Default 100Mbps Format...
Page 299: Capability Opaque
Managed Switch CLI Manual, Release 8.0 capability opaque Use this command to enable Opaque Capability on the Router. The information contained in Opaque LSAs may be used directly by OSPF or indirectly by an application wishing to distribute information throughout the OSPF domain. The 7000 series supports the storing and flooding of Opaque LSAs of different scopes.
Page 300: Clear Ip Ospf Neighbor
Managed Switch CLI Manual, Release 8.0 Format clear ip ospf counters Mode Privileged EXEC clear ip ospf neighbor Use this command to drop the adjacency with all OSPF neighbors. On each neighbor’s interface, send a one-way hello. Adjacencies may then be re-established. To drop all adjacencies with a specific router ID, specify the neighbor’s Router ID using the optional parameter [neighbor-id].
Page 301: Default-Information Originate (Ospf)
Managed Switch CLI Manual, Release 8.0 default-information originate (OSPF) This command is used to control the advertisement of default routes. Default • metric—unspecified • type—2 Format default-information originate [always] [metric <0-16777214>] [metric- type {1 | 2}] Mode Router OSPF Config no default-information originate (OSPF) This command is used to control the advertisement of default routes.
Page 302: Distance Ospf (Ospf)
Managed Switch CLI Manual, Release 8.0 distance ospf (OSPF) This command sets the route preference value of OSPF in the router. Lower route preference values are preferred when determining the best route. The type of OSPF route can be intra, inter, or external.
Page 303: Exit-Overflow-Interval (Ospf)
Managed Switch CLI Manual, Release 8.0 exit-overflow-interval (OSPF) This command configures the exit overflow interval for OSPF. It describes the number of seconds after entering overflow state that a router will wait before attempting to leave the overflow state. This allows the router to again originate non-default AS-external-LSAs. When set to 0, the router will not leave overflow state until restarted.
Page 304: Ip Ospf Authentication
Managed Switch CLI Manual, Release 8.0 ip ospf authentication This command sets the OSPF Authentication Type and Key for the specified interface. The value of <type> is either none, simple or encrypt. The <key> is composed of standard displayable, non-control keystrokes from a Standard 101/102-key keyboard. The authentication key must be 8 bytes or less if the authentication type is simple.
Page 305: Ip Ospf Dead-Interval
Managed Switch CLI Manual, Release 8.0 ip ospf dead-interval This command sets the OSPF dead interval for the specified interface. The value for <seconds> is a valid positive integer, which represents the length of time in seconds that a router's Hello packets have not been seen before its neighbor routers declare that the router is down.
Page 306: Ip Ospf Network
Managed Switch CLI Manual, Release 8.0 ip ospf network Use this command to configure OSPF to treat an interface as a point-to-point rather than broadcast interface. The broadcast option sets the OSPF network type to broadcast. The point-to- point option sets the OSPF network type to point-to-point. OSPF treats interfaces as broadcast interfaces by default.
Page 307: Ip Ospf Retransmit-Interval
Managed Switch CLI Manual, Release 8.0 no ip ospf priority This command sets the default OSPF priority for the specified router interface. Format no ip ospf priority Mode Interface Config ip ospf retransmit-interval This command sets the OSPF retransmit Interval for the specified interface. The retransmit interval is specified in seconds.
Page 308: Ip Ospf Mtu-Ignore
Managed Switch CLI Manual, Release 8.0 no ip ospf transmit-delay This command sets the default OSPF Transit Delay for the specified interface. Format no ip ospf transmit-delay Mode Interface Config ip ospf mtu-ignore This command disables OSPF maximum transmission unit (MTU) mismatch detection. OSPF Database Description packets specify the size of the largest IP packet that can be sent without fragmentation on the interface.
Page 309: Redistribute (Ospf)
Managed Switch CLI Manual, Release 8.0 redistribute (OSPF) This command configures OSPF protocol to allow redistribution of routes from the specified source protocol/routers. Default • metric—unspecified • type—2 • tag—0 Format redistribute {rip | static | connected} [metric <0-16777214>] [metric- type {1 | 2}] [tag <0-4294967295>] [subnets] Mode Router OSPF Config...
Page 310: Passive-Interface Default (Ospf)
Managed Switch CLI Manual, Release 8.0 passive-interface default (OSPF) Use this command to enable global passive mode by default for all interfaces. It overrides any interface level passive mode. OSPF will not form adjacencies over a passive interface. Default disabled Format passive-interface default Mode...
Page 311: Timers Spf
Managed Switch CLI Manual, Release 8.0 timers spf Use this command to configure the SPF delay time and hold time. The valid range for both parameters is 0-65535 seconds. Default • delay-time—5 • hold-time—10 Format timers spf <delay-time> <hold-time> Mode Router OSPF Config trapflags (OSPF) Use this command to enable individual OSPF traps, enable a group of trap flags at a time, or...
Page 312 Managed Switch CLI Manual, Release 8.0 • To enable all the flags, give the command as trapflags all. Default disabled Format trapflags { all | errors {all | authentication-failure | bad-packet | config-error | virt- authentication-failure | virt-bad-packet | virt-config-error} | if-rx {all | if-rx-packet} | lsa {all | lsa-maxage | lsa-originate} | overflow {all | lsdb-overflow | lsdb-approaching-overflow} |...
Page 313: Show Ip Ospf
Managed Switch CLI Manual, Release 8.0 Format no trapflags { all | errors {all | authentication-failure | bad-packet | config-error | virt- authentication-failure | virt-bad-packet | virt-config-error} | if-rx {all | if-rx-packet} | lsa {all | lsa-maxage | lsa-originate} | overflow {all | lsdb-overflow | lsdb-approaching-overflow} | retransmit {all | packets | virt-packets} | rtb {all, rtb-entry-info} |...
Page 314 Managed Switch CLI Manual, Release 8.0 Term Definition External LSDB The maximum number of non-default AS-external-LSA (link state advertisement) entries Limit that can be stored in the link-state database. Exit Overflow The number of seconds that, after entering overflow state, a router will attempt to leave Interval overflow state.
Page 315 Managed Switch CLI Manual, Release 8.0 Term Definition Maximum The maximum number of LSAs that OSPF can store. Number of LSAs LSA High Water The maximum size of the link state database since the system started. Mark Retransmit List The total number of LSAs waiting to be acknowledged by all neighbors. An LSA may be Entries pending acknowledgment from more than one neighbor.
Page 316 Managed Switch CLI Manual, Release 8.0 (Switch) #show ip ospf Router ID........2.2.2.2 OSPF Admin Mode.......Disable RFC 1583 Compatibility......Enable External LSDB Limit......No Limit Exit Overflow Interval......0 Spf Delay Time........5 Spf Hold Time.........10 Opaque Capability......Disable AutoCost Ref BW.......100 Mbps Default Passive Setting.......Disabled Maximum Paths.........4 Default Metric........Not configured Default Route Advertise.......Disabled...
Page 317: Show Ip Ospf Abr
Managed Switch CLI Manual, Release 8.0 show ip ospf abr This command displays the internal OSPF routing table entries to Area Border Routers (ABR). This command takes no options. Format show ip ospf abr Mode • Privileged EXEC • User EXEC Term Definition Type...
Page 318: Show Ip Ospf Asbr
Managed Switch CLI Manual, Release 8.0 Term Definition Area LSA A number representing the Area LSA Checksum for the specified AreaID excluding the Checksum external (LS type 5) link-state advertisements. Import Summary Shows whether to import summary LSAs. LSAs OSPF Stub The metric value of the stub area.
Page 319: Show Ip Ospf Database
Managed Switch CLI Manual, Release 8.0 Term Definition Type The type of the route to the destination. It can be one of the following values: intra — Intra-area route inter — Inter-area route Router ID Router ID of the destination. Cost Cost of using this route.
Page 320: Show Ip Ospf Database Database-Summary
Managed Switch CLI Manual, Release 8.0 The information below is only displayed if OSPF is enabled. Format show ip ospf [<areaid>] database [{database-summary | [{asbr-summary | external | network | nssa-external | opaque-area | opaque-as | opaque-link | router | summary}] [{adv-router [<ipaddr>] | self- originate}]}] Mode •...
Page 321: Show Ip Ospf Interface
Managed Switch CLI Manual, Release 8.0 Term Definition Opaque Link Number of opaque link LSAs in the database. Opaque Area Number of opaque area LSAs in the database. Subtotal Number of entries for the identified area. Opaque AS Number of opaque AS LSAs in the database. Total Number of entries for all areas.
Page 322: Show Ip Ospf Interface Brief
Managed Switch CLI Manual, Release 8.0 Term Definition Metric Cost The cost of the OSPF interface. Passive Status Shows whether the interface is passive or not. OSPF MTU- Indicates whether to ignore MTU mismatches in database descriptor packets sent from ignore neighboring routers.
Page 323: Show Ip Ospf Interface Stats
Managed Switch CLI Manual, Release 8.0 Term Definition Hello Interval A number representing the OSPF Hello Interval for the specified interface. Dead Interval A number representing the OSPF Dead Interval for the specified interface. Retransmit A number representing the OSPF Retransmit Interval for the specified interface. Interval Retransmit Delay A number representing the OSPF Transit Delay for the specified interface.
Page 324 Managed Switch CLI Manual, Release 8.0 Term Definition Discards The number of received OSPF packets discarded because of an error in the packet or an error in processing the packet. Bad Version The number of received OSPF packets whose version field in the OSPF header does not match the version of the OSPF process handling the packet.
Page 325: Show Ip Ospf Neighbor
Managed Switch CLI Manual, Release 8.0 Packet Type Sent Received LS Request LS Update LS Acknowledgment show ip ospf neighbor This command displays information about OSPF neighbors. If you do not specify a neighbor IP address, the output displays summary information in a table. If you specify an interface or tunnel, only the information for that interface or tunnel displays.
Page 326 Managed Switch CLI Manual, Release 8.0 Term Definition State The state of the neighboring routers. Possible values are: • Down - initial state of the neighbor conversation - no recent information has been received from the neighbor. • Attempt - no recent information has been received from the neighbor but a more concerted effort should be made to contact the neighbor.
Page 327: Show Ip Ospf Range
Managed Switch CLI Manual, Release 8.0 Term Definition Retransmission An integer representing the current length of the retransmission queue of the specified Queue Length neighbor router Id of the specified interface. The following shows example CLI display output for the command. (Switch) #show ip ospf neighbor 170.1.1.50 Interface........0/17 Neighbor IP Address......170.1.1.50...
Page 328: Show Ip Ospf Statistics
Managed Switch CLI Manual, Release 8.0 show ip ospf statistics This command displays information about recent Shortest Path First (SPF) calculations. The SPF is the OSPF routing table calculation. The output lists the number of times the SPF has run for each OSPF area.
Page 329: Show Ip Ospf Virtual-Link
Managed Switch CLI Manual, Release 8.0 Term Definition Metric Val The metric value is applied based on the TOS. It defaults to the least metric of the type of service among the interfaces to other areas. The OSPF cost for a route is a function of the metric value.
Page 330: Routing Information Protocol (Rip) Commands
Managed Switch CLI Manual, Release 8.0 show ip ospf virtual-link brief This command displays the OSPF Virtual Interface information for all areas in the system. Format show ip ospf virtual-link brief Modes • Privileged EXEC • User EXEC Term Definition Area ID The area id of the requested OSPF area.
Page 331: Ip Rip
Managed Switch CLI Manual, Release 8.0 no enable (RIP) This command sets the administrative mode of RIP in the router to inactive. Format no enable Mode Router RIP Config ip rip This command enables RIP on a router interface. Default disabled Format ip rip...
Page 332: Default-Information Originate (Rip)
Managed Switch CLI Manual, Release 8.0 default-information originate (RIP) This command is used to control the advertisement of default routes. Format default-information originate Mode Router RIP Config no default-information originate (RIP) This command is used to control the advertisement of default routes. Format no default-information originate Mode...
Page 333: Distribute-List Out (Rip)
Managed Switch CLI Manual, Release 8.0 no distance rip This command sets the default route preference value of RIP in the router. Format no distance rip Mode Router RIP Config distribute-list out (RIP) This command is used to specify the access list to filter routes received from the source protocol. Default Format distribute-list <1-199>...
Page 334 Managed Switch CLI Manual, Release 8.0 no ip rip authentication This command sets the default RIP Version 2 Authentication Type for an interface. Format no ip rip authentication Mode Interface Config ip rip receive version This command configures the interface to allow RIP control packets of the specified version(s) to be received.
Page 335 Managed Switch CLI Manual, Release 8.0 Format ip rip send version {rip1 | rip1c | rip2 | none} Mode Interface Config no ip rip send version This command configures the interface to allow RIP control packets of the default version to be sent.
Page 336: Redistribute (Rip)
Managed Switch CLI Manual, Release 8.0 Format split-horizon {none | simple | poison} Mode Router RIP Config no split-horizon This command sets the default RIP split horizon mode. Format no split-horizon Mode Router RIP Config redistribute (RIP) This command configures RIP protocol to redistribute routes from the specified source protocol/ routers.
Page 337: Show Ip Rip
Managed Switch CLI Manual, Release 8.0 show ip rip This command displays information relevant to the RIP router. Format show ip rip Modes • Privileged EXEC • User EXEC Term Definition RIP Admin Mode Enable or disable. Split Horizon None, simple or poison reverse. Mode Auto Summary Enable or disable.
Page 338: Show Ip Rip Interface
Managed Switch CLI Manual, Release 8.0 Term Definition Receive Version The RIP version(s) allowed when receiving updates from the specified interface. The types are none, RIP-1, RIP-2, Both RIP Mode The administrative mode of router RIP operation (enabled or disabled). Link State The mode of the interface (up or down).
Page 339: Icmp Throttling Commands
Managed Switch CLI Manual, Release 8.0 ICMP Throttling Commands This section describes the commands you use to configure options for the transmission of various types of ICMP messages. ip unreachables Use this command to enable the generation of ICMP Destination Unreachable messages. By default, the generation of ICMP Destination Unreachable messages is enabled.
Page 340: Ip Icmp Echo-Reply
Managed Switch CLI Manual, Release 8.0 Format no ip redirects Mode • Global Config • Interface Config ip icmp echo-reply Use this command to enable the generation of ICMP Echo Reply messages by the router. By default, the generation of ICMP Echo Reply messages is enabled. Default enable Format...
Page 341 Managed Switch CLI Manual, Release 8.0 no ip icmp error-interval Use the no form of the command to return burst-interval and burst-size to their default values. Format no ip icmp error-interval Mode Global Config Routing Commands 4-93 v1.0, July 2009...
Page 342: Multicast Commands
Chapter 5 IP Multicast Commands This chapter describes the IP Multicast commands available in the managed switch CLI. The IP Multicast Commands chapter contains the following sections: • “Multicast Commands” on page 5-1 • “DVMRP Commands” on page 5-7 • “PIM-DM Commands”...
Page 343 Managed Switch CLI Manual, Release 8.0 ip mcast boundary This command adds an administrative scope multicast boundary specified by <groupipaddr> and <mask> for which this multicast administrative boundary is applicable. <groupipaddr> is a group IP address and <mask> is a group IP mask. Format ip mcast boundary <groupipaddr>...
Page 344: Ip Multicast Ttl-Threshold
Managed Switch CLI Manual, Release 8.0 ip multicast ttl-threshold This command is specific to IPv4. Use this command to apply the given Time-to-Live threshold value <ttlthreshold> to a routing interface. The <ttlthreshold> is the TTL threshold which is to be applied to the multicast Data packets which are to be forwarded from the interface. This command sets the Time-to-Live threshold value such that any data packets forwarded over the interface having TTL value below the configured value are dropped.
Page 345: Show Ip Mcast Boundary
Managed Switch CLI Manual, Release 8.0 Term Definition Multicast The number of entries in the multicast forwarding cache. Forwarding Cache Entry Count show ip mcast boundary This command displays all the configured administrative scoped multicast boundaries. Format show ip mcast boundary {<unit/slot/port> | all} Modes •...
Page 346: Show Ip Mcast Mroute
Managed Switch CLI Manual, Release 8.0 show ip mcast mroute This command displays a summary or all the details of the multicast table. Format show ip mcast mroute {detail | summary} Modes • Privileged EXEC • User EXEC If you use the detail parameter, the command displays the following fields: Term Definition Source IP...
Page 347: Show Ip Mcast Mroute Source
Managed Switch CLI Manual, Release 8.0 Term Definition Source IP The IP address of the multicast data source. Group IP The IP address of the destination of the multicast packet. Protocol The multicast routing protocol by which this entry was created. Incoming The interface on which the packet for this group arrives.
Page 348: Dvmrp Commands
Managed Switch CLI Manual, Release 8.0 Term Definition Protocol The multicast routing protocol by which this entry was created. Incoming The interface on which the packet for this source arrives. Interface Outgoing The list of outgoing interfaces on which this packet is forwarded. Interface List DVMRP Commands This section provides a detailed explanation of the Distance Vector Multicast Routing Protocol...
Page 349: Ip Dvmrp Trapflags
Managed Switch CLI Manual, Release 8.0 no ip dvmrp metric This command resets the metric for an interface to the default value. This value is used in the DVMRP messages as the cost to reach this network. Format no ip dvmrp metric Mode Interface Config ip dvmrp trapflags...
Page 350: Show Ip Dvmrp
Managed Switch CLI Manual, Release 8.0 show ip dvmrp This command displays the system-wide information for DVMRP. Format show ip dvmrp Modes • Privileged EXEC • User EXEC Term Definition Admin Mode Indicates whether DVMRP is enabled or disabled. Version The version of DVMRP being used.
Page 351: Show Ip Dvmrp Neighbor
Managed Switch CLI Manual, Release 8.0 The following field is displayed only when DVMRP is operational on the interface. Term Definition Generation ID The Generation ID value for the interface. This is used by the neighboring routers to detect that the DVMRP table should be resent. The following fields are displayed only if DVMRP is enabled on this interface.
Page 352: Show Ip Dvmrp Nexthop
Managed Switch CLI Manual, Release 8.0 Term Definition Rcvd Bad The number of correct packets received with invalid routes. Routes show ip dvmrp nexthop This command displays the next hop information on outgoing interfaces for routing multicast datagrams. Format show ip dvmrp nexthop Modes •...
Page 353: Pim-Dm Commands
Managed Switch CLI Manual, Release 8.0 show ip dvmrp route This command displays the multicast routing information for DVMRP. Format show ip dvmrp route Modes • Privileged EXEC • User EXEC Term Definition Source Address The multicast address of the source group. Source Mask The IP Mask for the source group.
Page 354: Ip Pimdm (Interface Config)
Managed Switch CLI Manual, Release 8.0 no ip pimdm (Global Config) This command disables the administrative mode of PIM-DM in the router. Format no ip pimdm Mode Global Config ip pimdm (Interface Config) This command sets administrative mode of PIM-DM on an interface to enabled. Default disabled Format...
Page 355: Show Ip Pimdm
Managed Switch CLI Manual, Release 8.0 no ip pimdm hello-interval This command resets the transmission frequency of hello messages between PIM enabled neighbors to the default value. Format no ip pimdm hello-interval Mode Interface Config show ip pimdm This command displays the system-wide information for PIM-DM. Format show ip pimdm Modes...
Page 356: Show Ip Pimdm Interface Stats
Managed Switch CLI Manual, Release 8.0 show ip pimdm interface stats This command displays the statistical information for PIM-DM on the specified interface. Format show ip pimdm interface stats {<unit/slot/port> | all} Modes • Privileged EXEC • User EXEC Term Definition Interface Valid unit, slot, and port number separated by forward slashes.
Page 357: Pim-Sm Commands
Managed Switch CLI Manual, Release 8.0 PIM-SM Commands This section describes the commands you use to configure Protocol Independent Multicast - Sparse Mode (PIM-SM). PIM-SM is a multicast routing protocol that provides scalable inter- domain multicast routing across the Internet, independent of the mechanisms provided by any particular unicast routing protocol.
Page 358: Ip Pimsm Bsr-Border
Managed Switch CLI Manual, Release 8.0 no ip pimsm(Interface Config) This command is used to administratively disable PIM-SM multicast routing mode on a particular router interface. Format no ip pimsm Mode Interface Config ip pimsm bsr-border Use this command to prevent bootstrap router (BSR) messages from being sent or received through an interface.
Page 359: Ip Pimsm Dr-Priority
Managed Switch CLI Manual, Release 8.0 Parameters Description hash-mask- Length of a mask (32 bits maximum) that is to be ANDed with the group address before length the hash function is called. All groups with the same seed hash correspond to the same RP.
Page 360: Ip Pimsm Hello-Interval
Managed Switch CLI Manual, Release 8.0 ip pimsm hello-interval This command is used to configure the PIM-SM hello interval for the specified interface. The hello interval is specified in seconds. Default Format ip pimsm hello-interval <0-18000> Mode Interface Config no ip pimsm hello-interval This command is used to set the hello interval to the default value.
Page 361: Ip Pimsm Register-Threshold
Managed Switch CLI Manual, Release 8.0 ip pimsm register-threshold This command configures the Register Threshold rate for the Rendezvous Point router to switch to a source-specific shortest path. The valid values are from (0 to 2000 kilobits/sec). Default Format ip pimsm register-threshold <0-2000> Mode Global Config no ip pimsm register-threshold...
Page 362: Ip Pimsm Rp-Candidate
Managed Switch CLI Manual, Release 8.0 ip pimsm rp-candidate This command is used to configure the router to advertise itself as a PIM candidate rendezvous point (RP) to the bootstrap router (BSR). Default None Format ip pimsm rp-candidate interface <unit/slot/port> <group-address> <group-mask>...
Page 363: Ip Pimsm Ssm
Managed Switch CLI Manual, Release 8.0 ip pimsm ssm Use this command to define the Source Specific Multicast (SSM) range of IP multicast addresses. Default disabled Format ip pimsm ssm {default | <group-address> <group-mask>} Mode Global Config Parameter Description default-range Defines the SSM range access list to 232/8.
