Page 1: Cli Reference Guide
Dell™ PowerConnect™ 6200 Series Systems CLI Reference Guide Models: PC6224, PC6248, PC6224P, PC6248P, and PC6224F...
Page 2 Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden. Trademarks used in this text: Dell, the DELL logo, and PowerConnect are trademarks of Dell Inc. sFlow is a registered trademark of InMon Corporation. Cisco is a registered trademark of Cisco Systems, Inc.
Page 3: Table Of Contents
Contents Command Groups ....Introduction ..... . . Command Groups .
Page 4 enable authentication ....enable password ....ip http authentication .
Page 5 Address Table Commands ... bridge aging-time ....bridge multicast address ....bridge multicast filtering .
Page 6 isdp advertise-v2 ....isdp enable ..... . . isdp holdtime .
Page 7 ip dhcp snooping limit ....ip dhcp snooping log-invalid ....ip dhcp snooping trust .
Page 8 11 Ethernet Configuration Commands ..description ..... . . duplex ......flowcontrol .
Page 9 12 GVRP Commands ....garp timer ......gvrp enable (global) .
Page 10 ip igmp snooping maxresponse ... . ip igmp snooping mcrtrexpiretime ..14 IGMP Snooping Querier Commands . . . ip igmp snooping querier election participate .
Page 11 show arp switch ..... show hosts ......show ip helper-address .
Page 12 show lacp ethernet ....show lacp port-channel ....19 Link Dependency Commands .
Page 13 lldp receive ..... . . lldp timers ......lldp transmit .
Page 14 22 Port Monitor Commands ... . show monitor session ....23 QoS Commands ....class .
Page 15 match dstip ......match dstip6 ..... . . match dstl4port .
Page 16 show classofservice ip-dscp-mapping ..show classofservice trust ....show diffserv ..... . show diffserv service interface ethernet in .
Page 17 radius-server host ....radius-server key ....radius-server retransmit .
Page 18 spanning-tree bpdu-protection ... . spanning-tree cost ....spanning-tree disable ....spanning-tree forward-time .
Page 19 26 Switchport Voice Commands ..switchport voice detect auto ....27 TACACS+ Commands ....port .
Page 20 show interfaces switchport ....show port protocol ....show switchport protected .
Page 21 vlan protocol group ....vlan protocol group add protocol ... . vlan protocol group name .
Page 22 dot1x timeout supp-timeout ....dot1x timeout tx-period ....show dot1x ..... . . show dot1x clients .
Page 23 clear arp-cache ..... clear arp-cache management ....ip proxy-arp .
Page 24 show ipv6 dhcp binding ....show ipv6 dhcp interface ....show ipv6 dhcp pool .
Page 25 ip igmp startup-query-interval ....ip igmp version ..... . show ip igmp .
Page 26 39 IP Routing Commands ....ip address ..... . . ip mtu .
Page 27 ipv6 mld snooping mcrtexpiretime ... ipv6 mld snooping (Global) ....ipv6 mld snooping (Interface) ....ipv6 mld snooping (VLAN) .
Page 28 show ipv6 pimsm neighbor ....show ipv6 pimsm rphash ....show ipv6 pimsm rp mapping .
Page 29 ipv6 nd other-config-flag ....ipv6 nd prefix ..... . . ipv6 nd ra-interval .
Page 30 show ipv6 mld traffic ....show ipv6 neighbors ....show ipv6 pimdm .
Page 31 ip pimsm dr-priority ....ip pimsm hello-interval ....ip pimsm join-prune-interval .
Page 32 45 OSPF Commands ....area nssa ......area nssa default-info-originate .
Page 33 default-metric ..... . distance ospf ..... . . distribute-list out .
Page 34 nsf restart-interval ....passive-interface default ....passive-interface ....redistribute .
Page 35 46 OSPFv3 Commands ....area nssa ......area nssa default-info-originate .
Page 36 ipv6 ospf ......ipv6 ospf areaid ....ipv6 ospf cost .
Page 37 show ipv6 ospf area ....show ipv6 ospf asbr ....show ipv6 ospf database .
Page 38 show ip pimsm interface 1000 ....show ip pimsm neighbor 1002 ....show ip pimsm rphash 1002 .
Page 39 ip rip receive version 1022 ....ip rip send version 1023 ....redistribute 1024 .
Page 40 ip vrrp preempt 1043 ..... ip vrrp priority 1044 ..... ip vrrp timers advertise 1045 .
Page 41 https port 1063 ......show captive-portal 1064 ....show captive-portal status 1065 .
Page 42 no user 1080 ......show captive-portal user 1081 ....user group 1082 .
Page 43 sntp client poll timer 1100 ....sntp server 1101 ..... . . sntp trusted-key 1102 .