Page 364: Show Ip Pimsm
Managed Switch CLI Manual, Release 8.0 show ip pimsm This command displays the system-wide information for PIM-SM. Format show ip pimsm Modes • Privileged EXEC • User EXEC Term Definition Admin Mode Indicates whether PIM-SM is enabled or disabled. Data Threshold The data threshold rate for the PIM-SM router.
Page 365: Show Ip Pimsm Interface
Managed Switch CLI Manual, Release 8.0 Term Definition Next Bootstrap Time (in hours, minutes, and seconds) in which the next bootstrap message is due from Message In this BSR. Next Candidate Time (in hours, minutes, and seconds) in which the next candidate RP advertisement will be sent.
Page 366: Show Ip Pimsm Neighbor
Managed Switch CLI Manual, Release 8.0 Designated Router......41.1.1.2 DR Priority........1 BSR Border........Disabled show ip pimsm neighbor This command displays the neighbor information for PIM-SM on the specified interface. Format show ip pimsm neighbor {<unit/slot/port> | all} Modes •...
Page 367: Internet Group Message Protocol (Igmp) Commands
Managed Switch CLI Manual, Release 8.0 show ip pimsm rp mapping Use this command to display all group-to-RP mappings of which the router is a aware (either configured or learned from the bootstrap router (BSR)). If no RP is specified, all active RPs are displayed.
Page 368: Ip Igmp Version
Managed Switch CLI Manual, Release 8.0 ip igmp version This command configures the version of IGMP for an interface. The value for <version> is either 1, 2 or 3. Default Format ip igmp version <version> Modes Interface Config no ip igmp version This command resets the version of IGMP to the default value Format no ip igmp version...
Page 369: Ip Igmp Last-Member-Query-Interval
Managed Switch CLI Manual, Release 8.0 ip igmp last-member-query-interval This command configures the Maximum Response Time inserted in Group-Specific Queries which are sent in response to Leave Group messages. The range for <seconds> is 0 to 255 tenths of a second. Default 10 tenths of a second (1 second) Format...
Page 370: Ip Igmp Query-Max-Response-Time
Managed Switch CLI Manual, Release 8.0 ip igmp query-max-response-time This command configures the maximum response time interval for the specified interface, which is the maximum query response time advertised in IGMPv2 queries on this interface.The time interval is specified in tenths of a second. The range for <maxresptime> is 0 to 255 tenths of a second.
Page 371: Ip Igmp Startup-Query-Count
Managed Switch CLI Manual, Release 8.0 ip igmp startup-query-count This command sets the number of Queries sent out on startup, separated by the Startup Query Interval on the interface. The range for <count> is 1 to 20. Default Format ip igmp startup-query-count <count> Mode Interface Config no ip igmp startup-query-count...
Page 372: Show Ip Igmp
Managed Switch CLI Manual, Release 8.0 show ip igmp This command displays the system-wide IGMP information. Format show ip igmp Modes • Privileged EXEC • User EXEC Term Definition IGMP Admin The administrative status of IGMP. This is a configured value. Mode Interface Valid unit, slot, and port number separated by forward slashes.
Page 373: Show Ip Igmp Interface
Managed Switch CLI Manual, Release 8.0 If you use the detail keyword, the following fields appear: Term Definition Multicast IP The IP address of the registered multicast group on this interface. Address Last Reporter The IP address of the source of the last membership report received for the specified multicast group address on this interface.
Page 374: Show Ip Igmp Interface Membership
Managed Switch CLI Manual, Release 8.0 Term Definition Robustness The tuning for the expected packet loss on a subnet. If a subnet is expected to be have a lot of loss, the Robustness variable may be increased for that interface. Startup Query The interval between General Queries sent by a Querier on startup.
Page 375: Show Ip Igmp Interface Stats
Managed Switch CLI Manual, Release 8.0 Term Definition Source Hosts The list of unicast source IP addresses in the group record of the IGMPv3 Membership Report with the specified multicast group IP address. This is “-----” for IGMPv1 and IGMPv2 Membership Reports. Expiry Time The amount of time remaining to remove this entry before it is aged out.
Page 376: Igmp Proxy Commands
Managed Switch CLI Manual, Release 8.0 IGMP Proxy Commands The IGMP Proxy is used by IGMP Router (IPv4 system) to enable the system to issue IGMP host messages on behalf of hosts that the system discovered through standard IGMP router interfaces. With IGMP Proxy enabled, the system acts as proxy to all the hosts residing on its router interfaces.
Page 377: Ip Igmp-Proxy Reset-Status
Managed Switch CLI Manual, Release 8.0 no ip igmp-proxy unsolicit-rprt-interval This command resets the unsolicited report interval of the IGMP Proxy router to the default value. Format no ip igmp-proxy unsolicit-rprt-interval Mode Interface Config ip igmp-proxy reset-status This command resets the host interface status parameters of the IGMP Proxy router. This command is valid only when you enable IGMP Proxy on the interface.
Page 378: Show Ip Igmp-Proxy Interface
Managed Switch CLI Manual, Release 8.0 Term Definition Older Version 1 The interval used to timeout the older version 1 queriers. Querier Timeout Older Version 2 The interval used to timeout the older version 2 queriers. Querier Timeout Proxy Start The number of times the IGMP Proxy has been stopped and started.
Page 379: Show Ip Igmp-Proxy Groups
Managed Switch CLI Manual, Release 8.0 Term Definition Report Rcvd Number of IGMP reports received. Report Sent Number of IGMP reports sent. Leaves Rcvd Number of IGMP leaves received. Valid for version 2 only. Leaves Sent Number of IGMP leaves sent on the Proxy interface. Valid for version 2 only. Example: The following shows example CLI display output for the command.
Page 380: Show Ip Igmp-Proxy Groups Detail
Managed Switch CLI Manual, Release 8.0 Term Definition Sources The number of sources attached to the multicast group. Example: The following shows example CLI display output for the command. (Switch) #show ip igmp-proxy groups Interface Index........ 1/0/1 Group Address Last Reporter Up Time Member State Filter Mode...
Page 381 Managed Switch CLI Manual, Release 8.0 Term Definition Filter Mode Possible values are Include or Exclude. Sources The number of sources attached to the multicast group. Group Source The list of IP addresses of the sources attached to the multicast group. List Expiry Time Time left before a source is deleted.
Page 382: Ipv6 Multicast Commands
Chapter 6 IPv6 Multicast Commands The IPv6 Multicast commands described in this chapter are standard on the GSM7328Sv2 and GSM7352Sv2, but are optional on the GSM7328Sv1 and GSM7352Sv1. In order to use these commands with the GS7328Sv1 or GSM7352Sv1 you must purchase a separate software license. Note: The commands in this chapter require an optional software license for use on the GSM7328Sv1 and GSM7352Sv1.
Page 383: Ipv6 Multicast Forwarder
Managed Switch CLI Manual, Release 8.0 IPv6 Multicast Forwarder show ipv6 mroute Note: There is no specific IP multicast enable for IPv6. Enabling of multicast at global config is common for both IPv4 and IPv6. Use this command to show the mroute entries specific for IPv6. (This command is the IPv6 equivalent of the IPv4 show ip mcaste mroute command.) Format show ipv6 mroute {detail | summary}...
Page 384: Show Ipv6 Mroute Group
Managed Switch CLI Manual, Release 8.0 Term Definition Outgoing The list of outgoing interfaces on which the packet Interface List is forwarded. show ipv6 mroute group This command displays the multicast configuration settings specific to IPv6 such as flags, timer settings, incoming and outgoing interfaces, RPF neighboring routers, and expiration times of all the entries in the multicast mroute table containing the given group IPv6 address <group- address>.
Page 385: Ipv6 Pim-Dm Commands
Managed Switch CLI Manual, Release 8.0 If you use the detail parameter, the command displays the following column headings in the output table: Term Definition Source IP The IP address of the multicast data source. Group IP The IP address of the destination of the multicast packet. Expiry Time The time of expiry of this entry in seconds.
Page 386: Ipv6 Pimdm Hello-Interval
Managed Switch CLI Manual, Release 8.0 no ipv6 pimdm Default disabled Format ipv6 pimdm Mode • Global Config • Interface Config Use this command to administratively disable PIM-DM Multicast Routing Mode either across the router (Global Config) or on a particular router (Interface Config). Format no ipv6 pimdm Mode...
Page 387: Show Ipv6 Pimdm Neighbor
Managed Switch CLI Manual, Release 8.0 Format show ipv6 pimdm Mode • Privileged EXEC • User EXEC Term Definition Admin Mode Indicates whether PIM-DM is enabled or disabled. Interface Valid unit, slot, and port number separated by forward slashes. Interface-Mode Indicates whether PIM-DM is enabled or disabled on this interface.
Page 388: Show Ipv6 Pimdm Interface
Managed Switch CLI Manual, Release 8.0 Term Definition Up Time The time since this neighbor has become active on this interface. Expiry Time The expiry time of the neighbor on this interface. Example: The following shows example CLI display output for the command. (Switch) #show ipv6 pimdm neighbor 0/1 Interface Neighbor...
Page 389: Ipv6 Pim-Sm Commands
Managed Switch CLI Manual, Release 8.0 10.1.37.2 0/24 --------- ------- --------- ------- IPv6 PIM-SM Commands This section describes the PIM-SM commands you use to configure Protocol Independent Multicast - Sparse Mode (PIM-SM) in IPv6. ipv6 pimsm bsr-border Use this command to prevent bootstrap router (BSR) messages from being sent or received through an interface.
Page 390: Ipv6 Pimsm Hello-Interval
Managed Switch CLI Manual, Release 8.0 Parameters Description hash-mask- Length of a mask (32 bits maximum) that is to be ANDed with the group address before the length hash function is called. All groups with the same seed hash correspond to the same RP. For example, if this value was 24, only the first 24 bits of the group addresses matter.
Page 391: Ipv6 Pimsm Join-Prune-Interval
Managed Switch CLI Manual, Release 8.0 Default Format ipv6 pimsm hello-interval <0-18000> Mode Interface Config no ipv6 pimsm hello-interval This command is used to set the hello interval to the default value. Format no ipv6 pimsm hello-interval Mode Interface Config ipv6 pimsm join-prune-interval This command is used to configure the interface join/prune interval for the PIM-SM router.
Page 392: Ipv6 Pimsm Rp-Address
Managed Switch CLI Manual, Release 8.0 Default Format ipv6 pimsm register-threshold <0-2000> Mode Global Config no ipv6 pimsm register-threshold This command resets the register threshold rate for the Rendezvous Pointer router to the default value. Format no ipv6 pimsm register-threshold Mode Global Config ipv6 pimsm rp-address...
Page 393: Ipv6 Pimsm Rp-Candidate
Managed Switch CLI Manual, Release 8.0 ipv6 pimsm rp-candidate This command is used to configure the router to advertise itself as a PIM candidate rendezvous point (RP) to the bootstrap router (BSR). Default None Format ipv6 pimsm rp-candidate interface <unit/slot/port> <group-address> <group-mask>...
Page 394: Ipv6 Pimsm Ssm
Managed Switch CLI Manual, Release 8.0 ipv6 pimsm ssm Use this command to define the Source Specific Multicast (SSM) range of IP multicast addresses. Default disabled Format ipv6 pimsm ssm {default | <group-address/prefixlength> <group-mask>} Mode Global Config Parameter Description default Defines the SSM range access list to 232/8.
Page 395: Show Ipv6 Pimsm Bsr
Managed Switch CLI Manual, Release 8.0 Term Definition PIM-SM Interface Status Interface Valid unit, slot, and port number separated by forward slashes. Interface-Mode Indicates whether PIM-SM is enabled or disabled on the interface. Operational- The current state of the PIM-SM protocol on the interface. Possible values are Operational Status or Non-Operational.
Page 396: Show Ipv6 Pimsm Interface
Managed Switch CLI Manual, Release 8.0 show ipv6 pimsm interface This command displays interface configuration parameters for PIM-SM on the specified interface. If no interface is specified, all interfaces are displayed. Format show ipv6 pimsm interface [<unit/slot/port>] Modes • Privileged EXEC •...
Page 397: Ipv6 Mld Commands
Managed Switch CLI Manual, Release 8.0 show ipv6 pimsm rphash This command displays which rendezvous point (RP) is being used for a specified group. Format show ipv6 pimsm rphash <group-address> Modes • Privileged EXEC • User EXEC Term Definition The IP address of the RP for the group specified. Origin Indicates the mechanism (BSR or static) by which the RP was selected.
Page 398: Ipv6 Mld Query-Interval
Managed Switch CLI Manual, Release 8.0 Default Disabled Format ipv6 mld router Mode Global Config Interface Config no ipv6 mld router Use this command, in the administrative mode of the router, to disable MLD in the router. Default Disabled Format no ipv6 mld router Mode Global Config...
Page 399: Ipv6 Mld Query-Max-Response-Time
Managed Switch CLI Manual, Release 8.0 ipv6 mld query-max-response-time Use this command to set the MLD querier’s maximum response time for the interface and this value is used in assigning the maximum response time in the query messages that are sent on that interface.
Page 400: Ipv6 Mld Last-Member-Query-Count
Managed Switch CLI Manual, Release 8.0 ipv6 mld last-member-query-count Use this command to set the number of listener-specific queries sent before the router assumes that there are no local members on the interface. The range for <last-member-query-count> is 1 to 20. Default Format ipv6 mld last-member-query-count <last-member-query-count>...
Page 401 Managed Switch CLI Manual, Release 8.0 When <group-address> is specified, the following fields are displayed for each multicast group and each interface. Field Description Interface Interface through which the multicast group is reachable. Group Address The address of the multicast group. Last Reporter The IP Address of the source of the last membership report received for this multicast group address on that interface.
Page 402: Show Ipv6 Mld Interface
Managed Switch CLI Manual, Release 8.0 Up Time (hh:mm:ss)......00:02:53 Expiry Time (hh:mm:ss)......------ Filter Mode........Include Version1 Host Timer......------ Group compat mode......v2 Source Address ExpiryTime ----------------- ----------- 2003::10 00:04:17 2003::20 00:04:17 show ipv6 mld interface Use this command to display MLD-related information for the interface. Format show ipv6 mld interface [<unit/slot/port>] Mode...
Page 403: Show Ipv6 Mld Traffic
Managed Switch CLI Manual, Release 8.0 Field Description Last Member This value indicates the configured number of Group-Specific Queries sent before the Query Count router assumes that there are no local members. The following information is displayed if the operational mode of the MLD interface is enabled. Field Description Querier Status...
Page 404: Ipv6 Mld-Proxy Commands
Managed Switch CLI Manual, Release 8.0 Field Description Reports Received The number of valid MLD reports received by the router. Reports Sent The number of valid MLD reports sent by the router. Leaves Received The number of valid MLD leaves received by the router. Leaves Sent The number of valid MLD leaves sent by the router.
Page 405: Ipv6 Mld-Proxy Unsolicit-Rprt-Interval
Managed Switch CLI Manual, Release 8.0 ipv6 mld-proxy unsolicit-rprt-interval Use this command to set the unsolicited report interval for the MLD-Proxy router. This command is only valid when you enable MLD-Proxy on the interface. The value of <interval> is 1-260 seconds.
Page 406: Show Ipv6 Mld-Proxy Interface
Managed Switch CLI Manual, Release 8.0 Field Description Interface Index The interface number of the MLD-Proxy. Admin Mode Indicates whether MLD-Proxy is enabled or disabled. This is a configured value. Operational Mode Indicates whether MLD-Proxy is operationally enabled or disabled. This is a status parameter.
Page 407: Show Ipv6 Mld-Proxy Groups
Managed Switch CLI Manual, Release 8.0 Term Definition Interface Index The unit/slot/port of the MLD-proxy. The column headings of the table associated with the interface are as follows: Term Definition The MLD version. Query Rcvd Number of MLD queries received. Report Rcvd Number of MLD reports received.
Page 408: Show Ipv6 Mld-Proxy Groups Detail
Managed Switch CLI Manual, Release 8.0 Field Description Last Reporter The IP address of the host that last sent a membership report for the current group, on the network attached to the MLD-Proxy interface (upstream interface). Up Time (in secs) The time elapsed in seconds since last created.
Page 409 Managed Switch CLI Manual, Release 8.0 Field Description Interface The interface number of the MLD-Proxy. Group Address The IP address of the multicast group. Last Reporter The IP address of the host that last sent a membership report for the current group, on the network attached to the MLD-Proxy interface (upstream interface).
Page 410 Managed Switch CLI Manual, Release 8.0 FF1E::3 FE80::100:2.3 DELAY_MEMBER Exclude FF1E::4 FE80::100:2.3 DELAY_MEMBER Include Group Source List Expiry Time ------------------ --------------- 4001::1 00:03:40 5002::2 00:03:40 4001::2 00:03:40 5002::2 00:03:40 IPv6 Multicast Commands 6-29 v1.0, July 2009...
Page 411 Chapter 7 IPv6 Commands The IPv6 commands described in this chapter are standard on the GSM7328Sv2 and GSM7352Sv2, but are optional on the GSM7328Sv1 and GSM7352Sv1. In order to use these commands with the GS7328Sv1 or GSM7352Sv1 you must purchase a separate software license. Note: The commands in this chapter require an optional software license for use on the GSM7328Sv1 and GSM7352Sv1.
Page 412: Ipv6 Management Commands
Managed Switch CLI Manual, Release 8.0 IPv6 Management Commands IPv6 Management commands allow a device to be managed via an IPv6 address in a switch or IPv4 routing (i.e., independent from the IPv6 Routing package). For Routing/IPv6 builds of Switch CLI dual IPv4/IPv6 operation over the service port is enabled. Switch CLI has capabilities such as: •...
Page 413: Network Ipv6 Gateway
Managed Switch CLI Manual, Release 8.0 Parameter Description address IPv6 prefix in IPv6 global address format. prefix-length IPv6 prefix length value eui64 Formulate IPv6 address in eui64 format no network ipv6 address Use this command to remove IPv6 prefixes on the network port interface. The command no network ipv6 address removes all IPv6 prefixes.
Page 414: Show Network Ndp
Managed Switch CLI Manual, Release 8.0 show network ndp This command displays NDP cache information for the network port. Default enabled Format show network ndp Mode • Privileged EXEC • User EXEC Field Description IPv6 Address The IPv6 address of the interface. MAC Address The MAC Address used.
Page 415: Ping Ipv6 Interface
Managed Switch CLI Manual, Release 8.0 You can utilize the ping or traceroute facilities over the service/network ports when using an IPv6 global address <ipv6-global-address|hostname>. Any IPv6 global address or gateway assignments to these interfaces will cause IPv6 routes to be installed within the IP stack such that the ping or traceroute request is routed out the service/network port properly.
Page 416: Tunnel Interface Commands
Managed Switch CLI Manual, Release 8.0 traceroute ipv6 Use this command to discover the routes that packets actually take when traveling to their destination through the network on a hop-by-hop basis. The <ipv6-address> parameter must be a valid IPv6 address. The optional <port> parameter is the UDP port used as the destination of packets sent as part of the traceroute.
Page 417: Tunnel Source
Managed Switch CLI Manual, Release 8.0 tunnel source This command specifies the source transport address of the tunnel, either explicitly or by reference to an interface. Format tunnel source {<ipv4-address> | ethernet <unit/slot/port>} Mode Interface Config tunnel destination This command specifies the destination transport address of the tunnel. Format tunnel destination {<ipv4-address>} Mode...
Page 418: Loopback Interface Commands
Managed Switch CLI Manual, Release 8.0 Term Definition Tunnel ID The tunnel identification number. Interface The name of the tunnel interface. Tunnel Mode The tunnel mode. Source Address The source transport address of the tunnel. Destination The destination transport address of the tunnel. Address If you specify a tunnel ID, the command shows the following information for the tunnel: Term...
Page 419: Show Interface Loopback
Managed Switch CLI Manual, Release 8.0 no interface loopback This command removes the loopback interface and associated configuration parameters for the specified loopback interface. Format no interface loopback <loopback-id> Mode Global Config show interface loopback This command displays information about configured loopback interfaces. Format show interface loopback [<loopback-id>] Mode...
Page 420: Ipv6 Routing Commands
Managed Switch CLI Manual, Release 8.0 Term Definition IPv6 Prefix is The IPv6 address of the interface. MTU size The maximum transmission size for packets on this interface, in bytes. IPv6 Routing Commands This section describes the IPv6 commands you use to configure IPv6 on the system and on the interfaces.
Page 421: Ipv6 Unicast-Routing
Managed Switch CLI Manual, Release 8.0 Format ipv6 hop-limit <hops> Mode Global Config no ipv6 hop-limit This command returns the unicast hop count to the default. Format no ipv6 hop-limit Mode Global Config ipv6 unicast-routing Use this command to enable the forwarding of IPv6 unicast datagrams. Default disabled Format...
Page 422: Ipv6 Address
Managed Switch CLI Manual, Release 8.0 no ipv6 enable Use this command to disable IPv6 routing on an interface. Format no ipv6 enable Mode Interface Config ipv6 address Use this command to configure an IPv6 address on an interface, including tunnel and loopback interfaces, and to enable IPv6 processing on this interface.
Page 423 Managed Switch CLI Manual, Release 8.0 no ipv6 address Use this command to remove all IPv6 addresses on an interface or specified IPv6 address. The <prefix> parameter consists of the bits of the address to be configured. The <prefix_length> designates how many of the high-order contiguous bits of the address comprise the prefix.The optional [eui-64] field designates that IPv6 processing on the interfaces was enabled using an EUI-64 interface ID in the low order 64 bits of the address.
Page 424: Ipv6 Route Distance
Managed Switch CLI Manual, Release 8.0 Format no ipv6 route <ipv6-prefix>/<prefix_length> [{<next-hop-address> | Null0 | interface {<unit/slot/port> | tunnel <tunnel_id>} <next-hop- address> | <preference>}] Mode Global Config ipv6 route distance This command sets the default distance (preference) for IPv6 static routes. Lower route distance values are preferred when determining the best route.
Page 425: Ipv6 Nd Dad Attempts
Managed Switch CLI Manual, Release 8.0 Default 0 or link speed (MTU value (1500)) Format ipv6 mtu <1280-1500> Mode Interface Config no ipv6 mtu This command resets maximum transmission unit value to default value. Format no ipv6 mtu Mode Interface Config ipv6 nd dad attempts This command sets the number of duplicate address detection probes transmitted.
Page 426: Ipv6 Nd Ns-Interval