Page 44 show backup-config 1123 ....show bootvar 1124 ..... . show dir 1125 .
Page 45 60 Line Commands 1143 ....history 1144 ......history size 1145 .
Page 46 show fiber-ports optical-transceiver 1166 ..test copper-port tdr 1167 ....64 Power Over Ethernet Commands 1169 .
Page 47 66 Serviceability Tracing Packet Commands 1199 debug auto-voip 1201 ....debug clear 1202 ..... . debug console 1202 .
Page 48 debug ospfv3 1215 ..... . debug ping 1216 ..... . . debug rip 1217 .
Page 49 show snmp views 1240 ....show trapflags 1242 ..... snmp-server community 1244 .
Page 50 key-string 1268 ......show crypto key mypubkey 1270 ....show crypto key pubkey-chain ssh 1271 .
Page 51 show syslog-servers 1289 ....71 System Management Commands 1291 ..banner motd 1293 ..... . banner motd acknowledge 1294 .
Page 52 show stack-port 1315 ....show stack-port counters 1316 ....show stack-port diag 1318 .
Page 53 73 User Interface Commands 1351 ..1352 ......exit 1353 .
Page 54 show ip https 1369 ..... . state 1370 ......Contents...
Page 55: Command Groups
Command Groups Introduction The Command Line Interface (CLI) is a network management application operated through an ASCII terminal without the use of a Graphic User Interface (GUI) driven software application. By directly entering commands, the user has greater configuration flexibility. The CLI is a basic command-line interpreter similar to the UNIX C shell.
Page 56 (continued) Table 1-1. System Command Groups Command Group Description Address Table Configures bridging address tables. CDP Interoperability Configures Cisco Discovery Protocol (CDP). DHCP l2 Relay Enables the Layer 2 DHCP Relay agent for an interface. DHCP Snooping Configures DHCP snooping and whether an interface is trusted for filtering.
Page 57 (continued) Table 1-1. System Command Groups Command Group Description TACACS+ Configures and displays TACACS+ information. VLAN Configures VLANs and displays VLAN information. Voice VLAN Configures voice VLANs and displays voice VLAN information 802.1x Configures and displays commands related to 802.1x security protocol.
Page 58 (continued) Table 1-1. System Command Groups Command Group Description Tunnel Interface (IPv6) Managing tunneling operations. Virtual LAN Routing Controls virtual LAN routing. (IPv4) Virtual Router Manages router redundancy on the system. Redundancy (IPv4) Utility Commands Auto Config Automatically configures switch when a configuration file is not found.
Page 59 (continued) Table 1-1. System Command Groups Command Group Description Syslog Manages and displays syslog messages. System Management Configures the switch clock, name and authorized users. Telnet Server Configures Telnet service on the switch and displays Telnet information. User Interface Describes user commands used for entering CLI commands.
Page 60: Mode Types
Mode Types The tables on the following pages use these abbreviations for Command Mode names. • ARPA — ARP ACL Configuration • CC — Crypto Configuration • CP — Captive Portal Configuration • CPI — Captive Portal Instance • CMC — Class-Map Configuration •...
Page 61: Layer 2 Commands
• SP — SSH Public Key • SK — SSH Public Key-chain • TC — TACACS Configuration • UE — User EXEC • VLAN — VLAN Configuration • v6ACL — IPv6 Access List Configuration • v6CMC • v6DP — IPv6 DHCP Pool Configuration Layer 2 Commands Command Description...
Page 62 Command Description Mode* password Specifies a user password show authentication Shows information about authentication methods methods show user accounts Displays information about the local user database show users login-history Displays information about login histories of users username Establishes a username-based authentication system.
Page 63: Address Table Commands
Command Description Mode* show mac access-list Displays a MAC access list and all of the rules that are defined for the ACL. NOTE: *For the meaning of each Mode abbreviation, see "Mode Types" on page 60. Address Table Command Description Mode* bridge address Adds a static MAC-layer station source address...
Page 64: Show Bridge Multicast Filtering
Command Description Mode* show bridge multicast Displays Multicast MAC address table address-table information. show bridge multicast Displays the Multicast filtering configuration. filtering show ports security Displays the port-lock status. show ports security Displays current dynamic addresses in locked addresses ports. NOTE: *For the meaning of each Mode abbreviation, see "Mode Types"...
Page 65: Ip Dhcp Snooping Limit
DHCP l2 Relay Command Description Mode* dhcp l2relay Enables the Layer 2 DHCP Relay agent for an GC/IC interface. dhcp l2relay circuit-id Enables user to set the DHCP Option 82 Circuit ID for a VLAN. dhcp l2relay remote-id Enables user to set the DHCP Option 82 Remote ID for a VLAN.