Managed Switch CLI Manual, Release 8.0 Default false Format ipv6 nd managed-config-flag Mode Interface Config no ipv6 nd managed-config-flag This command resets the “managed address configuration” flag in router advertisements to the default value. Format no ipv6 nd managed-config-flag Mode Interface Config ipv6 nd ns-interval This command sets the interval between router advertisements for advertised neighbor...
Page 427: Ipv6 Nd Ra-Interval
Managed Switch CLI Manual, Release 8.0 Default false Format ipv6 nd other-config-flag Mode Interface Config no ipv6 nd other-config-flag This command resets the “other stateful configuration” flag back to its default value in router advertisements sent from the interface. Format no ipv6 nd other-config-flag Mode Interface Config...
Page 428: Ipv6 Nd Reachable-Time
Managed Switch CLI Manual, Release 8.0 Default 1800 Format ipv6 nd ra-lifetime <lifetime> Mode Interface Config no ipv6 nd ra-lifetime This command resets router lifetime to the default value. Format no ipv6 nd ra-lifetime Mode Interface Config ipv6 nd reachable-time This command sets the router advertisement time to consider a neighbor reachable after neighbor discovery confirmation.
Page 429: Ipv6 Unreachables
Managed Switch CLI Manual, Release 8.0 Format ipv6 nd suppress-ra Mode Interface Config no ipv6 nd suppress-ra This command enables router transmission on an interface Format no ipv6 nd suppress-ra Mode Interface Config ipv6 unreachables Use this command to enable the generation of ICMPv6 Destination Unreachable messages. By default, the generation of ICMPv6 Destination Unreachable messages is enabled.
Page 430: Show Ipv6 Brief
Managed Switch CLI Manual, Release 8.0 To disable ICMP rate limiting, set burst-interval to zero (0). Default • burst-interval of 1000 msec. • burst-size of 100 messages Format ipv6 icmp error-interval <burst-interval> [<burst-size>] Mode Global Config no ipv6 icmp error-interval Use the no form of the command to return burst-interval and burst-size to their default values.
Page 431: Show Ipv6 Interface
Managed Switch CLI Manual, Release 8.0 Example: The following shows example CLI display output for the command. (Switch) #show ipv6 brief IPv6 Forwarding Mode......Enable IPv6 Unicast Routing Mode...... Enable IPv6 Hop Limit......... 0 ICMPv6 Rate Limit Error Interval....1000 msec ICMPv6 Rate Limit Burst Size....
Page 432 Managed Switch CLI Manual, Release 8.0 Term Definition Administrative Shows whether the interface administrative mode is enabled or disabled. Mode Bandwidth Shows bandwidth of the interface. Interface The MTU size, in bytes. Maximum Transmission Unit Router The number of consecutive duplicate address detection probes to transmit. Duplicate Address Detection...
Page 433: Show Ipv6 Neighbor
Managed Switch CLI Manual, Release 8.0 Routing Mode........Disabled Administrative Mode......Enabled IPv6 Routing Operational Mode....Disabled Bandwidth........100000 kbps Interface Maximum Transmit Unit....1500 Router Duplicate Address Detection Transmits... 1 Router Advertisement NS Interval....0 Router Advertisement Lifetime....1800 Router Advertisement Reachable Time....
Page 434 Managed Switch CLI Manual, Release 8.0 Term Definition IPv6 Address IPV6 address of neighbor or interface. MAC Address Link-layer Address. IsRtr Shows whether the neighbor is a router. If the value is TRUE, the neighbor is known to be a router, and FALSE otherwise. A value of FALSE might not mean Note that routers are not always known to be routers.
Page 435 Managed Switch CLI Manual, Release 8.0 Format show ipv6 route [{<ipv6-address> [<protocol>] | {{<ipv6-prefix/ipv6- prefix-length> | <unit/slot/port>} [<protocol>] | <protocol> | summary} [all] | all}] Modes • Privileged EXEC • User EXEC Term Definition Route Codes The key for the routing protocol codes that might appear in the routing table output. The show ipv6 route command displays the routing tables in the following format: C - connected, S - static Codes:...
Page 436: Show Ipv6 Route Preferences
Managed Switch CLI Manual, Release 8.0 Example: The following shows example CLI display output for the command. (Switch) #show ipv6 route IPv6 Routing Table - 3 entries Codes: C - connected, S - static O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF Ext 1, OE2 - OSPF Ext 2 ON1 - OSPF NSSA Ext Type 1, ON2 - OSPF NSSA Ext Type 2 2001::/64 [10/0] directly connected, Null0...
Page 437: Show Ipv6 Route Summary
Managed Switch CLI Manual, Release 8.0 show ipv6 route summary This command displays the summary of the routing table. Use all to display the count summary for all routes, including best and non-best routes. Use the command without parameters to display the count summary for only the best routes.
Page 438: Show Ipv6 Vlan
Managed Switch CLI Manual, Release 8.0 show ipv6 vlan This command displays IPv6 VLAN routing interface addresses. Format show ipv6 vlan Modes • Privileged EXEC • User EXEC Term Definition MAC Address Shows the MAC address. used by Routing VLANs The rest of the output for this command is displayed in a table with the following column headings: Column...
Page 439 Managed Switch CLI Manual, Release 8.0 Term Definition Total Datagrams Total number of input datagrams received by the interface, including those Received received in error. Received Datagrams Total number of datagrams successfully delivered to IPv6 user-protocols Locally Delivered (including ICMP). This counter increments at the interface to which these datagrams were addressed, which might not necessarily be the input interface for some of the datagrams.
Page 440 Managed Switch CLI Manual, Release 8.0 Term Definition Datagrams Failed To Number of failures detected by the IPv6 reassembly algorithm (for whatever Reassemble reason: timed out, errors, etc.). Note that this is not necessarily a count of discarded IPv6 fragments since some algorithms (notably the algorithm in by combining them as they are received.
Page 441 Managed Switch CLI Manual, Release 8.0 Term Definition ICMPv6 Time Exceeded Number of ICMP Time Exceeded messages received by the interface. Messages ICMPv6 Parameter Number of ICMP Parameter Problem messages received by the interface. Problem Messages ICMPv6 messages with Number of ICMP Packet Too Big messages received by the interface. too big packets ICMPv6 Echo Request Number of ICMP Echo (request) messages received by the interface.
Page 442: Clear Ipv6 Statistics
Managed Switch CLI Manual, Release 8.0 Term Definition ICMPv6 Parameter Number of ICMP Parameter Problem messages sent by the interface. Problem Messages Transmitted ICMPv6 Packet Too Big Number of ICMP Packet Too Big messages sent by the interface. Messages Transmitted ICMPv6 Echo Request Number of ICMP Echo (request) messages sent by the interface.ICMP echo Messages Transmitted...
Page 443: Ospfv3 Commands
Managed Switch CLI Manual, Release 8.0 Format clear ipv6 statistics [{<unit/slot/port> | loopback <loopback-id> | tunnel <tunnel-id>}] Mode Privileged EXEC OSPFv3 Commands This section describes the commands you use to configure OSPFv3, which is a link-state routing protocol that you use to route traffic within a network. ipv6 ospf This command enables OSPF on a router interface or loopback interface.
Page 444: Ipv6 Ospf Cost
Managed Switch CLI Manual, Release 8.0 ipv6 ospf cost This command configures the cost on an OSPF interface. The <cost> parameter has a range of 1 to 65535. Default Format ipv6 ospf cost <1-65535> Mode Interface Config no ipv6 ospf cost This command configures the default cost on an OSPF interface.
Page 445: Ipv6 Ospf Hello-Interval
Managed Switch CLI Manual, Release 8.0 ipv6 ospf hello-interval This command sets the OSPF hello interval for the specified interface. The value for <seconds> is a valid positive integer, which represents the length of time in seconds. The value for the length of time must be the same for all routers attached to a network.
Page 446: Ipv6 Ospf Network
Managed Switch CLI Manual, Release 8.0 ipv6 ospf network This command changes the default OSPF network type for the interface. Normally, the network type is determined from the physical IP network type. By default all Ethernet networks are OSPF type broadcast. Similarly, tunnel interfaces default to point-to-point. When an Ethernet port is used as a single large bandwidth IP network between two routers, the network type can be point- to-point since there are only two routers.
Page 447: Ipv6 Ospf Retransmit-Interval
Managed Switch CLI Manual, Release 8.0 Format no ipv6 ospf priority Mode Interface Config ipv6 ospf retransmit-interval This command sets the OSPF retransmit Interval for the specified interface. The retransmit interval is specified in seconds. The value for <seconds> is the number of seconds between link-state advertisement retransmissions for adjacencies belonging to this router interface.
Page 448: Ipv6 Router Ospf
Managed Switch CLI Manual, Release 8.0 no ipv6 ospf transmit-delay This command sets the default OSPF Transit Delay for the specified interface. Format no ipv6 ospf transmit-delay Mode Interface Config ipv6 router ospf Use this command to enter Router OSPFv3 Config mode. Format ipv6 router ospf Mode...
Page 449: Area Nssa Default-Info-Originate (Ospfv)
Managed Switch CLI Manual, Release 8.0 area nssa default-info-originate (OSPFv3) This command configures the metric value and type for the default route advertised into the NSSA. The optional metric parameter specifies the metric of the default route and is to be in a range of 1-16777214.
Page 450: Area Nssa No-Summary (Ospfv)
Managed Switch CLI Manual, Release 8.0 area nssa no-summary (OSPFv3) This command configures the NSSA so that summary LSAs are not advertised into the NSSA. Format area <areaid> nssa no-summary Mode Router OSPFv3 Config no area nssa no-summary (OSPFv3) This command disables nssa from the summary LSAs. Format no area <areaid>...
Page 451: Area Range (Ospfv)
Managed Switch CLI Manual, Release 8.0 Format area <areaid> nssa translator-stab-intv <stabilityinterval> Mode Router OSPFv3 Config no area nssa translator-stab-intv (OSPFv3) This command disables the nssa translator’s <stabilityinterval> from the specified area Format no area <areaid> nssa translator-stab-intv <stabilityinterval> Mode Router OSPF Config area range (OSPFv3) This command creates a specified area range for a specified NSSA.
Page 452: Area Stub No-Summary (Ospfv)
Managed Switch CLI Manual, Release 8.0 Format area <areaid> stub Mode Router OSPFv3 Config no area stub(OSPFv3) This command deletes a stub area for the specified area ID. Format no area <areaid> stub Mode Router OSPFv3 Config area stub no-summary (OSPFv3) This command disables the import of Summary LSAs for the stub area identified by <areaid>.
Page 453 Managed Switch CLI Manual, Release 8.0 no area virtual-link(OSPFv3) This command deletes the OSPF virtual interface from the given interface, identified by <areaid> and <neighbor>. The <neighbor> parameter is the Router ID of the neighbor. Format no area <areaid> virtual-link <neighbor> Mode Router OSPFv3 Config area virtual-link dead-interval (OSPFv3)
Page 454 Managed Switch CLI Manual, Release 8.0 no area virtual-link hello-interval(OSPFv3) This command configures the default hello interval for the OSPF virtual interface on the virtual interface identified by <areaid> and <neighbor>. The <neighbor> parameter is the Router ID of the neighbor. Format no area <areaid>...
Page 455 Managed Switch CLI Manual, Release 8.0 < > Format area <areaid> virtual-link <neighbor> transmit-delay seconds Mode Router OSPFv3 Config no area virtual-link transmit-delay(OSPFv3) This command configures the default transmit delay for the OSPF virtual interface on the virtual interface identified by <areaid> and <neighbor>. The <neighbor> parameter is the Router ID of the neighbor.
Page 456: Clear Ipv6 Ospf
Managed Switch CLI Manual, Release 8.0 Format no auto-cost reference-bandwidth Mode Router OSPFv3 Config clear ipv6 ospf Use this command to disable and re-enable OSPF. Format clear ipv6 ospf Mode Privileged EXEC clear ipv6 ospf configuration Use this command to reset the OSPF configuration to factory defaults. Format clear ipv6 ospf configuration Mode...
Page 457: Clear Ipv6 Ospf Neighbor Interface
Managed Switch CLI Manual, Release 8.0 clear ipv6 ospf neighbor interface To drop adjacency with all neighbors on a specific interface, use the optional parameter [unit/slot/ port]. To drop adjacency with a specific router ID on a specific interface, use the optional parameter [neighbor-id].
Page 458: Default-Metric (Ospfv)
Managed Switch CLI Manual, Release 8.0 default-metric (OSPFv3) This command is used to set a default for the metric of distributed routes. Format default-metric <1-16777214> Mode Router OSPFv3 Config no default-metric (OSPFv3) This command is used to set a default for the metric of distributed routes. Format no default-metric Mode...
Page 459 Managed Switch CLI Manual, Release 8.0 enable (OSPFv3) This command resets the default administrative mode of OSPF in the router (active). Default enabled Format enable Mode Router OSPFv3 Config no enable (OSPFv3) This command sets the administrative mode of OSPF in the router to inactive. Format no enable Mode...
Page 460: External-Lsdb-Limit (Ospfv)
Managed Switch CLI Manual, Release 8.0 external-lsdb-limit (OSPFv3) This command configures the external LSDB limit for OSPF. If the value is –1, then there is no limit. When the number of non-default AS-external-LSAs in a router’s link-state database reaches the external LSDB limit, the router enters overflow state. The router never holds more than the external LSDB limit non-default AS-external-LSAs in it database.
Page 461: Passive-Interface Default (Ospfv)
Managed Switch CLI Manual, Release 8.0 passive-interface default (OSPFv3) Use this command to enable global passive mode by default for all interfaces. It overrides any interface level passive mode. OSPF shall not form adjacencies over a passive interface. Default disabled Format passive-interface default Mode...
Page 462: Redistribute (Ospfv)
Managed Switch CLI Manual, Release 8.0 redistribute (OSPFv3) This command configures the OSPFv3 protocol to allow redistribution of routes from the specified source protocol/routers. Default • metric—unspecified • type—2 • tag—0 Format redistribute {static | connected} [metric <0-16777214>] [metric-type {1 | 2}] [tag <0-4294967295>] Mode Router OSPFv3 Config no redistribute(OSPFv3)
Page 463 Managed Switch CLI Manual, Release 8.0 Table 2: Trapflag Groups (OSPFv3) Group Flags errors • authentication-failure • bad-packet • config-error • virt-authentication-failure • virt-bad-packet • virt-config-error if-rx ir-rx-packet • lsa-maxage • lsa-originate overflow • lsdb-overflow • lsdb-approaching-overflow retransmit • packets •...
Page 464 Managed Switch CLI Manual, Release 8.0 Default disabled Format trapflags { all | errors {all | authentication-failure | bad-packet | config-error | virt- authentication-failure | virt-bad-packet | virt-config-error} | if-rx {all | if-rx-packet} | lsa {all | lsa-maxage | lsa-originate} | overflow {all | lsdb-overflow | lsdb-approaching-overflow} | retransmit {all | packets | virt-packets} | rtb {all, rtb-entry-info} |...
Page 465: Show Ipv6 Ospf
Managed Switch CLI Manual, Release 8.0 show ipv6 ospf This command displays information relevant to the OSPF router. Format show ipv6 ospf Mode Privileged EXEC Note: Some of the information below displays only if you enable OSPF and configure certain features. Term Definition Router ID...
Page 466 Managed Switch CLI Manual, Release 8.0 Term Definition New LSAs The number of new link-state advertisements that have been originated. Originated LSAs Received The number of link-state advertisements received determined to be new instantiations. LSA Count The total number of link state advertisements currently in the link state database. Maximum The maximum number of LSAs that OSPF can store.
Page 467: Show Ipv6 Ospf Abr
Managed Switch CLI Manual, Release 8.0 Term Definition Source Shows source protocol/routes that are being redistributed. Possible values are static, connected, BGP, or RIP. Metric The metric of the routes being redistributed. Metric Type Shows whether the routes are External Type 1 or External Type 2. The decimal value attached to each external route.
Page 468 Managed Switch CLI Manual, Release 8.0 Format show ipv6 ospf area <areaid> Modes • Privileged EXEC • User EXEC Term Definition AreaID The area id of the requested OSPF area. External A number representing the external routing capabilities for this area. Routing Spf Runs The number of times that the intra-area route table has been calculated using this area's...
Page 469: Show Ipv6 Ospf Asbr
Managed Switch CLI Manual, Release 8.0 Term Definition Default Metric The metric type for the default route advertised into the NSSA. Type Translator Role The NSSA translator role of the ABR, which is always or candidate. Translator The amount of time that an elected translator continues to perform its duties after it Stability Interval determines that its translator status has been deposed by another router.
Page 470: Show Ipv6 Ospf Database Database-Summary
Managed Switch CLI Manual, Release 8.0 display the link LSAs. Use network to display the network LSAs. Use nssa-external to display NSSA external LSAs. Use prefix to display intra-area Prefix LSAs. Use router to display router LSAs. Use unknown area, unknown as, or unknown link to display unknown area, AS or link-scope LSAs, respectively.
Page 471: Show Ipv6 Ospf Interface
Managed Switch CLI Manual, Release 8.0 Term Definition Router Total number of router LSAs in the OSPFv3 link state database. Network Total number of network LSAs in the OSPFv3 link state database. Inter-area Prefix Total number of inter-area prefix LSAs in the OSPFv3 link state database. Inter-area Total number of inter-area router LSAs in the OSPFv3 link state database.
Page 472: Show Ipv6 Ospf Interface Brief
Managed Switch CLI Manual, Release 8.0 Term Definition Retransmit The frequency, in seconds, at which the interface sends LSA. Interval Hello Interval The frequency, in seconds, at which the interface sends Hello packets. Dead Interval The amount of time, in seconds, the interface waits before assuming a neighbor is down. LSA Ack The amount of time, in seconds, the interface waits before sending an LSA Interval...
Page 473: Show Ipv6 Ospf Interface Stats
Managed Switch CLI Manual, Release 8.0 Format show ipv6 ospf interface brief Modes • Privileged EXEC • User EXEC Term Definition Interface Valid unit, slot, and port number separated by forward slashes. Admin Mode States whether OSPF is enabled or disabled on a router interface. Area ID The OSPF Area ID for the specified interface.
Page 474 Managed Switch CLI Manual, Release 8.0 Term Definition Virtual Events The number of state changes or errors that occurred on this virtual link. Neighbor The number of times this neighbor relationship has changed state, or an error has Events occurred. Packets The number of OSPFv3 packets received on the interface.
Page 475: Show Ipv6 Ospf Neighbor
Managed Switch CLI Manual, Release 8.0 show ipv6 ospf neighbor This command displays information about OSPF neighbors. If you do not specify a neighbor IP address, the output displays summary information in a table. If you specify an interface or tunnel, only the information for that interface or tunnel displays.
Page 476: Show Ipv6 Ospf Range
Managed Switch CLI Manual, Release 8.0 If you specify an IP address for the neighbor router, the following fields display: Term Definition Interface The interface of the local router in unit/slot/port format. Area ID The area ID associated with the interface. Options An integer value that indicates the optional OSPF capabilities supported by the neighbor.
Page 477: Show Ipv6 Ospf Stub Table
Managed Switch CLI Manual, Release 8.0 show ipv6 ospf stub table This command displays the OSPF stub table. The information below will only be displayed if OSPF is initialized on the switch. Format show ipv6 ospf stub table Modes • Privileged EXEC •...
Page 478: Dhcpv6 Commands
Managed Switch CLI Manual, Release 8.0 Term Definition Dead Interval The configured dead interval for the OSPF virtual interface. Iftransit Delay The configured transit delay for the OSPF virtual interface. Interval Retransmit The configured retransmit interval for the OSPF virtual interface. Interval Authentication The type of authentication the interface performs on LSAs it receives.
Page 479 Managed Switch CLI Manual, Release 8.0 service dhcpv6 This command enables DHCPv6 configuration on the router. Default disabled Format service dhcpv6 Mode Global Config no service dhcpv6 This command disables DHCPv6 configuration on router. Format no service dhcpv6 Mode Global Config ipv6 dhcp server Use this command to configure DHCPv6 server functionality on an interface.
Page 480: Ipv6 Dhcp Relay-Agent-Info-Opt
Managed Switch CLI Manual, Release 8.0 Note: If <relay-address> is an IPv6 global address, then <relay-interface> is not required. If <relay-address> is a link-local or multicast address, then <relay- interface> is required. Finally, if you do not specify a value for <relay-address>, then you must specify a value for <relay-interface>...
Page 481: Ipv6 Dhcp Pool
Managed Switch CLI Manual, Release 8.0 ipv6 dhcp pool Use this command from Global Config mode to enter IPv6 DHCP Pool Config mode. Use the exit command to return to Global Config mode. To return to the User EXEC mode, enter CTRL+Z.
Page 482: Dns-Server (Ipv)
Managed Switch CLI Manual, Release 8.0 dns-server (IPv6) This command sets the ipv6 DNS server address which is provided to dhcpv6 client by dhcpv6 server. DNS server address is configured for stateless server support. DHCPv6 pool can have multiple number of domain names with maximum of 8. Format dns-server <dns-server-address>...
Page 483: Show Ipv6 Dhcp
Managed Switch CLI Manual, Release 8.0 show ipv6 dhcp This command displays the DHCPv6 server name and status. Format show ipv6 dhcp Mode Privileged EXEC Term Definition DHCPv6 is The status of the DHCPv6 server. Enabled (Disabled) Server DUID If configured, shows the DHCPv6 unique identifier. show ipv6 dhcp statistics This command displays the IPv6 DHCP statistics for all interfaces.
Page 484: Show Ipv6 Dhcp Interface
Managed Switch CLI Manual, Release 8.0 Term Definition DHCPv6 Inform Packets Number of inform received statistics. Received DHCPv6 Relay-forward Number of relay forward received statistics. Packets Received DHCPv6 Relay-reply Packets Number of relay-reply received statistics. Received DHCPv6 Malformed Packets Number of malformed packets statistics. Received Received DHCPv6 Packets Number of DHCP discarded statistics.
Page 485: Clear Ipv6 Dhcp
Managed Switch CLI Manual, Release 8.0 Term Definition Mode Shows whether the interface is a IPv6 DHCP relay or server. If the interface mode is server, the following information displays. Term Definition Pool Name The pool name specifying information for DHCPv6 server distribution to DHCPv6 clients. Server The preference of the server.
Page 486: Show Ipv6 Dhcp Pool
Managed Switch CLI Manual, Release 8.0 show ipv6 dhcp pool This command displays configured DHCP pool. Format show ipv6 dhcp pool <pool-name> Mode Privileged EXEC Term Definition DHCP Pool Unique pool name configuration. Name Client DUID Client’s DHCP unique identifier. DUID is generated using the combination of the local system burned-in MAC address and a timestamp value.
Page 487 Managed Switch CLI Manual, Release 8.0 Term Definition Prefix Type IPV6 Prefix type (IAPD, IANA, or IATA). Client Address Address of DHCP Client. Client Interface IPv6 Address of DHCP Client. Expiration Address of DNS server address. Valid Lifetime Valid lifetime in seconds for delegated prefix. Preferred Preferred lifetime in seconds for delegated prefix.