Page 66: Ip Dhcp Snooping Trust
Command Description Mode* ip dhcp snooping trust Configure a port as trusted for DHCP snooping. IC ip dhcp snooping verify Enables the verification of the source MAC mac-address address with the client MAC address in the received DHCP message. show ip dhcp snooping Displays the DHCP snooping global and per port configuration.
Page 67: Ip Arp Inspection Vlan
Command Description Mode* ip arp inspection vlan Enables Dynamic ARP Inspection on a single VLAN or a range of VLANs. permit ip host mac host Configures a rule for a valid IP address and ARPA MAC address combination used in ARP packet validation.
Page 68: Garp Timer
Command Description Mode* negotiation Enables auto-negotiation operation for the speed and duplex parameters of a given interface. show interfaces advertise Displays information about auto negotiation advertisement. show interfaces Displays the configuration for all configured configuration interfaces. show interfaces counters Displays traffic seen by the physical interface. show interfaces description Displays the description for all configured interfaces.
Page 69: Gvrp Enable (Global)
Command Description Mode* gvrp enable (interface) Enables GVRP on an interface. gvrp registration-forbid De-registers all VLANs, and prevents dynamic VLAN registration on the port. gvrp vlan-creation-forbid Enables or disables dynamic VLAN creation. show gvrp configuration Displays GVRP configuration information, including timer values, whether GVRP and dynamic VLAN creation is enabled, and which ports are running GVRP show gvrp error-statistics...
Page 70: Ip Igmp Snooping (Vlan)
Command Description Mode* ip igmp snooping (VLAN) In VLAN Config mode, enables IGMP snooping VLAN on a particular VLAN or on all interfaces participating in a VLAN. ip igmp snooping fast-leave Enables or disables IGMP Snooping fast-leave VLAN mode on a selected VLAN. ip igmp snooping Sets the IGMP Group Membership Interval VLAN...
Page 71: Ip Address
IP Addressing Command Description Mode* clear host Deletes entries from the host name-to-address cache helper address Enable forwarding User Datagram Protocol (UDP) Broadcast packets received on an interface. ip address Sets a management IP address on the switch. ip address dhcp Acquires an IP address on an interface from the DHCP server.
Page 72: Ipv6 Access-List
IPv6 ACL Command Description Mode* {deny | permit} Creates a new rule for the current IPv6 access v6AC list. ipv6 access-list Creates an IPv6 Access Control List (ACL) consisting of classification fields defined for the IP header of an IPv6 frame. ipv6 access-list rename Changes the name of an IPv6 ACL.
Page 73: Ipv6 Mld Snooping Querier Commands
Command Description Mode* show ipv6 mld snooping Displays MLD Snooping information. show ipv6 mld snooping Displays the MLD Snooping entries in the groups MFDB table. NOTE: *For the meaning of each Mode abbreviation, see "Mode Types" on page 60. IPv6 MLD Snooping Querier Command Description Mode*...
Page 74 Command Description Mode* show lacp port-channel Displays LACP information for a port-channel. PE NOTE: *For the meaning of each Mode abbreviation, see "Mode Types" on page 60. Link Dependency Command Description Mode* link-dependency group Enters the link-dependency mode to configure a link-dependency group. no link-dependency Removes the configuration for a link- group...
Page 75: Lldp Receive
Command Description Mode* clear lldp statistics Resets all LLDP statistics. lldp notification Enables remote data change notifications. lldp notification-interval Limits how frequently remote data change notifications are sent. lldp receive Enables the LLDP receive capability. lldp timers Sets the timing parameters for local data transmission on ports enabled for LLDP.
Page 76: Show Lldp Med Interface
Command Description Mode* show lldp med interface Displays a summary of the current LLDP MED configuration for a specific interface. show lldp med remote- Displays the current LLDP MED remote data. PE device show lldp med local-device Displays the advertised LLDP local data. NOTE: *For the meaning of each Mode abbreviation, see "Mode Types"...
Page 77 Command Description Mode* NOTE: *For the meaning of each Mode abbreviation, see "Mode Types" on page 60. Command Description Mode* assign-queue Modifies the queue ID to which the associated traffic stream is assigned. class Creates an instance of a class definition within the specified policy for the purpose of defining treatment of the traffic class through subsequent policy attribute statements.
Page 78: Match Dstip
Command Description Mode* mark cos Marks all packets for the associated traffic stream with the specified class of service value in the priority field of the 802.1p header. mark ip-dscp Marks all packets for the associated traffic stream with the specified IP DSCP value. mark ip-precedence Marks all packets for the associated traffic stream with the specified IP precedence value.
Page 79: Match Ip Tos
Command Description Mode* match ip tos Adds to the specified class definition a match condition based on the value of the IP TOS field in a packet. match protocol Adds to the specified class definition a match condition based on the value of the IP Protocol field in a packet using a single keyword notation or a numeric value notation.
Page 80: Show Class-Map
Command Description Mode* show class-map Displays all configuration information for the specified class. show classofservice dotlp- Displays the current Dot1p (802.1p) priority mapping mapping to internal traffic classes for a specific interface. show classofservice ip-dscp- Displays the current IP DSCP mapping to mapping internal traffic classes for a specific interface.
Page 81: Radius-Server Host
Radius Command Description Mode* aaa accounting network Enables RADIUS accounting on the switch. default start-stop group radius Sets the port number for authentication auth-port requests of the designated radius server deadtime Improves Radius response times when a server is unavailable by causing the unavailable server to be skipped.
Page 82: Radius-Server Timeout
Command Description Mode* radius-server timeout Sets the interval for which a switch waits for a server host to reply retransmit Specifies the number of times the software searches the list of RADIUS server hosts before stopping the search. show radius-servers Displays the RADIUS server settings.
Page 83: Spanning-Tree
Command Description Mode* spanning-tree bpdu Defines the bridge protocol data unit (BPDU) handling when spanning tree is disabled on an interface. spanning-tree bpdu Allows flooding of BPDUs received on flooding nonspanning-tree ports to all other non- spanning-tree ports. spanning-tree bpdu- Enables BPDU protection on a switch.
Page 84: Switchport Voice Commands
Command Description Mode* spanning-tree mst priority Configures the switch priority for the specified spanning tree instance. spanning-tree pathcost Configures the spanning tree default pathcost method method spanning-tree portfast Enables PortFast mode. spanning-tree portfast Discards BPDUs received on spanningtree ports bpdufilter default in portfast mode.
Page 85: Port
Command Description Mode* port Specifies a server port number. priority Specifies the order in which servers are used. show tacacs Displays TACACS+ server settings and statistics. tacacs-server host Specifies a TACACS+ server host. tacacs-server key Sets the authentication and encryption key for all TACACS+ communications between the switch and the TACACS+ daemon.
Page 86 Command Description Mode* show dvlan-tunnel interface Displays detailed information about Double VLAN Tunneling for the specified interface. show interfaces switchport Displays switchport configuration. show port protocol Displays the Protocol-Based VLAN information for either the entire system or for the indicated group show switchport protected Displays protected group/port information.
Page 87: Vlan Protocol Group
Command Description Mode* vlan association subnet Associates an IP subnet to a VLAN VLAN vlan database Enters the VLAN database configuration mode. GC vlan makestatic Changes a dynamically created VLAN to a static VLAN VLAN. vlan protocol group Adds protocol-based VLAN groups to the system.
Page 88: Dot1X Max-Req
Command Description Mode* dot1x max-req Sets the maximum number of times the switch sends an EAP-request frame to the client before restarting the authentication process. dot1x max-users Sets the maximum number of clients supported on the port when MAC-based 802.1X authentication is enabled on the port.
Page 89 Command Description Mode* show dot1x statistics Displays 802.1X statistics for the specified interface. show dot1x users Displays active 802.1X authenticated users for the switch. dot1x guest-vlan Sets the guest VLAN on a port. dot1x unauth-vlan Specifies the unauthenticated VLAN on a port. IC dot1x guest-vlan Defines a guest VLAN.
Page 90: Clear Arp-Cache
Layer 3 Commands ARP (IPv4) Command Description Mode* Creates an Address Resolution Protocol (ARP) entry. arp cachesize Configures the maximum number of entries in the ARP cache. arp dynamicrenew Enables the ARP component to automatically renew dynamic ARP entries when they age out. arp purge Causes the specified IP address to be removed from the ARP cache.
Page 91: Bootpdhcprelay Maxhopcount
Command Description Mode* bootpdhcprelay Configures the maximum allowable relay agent maxhopcount hops for BootP/DHCP Relay on the system. bootpdhcprelay Configures the minimum wait time in seconds minwaittime for BootP/DHCP Relay on the system. show bootpdhcprelay Shows the the BootP/DHCP Relay information. GC NOTE: *For the meaning of each Mode abbreviation, see "Mode Types"...
Page 92 Command Description Mode* show ipv6 dhcp interface Displays DHCPv6 information for all relevant interfaces or a specified interface. show ipv6 dhcp pool Displays the configured DHCP pool. show ipv6 dhcp statistics Displays the DHCPv6 server name and status. NOTE: *For the meaning of each Mode abbreviation, see "Mode Types" on page 60. DVMRP Command Description...