Page 488 Chapter 8 Quality of Service (QoS) Commands This chapter describes the Quality of Service (QoS) commands available in the managed switch CLI. The QoS Commands chapter contains the following sections: • “Class of Service (CoS) Commands” on page 8-2 • “Differentiated Services (DiffServ) Commands”...
Page 489: Class Of Service (Cos) Commands
Managed Switch CLI Manual, Release 8.0 Class of Service (CoS) Commands This section describes the commands you use to configure and view Class of Service (CoS) settings for the switch. The commands in this section allow you to control the priority and transmission rate of traffic.
Page 490: Classofservice Trust
Managed Switch CLI Manual, Release 8.0 The <trafficclass> values can range from 0-6, although the actual number of available traffic classes depends on the platform. Format classofservice ip-dscp-mapping <ipdscp> <trafficclass> Mode Global Config no classofservice ip-dscp-mapping This command maps each IP DSCP value to its default internal traffic class value. Format no classofservice ip-dscp-mapping Mode...
Page 491: Cos-Queue Min-Bandwidth
Managed Switch CLI Manual, Release 8.0 cos-queue min-bandwidth This command specifies the minimum transmission bandwidth guarantee for each interface queue. The total number of queues supported per interface is platform specific. A value from 0-100 (percentage of link rate) must be specified for each supported queue, with 0 indicating no guaranteed minimum bandwidth.
Page 492: Show Classofservice Dot1P-Mapping
Managed Switch CLI Manual, Release 8.0 traffic-shape This command specifies the maximum transmission bandwidth limit for the interface as a whole. Also known as rate shaping, traffic shaping has the effect of smoothing temporary traffic bursts over time so that the transmitted traffic rate is bounded. Format traffic-shape <bw>...
Page 493: Show Classofservice Ip-Precedence-Mapping
Managed Switch CLI Manual, Release 8.0 show classofservice ip-precedence-mapping This command displays the current IP Precedence mapping to internal traffic classes for a specific interface. The unit/slot/port parameter is optional and is only valid on platforms that support independent per-port class of service mappings. If specified, the IP Precedence mapping table of the interface is displayed.
Page 494: Show Classofservice Trust
Managed Switch CLI Manual, Release 8.0 show classofservice trust This command displays the current trust mode setting for a specific interface. The <unit/slot/ port> parameter is optional and is only valid on platforms that support independent per-port class of service mappings. If you specify an interface, the command displays the port trust mode of the interface.
Page 495: Differentiated Services (Diffserv) Commands
Managed Switch CLI Manual, Release 8.0 If you specify the interface, the command also displays the following information. Term Definition Interface The unit/slot/port of the interface. If displaying the global configuration, this output line is replaced with a Global Config indication. Interface The maximum transmission bandwidth limit for the interface as a whole.
Page 496 Managed Switch CLI Manual, Release 8.0 A given class definition can contain a maximum of one reference to another class. You can combine the reference with other match criteria. The referenced class is truly a reference and not a copy since additions to a referenced class affect all classes that reference it. Changes to any class definition currently referenced by any other class must result in valid class definitions for all derived classes, otherwise the switch rejects the change.
Page 497: Diffserv Class Commands
Managed Switch CLI Manual, Release 8.0 DiffServ Class Commands Use the DiffServ class commands to define traffic classification. To classify traffic, you specify Behavior Aggregate (BA), based on DSCP and Multi-Field (MF) classes of traffic (name, match criteria) This set of commands consists of class creation/deletion and matching, with the class match commands specifying Layer 3, Layer 2, and general match criteria.
Page 498: Class-Map Rename
Managed Switch CLI Manual, Release 8.0 Note: The CLI mode is changed to Class-Map Config or Ipv6-Class-Map Config when this command is successfully executed depending on the [{ipv4 | ipv6}] keyword specified. Format class-map match-all <class-map-name> [{ipv4 | ipv6}] Mode Global Config no class-map This command eliminates an existing DiffServ class.
Page 499: Match Ethertype
Managed Switch CLI Manual, Release 8.0 match ethertype This command adds to the specified class definition a match condition based on the value of the ethertype. The <ethertype> value is specified as one of the following keywords: appletalk, arp, ibmsna, ipv4, ipv6, ipx, mplsmcast, mplsucast, netbios, novell, pppoe, rarp or as a custom ethertype value in the range of 0x0600-0xFFFF.
Page 500: Match Cos
Managed Switch CLI Manual, Release 8.0 Note: • The parameters <refclassname> and <class-map-name> can not be the same. • Only one other class may be referenced by a class. • Any attempts to delete the <refclassname> class while the class is still referenced by any <class- map-name>...
Page 501: Match Ip6Flowlbl
Managed Switch CLI Manual, Release 8.0 match ip6flowlbl This command adds to the specified class definition a match condition based on the IP6flowlbl of a packet. The label is the value to match in the Flow Label field of the IPv6 header (range 0- 1048575).
Page 502: Match Dstl4Port
Managed Switch CLI Manual, Release 8.0 match dstip6 This command adds to the specified class definition a match condition based on the destination IPv6 address of a packet. Default none Format match dstip6 <destination-ipv6-prefix/prefix-length> Mode Ipv6-Class-Map Config match dstl4port This command adds to the specified class definition a match condition based on the destination layer 4 port of a packet using a single keyword or numeric notation.
Page 503: Match Ip Precedence
Managed Switch CLI Manual, Release 8.0 Default none Format match ip dscp <dscpval> Mode Class-Map Config Ipv6-Class-Map Config match ip precedence This command adds to the specified class definition a match condition based on the value of the IP Precedence field in a packet, which is defined as the high-order three bits of the Service Type octet in the IP header (the low-order five bits are not checked).
Page 504: Match Protocol
Managed Switch CLI Manual, Release 8.0 Note: This “free form” version of the IP DSCP/Precedence/TOS match specification gives the user complete control when specifying which bits of the IP Service Type field are checked. Default none Format match ip tos <tosbits> <tosmask> Mode Class-Map Config match protocol...
Page 505: Match Source-Address Mac
Managed Switch CLI Manual, Release 8.0 match source-address mac This command adds to the specified class definition a match condition based on the source MAC address of a packet. The <address> parameter is any layer 2 MAC address formatted as six, two-digit hexadecimal numbers separated by colons (e.g., 00:11:22:dd:ee:ff).
Page 506: Diffserv Policy Commands
Managed Switch CLI Manual, Release 8.0 (listed below). The currently supported <portkey> values are: domain, echo, ftp, ftpdata, http, smtp, snmp, telnet, tftp, www. Each of these translates into its equivalent port number, which is used as both the start and end of a port range. To specify the match condition as a numeric value, one layer 4 port number is required.
Page 507 Managed Switch CLI Manual, Release 8.0 assign-queue This command modifies the queue id to which the associated traffic stream is assigned. The queueid is an integer from 0 to n-1, where n is the number of egress queues supported by the device.
Page 508 Managed Switch CLI Manual, Release 8.0 redirect This command specifies that all incoming packets for the associated traffic stream are redirected to a specific egress interface (physical port or port-channel). Note: This command is not available on the GSM7328Sv1 or GSM7352Sv1 platforms. Format redirect <unit/slot/port>...
Page 509: Mark Cos
Managed Switch CLI Manual, Release 8.0 Note: The CLI mode is changed to Policy-Class-Map Config when this command is successfully executed. Format class <classname> Mode Policy-Map Config no class This command deletes the instance of a particular class and its defined treatment from the specified policy.
Page 510: Mark Ip-Precedence
Managed Switch CLI Manual, Release 8.0 The <dscpval> value is specified as either an integer from 0 to 63, or symbolically through one of the following keywords: af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, be, cs0, cs1, cs2, cs3, cs4, cs5, cs6, cs7, ef.
Page 511 Managed Switch CLI Manual, Release 8.0 For set-cos-transmit an 802.1p priority value is required and is specified as an integer from 0-7. Format police-simple {<1-4294967295> <1-128> conform-action {drop | set- prec-transmit <0-7> | set-dscp-transmit <0-63> | set-cos-transmit <0-7> | transmit} [violate-action {drop | set-prec-transmit <0-7> | set-dscp-transmit <0-63>...
Page 512: Diffserv Service Commands
Managed Switch CLI Manual, Release 8.0 policy-map rename This command changes the name of a DiffServ policy. The <policyname> is the name of an existing DiffServ class. The <newpolicyname> parameter is a case-sensitive alphanumeric string from 1 to 31 characters uniquely identifying the policy. Format policy-map rename <policyname>...
Page 513: Diffserv Show Commands
Managed Switch CLI Manual, Release 8.0 Format service-policy in <policymapname> Modes • Global Config • Interface Config Note: Each interface can have one policy attached. no service-policy This command detaches a policy from an interface in the inbound direction. The <policyname> parameter is the name of an existing DiffServ policy.
Page 514: Show Diffserv
Managed Switch CLI Manual, Release 8.0 If the class-name is specified the following fields are displayed: Term Definition Class Name The name of this class. Class Type A class type of ‘all’ means every match criterion defined for the class is evaluated simultaneously and must all be true to indicate a class match.
Page 515: Show Policy-Map
Managed Switch CLI Manual, Release 8.0 Term Definition DiffServ Admin mode The current value of the DiffServ administrative mode. Class Table Size The current number of entries (rows) and the maximum allowed entries (rows) in Current /Max the Class Table. Class Rule Table Size The current number of entries (rows) and the maximum allowed entries(rows) in Current /Max...
Page 516 Managed Switch CLI Manual, Release 8.0 Term Definition Committed Burst The committed burst size, used in simple policing. Size (KB) Committed Rate The committed rate, used in simple policing, (Kbps) Conform Action The current setting for the action taken on a packet considered to conform to the policing parameters.
Page 517: Show Diffserv Service
Managed Switch CLI Manual, Release 8.0 If the Policy Name is not specified this command displays a list of all defined DiffServ policies. The following fields are displayed: Definition Term Policy Name The name of this policy. (The order in which the policies are displayed is not necessarily the same order in which they were created.) Policy Type The policy type (Only inbound is supported).
Page 518: Show Policy-Map Interface
Managed Switch CLI Manual, Release 8.0 Term Definition DiffServ Admin The current setting of the DiffServ administrative mode. An attached policy is only active Mode on an interface while DiffServ is in an enabled mode. The following information is repeated for interface and direction (only those interfaces configured with an attached policy are shown): Term Definition...
Page 519: Mac Access Control List (Acl) Commands
Managed Switch CLI Manual, Release 8.0 Term Definition In Discarded A count of the packets discarded for this class instance for any reason due to DiffServ Packets treatment of the traffic class. show service-policy This command displays a summary of policy-oriented statistics information for all interfaces in the specified direction.
Page 520 Managed Switch CLI Manual, Release 8.0 mac access-list extended This command creates a MAC Access Control List (ACL) identified by <name>, consisting of classification fields defined for the Layer 2 header of an Ethernet frame. The <name> parameter is a case-sensitive alphanumeric string from 1 to 31 characters uniquely identifying the MAC access list.
Page 521: Deny | Permit} (Mac Acl)
Managed Switch CLI Manual, Release 8.0 {deny | permit} (MAC ACL) This command creates a new rule for the current MAC access list. Each rule is appended to the list of configured rules for the list. Note: The 'no' form of this command is not supported, since the rules within a MAC ACL cannot be deleted individually.
Page 522: Mac Access-Group
Managed Switch CLI Manual, Release 8.0 The vlan and cos parameters refer to the VLAN identifier and 802.1p user priority fields, respectively, of the VLAN tag. For packets containing a double VLAN tag, this is the first (or outer) tag. The assign-queue parameter allows specification of a particular hardware queue for handling traffic that matches this rule.
Page 523: Show Mac Access-Lists
Managed Switch CLI Manual, Release 8.0 Format mac access-group <name> [vlan <vlan-id>] [in|out] [sequence <1- 4294967295>] Modes • Global Config • Interface Config no mac access-group This command removes a MAC ACL identified by <name> from the interface in a given direction.
Page 524: Ip Access Control List (Acl) Commands
Managed Switch CLI Manual, Release 8.0 Term Definition Redirect The unit/slot/port to which packets matching this rule are forwarded. Interface IP Access Control List (ACL) Commands This section describes the commands you use to configure IP ACL settings. IP ACLs ensure that only authorized users have access to specific resources and block any unwarranted attempts to reach network resources.
Page 525 Managed Switch CLI Manual, Release 8.0 IP Extended ACL: Format access-list <100-199> {deny | permit} {every | {{icmp | igmp | ip | tcp | udp | <number>} <srcip> <srcmask>[{eq {<portkey> | <0-65535>} <dstip> <dstmask> [{eq {<portkey>| <0-65535>}] [precedence <precedence> | tos <tos> <tosmask> | dscp <dscp>] [log] [assign-queue <queue-id>] [{mirror | redirect} <unit/slot/port>] Mode Global Config...
Page 526 Managed Switch CLI Manual, Release 8.0 no access-list This command deletes an IP ACL that is identified by the parameter <accesslistnumber> from the system. The range for <accesslistnumber> 1-99 for standard access lists and 100- 199 for extended access lists. Format no access-list <accesslistnumber>...
Page 527 Managed Switch CLI Manual, Release 8.0 ip access-list rename This command changes the name of an IP Access Control List (ACL). The <name> parameter is the names of an existing IP ACL. The <newname> parameter is a case-sensitive alphanumeric string from 1 to 31 characters uniquely identifying the IP access list. This command fails is an IP ACL by the name <newname>...
Page 528: Ip Access-Group
Managed Switch CLI Manual, Release 8.0 keyword ‘ ’ to indicate a match on any value in that field. The remaining command parameters are all optional, but the most frequently used parameters appear in the same relative order as shown in the command format. The assign-queue parameter allows specification of a particular hardware queue for handling traffic that matches this rule.
Page 529: Show Ip Access-Lists
Managed Switch CLI Manual, Release 8.0 no ip access-group This command removes a specified IP ACL from an interface. Default none Format no ip access-group <accesslistnumber> [vlan <vlan-id>] in Mode • Interface Config • Global Config acl-trapflags This command enables the ACL trap mode. Default disabled Format...
Page 530: Show Access-Lists
Managed Switch CLI Manual, Release 8.0 Term Definition Rule Number The number identifier for each rule that is defined for the IP ACL. Action The action associated with each rule. The possible values are Permit or Deny. Match All Indicates whether this access list applies to every packet. Possible values are True or False.
Page 531: Ipv6 Access Control List (Acl) Commands
Managed Switch CLI Manual, Release 8.0 Term Definition ACL ID Access List name for a MAC or IPv6 access list or the numeric identifier for an IP access list. Sequence An optional sequence number may be specified to indicate the order of this access list Number relative to other access lists already assigned to this interface and direction.
Page 532: Ipv6 Access-List Rename
Managed Switch CLI Manual, Release 8.0 If an IPv6 ACL by this name already exists, this command enters IPv6-Access-List config mode to allow updating the existing IPv6 ACL. Note: The CLI mode changes to IPv6-Access-List Config mode when you successfully execute this command.
Page 533 Managed Switch CLI Manual, Release 8.0 Note: An implicit ‘deny all’ IPv6 rule always terminates the access list. A rule may either deny or permit traffic according to the specified classification fields. At a minimum, either the ‘every’ keyword or the protocol, source address, and destination address values must be specified.
Page 534: Show Ipv6 Access-Lists
Managed Switch CLI Manual, Release 8.0 This command specified in Interface Config mode only affects a single interface, whereas the Global Config mode setting is applied to all interfaces. The vlan keyword is only valid in the Global Config mode. The Interface Config mode command is only available on platforms that support independent per-port class of service queue configuration.
Page 535: Auto-Voice Over Ip Commands
Managed Switch CLI Manual, Release 8.0 Term Definition Match All Indicates whether this access list applies to every packet. Possible values are True or False. Protocol The protocol to filter for this rule. Source IP The source IP address for this rule. Address Source L4 Port The source port for this rule.
Page 536: Show Auto-Voip
Managed Switch CLI Manual, Release 8.0 Default disabled Format auto-voip all Mode Global Config no auto-voip all Use this command to disable VoIP Profile on the interfaces of the switch. Format no auto-voip all Mode Global Config auto-voip Use this command to enable VoIP Profile on the interface. Default disabled Format...
Page 537 Managed Switch CLI Manual, Release 8.0 Field Description AutoVoIP Mode The Auto VoIP mode on the interface. Traffic Class The CoS Queue or Traffic Class to which all VoIP traffic is mapped to. This is not configurable and defaults to the highest CoS queue available in the system for data traffic. Quality of Service (QoS) Commands 8-50 v1.0, July 2009...
Page 538: Chapter 9
Chapter 9 Utility Commands This chapter describes the utility commands available in the CLI. The Utility Commands chapter includes the following sections: • “Auto Install Commands” on page 9-2 • “Dual Image Commands” on page 9-4 • “System Information and Statistics Commands” on page 9-6 •...
Page 539: Auto Install Commands
Managed Switch CLI Manual, Release 8.0 Auto Install Commands This section describes the Auto Install Commands. Auto Install is a software feature which provides for the configuration of a switch automatically when the device is initialized and no configuration file is found on the switch. The Auto Install process requires DHCP to be enabled by default in order for it to be completed.
Page 540: Boot Autoinstall Auto-Save
Managed Switch CLI Manual, Release 8.0 boot autoinstall auto-save This command is used to enable automatically saving the downloaded configuration on the switch. Default Disabled Format boot autoinstall auto-save Mode Privileged EXEC no boot autoinstall auto-save This command is used to disable automatically saving the downloaded configuration on the switch..
Page 541: Dual Image Commands
Managed Switch CLI Manual, Release 8.0 boot autoinstall retry-count This command is used to set the number of attempts to download a configuration. The valid range is from 1 to 6. Default Format boot autoinstall retry-count Mode Privileged EXEC no boot autoinstall retry-count This command is used to reset the number to the default.
Page 542: Boot System
Managed Switch CLI Manual, Release 8.0 boot system This command activates the specified image. It will be the active-image for subsequent reboots and will be loaded by the boot loader. The current active-image is marked as the backup-image for subsequent reboots. The optional <unit> parameter is valid only in Stacking, where the unit parameter identifies the node on which this command must be executed.
Page 543: System Information And Statistics Commands
Managed Switch CLI Manual, Release 8.0 update bootcode This command updates the bootcode (boot loader) on the switch. The bootcode is read from the active-image for subsequent reboots.The optional <unit> parameter is valid only on Stacks. Error will be returned, if this parameter is provided, on Standalone systems. For Stacking, the <unit>...
Page 544: Show Eventlog
Managed Switch CLI Manual, Release 8.0 show eventlog This command displays the event log, which contains error messages from the system. The event log is not cleared on a system reset. The <unit> is the switch identifier. Format show eventlog [<unit>] Mode Privileged EXEC Term...
Page 545: Show Version
Managed Switch CLI Manual, Release 8.0 show version This command displays inventory information for the switch. Note: The show version command will replace the show hardware command in future releases of the software. Format show version Mode Privileged EXEC Term Definition Switch Text used to identify the product name of this switch.
Page 546: Show Interface
Managed Switch CLI Manual, Release 8.0 show interface This command displays a summary of statistics for a specific interface or a count of all CPU traffic based upon the argument. Format show interface {<unit/slot/port> | switchport} Mode Privileged EXEC The display parameters, when the argument is <unit/slot/port>, are as follows: Parameters Definition Packets...
Page 547: Show Interface Ethernet
Managed Switch CLI Manual, Release 8.0 Term Definition Packets The number of inbound packets that contained errors preventing them from being Received With deliverable to a higher-layer protocol. Error Packets The total number of packets transmitted out of the interface. Transmitted Without Error Broadcast...
Page 548 Managed Switch CLI Manual, Release 8.0 Term Definition Unicast Packets The number of subnetwork-unicast packets delivered to a higher-layer protocol. Received Multicast The total number of packets received that were directed to a multicast address. Note that Packets this number does not include packets directed to the broadcast address. Received Broadcast The total number of packets received that were directed to the broadcast address.
Page 549: Show Mac-Addr-Table
Managed Switch CLI Manual, Release 8.0 Term Definition VLAN Deletes The number of VLANs on this switch that have been created and then deleted since the last reboot. Time Since The elapsed time, in days, hours, minutes, and seconds, since the statistics for this switch Counters Last were last cleared.
Page 550: Show Process Cpu
Managed Switch CLI Manual, Release 8.0 Term Definition Status The status of this entry. The meanings of the values are: • Static—The value of the corresponding instance was added by the system or a user when a static MAC filter was defined. It cannot be relearned. •...
Page 551: Show Mbuf Total
Managed Switch CLI Manual, Release 8.0 Note: It is not necessarily the traffic to the CPU, but different tasks that keep the CPU busy. Format show process cpu Mode Privileged EXEC The following shows example CLI display output. (Switch) #show process cpu Memory Utilization Report status bytes...
Page 552: Show Running-Config
Managed Switch CLI Manual, Release 8.0 MbufsFree MbufsRxUsed Total Rx Norm Alloc Attempts 26212 Total Rx Mid2 Alloc Attempts 4087 Total Rx Mid1 Alloc Attempts 188943 Total Rx High Alloc Attempts 384555 Total Tx Alloc Attempts 2478536 Total Rx Norm Alloc Failures Total Rx Mid2 Alloc Failures Total Rx Mid1 Alloc Failures Total Rx High Alloc Failures...
Page 553: Show Running-Config Interface
Managed Switch CLI Manual, Release 8.0 If option <changed> is used, this command displays/capture commands with settings/ configurations that differ from the defaul value. • If all the flags in a particular group are enabled, then the command displays trapflags <group name>...
Page 554 Managed Switch CLI Manual, Release 8.0 Term Definition MIBs Supported A list of MIBs supported by this agent. show tech-support Use the show tech-support command to display system and configuration information when you contact technical support. The output of the show tech-support command combines the output of the following commands: •...
Page 555: Logging Commands
Managed Switch CLI Manual, Release 8.0 no terminal length Use this command to set the terminal length to the default value. Format no terminal length Mode Privileged EXEC show terminal length Use this command to display the value of the user-configured terminal length size. Format show terminal length Mode...
Page 556: Logging Buffered Wrap
Managed Switch CLI Manual, Release 8.0 logging buffered wrap This command enables wrapping of in-memory logging when the log file reaches full capacity. Otherwise when the log file reaches full capacity, logging stops. Default enabled Format logging buffered wrap Mode Privileged EXEC no logging buffered wrap This command disables wrapping of in-memory logging and configures logging to stop when the...
Page 557 Managed Switch CLI Manual, Release 8.0 logging console This command enables logging to the console. You can specify the <severitylevel> value as either an integer from 0 to 7 or symbolically through one of the following keywords: emergency (0), alert (1), critical (2), error (3), warning (4), notice (5), info (6), or debug (7).
Page 558: Logging Host Remove
Managed Switch CLI Manual, Release 8.0 logging host remove This command disables logging to host. See “show logging hosts” on page 9-22 for a list of host indexes. Format logging host remove <hostindex> Mode Global Config logging syslog This command enables syslog logging. The <portid> parameter is an integer with a range of 1- 65535.
Page 559: Show Logging Buffered
Managed Switch CLI Manual, Release 8.0 Term Definition Console Logging The minimum severity to log to the console log. Messages with an equal or lower Severity Filter numerical severity are logged. Buffered Shows whether buffered logging is enabled. Logging Syslog Logging Shows whether syslog logging is enabled. Log Messages Number of messages received by the log process.
Page 560: Show Logging Traplogs
Managed Switch CLI Manual, Release 8.0 Term Definition Host Index (Used for deleting hosts.) IP Address / IP address or hostname of the logging host. Hostname Severity Level The minimum severity to log to the specified address. The possible values are emergency (0), alert (1), critical (2), error (3), warning (4), notice (5), info (6), or debug (7).
Page 561: System Utility And Clear Commands
Managed Switch CLI Manual, Release 8.0 logging persistent Use this command to configure the Persistent logging for the switch. The severity level of logging messages is specified at severity level. Possible values for severity level are (emergency|0, alert|1, critical|2, error|3, warning|4, notice|5, info|6, debug|7).
Page 562 Managed Switch CLI Manual, Release 8.0 traceroute Use the traceroute command to discover the routes that packets actually take when traveling to their destination through the network on a hop-by-hop basis. Traceroute continues to provide a synchronous response when initiated from the CLI. Default •...
Page 563: Traceroute Ipv6
Managed Switch CLI Manual, Release 8.0 Example: The following are examples of the CLI command. traceroute Success: (Switch) # traceroute 10.240.10.115 initTtl 1 maxTtl 4 maxFail 0 interval 1 count 3 port 33434 size 43 Traceroute to 10.240.10.115 ,4 hops max 43 byte packets: 1 10.240.4.1 708 msec 41 msec...
Page 564: Clear Config
Managed Switch CLI Manual, Release 8.0 clear config This command resets the configuration to the factory defaults without powering off the switch. When you issue this command, a prompt appears to confirm that the reset should proceed. When you enter y, you automatically reset the current configuration on the switch to the default values. It does not reset the switch.
Page 565: Clear Igmpsnooping
Managed Switch CLI Manual, Release 8.0 clear igmpsnooping This command clears the tables managed by the IGMP Snooping function and attempts to delete these entries from the Multicast Forwarding Database. Format clear igmpsnooping Mode Privileged EXEC clear pass This command resets all user passwords to the factory defaults without powering off the switch. You are prompted to confirm that the password reset should proceed.
Page 566: Enable Password
Managed Switch CLI Manual, Release 8.0 enable password This command prompts you to change the Privileged EXEC password. Passwords are a maximum of 64 alphanumeric characters. The password is case sensitive. The option [encrypted] allows the administrator to transfer the enable password between devices without having to know the password.
Page 567 Managed Switch CLI Manual, Release 8.0 Using the options described below, you can specify the number and size of Echo Requests and the interval between Echo Requests. Parameter Description count Use the count parameter to specify the number of ping packets (ICMP Echo requests) that are sent to the destination address specified by the <ip-address>...
Page 568 Managed Switch CLI Manual, Release 8.0 1 packets transmitted,0 packets received, 100% packet loss round-trip (msec) min/avg/max = 0/0/0 quit This command closes the current telnet connection or resets the current serial connection. The system asks you whether to save configuration changes before quitting. Format quit Modes...
Page 569 Managed Switch CLI Manual, Release 8.0 copy The copy command uploads and downloads files to and from the switch. You can also use the copy command to manage the dual images (image1 and image2) on the file system. Upload and download files from a server by using TFTP or Xmodem.
Page 570 When you use this option, the copy command will not <destfilename> noval validate the downloaded script file. An example of the CLI command follows: (NETGEAR Switch CLI Routing) #copy tftp://1.1.1.1/file.scr nvram:script file.scr noval <url> nvram:sshkey-dsa Downloads an SSH key file. For more information, see “Secure Shell (SSH) Commands”...
Page 571: Simple Network Time Protocol (Sntp) Commands
Managed Switch CLI Manual, Release 8.0 Source Destination Description image1 image2 Copy image1 to image2. image2 image1 Copy image2 to image1. {image1 | image2} unit://<unit>/{image1 | Copy an image from the management node to a given image2} node in a Stack. Use the unit parameter to specify the node to which the image should be copied.
Page 572: Sntp Client Mode
Managed Switch CLI Manual, Release 8.0 sntp client mode This command enables Simple Network Time Protocol (SNTP) client mode and may set the mode to either broadcast or unicast. Default disabled Format sntp client mode [broadcast | unicast] Mode Global Config no sntp client mode This command disables Simple Network Time Protocol (SNTP) client mode.
Page 573: Sntp Unicast Client Poll-Interval
Managed Switch CLI Manual, Release 8.0 sntp unicast client poll-interval This command sets the poll interval for SNTP unicast clients in seconds as a power of two where <poll-interval> can be a value from 6 to 10. Default Format sntp unicast client poll-interval <poll-interval> Mode Global Config no sntp unicast client poll-interval...
Page 574: Sntp Server
Managed Switch CLI Manual, Release 8.0 Format sntp unicast client poll-retry <poll-retry> Mode Global Config no sntp unicast client poll-retry This command will reset the poll retry for SNTP unicast clients to its default value. Format no sntp unicast client poll-retry Mode Global Config sntp server...
Page 575: Show Sntp
Managed Switch CLI Manual, Release 8.0 Zone name: A name to associate with the time zone Hours-offset: Number of hours difference with UTC Minutes-offset: Number of minutes difference with UTC no clock timezone This command sets the switch to UTC time. Format no clock timezone Mode...
Page 576: Show Sntp Server
Managed Switch CLI Manual, Release 8.0 Term Definition Client Supported Supported SNTP Modes (Broadcast, Unicast, or Multicast). Modes SNTP Version The highest SNTP version the client supports. Port SNTP Client Port. Client Mode Configured SNTP Client Mode. show sntp server This command is used to display SNTP server settings and configured servers.
Page 577: Dhcp Server Commands
Managed Switch CLI Manual, Release 8.0 Term Definition Last Attempt Last server attempt time for the specified server. Time Last Update Last server attempt status for the server. Status Total Unicast Number of requests to the server. Requests Failed Unicast Number of failed requests from server.
Page 578: Ip Dhcp Pool
Managed Switch CLI Manual, Release 8.0 ip dhcp pool This command configures a DHCP address pool name on a DHCP server and enters DHCP pool configuration mode. Default none Format ip dhcp pool <name> Mode Global Config no ip dhcp pool This command removes the DHCP address pool.
Page 579 Managed Switch CLI Manual, Release 8.0 client-name This command specifies the name for a DHCP client. Name is a string consisting of standard ASCII characters. Default none Format client-name <name> Mode DHCP Pool Config no client-name This command removes the client name. Format no client-name Mode...
Page 580 Managed Switch CLI Manual, Release 8.0 dns-server This command specifies the IP servers available to a DHCP client. Address parameters are valid IP addresses; each made up of four decimal bytes ranging from 0 to 255. IP address 0.0.0.0 is invalid. Default none Format...
Page 581 Managed Switch CLI Manual, Release 8.0 host This command specifies the IP address and network mask for a manual binding to a DHCP client. Address and Mask are valid IP addresses; each made up of four decimal bytes ranging from 0 to 255.
Page 582: Network (Dhcp Pool Config)
Managed Switch CLI Manual, Release 8.0 network (DHCP Pool Config) Use this command to configure the subnet number and mask for a DHCP address pool on the server. Network-number is a valid IP address, made up of four decimal bytes ranging from 0 to 255.
Page 583 Managed Switch CLI Manual, Release 8.0 domain-name This command specifies the domain name for a DHCP client. The <domain> specifies the domain name string of the client. Default none Format domain-name <domain> Mode DHCP Pool Config no domain-name This command removes the domain name. Format no domain-name Mode...
Page 584 Managed Switch CLI Manual, Release 8.0 netbios-node-type The command configures the NetBIOS node type for Microsoft Dynamic Host Configuration Protocol (DHCP) clients.type Specifies the NetBIOS node type. Valid types are: • b-node—Broadcast • p-node—Peer-to-peer • m-node—Mixed • h-node—Hybrid (recommended) Default none Format netbios-node-type <type>...
Page 585: Ip Dhcp Excluded-Address
Managed Switch CLI Manual, Release 8.0 option The option command configures DHCP Server options. The <code> parameter specifies the DHCP option code and ranges from 1-254. The <ascii string> parameter specifies an NVT ASCII character string. ASCII character strings that contain white space must be delimited by quotation marks.
Page 586: Ip Dhcp Ping Packets
Managed Switch CLI Manual, Release 8.0 no ip dhcp excluded-address This command removes the excluded IP addresses for a DHCP client. Low-address and high- address are valid IP addresses; each made up of four decimal bytes ranging from 0 to 255. IP address 0.0.0.0 is invalid.
Page 587: Ip Dhcp Bootp Automatic
Managed Switch CLI Manual, Release 8.0 no service dhcp This command disables the DHCP server. Format no service dhcp Mode Global Config ip dhcp bootp automatic This command enables the allocation of the addresses to the bootp client. The addresses are from the automatic address pool.
Page 588: Clear Ip Dhcp Binding
Managed Switch CLI Manual, Release 8.0 no ip dhcp conflict logging This command disables conflict logging on DHCP server. Format no ip dhcp conflict logging Mode Global Config clear ip dhcp binding This command deletes an automatic address binding from the DHCP server database. If “*” is specified, the bindings corresponding to all the addresses are deleted.
Page 589: Show Ip Dhcp Binding
Managed Switch CLI Manual, Release 8.0 show ip dhcp binding This command displays address bindings for the specific IP address on the DHCP server. If no IP address is specified, the bindings corresponding to all the addresses are displayed. Format show ip dhcp binding [<address>] Modes •...
Page 590: Show Ip Dhcp Pool Configuration
Managed Switch CLI Manual, Release 8.0 show ip dhcp pool configuration This command displays pool configuration. If all is specified, configuration for all the pools is displayed. Format show ip dhcp pool configuration {<name> | all} Modes • Privileged EXEC •...
Page 591: Show Ip Dhcp Server Statistics
Managed Switch CLI Manual, Release 8.0 show ip dhcp server statistics This command displays DHCP server statistics. Format show ip dhcp server statistics Modes • Privileged EXEC • User EXEC Field Definition Automatic The number of IP addresses that have been automatically mapped to the MAC addresses Bindings of hosts that are found in the DHCP database.
Page 592: Dns Client Commands
Managed Switch CLI Manual, Release 8.0 show ip dhcp conflict This command displays address conflicts logged by the DHCP Server. If no IP address is specified, all the conflicting addresses are displayed. Format show ip dhcp conflict [<ip-address>] Modes • Privileged EXEC •...
Page 593: Ip Domain Name
Managed Switch CLI Manual, Release 8.0 ip domain name Use this command to define a default domain name that the software uses to complete unqualified host names (names with a domain name). By default, no default domain name is configured in the system.
Page 594: Ip Name Server
Managed Switch CLI Manual, Release 8.0 no ip domain list Use this command to delete a name from a list. Format no ip domain list <name> Mode Global Config ip name server Use this command to configure the available name servers. Up to eight servers can be defined in one command or by using multiple commands.
Page 595: Ipv6 Host
Managed Switch CLI Manual, Release 8.0 no ip host Use this command to remove the name-to-address mapping. Format no ip host <name> Mode Global Config ipv6 host Use this command to define static host name-to-IPv6 address mapping in the host cache. <name> is host name.
Page 596: Ip Domain Timeout
Managed Switch CLI Manual, Release 8.0 no ip domain retry Use this command to return to the default. Format no ip domain retry <number> Mode Global Config ip domain timeout Use this command to specify the amount of time to wait for a response to a DNS query. The parameter <seconds>...
Page 597: Show Hosts
Managed Switch CLI Manual, Release 8.0 show hosts Use this command to display the default domain name, a list of name server hosts, the static and the cached list of host names and addresses <ame> ranges from 1-255 characters. This command displays both IPv4 and IPv6 entries.
Page 598: Packet Capture Commands
Managed Switch CLI Manual, Release 8.0 www.stanford.edu 171.64.14.203 Packet Capture Commands Packet capture commands assist in troubleshooting protocol-related problems with the management CPU. The packets to and from the management CPU can be captured in an internally allocated buffer area for export to a PC host for protocol analysis. Public domain packet analysis tools like Ethereal can be used to decode and review the packets in detail.
Page 599: Capture Wrap
Managed Switch CLI Manual, Release 8.0 no capture receive packet This command disables the capturing of receive packets. Format no capture receive packet Mode Global Config capture all packets This command enables the capturing of receive packets. Format capture all packet Mode Global Config no capture all packets...
Page 600: Serviceability Packet Tracing Commands
Managed Switch CLI Manual, Release 8.0 Mode Global Config Default Enabled Serviceability Packet Tracing Commands These commands improve the capability of network engineers to diagnose conditions affecting their managed switch product. Caution! The output of “debug” commands can be long and may adversely affect system performance.
Page 601: Debug Clear
Managed Switch CLI Manual, Release 8.0 no debug auto-voip Use this command to disable Auto VOIP debug messages. Format no debug auto-voip Mode Privileged EXEC debug clear This command disables all previously enabled “debug” traces. Default disabled Format debug clear Mode Privileged EXEC debug console...
Page 602: Debug Dot1X Packet
Managed Switch CLI Manual, Release 8.0 debug dot1x packet Use this command to enable dot1x packet debug trace. Default disabled Format debug dot1x Mode Privileged EXEC no debug dot1x packet Use this command to disable dot1x packet debug trace. Format no debug dot1x Mode Privileged EXEC...
Page 603: Debug Igmpsnooping Packet Transmit
Managed Switch CLI Manual, Release 8.0 debug igmpsnooping packet transmit This command enables tracing of IGMP Snooping packets transmitted by the switch. Snooping should be enabled on the device and the interface in order to monitor packets for a particular interface.
Page 604: Debug Igmpsnooping Packet Receive
Managed Switch CLI Manual, Release 8.0 no debug igmpsnooping transmit This command disables tracing of transmitted IGMP snooping packets. Format no debug igmpsnooping transmit Mode Privileged EXEC debug igmpsnooping packet receive This command enables tracing of IGMP Snooping packets received by the switch. Snooping should be enabled on the device and the interface in order to monitor packets for a particular interface.
Page 605: Debug Ip Acl
Managed Switch CLI Manual, Release 8.0 Parameter Definition Group Multicast group address in the IGMP header. no debug igmpsnooping receive This command disables tracing of received IGMP Snooping packets. Format no debug igmpsnooping receive Mode Privileged EXEC debug ip acl Use this command to enable debug of IP Protocol packets matching the ACL criteria.
Page 606: Debug Ip Igmp Packet
Managed Switch CLI Manual, Release 8.0 no debug ip dvmrp packet Use this command to disable debug tracing of DVMRP packet reception and transmission. Format no debug ip dvmrp packet [receive|transmit] Mode Privileged EXEC debug ip igmp packet Use this command to trace IGMP packet reception and transmission. receive traces only received IGMP packets and transmit traces only transmitted IGMP packets.
Page 607: Debug Ip Pimdm Packet
Managed Switch CLI Manual, Release 8.0 Format debug ip mcache packet [receive|transmit] Mode Privileged EXEC no debug ip mcache packet Use this command to disable debug tracing of MDATA packet reception and transmission. Format no debug ip mcache packet [receive|transmit] Mode Privileged EXEC debug ip pimdm packet...
Page 608: Debug Ip Pimsm Packet
Managed Switch CLI Manual, Release 8.0 debug ip pimsm packet Use this command to trace PIMSM packet reception and transmission. receive traces only received PIMSM packets and transmit traces only transmitted PIMSM packets. When neither keyword is used in the command, then all PIMSM packet traces are dumped. Vital information such as source address, destination address, control packet type, packet length, and the interface on which the packet is received or transmitted is displayed on the console.
Page 609: Debug Ipv6 Mcache Packet
Managed Switch CLI Manual, Release 8.0 debug ipv6 mcache packet Use this command for tracing MDATAv6 packet reception and transmission. receive traces only received data packets and transmit traces only transmitted data packets. When neither keyword is used in the command, then all data packet traces are dumped. Vital information such as source address, destination address, packet length, and the interface on which the packet is received or transmitted is displayed on the console.
Page 610: Debug Ipv6 Pimdm Packet
Managed Switch CLI Manual, Release 8.0 Format no debug ipv6 mld packet [receive|transmit] Mode Privileged EXEC debug ipv6 pimdm packet Use this command to trace PIMDMv6 packet reception and transmission. receive traces only received PIMDMv6 packets and transmit traces only transmitted PIMDMv6 packets. When neither keyword is used in the command, then all PIMDMv6 packet traces are dumped.
Page 611: Debug Lacp Packet
Managed Switch CLI Manual, Release 8.0 Format no debug ipv6 pimsm packet [receive|transmit] Mode Privileged EXEC debug lacp packet This command enables tracing of LACP packets received and transmitted by the switch. Default disabled Format debug lacp packet Mode Privileged EXEC A sample output of the trace message is shown below.
Page 612: Debug Ospf Packet
Managed Switch CLI Manual, Release 8.0 no debug mldsnooping packet Use this command to disable debug tracing of MLD snooping packet reception and transmission. debug ospf packet This command enables tracing of OSPF packets received and transmitted by the switch. Default disabled Format...
Page 613 Managed Switch CLI Manual, Release 8.0 Parameter Definition Intf The interface that the packet came in or went out on. Format used is unit/slot/port (internal interface number). SrcIp The source IP address in the IP header of the packet. DestIp The destination IP address in the IP header of the packet.
Page 614: Debug Ospfv3 Packet
Managed Switch CLI Manual, Release 8.0 LS_UPD packet field definitions. Field Definition Length Length of packet LS_ACK packet field definitions. Field Definition Length Length of packet no debug ospf packet This command disables tracing of OSPF packets. Format no debug ospf packet Mode Privileged EXEC debug ospfv3 packet...
Page 615: Debug Ping Packet
Managed Switch CLI Manual, Release 8.0 debug ping packet This command enables tracing of ICMP echo requests and responses. The command traces pings on the network port/ serviceport for switching packages. For routing packages, pings are traced on the routing ports as well. Default disabled Format...
Page 616: Debug Rip Packet
Managed Switch CLI Manual, Release 8.0 debug rip packet This command turns on tracing of RIP requests and responses. This command takes no options. The output is directed to the log file. Default disabled Format debug rip packet Mode Privileged EXEC A sample output of the trace message is shown below.
Page 617: Debug Sflow Packet
Managed Switch CLI Manual, Release 8.0 no debug rip packet This command disables tracing of RIP requests and responses. Format no debug rip packet Mode Privileged EXEC debug sflow packet Use this command to enable sFlow debug packet trace. Default disabled Format debug sflow packet...
Page 618: Debug Spanning-Tree Bpdu Receive
Managed Switch CLI Manual, Release 8.0 no debug spanning-tree bpdu This command disables tracing of spanning tree BPDUs. Format no debug spanning-tree bpdu Mode Privileged EXEC debug spanning-tree bpdu receive This command enables tracing of spanning tree BPDUs received by the switch. Spanning tree should be enabled on the device and on the interface in order to monitor packets for a particular interface.