Page 93: Ip Igmp Startup-Query-Interval
Command Description Mode* ip igmp last-member-query- Sets the number of Group-Specific Queries count sent before the router assumes that there are no local members on the interface. ip igmp last-member-query- Configures the Maximum Response Time interval inserted in Group-Specific Queries which are sent in response to Leave Group messages.
Page 94: Igmp Proxy Commands
IGMP Proxy Command Description Mode* ip igmp-proxy Enables the IGMP Proxy on the router. ip igmp-proxy reset-status Resets the host interface status parameters of the IGMP Proxy router. ip igmp-proxy unsolicited- Sets the unsolicited report interval for the report-interval IGMP Proxy router. show ip igmp-proxy Displays a summary of the host interface status parameters.
Page 95 IP Routing Command Description Mode* encapsulation Configures the link layer encapsulation type for the packet. ip address Configures an IP address on an interface. ip mtu Sets the IP Maximum Transmission Unit (MTU) on a routing interface. nables the forwarding of network-directed ip netdirbcast broadcasts.
Page 96: Ipv6 Multicast
IPv6 Multicast Command Description Mode* ipv6 pimsm (Global config) Administratively enables PIMSM for IPv6 multicast routing. ipv6 pimsm (VLAN Administratively enables PIM-SM multicast Interface config) routing mode on a particular IPv6 router interface. ipv6 pimsm bsr-border Prevents bootstrap router (BSR) messages from being sent or received through an interface.
Page 97: Ipv6 Routing
Command Description Mode* show ipv6 pimsm neighbor Displays IPv6 PIMSM neighbors learned on the routing interfaces. show ipv6 pimsm rphash Displays which rendezvous point (RP) is being selected for a specified group. show ipv6 pimsm rp Displays all group-to-RP mappings of which the mapping router is aware (either configured or learned from the BSR).
Page 98: Ipv6 Nd Other-Config-Flag
Command Description Mode* ipv6 mld-proxy reset-status Resets the host interface status parameters of the MLD Proxy router. ipv6 mld-proxy unsolicit- Sets the unsolicited report interval for the MLD rprt-interval Proxy router. ipv6 mld query-interval Sets the MLD router's query interval for the interface.
Page 99: Ipv6 Pimdm
Command Description Mode* ipv6 pimdm Enables PIM-DM Multicast Routing Mode across the router in global configuration mode or on a specific routing interface in interface mode. ipv6 pimdm query-interval Configures the PIM-DM Hello Interval for the specified router interface. ipv6 route Configures an IPv6 static route ipv6 route distance Sets the default distance (preference) for static...
Page 100: Loopback Interface
Command Description Mode* show ipv6 pimdm Displays PIM-DM Global Configuration parameters and PIM DM interface status. show ipv6 pimdm neighbor Displays PIM-DM Neighbor information including Neighbor Address, Uptime and Expiry time for all interfaces or for the specified interface. show ipv6 pimdm interface Displays PIM-DM Configuration information for all interfaces or for the specified interface.
Page 101: Ip Pimsm Dr-Priority
Multicast Command Description Mode* ip mcast boundary Adds an administrative scope multicast boundary. ip mroute Creates a static multicast route for a source range. ip multicast Sets the administrative mode of the IP multicast forwarder in the router to active. ttlvalue ip multicast ttl-threshold Applies a...
Page 102: Show Bridge Multicast Address-Table Count
Command Description Mode* show bridge multicast Displays statistical information about the address-table count entries in the multicast address table. show ip mcast Displays the system-wide multicast information. show ip mcast boundary Displays the system-wide multicast information. show ip mcast interface Displays the multicast information for the specified interface.
Page 103 Command Description Mode* area nssa Configures the specified area ID to function as an ROSPF NSSA. area nssa default-info- Configures the metric value and type for the ROSPF originate default route advertised into the NSSA. area nssa no-redistribute Configures the NSSA Area Border router (ABR) ROSPF so that learned external routes are not redistributed to the NSSA.
Page 104 Command Description Mode* auto-cost Allows user to change the reference bandwidth ROSPF used in computing link cost. bandwidth Allows user to change the bandwidth used in computing link cost. capability opaque Enables Opaque Capability on the router. clear ip ospf Resets specific OSPF states.
Page 105 Command Description Mode* ip ospf priority Sets the OSPF priority for the specified router interface. ip ospf retransmit- Sets the OSPF retransmit Interval for the interval specified interface. ip ospf transmit-delay Sets the OSPF Transit Delay for the specified interface. maximum-paths Sets the number of paths that OSPF can report ROSPF...