Page 619: Debug Spanning-Tree Bpdu Transmit
Managed Switch CLI Manual, Release 8.0 no debug spanning-tree bpdu receive This command disables tracing of received spanning tree BPDUs. Format no debug spanning-tree bpdu receive Mode Privileged EXEC debug spanning-tree bpdu transmit This command enables tracing of spanning tree BPDUs transmitted by the switch. Spanning tree should be enabled on the device and on the interface in order to monitor packets on a particular interface.
Page 620: Cable Test Command
Managed Switch CLI Manual, Release 8.0 no debug spanning-tree bpdu transmit This command disables tracing of transmitted spanning tree BPDUs. Format no debug spanning-tree bpdu transmit Mode Privileged EXEC Cable Test Command The cable test feature enables you to determine the cable connection status on a selected port. Note: The cable test feature is supported only for copper cable.
Page 621: Sflow Commands
Managed Switch CLI Manual, Release 8.0 Field Description Cable Length If this feature is supported by the PHY for the current link speed, the cable length is displayed as a range between the shortest estimated length and the longest estimated length.
Page 622: Sflow Sampler
Managed Switch CLI Manual, Release 8.0 Field Description Receiver Max The maximum number of data bytes that can be sent in a single sample datagram. The Datagram Size management entity should set this value to avoid fragmentation of the sFlow datagrams. The allowed range is 200 to 9116).
Page 623: Sflow Poller
Managed Switch CLI Manual, Release 8.0 Field Description Sampling Rate The statistical sampling rate for packet sampling from this source. A sampling rate of 1 counts all packets. A value of zero (0) disables sampling. A value of N means that out of N incoming packets, 1 packet will be sampled.
Page 624: Show Sflow Agent
Uniquely identifies the version and implementation of this MIB. The version string must have the following structure: MIB Version; Organization; Software Revision where: • MIB Version: ‘1.3’, the version of this MIB. • Organization: Netgear. • Revision: 1.0 IP Address The IP address associated with this agent.
Page 625: Show Sflow Receivers
Managed Switch CLI Manual, Release 8.0 Field Description Poller Data The sFlowDataSource (slot/port) for this sFlow sampler. This agent will support Physical Source ports only. Receiver Index The sFlowReceiver associated with this sFlow counter poller. Poller Interval The number of seconds between successive samples of the counters associated with this data source.
Page 626: Show Sflow Samplers
Managed Switch CLI Manual, Release 8.0 Datagram Version....... 5 Maximum Datagram Size......1400 show sflow samplers Use this command to display the sFlow sampling instances created on the switch. Format show sflow samplers Mode Privileged EXEC Field Description Sampler Data The sFlowDataSource (slot/port) for this sFlow sampler.
Page 627 Chapter 10 Management Commands This chapter describes the management commands available in the managed switch CLI. The Management Commands chapter contains the following sections: • “Configuring the Switch Management CPU” on page 10-2. • “Console Port Access Commands” on page 10-8.
Page 628: Configuring The Switch Management Cpu
To manage the switch via the web GUI or telnet, an IP address needs to be assigned to the switch management CPU. Whereas there are CLI commands that can be used to do this, ezconfig simplifies the task. The tool is applicable to all NETGEAR 7000-series managed switches, and allows you to configure the following parameters: 1.
Page 629 Managed Switch CLI Manual, Release 8.0 The following is an example of an ezconfig session. NETGEAR EZ Configuration Utility -------------------------------- Hello and Welcome! This utility will walk you thru assigning the IP address for the switch management CPU. It will allow you to save the changes at the end. After the session, simply use the newly assigned IP address to access the Web GUI using any public domain Web browser.
Page 630: Network Interface Commands
Managed Switch CLI Manual, Release 8.0 There are changes detected, do you wish to save the changes permanently (Y/N)? The configuration changes have been saved succesfully. Please enter 'show running-config' to see the final configuration. Thanks for using EzConfig! Network Interface Commands This section describes the commands you use to configure a logical interface for management access.
Page 631: Network Protocol
Managed Switch CLI Manual, Release 8.0 network protocol This command specifies the network configuration protocol to be used. If you modify this value, change is effective immediately. If you use the bootp parameter, the switch periodically sends requests to a BootP server until a response is received. If you use the dhcp parameter, the switch periodically sends requests to a DHCP server until a response is received.
Page 632: Network Javamode
Managed Switch CLI Manual, Release 8.0 no network mac-type This command resets the value of MAC address to its default. Format no network mac-type Mode Privileged EXEC network javamode This command specifies whether or not the switch should allow access to the Java applet in the header frame of the Web interface.
Page 633 Locally Administered address. The factory default is to use the burned in MAC address. The following shows example CLI display output for the network port. (Netgear Switch) #show network Interface Status....... Always Up IP Address........10.250.3.1 Subnet Mask........
Page 634: Console Port Access Commands
Managed Switch CLI Manual, Release 8.0 Management VLAN ID......1 Web Mode........Enable Java Mode........Enable Console Port Access Commands This section describes the commands you use to configure the console port. You can use a serial cable to connect a management host directly to the console port of the switch. configuration This command gives you access to the Global Config mode.
Page 635: Serial Timeout
Managed Switch CLI Manual, Release 8.0 no serial baudrate This command sets the communication rate of the terminal interface. Format no serial baudrate Mode Line Config serial timeout This command specifies the maximum connect time (in minutes) without console activity. A value of 0 indicates that a console can be connected indefinitely.
Page 636: Enable Authentication
Managed Switch CLI Manual, Release 8.0 enable authentication To specify authentication method list when the user accesses a higher privilege level in remote telnet or console, use the command in line configuration mode.. enable authentication Format enable authentication {default | list-name} Mode Line Config no enable authentication...
Page 637: Telnet Commands
Managed Switch CLI Manual, Release 8.0 Telnet Commands This section describes the commands you use to configure and view Telnet settings. You can use Telnet to manage the device from a remote management host. ip telnet server enable Use this command to enable Telnet connections to the system and to enable the Telnet Server Admin Mode.
Page 638: Transport Input Telnet
Managed Switch CLI Manual, Release 8.0 transport input telnet This command regulates new Telnet sessions. If enabled, new Telnet sessions can be established until there are no more sessions available. An established session remains active until the session is ended or an abnormal network error ends the session. Note: If the Telnet Server Admin Mode is disabled, Telnet sessions cannot be established.
Page 639 Managed Switch CLI Manual, Release 8.0 no transport output telnet Use this command to prevent new outbound Telnet connection from being established. Format no transport output telnet Mode Line Config session-limit This command specifies the maximum number of simultaneous outbound Telnet sessions. A value of 0 indicates that no outbound Telnet session can be established.
Page 640: Telnetcon Maxsessions
Managed Switch CLI Manual, Release 8.0 no session-timeout This command sets the Telnet session timeout value to the default. The timeout value unit of time is minutes. Format no session-timeout Mode Line Config telnetcon maxsessions This command specifies the maximum number of Telnet connection sessions that can be established.
Page 641: Show Telnet
Managed Switch CLI Manual, Release 8.0 no telnetcon timeout This command sets the Telnet connection session timeout value to the default. Note: Changing the timeout value for active sessions does not become effective until the session is reaccessed. Also, any keystroke activates the new timeout duration. Format no telnetcon timeout Mode...
Page 642: Secure Shell (Ssh) Commands
Managed Switch CLI Manual, Release 8.0 show telnetcon This command displays the current inbound Telnet settings. In other words, these settings apply to Telnet connections initiated from a remote system to the switch. Format show telnetcon Modes • Privileged EXEC •...
Page 643: Ip Ssh Protocol
Managed Switch CLI Manual, Release 8.0 Format ip ssh Mode Privileged EXEC ip ssh protocol This command is used to set or remove protocol levels (or versions) for SSH. Either SSH1 (1), SSH2 (2), or both SSH 1 and SSH 2 (1 and 2) can be set. Default 1 and 2 Format...
Page 644: Sshcon Timeout
Managed Switch CLI Manual, Release 8.0 no sshcon maxsessions This command sets the maximum number of allowed SSH connection sessions to the default value. Format no sshcon maxsessions Mode Privileged EXEC sshcon timeout This command sets the SSH connection session timeout value, in minutes. A session is active as long as the session has been idle for the value set.
Page 645: Management Security Commands
Managed Switch CLI Manual, Release 8.0 Term Definition Administrative This field indicates whether the administrative mode of SSH is enabled or disabled. Mode Protocol Level The protocol level may have the values of version 1, version 2 or both versions 1 and version 2.
Page 646: Hypertext Transfer Protocol (Http) Commands
Managed Switch CLI Manual, Release 8.0 crypto key generate rsa Use this command to generate an RSA key pair for SSH. The new key files will overwrite any existing generated or downloaded RSA key files. Format crypto key generate rsa Mode Global Config no crypto key generate rsa...
Page 647: Ip Http Server
Managed Switch CLI Manual, Release 8.0 ip http server This command enables access to the switch through the Web interface. When access is enabled, the user can login to the switch from the Web interface. When access is disabled, the user cannot login to the switch's Web server.
Page 648: Ip Http Java
Managed Switch CLI Manual, Release 8.0 ip http java This command enables the Web Java mode. The Java mode applies to both secure and un-secure Web connections. Default Enabled Format ip http java Mode Privileged EXEC no ip http java This command disables the Web Java mode.
Page 649: Ip Http Authentication
Managed Switch CLI Manual, Release 8.0 ip http authentication This command specifies the authentication methods for http server users. The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error, specify none as the final method in the command line.
Page 650: Ip Http Session Soft-Timeout
Managed Switch CLI Manual, Release 8.0 no ip http session maxsessions This command restores the number of allowable un-secure HTTP sessions to the default value. Format no ip http session maxsessions Mode Privileged EXEC ip http session soft-timeout This command configures the soft timeout for un-secure HTTP sessions in minutes. Configuring this value to zero will give an infinite soft-timeout.
Page 651: Ip Http Secure-Session Soft-Timeout
Managed Switch CLI Manual, Release 8.0 no ip http secure-session maxsessions This command restores the number of allowable secure HTTP sessions to the default value. Format no ip http secure-session maxsessions Mode Privileged EXEC ip http secure-session soft-timeout This command configures the soft timeout for secure HTTP sessions in minutes. Configuring this value to zero will give an infinite soft-timeout.
Page 652: Ip Https Authentication
Managed Switch CLI Manual, Release 8.0 no ip http secure-session hard-timeout This command resets the hard timeout for secure HTTP sessions to the default value. Format no ip http secure-session hard-timeout Mode Privileged EXEC ip https authentication This command specifies the authentication methods for http server users. The additional methods of authentication are used only if the previous method returns an error, not if it fails.
Page 653: Show Ip Http
Managed Switch CLI Manual, Release 8.0 Format ip http secure-port <portid> Mode Privileged EXEC no ip http secure-port This command is used to reset the SSL port to the default value. Format no ip http secure-port Mode Privileged EXEC ip http secure-protocol This command is used to set protocol levels (versions).
Page 654: Access Commands
Managed Switch CLI Manual, Release 8.0 Term Definition Secure Protocol Level(s) The protocol level may have the values of SSL3, TSL1, or both SSL3 and TSL1. Maximum Allowable HTTPS The number of allowable secure http sessions. Sessions HTTPS Session Hard Timeout The hard timeout for secure http sessions in hours.
Page 655: User Account Commands
Managed Switch CLI Manual, Release 8.0 Term Definition User Name The name the user entered to log on to the system. Connection IP address of the remote client machine or EIA-232 for the serial port connection. From Idle Time Time this session has been idle. Session Time Total time this session has been connected.
Page 656: Username Nopassword
Managed Switch CLI Manual, Release 8.0 no usermane This command removes a user account. Format no username <username> Mode Global Config Note: You cannot delete the “admin” user account. username nopassword This command removes the password from a user. Format username <name>...
Page 657: Username Snmpv3 Authentication
Managed Switch CLI Manual, Release 8.0 Format username snmpv3 accessmode <username> {readonly | readwrite} Mode Global Config no username snmpv3 accessmode This command sets the snmpv3 access privileges for the specified user as readwrite for the “admin” user and readonly for all other users. The <username> value is the user name for which the specified access mode will apply.
Page 658: Username Snmpv3 Encryption
Managed Switch CLI Manual, Release 8.0 username snmpv3 encryption This command specifies the encryption protocol used for the specified user. The valid encryption protocols are des or none. If you select des, you can specify the required key on the command line. The encryption key must be 8 to 64 characters long.
Page 659: Show Users Accounts
Managed Switch CLI Manual, Release 8.0 Term Definition Access Mode Shows whether the user is able to change parameters on the switch (Read/Write) or is only able to view them (Read Only). As a factory default, the “admin” user has Read/Write access and the “guest”...
Page 660: Show Users Login-History
Managed Switch CLI Manual, Release 8.0 Term Definition User Name The full name of the user. show users login-history This command is used to display the users who have logged in previously. Format show users login-history [{user name}] Mode Privileged EXEC Term Definition Login Time...
Page 661: Passwords History
Managed Switch CLI Manual, Release 8.0 passwords history Use this command to set the number of previous passwords that shall be stored for each user account. When a local user changes his or her password, the user will not be able to reuse any password stored in password history.
Page 662: Passwords Lock-Out
Managed Switch CLI Manual, Release 8.0 passwords lock-out Use this command to strengthen the security of the switch by locking user accounts that have failed login due to wrong passwords. When a lockout count is configured, a user that is logged in must enter the correct password within that count.
Page 663 Managed Switch CLI Manual, Release 8.0 aaa authentication login This command is used to set authentication at login. The default and optional list names that you create with the command are used with the aaa authentication login login command. Create a list by entering the authentication aaa authentication login command for a particular protocol, where...
Page 664 Managed Switch CLI Manual, Release 8.0 no aaa authenticaton login This command is used to remove authentication at login. . Format no aaa authentication login {default | list-name} Mode Global Config aaa authenticaton enable This command is used to set authentication when the user access higher privilege level, use the command in global configuration mode.
Page 665: Aaa Authentication Dot1X
Managed Switch CLI Manual, Release 8.0 Keyword Description line Uses the line password for authentication. none Uses no authentication. radius Uses the list of all RADIUS servers for authentication. Uses username "$enabx$."where x is the privilege level. tacacs Uses the list of all TACACS servers for authentication. Uses username "$enabx$." where x is the privilege level.
Page 666: Snmp Commands
Managed Switch CLI Manual, Release 8.0 method1 [method2…] At least one from the following table: Keyword Description local Uses the local username database for authentication. none Uses no authentication. radius Uses the list of all RADIUS servers for authentication. no aaa authentication dot1x This command is used to remove the authentication at login.
Page 667: Snmp-Server Community
Managed Switch CLI Manual, Release 8.0 snmp-server This command sets the name and the physical location of the switch, and the organization responsible for the network. The range for <name>, <loc> and <con> is from 1 to 31 alphanumeric characters. Default none Format...
Page 668: Snmp-Server Community Ipaddr
Managed Switch CLI Manual, Release 8.0 snmp-server community ipaddr This command sets a client IP address for an SNMP community. The address is the associated community SNMP packet sending address and is used along with the client IP mask value to denote a range of IP addresses from which SNMP clients may use that community to access the device.
Page 669: Snmp-Server Community Mode
Managed Switch CLI Manual, Release 8.0 no snmp-server community ipmask This command sets a client IP mask for an SNMP community to 0.0.0.0. The name is the applicable community name. The community name may be up to 16 alphanumeric characters. Format no snmp-server community ipmask <name>...
Page 670: Snmp-Server Community Rw
Managed Switch CLI Manual, Release 8.0 snmp-server community rw This command restricts access to switch information. The access mode is read/write (also called private). Format snmp-server community rw <name> Mode Global Config snmp-server enable traps violation This command enables the sending of new violation traps designating when a packet with a disallowed MAC address is received on a locked port.
Page 671: Snmp-Server Enable Traps Linkmode
Managed Switch CLI Manual, Release 8.0 no snmp-server enable traps This command disables the Authentication Flag. Format no snmp-server enable traps Mode Global Config snmp-server enable traps linkmode Note: This command may not be available on all platforms. This command enables Link Up/Down traps for the entire switch. When enabled, link traps are sent only if the Link Trap flag setting associated with the port is enabled.
Page 672: Snmp-Server Enable Traps Stpmode
The SNMP trap address can be set using both an IPv4 address format as well as an IPv6 global address format. The following shows an example of the CLI command. (Netgear Switch)# snmptrap mytrap ip6addr 3099::2 Management Commands 10-46...
Page 673: Snmptrap Snmpversion
Managed Switch CLI Manual, Release 8.0 Note: The <name> parameter does not need to be unique, however; the <name> and <ipaddr> pair must be unique. Multiple entries can exist with the same <name>, as long as they are associated with a different <ipaddr>. The reverse scenario is also acceptable.
Page 674: Snmptrap Ipaddr
Managed Switch CLI Manual, Release 8.0 snmptrap ipaddr This command assigns an IP address to a specified community name. The maximum length of name is 16 case-sensitive alphanumeric characters. Note: IP addresses in the SNMP trap receiver table must be unique. If you make multiple entries using the same IP address, the first entry is retained and processed.
Page 675: Snmp Trap Link-Status All
Managed Switch CLI Manual, Release 8.0 Format snmp trap link-status Mode Interface Config no snmp trap link-status This command disables link status traps by interface. Note: This command is valid only when the Link Up/Down Flag is enabled. Format no snmp trap link-status Mode Interface Config snmp trap link-status all...
Page 676: Show Snmpcommunity
Managed Switch CLI Manual, Release 8.0 show snmpcommunity This command displays SNMP community information. Six communities are supported. You can add, change, or delete communities. The switch does not have to be reset for changes to take effect. The SNMP agent of the switch complies with SNMP Versions 1, 2 or 3. For more information about the SNMP specification, see the SNMP RFCs.
Page 677: Show Trapflags
The IPv6 address to receive SNMP traps from this device. SNMP Version SNMPv2 Status The receiver's status (enabled or disabled). The following shows an example of the CLI command. (Netgear Switch)#show snmptrap Community Name IpAddress IPv6 Address Snmp Version Mode Mytrap 0.0.0.0...
Page 678: Radius Commands
Managed Switch CLI Manual, Release 8.0 Term Definition DVMRP Traps Can be enabled or disabled. The factory default is disabled. Indicates whether DVMRP traps are sent. OSPFv2 Traps Can be enabled or disabled. The factory default is disabled. Indicates whether OSPF traps are sent.
Page 679: Radius Accounting Mode
Managed Switch CLI Manual, Release 8.0 radius accounting mode This command is used to enable the RADIUS accounting function. Default disabled Format radius accounting mode Mode Global Config no radius accounting mode This command is used to set the RADIUS accounting function to the default value - i.e. the RADIUS accounting function is disabled.
Page 680: Radius Server Host
Managed Switch CLI Manual, Release 8.0 Format no radius server attribute <4> [<ipaddr>] Mode Global Config The following shows an example of the command. (Switch) (Config) #radius server attribute 4 192.168.37.60 (Switch) (Config) #radius server attribute 4 radius server host This command configures the IP address or DNS name to use for communicating with the RADIUS server of a selected server type.
Page 681 Managed Switch CLI Manual, Release 8.0 when connecting to the RADIUS accounting server. If a <port> is already configured for the accounting server, the new <port> replaces the previously configured <port>. The <port> must be a value in the range 0 - 65535, with 1813 being the default. Note: To re-configure a RADIUS accounting server to use the default UDP <port>, set the <port>...
Page 682: Radius Server Key
Managed Switch CLI Manual, Release 8.0 (Switch) (Config) #radius server host auth 192.168.37.60 name Network1_RADIUS_Auth_Server port 1813 (Switch) (Config) #radius server host acct 192.168.37.60 name Network2_RADIUS_Auth_Server (Switch) (Config) #no radius server host acct 192.168.37.60 radius server key This command configures the key to be used in RADIUS client communication with the specified server.
Page 683: Radius Server Msgauth
Managed Switch CLI Manual, Release 8.0 radius server msgauth This command enables the message authenticator attribute to be used for the specified RADIUS Authenticating server. Format radius server msgauth <ipaddr|dnsname> Mode Global Config Field Description ip addr The IP address of the server. dnsname The DNS name of the server.
Page 684: Radius Server Retransmit