Page 106 Command Description Mode* show ip ospf abr Displays the internal OSPF routing table entries to Area Border Routers (ABR). show ip ospf area Displays information about the identified OSPF area. show ip ospf asbr Displays the internal OSPF routing table entries to Autonomous System Boundary Routes (ASBR).
Page 107 OSPFv3 Command Description Mode* area default-cost Configures the monetary default cost for the stub ROSV3 area. area nssa Configures the specified areaid to function as an ROSV3 NSSA. area nssa default-info- Configures the metric value and type for the ROSV3 originate default route advertised into the NSSA.
Page 108 Command Description Mode* area virtual-link Configures the transmit delay for the OSPF ROSV3 transmit-delay virtual interface on the virtual interface identified areaid neighbor default-information Controls the advertisement of default routes. ROSV3 originate default-metric Sets a default for the metric of distributed routes. ROSV3 distance ospf Sets the route preference value of OSPF in the ROSV3...
Page 109 Command Description Mode* maximum-paths Sets the number of paths that OSPF can report ROSV3 for a given destination. passive-interface Sets the interface or tunnel as passive. passive-interface default Enables the global passive mode by default for all ROSV3 interfaces. redistribute Configures the OSPFv3 protocol to allow ROSV3 redistribution of routes from the specified source...
Page 110 Command Description Mode* show ipv6 ospf stub table Displays the OSPF stub table. show ipv6 ospf virtual- Displays the OSPF Virtual Interface information link for a specific area and neighbor. show ipv6 ospf virtual- Displays the OSPFV3 Virtual Interface link brief information for all areas in the system.
Page 111 Command Description Mode* ip pimsm Configures the CBSR hash mask length to be cbsrhasmasklength advertised in bootstrap messages for a particular PIM-SM interface. ip pimsm cbsrpreference Configures the CBSR preference for a particular PIM-SM interface. ip pimsm crppreference Configures the Candidate Rendezvous Point (CRP) for a particular PIM-SM interface.
Page 112: Routing Information Protocol
Router Discovery Protocol Command Description Mode* ip irdp Enables Router Discovery on an interface. ip irdp address Configures the address that the interface uses to send the router discovery advertisements. ip irdp holdtime Configures the value, in seconds, of the holdtime field of the router advertisement sent from this interface.
Page 113 Command Description Mode* enable Resets the default administrative mode of RIP in the router (active). hostroutesaccept Enables the RIP hostroutesaccept mode. ip rip Enables RIP on a router interface. ip rip authentication Sets the RIP Version 2 Authentication Type and Key for the specified interface.
Page 114 Command Description Mode* tunnel mode ipv6ip Specifies the mode of the tunnel. tunnel source Specifies the source transport address of the tunnel, either explicitly or by reference to an interface. NOTE: *For the meaning of each Mode abbreviation, see "Mode Types" on page 60. Virtual LAN Routing Command Description...
Page 115 Command Description Mode* ip vrrp track interface Alters the priority of the VRRP router based on the availability of its interfaces. ip vrrp track ip route Tracks route reachability. show ip vrrp Displays whether VRRP functionality is enabled or disabled on the switch. show ip vrrp interface Displays all configuration information and VRRP router statistics of a virtual router...
Page 116: Utility Commands
Utility Commands Auto Config Command Description Mode* boot host auto-save Enables/disables automatically saving the downloaded configuration on the switch. boot host dhcp Enables/disables Auto Config on the switch. boot host retry-count Set the number of attempts to download a configuration. show boot Displays the current status of the Auto Config process.
Page 117 Command Description Mode* interface Associates an interface with a captive portal configuration. locale Associates an interface with a captive portal configuration. name Configures the name for a captive portal configuration. protocol Configures the protocol mode for a captive portal configuration. redirect Enables the redirect mode for a captive portal configuration.
Page 118 Command Description Mode* show captive-portal user Displays all configured users or a specific user in the captive portal local user database. user idle-timeout Sets the session idle timeout value for a captive portal user. user name Modifies the user name for a local captive portal user.
Page 119: Configuration And Image Files
Command Description Mode* show sntp status Displays the SNTP status. sntp authenticate Set to require authentication for received NTP traffic from servers. sntp authentication-key Defines an authentication key for SNTP . sntp broadcast client Enables SNTP Broadcast clients. enable sntp client enable Enables SNTP Broadcast and Anycast clients on an interface.
Page 120: Denial Of Service
Command Description Mode* copy Copies files from a source to a destination. delete backup-image Deletes a file from a flash memory. delete backup-config Deletes the backup configuration file delete startup-config Deletes the startup configuration file. filedescr Adds a description to a file. script apply Applies commands in the script to the switch.