Managed Switch CLI Manual, Release 8.0 Field Description ip addr The IP address of the RADIUS Authenticating server. dnsname The DNS name of the server. radius server retransmit This command configures the global parameter for the RADIUS client that specifies the number of transmissions of the messages to be made before attempting the fall back server upon unsuccessful communication with the current RADIUS authenticating server.
Page 685: Show Radius
Managed Switch CLI Manual, Release 8.0 Default Format radius server timeout <seconds> Mode Global Config Field Description retries Maximum number of transmission attempts in the range <1-30>. no radius server timeout The no version of this command sets the timeout global parameter to the default value. Format no radius server timeout Mode...
Page 686: Show Radius Servers
Managed Switch CLI Manual, Release 8.0 Term Definition Number of Retransmits The configured value of the maximum number of times a request packet is retransmitted. Time Duration The configured timeout value, in seconds, for request re-transmissions. RADIUS Accounting Mode A global parameter to indicate whether the accounting mode for all the servers is enabled or not.
Page 687 Managed Switch CLI Manual, Release 8.0 Field Description Host Address The IP address of the host. Server Name The name of the authenticating server. Port The port used for communication with the authenticating server. Type Specifies whether this server is a primary or secondary type. Current Host Address The IP address of the currently active authenticating server.
Page 688: Show Radius Accounting
Managed Switch CLI Manual, Release 8.0 Server Name......Default_RADIUS_Server Host Address......192.168.37.58 Secret Configured...... No Message Authenticator ....Enable Number of Retransmits....4 Time Duration......10 RADIUS Accounting Mode....Disable RADIUS Attribute 4 Mode....Enable RADIUS Attribute 4 Value ....192.168.37.60 (Switch) #show radius servers 192.168.37.58 Server Name......
Page 689: Show Radius Accounting Statistics
Managed Switch CLI Manual, Release 8.0 Term Definition Server Name The name of the accounting server. Port The port used for communication with the accounting server. Secret Configured Yes or No Boolean value indicating whether this server is configured with a secret. The following shows example CLI display output for the command.
Page 690 Managed Switch CLI Manual, Release 8.0 Term Definition RADIUS Accounting The name of the accounting server. Server Name Server Host Address The IP address of the host. Round Trip Time The time interval, in hundredths of a second, between the most recent Accounting- Response and the Accounting-Request that matched it from this RADIUS accounting server.
Page 691: Show Radius Statistics
Managed Switch CLI Manual, Release 8.0 (Switch) #show radius accounting statistics name Default_RADIUS_Server RADIUS Accounting Server Name....Default_RADIUS_Server Host Address........192.168.37.200 Round Trip Time....... 0.00 Requests........0 Retransmissions....... 0 Responses........0 Malformed Responses......0 Bad Authenticators......0 Pending Requests......0 Timeouts........
Page 692 Managed Switch CLI Manual, Release 8.0 Term Definition Malformed Access The number of malformed RADIUS Access-Response packets received from this Responses server. Malformed packets include packets with an invalid length. Bad authenticators or signature attributes or unknown types are not included as malformed access responses.
Page 693: Tacacs+ Commands
Managed Switch CLI Manual, Release 8.0 Timeouts........0 Unknown Types......... 0 Packets Dropped....... 0 TACACS+ Commands TACACS+ provides access control for networked devices via one or more centralized servers. Similar to RADIUS, this protocol simplifies authentication by making use of a single database that can be shared by many clients on a large network.
Page 694 Managed Switch CLI Manual, Release 8.0 tacacs-server key Use the tacacs-server key command to set the authentication and encryption key for all TACACS+ communications between the switch and the TACACS+ daemon. The <key- string> parameter has a range of 0 - 128 characters and specifies the authentication and encryption key for all TACACS communications between the switch and the TACACS+ server.
Page 695 Managed Switch CLI Manual, Release 8.0 no tacacs-server timeout Use the no tacacs-server timeout command to restore the default timeout value for all TACACS servers. Format no tacacs-server timeout Mode Global Config Use the key command in TACACS Configuration mode to specify the authentication and encryption key for all TACACS communications between the device and the TACACS server.
Page 696: Show Tacacs
Managed Switch CLI Manual, Release 8.0 priority Use the priority command in TACACS Configuration mode to specify the order in which servers are used, where 0 (zero) is the highest priority. The <priority> parameter specifies the priority for servers. The highest priority is 0 (zero), and the range is 0 - 65535. Default Format priority <priority>...
Page 697: Configuration Scripting Commands
Managed Switch CLI Manual, Release 8.0 Configuration Scripting Commands Configuration Scripting allows you to generate text-formatted script files representing the current configuration of a system. You can upload these configuration script files to a PC or UNIX system and edit them. Then, you can download the edited files to the system and apply the new configuration.
Page 698: Script Apply
Managed Switch CLI Manual, Release 8.0 Note: To specify a blank password for a user in the configuration script, you must specify it as a space within quotes. For example, to change the password for user jane from a blank password to hello, the script entry is as follows: users passwd jane "...
Page 699: Pre-Login Banner And System Prompt Commands
Managed Switch CLI Manual, Release 8.0 script show This command displays the contents of a script file, which is named <scriptname>. Format script show <scriptname> Mode Privileged EXEC Term Definition Output Format line <number>: <line contents> script validate This command validates a script file by parsing each line in the script file where <scriptname> is the name of the script to validate.The validate option is intended to be used as a tool for script development.
Page 700: Set Prompt
Managed Switch CLI Manual, Release 8.0 Default none Format copy <Code Sample Variable><tftp://<ipaddr>/<filepath>/ <filename>><Code Sample Variable> nvram:clibanner copy nvram:clibanner <Code Sample Variable><tftp://<ipaddr>/ <filepath>/<filename>><Code Sample Variable> Mode Privileged EXEC set prompt This command changes the name of the prompt. The length of name may be up to 64 alphanumeric characters.
Page 701: Core
There is no specific action that can be taken per message. When there is a problem being diagnosed, a set of these messages in the event log, along with an understanding of the system configuration and details of the problem will assist NETGEAR, Inc. in determining the root cause of such a problem.
Page 702 Managed Switch CLI Manual, Release 8.0 Table 11-1: BSP Log Messages Component Message Cause Event(0xaaaaaaaa) Switch has restarted. Starting code... BSP initialization complete, starting 7000 series application. Table 11-2: NIM Log Messages Component Message Cause NIM: L7_ATTACH out of order for Interface creation out of order intIfNum(x) unit x slot x port x NIM: Failed to find interface at unit x slot x...
Page 703 Managed Switch CLI Manual, Release 8.0 Table 11-3: System Log Messages Component Message Cause SYSTEM Configuration file Switch CLI.cfg size is 0 The configuration file could not be read. (zero) bytes This message may occur on a system for which no configuration has ever been saved or for which configuration has been erased.
Page 704: Utilities
Managed Switch CLI Manual, Release 8.0 Utilities Table 11-4: Trap Mgr Log Message Component Message Cause Trap Mgr Link Up/Down: unit/slot/port An interface changed link state. Table 11-5: DHCP Filtering Log Messages Component Message Cause DHCP Filtering Unable to create r/w lock for DHCP Filtering Unable to create semaphore used for dhcp filtering configuration structure .
Page 705 Managed Switch CLI Manual, Release 8.0 Table 11-7: RADIUS Log Messages Component Message Cause RADIUS RADIUS: Invalid data length - xxx The RADIUS Client received an invalid message from the server. RADIUS RADIUS: Failed to send the request A problem communicating with the RADIUS server.
Page 706: Management
Managed Switch CLI Manual, Release 8.0 Table 11-8: TACACS+ Log Messages Component Message Cause TACACS+ TACACS+: authentication error, no server to TACACS+ request needed, but no servers contact are configured. TACACS+ TACACS+: connection failed to server TACACS+ request sent to server x.x.x.x but x.x.x.x no response was received.
Page 707 Managed Switch CLI Manual, Release 8.0 Table 11-12: EmWeb Log Messages Component Message Cause EmWeb EMWEB (Telnet): Max number of Telnet A user attempted to connect via telnet when login sessions exceeded the maximum number of telnet sessions were already active. EmWeb EMWEB (SSH): Max number of SSH login A user attempted to connect via SSH when...
Page 708 Managed Switch CLI Manual, Release 8.0 Table 11-14: WEB Log Messages Component Message Cause Max clients exceeded This message is shown when the maximum allowed java client connections to the switch is exceeded. Error on send to sockfd XXXX, closing Failed to send data to the java clients connection through the socket.
Page 709 Managed Switch CLI Manual, Release 8.0 Table 11-16: SSHD Log Messages Component Message Cause SSHD SSHD: Unknown UI event in message, Failed to dispatch the UI event to the event=XXXX appropriate SSHD function as it’s an invalid event. XXXX indicates the event to be dispatched.
Page 710: Switching
Managed Switch CLI Manual, Release 8.0 Table 11-18: User_Manager Log Messages Component Message Cause User_Manager User Login Failed for XXXX Failed to authenticate user login. XXXX indicates the username to be authenticated. User_Manager Access level for user XXXX could not be Invalid access level specified for the user.
Page 711 Managed Switch CLI Manual, Release 8.0 Table 11-20: IP Subnet VLANS Log Messages Component Message Cause IPsubnet vlans ERROR vlanIpSubnetSubnetValid :Invalid This occurs when an invalid pair of subnet subnet and netmask has come from the CLI IPsubnet vlans IP Subnet Vlans: failed to save configuration This message appears when save configuration of subnet vlans failed IPsubnet vlans vlanIpSubnetCnfgrInitPhase1Process:...
Page 712 Managed Switch CLI Manual, Release 8.0 Table 11-21: Mac-based VLANs Log Messages Component Message Cause Mac based vlanMacVlanChangeCallback: Failed to This appears when a dtl fails to delete an VLANS delete an entry entry for an vlan delete notify event. Table 11-22: 802.1x Log Messages Component Message...
Page 713 Managed Switch CLI Manual, Release 8.0 Table 11-23: IGMP Snooping Log Messages Component Message Cause IGMP Snooping Failed to set igmp mrouter mode %d for Failed to set VLAN multicast router mode interface xxx on Vlan yyy due to IGMP Snooping message queue being full IGMP Snooping snoopCnfgrInitPhase1Process: Error Could not allocate buffers for small IGMP...
Page 714 Managed Switch CLI Manual, Release 8.0 Table 11-25: 802.3ad Log Messages Component Message Cause 802.3ad dot3adNimEventCompletionCallback, The event sent to NIM was not completed dot3adNimEventCreateCompletionCallback: successfully DOT3AD: notification failed for event(%d), intf(%d), reason(%d) Table 11-26: FDB Log Message Component Message Cause fdbSetAddressAgingTimeOut: Failure Unable to set the age time in the hardware...
Page 715 Managed Switch CLI Manual, Release 8.0 Table 11-30: 802.1Q Log Messages Component Message Cause 802.1Q dot1qIssueCmd: Unable to send message dot1qMsgQueue is full. %d to dot1qMsgQueue for vlan %d - %d msgs in queue 802.1Q dot1qVlanCreateProcess: Attempt to create This accommodates for reserved vlan ids. a vlan with an invalid vlan id %d ;...
Page 716: Qos
Managed Switch CLI Manual, Release 8.0 Table 11-33: Protocol-based VLANs Log Messages Component Message Cause Protocol Based pbVlanCnfgrInitPhase2Process: Unable to Appears when nimRegisterIntfChange fails VLANs register NIM callback to register pbVlan for link state changes. Protocol Based pbVlanCnfgrInitPhase2Process: Unable to Appears when vlanRegisterForChange fails VLANs register pbVlan callback with vlans...
Page 717: Routing/Ipv6 Routing
Managed Switch CLI Manual, Release 8.0 Table 11-35: CoS Log Message Component Message Cause cosCnfgrInitPhase3Process: Unable to The COS component was unable to apply apply saved config -- using factory defaults the saved configuration and has initialized to the factory default settings. Table 11-36: DiffServ Log Messages Component Message...
Page 718 Managed Switch CLI Manual, Release 8.0 Table 11-38: OSPFv2 Log Messages Component Message Cause OSPFv2 Best route client deregistration failed for OSPFv2 registers with the IPv4 routing table OSPF Redist manager (“RTO”) to be notified of best route changes. There are cases where OSPFv2 deregisters more than once, causing the second deregistration to fail.
Page 719 Managed Switch CLI Manual, Release 8.0 Table 11-39: OSPFv3 Log Messages Component Message Cause OSPFv3 Warning: OSPF LSDB is 90% full (15292 OSPFv3 limits the number of Link State LSAs). Advertisements (LSAs) that can be stored in the link state database (LSDB). When the database becomes 90 or 95 percent full, OSPFv3 logs this warning.
Page 720 Managed Switch CLI Manual, Release 8.0 Table 11-41: VRRP Log Messages Component Message Cause VRRP Changing priority to 255 for virtual router When the router is configured with the with VRID 1 on interface 1/0/1 address being used as the virtual router ID, the router’s priority is automatically set to the maximum value to ensure that the address owner becomes the VRRP master.
Page 721: Multicast
Managed Switch CLI Manual, Release 8.0 Multicast Table 11-45: Cache Log Messages Component Message Cause Cache Out of memory when creating entry. When we run out of memory while creating a new cache (MFC) entry Cache Out of memory when creating cache. When we run out of memory while creating the cache itself Table 11-46: IGMP Log Messages...
Page 722 Managed Switch CLI Manual, Release 8.0 Table 11-48: PIM-SM Log Messages Component Message Cause PIM-SM PIM-SM not initialized This message arises when trying to activate pimsm interfaces or receiving pimsm packets when pimsm component is not initialized. PIM-SM Unable to take xxx semaphore This message is logged when failed to acquire semaphore to access source list or group list or candidate Rp list or virtual...
Page 723: Stacking
Managed Switch CLI Manual, Release 8.0 Table 11-49: PIM-DM Log Messages Component Message Cause PIM-DM Error creating PIM-DM pipe This message is logged when the PIM-DM Pipe (that receives control messages) creation fails. Table 11-50: DVMRP Log Messages Component Message Cause DVMRP dvmrp_send_graft: failed getting memory for...
Page 724 Managed Switch CLI Manual, Release 8.0 Table 11-52: System General Error Messages Component Message Cause In hapiBroadSystemMacAddress call to Failed to add an L2 address to the MAC 'bcm_l2_addr_add' - FAILED : x table. This should only happen when a hash collision occurs or the table is full.
Page 725 Managed Switch CLI Manual, Release 8.0 Table 11-52: System General Error Messages Component Message Cause USL: A Trunk being set doesn't exist in USL Possible synchronization issue between the application, hardware, and sync layer. USL: failed to sync trunk table on unit=x Could not synchronize unit x due to a transport failure or API issue on remote unit.
Page 726: O/S Support
Managed Switch CLI Manual, Release 8.0 Table 11-52: System General Error Messages Component Message Cause USL: failed to sync initiator table on unit=x Could not synchronize unit x due to a transport failure or API issue on remote unit. A synchronization retry will be issued USL: failed to sync terminator table on Could not synchronize unit x due to a unit=x...
Page 727 Managed Switch CLI Manual, Release 8.0 Table 11-53: OSAPI Log Messages (continued) Component Message Cause OSAPI osapiCleanupIf: NetIPGet During the call to remove the interface from the route table, the attempt to get an ipv4 interface address from the stack failed. OSAPI osapiCleanupIf: NetMaskGet During the call to remove the interface from...
Page 728: Captive Portal Commands
Managed Switch CLI Manual, Release 8.0 Chapter 12 Captive Portal Commands The Captive Portal feature is a software implementation that blocks clients from accessing the network until user verification has been established. Verification can be configured to allow access for both guest and authenticated users. Authenticated users must be validated against a database of authorized Captive Portal users before access is granted.
Page 729: Http Port
Managed Switch CLI Manual, Release 8.0 no enable Use this command to globally disable captive portal. Default disabled Format no enable Mode Captive Portal Configuration mode http port Use this command to configure an additional HTTP port for captive portal to monitor. The valid range is from 0 to 65535.
Page 730: Authentication Timeout
Managed Switch CLI Manual, Release 8.0 no https port Use this command to reset the HTTPs port to the default HTTPS port 443. Format no https port Mode Captive Portal Configuration mode authentication timeout Use this command to configure the authentication timeout. If the user does not enter valid credentials within this time limit, the authentication page needs to be served again in order for the client to gain access to the network.
Page 731: Show Captive-Portal Status
Managed Switch CLI Manual, Release 8.0 Term Definition The administrative mode is enabled or disabled. Administrative Mode The Operational status is enabled or disabled. Operational Status If the operational status is disabled. This field shows the reason why the operational is Disable Reason disabled.
Page 732: Captive Portal Configuration Commands
Managed Switch CLI Manual, Release 8.0 Term Definition The number of active captive portal instances. Active Captive Portals System Supported The maximum number of user can be authenticated. Users The maximum number of local user can be created. Local Supported Users The number of the authenticated users.
Page 733: Enable (Instance)
Managed Switch CLI Manual, Release 8.0 no configuration Use this command to to delete a CP configuration. The default configuration cannot be deleted. Format no configuration <1-10> Mode Captive Portal Configuration mode enable (Instance) Use this command to enable a captive portal configuration. Default enable Format...
Page 734 Managed Switch CLI Manual, Release 8.0 no name Use this command to remove a configuration name. Format no name Mode Captive Portal Instance mode protocol Use this command to configure the protocol mode for a captive portal configuration. The default protocol is http.
Page 735: Redirect (Captive Portal)
Managed Switch CLI Manual, Release 8.0 group Use this command to configure a group ID for this captive portal configuration. If a group number is configured, the user entry (Local or RADIUS) must be configured with the ame name and the group to authenticate to this captive portal instance.
Page 736 Managed Switch CLI Manual, Release 8.0 Format no redirect Mode Captive Portal Instance mode redirect-url Use this command to configure the redirect URL for a captive portal configuration. The url is the URL for redirection which can be up to 512 characters in length. Format redirect-url url Mode...
Page 737 Managed Switch CLI Manual, Release 8.0 Default Format max-bandwidth-up <0-536870911> Mode Captive Portal Instance mode no max-bandwidth-up Use this command to reset the maximum rate to the default Format no max-bandwidth-up Mode Captive Portal Instance mode max-input-octets Use this command to configure the maximum number of octets the user is allowed to transmit. After this limit has been reached the user will be disconnected.
Page 738 Managed Switch CLI Manual, Release 8.0 max-output-octets Use this command to configure the maximum number of octets the user is allowed to receive. After this limit has been reached the user will be disconnected. The number of octets is in bytes. 0 indicates limit not enforced Use the “no”.
Page 739: Session-Timeout (Captive Portal)
Managed Switch CLI Manual, Release 8.0 Format max-total-octets <0-4294967295> Mode Captive Portal Instance mode session-timeout (Captive Portal) Use this command to configure the session timeout for a captive portal configuration. After this limit has been reached, the user will be disconnected. Timeout is time in seconds.
Page 740: Interface (Captive Portal)
Managed Switch CLI Manual, Release 8.0 Format no idle-timeout Mode Captive Portal Instance mode locale This command is not intended to be a user command. The administrator must use the WEB UI to create and customize captive portal web content. This command is primarily used by the show running-config command and process as it provides the ability to save and restore configurations using a text based format.
Page 741: Captive Portal Status Commands
Managed Switch CLI Manual, Release 8.0 Format no interface <unit/slot/port> Mode Captive Portal Instance Config mode block Use this command to block all traffic for a captive portal configuration. The administrator can block access to a captive portal configuration. When an instance is blocked no client traffic is allowed through any interfaces associated with that captive portal configuration.
Page 742: Show Captive-Portal Configuration Interface
Managed Switch CLI Manual, Release 8.0 Format show captive-portal configuration <1-10> Mode Privileged EXEC mode Term Definition CP ID The captive portal ID CP Name The captive portal instance name Operational Status The operational status is enabled or disabled. Disable Reason If the operational status is disabled, this field shows the reason.
Page 743 Managed Switch CLI Manual, Release 8.0 Term Definition CP ID The captive portal ID. CP Name The captive portal name. Interface The interface associated with the CP ID Interface The interface description Description Operational Status The operational status is enabled or disabled. Disable Reason The reason if the operational status is disabled.
Page 744: Show Captive-Portal Configuration Status
Managed Switch CLI Manual, Release 8.0 show captive-portal configuration status Use this command to display information about all configured captive portal configurations or about a specific captive portal configuration. The <1-10> is captive portal ID. If <1-10> is not entered, all the configurations are displayed. Format show captive-portal configuration [ <1-10>...
Page 745: Show Captive-Portal Configuration Locales
Managed Switch CLI Manual, Release 8.0 Example (switch)#show captive-portal configuration status CP ID CP Name Mode Protocol Verification ----- ---------- -------- -------- ------------ Enable https Guest Enable http Local Disable https Guest (switch)#show captive-portal configuration 1 status CP ID.......... 1 CP Name........
Page 746: Captive Portal Client Connection Commands
Managed Switch CLI Manual, Release 8.0 show captive-portal trapflags Use this command to display which captive portal traps are enabled. Format show captive-portal trapflags Mode Privileged EXEC mode Example (switch)#show captive-portal trapflags Client Authentication Failure Traps.... Disable Client Connection Traps......Disable Client Database Full Traps.....
Page 747: Show Captive-Portal Client Statistics
Managed Switch CLI Manual, Release 8.0 If the macaddr is specified, the following terms are displayed. Term Definition CP ID The captive portal ID associated with the client CP Name The captive portal name associated with the client Interface The interface on which the client authenticated. Interface The interface description Description...
Page 748: Show Captive-Portal Interface Client Status
Managed Switch CLI Manual, Release 8.0 Term Definition Client MAC The MAC address of the authenticated client address Bytes Received The number of bytes received from the client Bytes Transmitted The number of bytes transmitted to the client Packets Received The number of packets received from the client Packets The number of packets transmitted from the client Transmitted...
Page 749: Show Captive-Portal Configuration Client Status
Managed Switch CLI Manual, Release 8.0 Term Definition Verification The user verification mode Example (switch) #show captive-portal interface client status Client Client Intf Intf Description MAC Address IP Address ------ ----------------------------------- ----------------- -------------- 1/0/1 Unit: 1 Slot: 0 Port: 1 Gigabit 0002.BC00.1290 10.254.96.47 1/0/2...
Page 750: Captive Portal Interface Commands
Managed Switch CLI Manual, Release 8.0 If the CP ID is specified, the following terms are displayed. Term Definition Interface The description of the interace Description Example (switch)#show captive-portal configuration client status CP ID CP Name Client MAC Address Client IP Address Interface ----- -------...
Page 751: Captive Portal Local User Commands
Managed Switch CLI Manual, Release 8.0 Format show captive-portal interface configuration [ <1-10>] status Mode Privileged EXEC mode Term Definition CP ID The captive portal ID CP Name The captive portal name Interface The interface associated with the CP ID. Interface The description of the interface Description...
Page 752 Managed Switch CLI Manual, Release 8.0 Format user user-id password { password | encrypted enc-password } Mode Captive Portal Configuration mode no user Use this command to delete a user from the local user database. If the user has an existing session, it is disconnected.
Page 753: User Session-Timeout
Managed Switch CLI Manual, Release 8.0 no user group Use this command to dis-associate a group and user. Format no user <1-128> group <1-10> Mode Captive Portal Configuration mode user session-timeout Use this command to set the session timeout value for a captive portal user. Use the “no” form of this command to reset the session timeout to the default.
Page 754: User Max-Bandwidth-Down
Managed Switch CLI Manual, Release 8.0 no user idle-timeout Use this command to reset the idle timeout to the default value. Format no user <1-128> idle-timeout timeout Mode Captive Portal Configuration mode user max-bandwidth-down Use this command to configure the bandwidth at which the client can receive data from the network.
Page 755: User Max-Input-Octets
Managed Switch CLI Manual, Release 8.0 no user max-bandwidth-up Use this command to reset the limit to the default. Format user <1-128> max-bandwidth-up Mode Captive Portal Configuration mode user max-input-octets Use this command to limit the number of octets the user is allowed to transmit. After this limit has been reached the user will be disconnected.
Page 756: User Max-Total-Octets
Managed Switch CLI Manual, Release 8.0 no user max-output-octets Use this command to reset the limit to the default. Default Format no user <1-128> max-output-octets Mode Captive Portal Configuration mode user max-total-octets Use this command to limit the number of bytes the user is allowed to transmit and receive. The maximum number of octets is the sum of octets transmitted and received.
Page 757 Managed Switch CLI Manual, Release 8.0 Format show captive-portal user [ <1-128> ] Mode Privileged EXEC mode Term Definition User ID The user ID User Name The user name Session Timeout Logout once session timeout is reached (seconds). If the value is 0 then use the value configured for the captive portal.
Page 758: Captive Portal User Group Commands
Managed Switch CLI Manual, Release 8.0 Session Idle User ID User Name Timeout Timeout Group ID Group Name ------- -------------- -------- -------- -------- ----------- user123 Default user234 Default (switch)#show captive-portal user 1 User ID........1 User Name........user123 Password Configured......Yes Session Timeout........
Page 759: User Group Name
Managed Switch CLI Manual, Release 8.0 Default Format user group <1-10> Mode Captive Portal Configuration mode no user group Use this command to delete a user group. The default user group (1) cannot be deleted. Format user group <1-10> Mode Captive Portal Configuration mode user group name Use this command to configure a group name.
Page 760: List Of Commands
Managed Switch CLI Manual, Release 8.0 Chapter 13 List of Commands {deny | permit} (IP ACL) ...........................8-40 {deny | permit} (IPv6) ............................8-45 {deny | permit} (MAC ACL) ..........................8-34 1583compatibility ..............................4-41 aaa authentication dot1x ...........................10-39 aaa authentication login .............................10-37 aaa authenticaton enable ...........................10-38 access-list .................................8-37...
Page 761 Managed Switch CLI Manual, Release 8.0 area virtual-link dead-interval (OSPF) ......................4-47 area virtual-link dead-interval (OSPFv3) ......................7-43 area virtual-link hello-interval (OSPF) ......................4-48 area virtual-link hello-interval (OSPFv3) .....................7-43 area virtual-link retransmit-interval (OSPF) ....................4-48 area virtual-link retransmit-interval (OSPFv3) ...................7-44 area virtual-link transmit-delay (OSPF) ......................4-49 area virtual-link transmit-delay (OSPFv3) ....................7-44...
Page 762 Managed Switch CLI Manual, Release 8.0 captive-portal client deauthenticate .......................12-23 captive-portal ................................12-1 capture wrap ................................9-62 class ....................................8-21 class-map ..................................8-10 class-map rename ..............................8-11 classofservice dot1p-mapping ..........................8-2 classofservice ip-dscp-mapping ..........................8-2 classofservice trust ..............................8-3 clear arp-cache ................................4-5 clear arp-switch ................................4-6 clear captive-portal users ..........................12-31 clear config ................................9-27...
Page 763 Managed Switch CLI Manual, Release 8.0 clear isdp table ..............................3-208 clear lldp remote-data ............................3-175 clear lldp statistics ...............................3-174 clear logging buffered ............................9-27 clear mac-addr-table .............................9-27 clear pass ..................................9-28 clear port-channel ..............................9-28 clear radius statistics .............................3-64 clear traplog ................................9-28 clear vlan ..................................9-28 client-identifier ...............................9-41...
Page 764 Managed Switch CLI Manual, Release 8.0 debug ipv6 pimdm packet ..........................9-73 debug ipv6 pimsm packet ...........................9-73 debug isdp packet ..............................3-212 debug lacp packet ..............................9-74 debug mldsnooping packet ..........................9-74 debug ospf packet ..............................9-75 debug ospfv3 packet .............................9-77 debug ping packet ..............................9-78 debug rip packet ..............................9-79 debug sflow packet...
Page 765 Managed Switch CLI Manual, Release 8.0 dos-control icmpv6 .............................3-202 dos-control l4port ..............................3-195 dos-control sipdip ..............................3-193 dos-control smacdmac ............................3-196 dos-control tcpfinurgpsh ...........................3-200 dos-control tcpflag ..............................3-195 dos-control tcpflagseq ............................3-198 dos-control tcpfrag ..............................3-194 dos-control tcpoffset ............................3-199 dos-control tcpport ..............................3-197 dos-control tcpsyn ...............................3-199 dos-control tcpsynfin ............................3-200 dos-control udpport .............................3-197...
Page 766 Managed Switch CLI Manual, Release 8.0 ezconfig ..................................10-2 filedescr ..................................9-5 group ..................................12-8 hardware-address ..............................9-43 hashing-mode ................................3-107 host .....................................9-44 hostroutesaccept ..............................4-87 http port ..................................12-2 https port ...................................12-2 idle-timeout ................................12-12 interface ..................................3-2 interface (Captive Portal) ...........................12-13 interface lag ................................3-3 interface loopback ..............................7-8 interface range ................................3-3 interface tunnel...
Page 767 Managed Switch CLI Manual, Release 8.0 ip dhcp snooping vlan ............................3-120 ip domain list ................................9-56 ip domain lookup ..............................9-55 ip domain name ..............................9-56 ip domain retry ...............................9-58 ip domain timeout ..............................9-59 ip dvmrp ..................................5-8 ip dvmrp metric ................................5-7 ip dvmrp trapflags ..............................5-8 ip dvmrp(Global Config) ............................5-7...
Page 768 Managed Switch CLI Manual, Release 8.0 ip igmp-proxy unsolicit-rprt-interval ......................5-35 ip igmpsnooping unknown-multicast ......................3-145 ip irdp ..................................4-20 ip irdp address ................................4-21 ip irdp holdtime ..............................4-21 ip irdp maxadvertinterval ............................4-22 ip irdp minadvertinterval ............................4-22 ip irdp preference ..............................4-23 ip mcast boundary ..............................5-2 ip mtu ..................................4-12...
Page 769 Managed Switch CLI Manual, Release 8.0 ip proxy-arp ................................4-2 ip redirects ................................4-91 ip rip ...................................4-83 ip rip authentication ..............................4-85 ip rip receive version ............................4-86 ip rip send version ..............................4-86 ip route ..................................4-9 ip route default ...............................4-10 ip route distance ..............................4-11 ip routing ..................................4-8 ip ssh...
Page 770 Managed Switch CLI Manual, Release 8.0 ipv6 mld last-member-query-count .........................6-19 ipv6 mld last-member-query-interval ......................6-18 ipv6 mld query-interval ............................6-17 ipv6 mld query-max-response-time ........................6-18 ipv6 mld router ...............................6-16 ipv6 mld-proxy ...............................6-23 ipv6 mld-proxy reset-status ..........................6-24 ipv6 mld-proxy unsolicit-rprt-interval ......................6-24 ipv6 mtu ..................................7-14 ipv6 nd dad attempts ............................7-15 ipv6 nd managed-config-flag...
Page 771 Managed Switch CLI Manual, Release 8.0 ipv6 router ospf ..............................7-38 ipv6 traffic-filter ..............................8-46 ipv6 unicast-routing ..............................7-11 ipv6 unreachables ..............................7-19 isdp advertise-v2 ..............................3-207 isdp enable ................................3-208 isdp holdtime .................................3-207 isdp run ...................................3-206 isdp timer ................................3-207 ....................................10-69 lacp actor admin ..............................3-94 lacp actor admin key ............................3-94 lacp actor admin state individual ........................3-95...
Page 772 Managed Switch CLI Manual, Release 8.0 lldp transmit ................................3-171 lldp transmit-mgmt .............................3-173 lldp transmit-tlv ..............................3-172 locale ..................................12-13 logging buffered ..............................9-18 logging buffered wrap ............................9-19 logging cli-command ............................9-19 logging console ..............................9-20 logging host ................................9-20 logging host remove .............................9-21 logging persistent ..............................9-24 logging syslog .................................9-21 login authentication...
Page 773 Managed Switch CLI Manual, Release 8.0 match srcl4port ...............................8-18 max-bandwidth-down ............................12-9 max-bandwidth-up ..............................12-9 maximum-paths (OSPF) .............................4-61 maximum-paths (OSPFv3) ..........................7-50 max-input-octets ..............................12-10 max-output-octets ..............................12-11 max-total-octets ..............................12-11 member ..................................2-2 mirror ..................................8-20 mode dot1q-tunnel ..............................3-46 mode dvlan-tunnel ..............................3-47 monitor session ..............................3-113 movemanagement ..............................2-3 ....................................3-5 name ...................................12-6...
Page 774 Managed Switch CLI Manual, Release 8.0 permit ip host mac host .............................3-135 ping .....................................9-29 ping ipv6 ..................................7-4 ping ipv6 interface ..............................7-5 police-simple ................................8-23 policy-map ................................8-24 policy-map rename ...............................8-25 port ...................................10-69 port lacpmode ...............................3-104 port lacpmode enable all ...........................3-104 port lacptimeout (Global Config) ........................3-105 port lacptimeout (Interface Config) ......................3-105...
Page 775 Managed Switch CLI Manual, Release 8.0 redirect ..................................8-21 redirect (Captive Portal) ............................12-8 redirect-url ................................12-9 redistribute (OSPF) ...............................4-61 redistribute (OSPFv3) ............................7-52 redistribute (RIP) ..............................4-88 reload ..................................9-31 reload (Stack) ................................2-6 router ospf ................................4-39 router rip ...................................4-82 router-id (OSPF) ..............................4-60 router-id (OSPFv3) ...............................7-52 routing ..................................4-8 save...
Page 776 Managed Switch CLI Manual, Release 8.0 set igmp mrouter ..............................3-144 set igmp mrouter interface ..........................3-145 set igmp querier ..............................3-149 set igmp querier election participate ......................3-151 set igmp querier query-interval ........................3-150 set igmp querier timer expiry ..........................3-150 set igmp querier version ............................3-151 set mld ..................................3-153...
Page 777 Managed Switch CLI Manual, Release 8.0 show captive-portal configuration locales ....................12-18 show captive-portal configuration status .....................12-17 show captive-portal configuration .........................12-14 show captive-portal interface client status ....................12-21 show captive-portal interface configuration status ..................12-23 show captive-portal status ..........................12-4 show captive-portal trapflags ..........................12-19 show captive-portal user ...........................12-29 show captive-portal...
Page 778 Managed Switch CLI Manual, Release 8.0 show interfaces cos-queue ............................8-7 show interfaces switchport ..........................3-54 show ip access-lists ...............................8-42 show ip arp inspection ............................3-136 show ip arp inspection interfaces ........................3-138 show ip arp inspection statistics ........................3-137 show ip brief ................................4-13 show ip dhcp binding ............................9-52 show ip dhcp conflict ............................9-55...
Page 779 Managed Switch CLI Manual, Release 8.0 show ip mcast mroute group ..........................5-5 show ip mcast mroute source ..........................5-6 show ip ospf ................................4-65 show ip ospf abr ..............................4-69 show ip ospf area ..............................4-69 show ip ospf asbr ..............................4-70 show ip ospf database ............................4-71 show ip ospf database database-summary ....................4-72...
Page 780 Managed Switch CLI Manual, Release 8.0 show ip vrrp interface brief ..........................4-33 show ip vrrp interface stats ..........................4-31 show ipv6 access-lists ............................8-47 show ipv6 brief ...............................7-20 show ipv6 dhcp ..............................7-73 show ipv6 dhcp binding ............................7-76 show ipv6 dhcp interface ............................7-74 show ipv6 dhcp pool ............................7-76 show ipv6 dhcp statistics...
Page 781 Managed Switch CLI Manual, Release 8.0 show ipv6 pimsm interface ..........................6-15 show ipv6 pimsm neighbor ..........................6-15 show ipv6 pimsm rp mapping ...........................6-16 show ipv6 pimsm rphash ............................6-16 show ipv6 route ..............................7-24 show ipv6 route preferences ..........................7-26 show ipv6 route summary ..........................7-27 show ipv6 traffic ..............................7-28...
Page 782 Managed Switch CLI Manual, Release 8.0 show mac-address-table stats ..........................3-206 show mac-addr-table ............................9-12 show mbuf total ..............................9-14 show mldsnooping ..............................3-159 show mldsnooping mrouter ..........................3-161 show mldsnooping mrouter vlan ........................3-161 show mldsnooping querier ..........................3-165 show monitor session ............................3-114 show network ................................10-6 show network ndp ..............................7-4 show passwords configuration...
Page 783 Managed Switch CLI Manual, Release 8.0 show slot ..................................2-6 show snmpcommunity ............................10-50 show snmptrap ..............................10-50 show sntp ..................................9-38 show sntp client ..............................9-38 show sntp server ..............................9-39 show spanning-tree ...............................3-23 show spanning-tree brief .............................3-24 show spanning-tree interface ..........................3-25 show spanning-tree mst port detailed ......................3-26 show spanning-tree mst port summary ......................3-28...
Page 784 Managed Switch CLI Manual, Release 8.0 show voice vlan ..............................3-50 shutdown ..................................3-6 shutdown all ................................3-6 slot ....................................2-4 snmp trap link-status ............................10-48 snmp trap link-status all ............................10-49 snmp-server ................................10-41 snmp-server community ............................10-41 snmp-server community ipaddr ........................10-42 snmp-server community ipmask ........................10-42 snmp-server community mode ........................10-43 snmp-server community ro ..........................10-43...
Page 785 Managed Switch CLI Manual, Release 8.0 spanning-tree forward-time ..........................3-15 spanning-tree guard ..............................3-16 spanning-tree max-age ............................3-16 spanning-tree max-hops ............................3-17 spanning-tree mst ..............................3-17 spanning-tree mst instance ..........................3-19 spanning-tree mst priority ..........................3-19 spanning-tree mst vlan ............................3-20 spanning-tree port mode .............................3-21 spanning-tree port mode all ..........................3-21 speed ....................................3-7...
Page 786 Managed Switch CLI Manual, Release 8.0 switchport protected (Interface Config) ......................3-53 tacacs-server host ..............................10-67 tacacs-server key ..............................10-68 tacacs-server timeout ............................10-68 telnet ..................................10-11 telnetcon maxsessions ............................10-14 telnetcon timeout ..............................10-14 terminal length ................................9-17 timeout ..................................10-70 timers spf ..................................4-63 traceroute ..................................9-25 traceroute ipv6 ................................7-6 traceroute ipv6 ................................9-26...
Page 787 Managed Switch CLI Manual, Release 8.0 username snmpv3 encryption ..........................10-32 verification ................................12-7 vlan .....................................3-32 vlan acceptframe ..............................3-32 vlan association mac .............................3-42 vlan association subnet ............................3-41 vlan database ................................3-31 vlan ingressfilter ..............................3-33 vlan makestatic ...............................3-33 vlan name .................................3-34 vlan participation ..............................3-34 vlan participation all .............................3-35 vlan port acceptframe all...

This manual is also suitable for:

Gsm7328sv2 Gsm7352sv1 - prosafe 48+4 gigabit ethernet l3 managed stackable switch Gsm7352sv2 Prosafe 7300s series Gsm7328s Gsm7352s ... Show all

NETGEAR GSM7328Sv1 - ProSafe 24+4 Gigabit Ethernet L3 Managed Stackable Switch Cli Manual

Table of Contents

Chapter 1 Using the Command-Line Interface

Chapter 2 Stacking Commands

Chapter 3 Switching Commands

Chapter 4 Routing Commands

Chapter 5 IP Multicast Commands

Chapter 6 Ipv6 Multicast Commands

Chapter 7 Ipv6 Commands

Chapter 8 Quality of Service (Qos) Commands

Chapter 9

Chapter 10 Management Commands

Chapter 11 Log Messages

Chapter 12 Captive Portal Commands

Quick Links

Chapters

Related Manuals for NETGEAR GSM7328Sv1 - ProSafe 24+4 Gigabit Ethernet L3 Managed Stackable Switch

Summary of Contents for NETGEAR GSM7328Sv1 - ProSafe 24+4 Gigabit Ethernet L3 Managed Stackable Switch