Page 121 Command Description Mode* dos-control sipdip Enables Source IP Address = Destination IP Address (SIP=DIP) Denial of Service protection. dos-control tcpflag Enables TCP Flag Denial of Service protections. dos-control tcpfrag Enables TCP Fragment Denial of Service protection. ip icmp echo-reply Enables or disables the generation of ICMP Echo Reply messages.
Page 122: Management Acl
Command Description Mode* line Identifies a specific line for configuration and enters the line configuration command mode. show line Displays line parameters. speed Sets the line baud rate. NOTE: *For the meaning of each Mode abbreviation, see "Mode Types" on page 60. Management ACL Command Description...
Page 123 Command Description Mode* passwords lock-out Enables the administrator to strengthen the security of the switch by enabling the user lockout feature. When a lockout count is configured, a user who is logging in must enter the correct password within that count. passwords min-length Enables the administrator to enforce a minimum length required for a password.
Page 124 power inline powered- Adds a comment or description of the device powered device type. (Ethernet power inline priority Configures the port priority level for the delivery of power to an attached device. (Ethernet power inline traps Enables/disables inline power traps. power inline usage- Configures the system power usage threshold...
Page 125 Command Description Mode* show rmon statistics Displays RMON Ethernet Statistics. NOTE: *For the meaning of each Mode abbreviation, see "Mode Types" on page 60. Serviceability Tracing Command Description Mode* debug arp Enables tracing of ARP packets. debug auto-voip Enables Auto VOIP debug messages. debug clear Disables all debug traces.
Page 126 Command Description Mode* debug ipv6 pimsm Traces PIMSMv6 packet reception and transmission. debug isdp Traces ISDP packet reception and transmission. PE debug lacp Traces of LACP packets received and transmitted by the switch. debug mldsnooping Traces MLD snooping packet reception and transmission.
Page 127 Command Description Mode* sflow sampling (Interface Enables a new sflow sampler instance for this Mode) data source if rcvr_idx is valid. show sflow agent Displays the sflow agent information. show sflow destination Displays all the configuration information related to the sFlow receivers. show sflow polling Displays the sFlow polling instances created on the switch.
Page 128 Command Description Mode* snmp-server filter Creates or updates an SNMP server filter entry. GC snmp-server group Configures a new SNMP group or a table that maps SNMP users to SNMP views. snmp-server host Specifies the recipient of SNMP notifications. the system location string. snmp-server location Sets snmp-server enable traps...
Page 129 Command Description Mode* show ip ssh Displays the SSH server configuration. user-key Specifies which SSH public key is manually configured and enters the SSH public key-string configuration command. NOTE: *For the meaning of each Mode abbreviation, see "Mode Types" on page 60. Syslog Command Description...
Page 130: System Management
Command Description Mode* NOTE: *For the meaning of each Mode abbreviation, see "Mode Types" on page 60. System Management Command Description Mode* asset-tag Specifies the switch asset-tag. banner motd Specifies message-of-the-day banner. banner motd Acknowledges message-of-the-day banner. acknowledge show checkpoint Shows the checkpointing status.
Page 131 Command Description Mode* show memory cpu Checks the total and available RAM space on the switch. show nsf Shows non-stop forwarding status. show process cpu Checks the CPU utilization for each process currently running on the switch. show sessions Displays a list of the open telnet sessions to remote hosts.
Page 132: Telnet Server
Command Description Mode* switch renumber Changes the identifier for a switch in the stack. GC telnet Logs into a host that supports Telnet. traceroute Discovers the IP routes that packets actually take when travelling to their destinations. NOTE: *For the meaning of each Mode abbreviation, see "Mode Types" on page 60. Telnet Server Command Description...
Page 133: Web Server
Web Server Command Description Mode* common-name Specifies the common-name for the device. country Specifies the country. crypto certificate generate Generates a HTTPS certificate. crypto certificate import Imports a certificate signed by the Certification Authority for HTTPS crypto certificate request Generates and displays a certificate request for HTTPS duration Specifies the duration in days.
Page 134 Command Groups...
Page 135: Using The Cli
Using the CLI Introduction This chapter describes the basics of entering and editing the Dell PowerConnect 62xx Series Command Line Interface (CLI) commands and defines the command hierarchy. It also explains how to activate the CLI and implement its major functions.
Page 136 Partial keyword lookup — A command is incomplete and the <?> key is • entered in place of a parameter. The matched parameters for this command are displayed. The following features and conventions are applicable to CLI command entry and editing: •...
Page 137 For information about the command syntax for configuring the command history buffer, see the history-size command in the Line command mode chapter of this guide. Negating Commands For many commands, the prefix keyword no is entered to cancel the effect of a command or reset the configuration to the default value.
Page 138 Keyboard Key Description <Delete, Backspace> Delete previous character <Ctrl>+<A> Go to beginning of line <Ctrl>+<E> Go to end of line <Ctrl>+<F> Go forward one character <Ctrl>+<B> Go backward one character <Ctrl>+<D> Delete current character <Ctrl>+<U,X> Delete to beginning of line <Ctrl>+<K>...
Page 139 • The range may be specified in the following manner: (#-#) — a range from a particular instance to another instance (inclusive). For example, 1/g1-g10 indicates that the operation applies to the gigabit Ethernet ports 1 to 10 on unit 1. (#, #, #) —...
Page 140 CLI Command Notation Conventions When entering commands there are certain command-entry notations which apply to all commands. The following table describes these conventions as they are used in syntax definitions. Convention Description In a command line, square brackets indicate an optional entry. In a command line inclusive brackets indicate a selection of compulsory parameters separated by the | character.
Page 141: Cli Command Modes
CLI Command Modes Since the set of CLI commands is very large, the CLI is structured as a command-tree hierarchy, where related command sets are assigned to command modes for easier access. At each level, only the commands related to that level are available to the user and only those commands are shown in the context sensitive help for that level.
Page 142 The Privileged EXEC mode provides access to commands that can not be executed in the User EXEC mode and permits access to the switch Configuration mode. The Global Configuration mode manages switch configuration on a global level. For specific interface configurations, command modes exist at a sub- level.
Page 143 Global Configuration Mode Global Configuration commands apply to features that affect the system as a whole, rather than just a specific interface. The Privileged EXEC mode command configure is used to enter the Global Configuration mode. console(config)# Interface and Other Specific Configuration Modes Interface configuration modes are used to modify specific interface operations.
Page 144 Policy-map — Use the policy-map command to access the QoS policy • map configuration mode to configure the QoS policy map. • Policy Class — Use the class command to access the QoS Policy-class mode to attach or remove a diffserv class from a policy and to configure the QoS policy class.
Page 145 MAC Access-List — Configures conditions required to allow traffic based • on MAC addresses. The Global Configuration mode command mac- access-list is used to enter the MAC Access-List configuration mode. TACACS — Configures the parameters for the TACACS server. • Radius —...
Page 146 [# | >] — The # sign is used to indicate that the system is in the Privileged EXEC mode. The > symbol indicates that the system is in the User EXEC mode, which is a read-only mode in which the system does not allow configuration.
Page 147 Command Mode Access Method Command Prompt Exit or Access Previous Mode Line Interface From Global To exit to Global console(config- Configuration Configuration line)# mode, use the line mode, use the exit command, command. or press <Ctrl>+<Z> to Privileged EXEC mode. Management From Global To exit to Global...
Page 148 Command Mode Access Method Command Prompt Exit or Access Previous Mode MAC Access List From Global To exit to Global console(config- Configuration Configuration mac-access- mode, use the mac mode, use the list)# access-list exit command, command. or press <Ctrl>+<Z> to Privileged EXEC mode.
Page 149 Command Mode Access Method Command Prompt Exit or Access Previous Mode Radius From Global To exit to Global console(config- Configuration Configuration radius)# mode, use the mode, use the radius-server host exit command, command. or press <Ctrl>+<Z> to Privileged EXEC mode. SNMP Host From Global To exit to Global...
Page 150 Command Mode Access Method Command Prompt Exit or Access Previous Mode Crypto From Global To exit to Global console(config- Certificate Configuration Configuration crypto-cert)# Generation mode, use the mode, use the crypto certificate exit command, number generate or press command. <Ctrl>+<Z> to Privileged EXEC mode.
Page 151 Command Mode Access Method Command Prompt Exit or Access Previous Mode From Global To exit to Global console(config- Configuration Configuration mst)# mode, use the mode, use the spanning-tree mst exit command, configuration or press command. <Ctrl>+<Z> to Privileged EXEC mode. VLAN Config From Global To exit to Global...
Page 152 Command Mode Access Method Command Prompt Exit or Access Previous Mode Router OSPFv3 From Global To exit to Global console(config- Config Configuration Configuration rtr)# mode, use the ipv6 mode, use the router ospf exit command, command. or press <Ctrl>+<Z> to Privileged EXEC mode IPv6 DHCP Pool From Global...
Page 153 Command Mode Access Method Command Prompt Exit or Access Previous Mode VLAN From Global To exit to Global console(config- Configuration Configuration if-vlann)# mode, use the mode, use the interface vlan exit command, command. or press <Ctrl>+<Z> to Privileged EXEC mode. Tunnel From Global To exit to Global...
Page 154: Starting The Cli
Web, CLI and the remote Dell Network Manager. After initial setup, the user may enter to the system to set up more advanced configurations.
Page 155 • Enables CLI login and HTTP access to use the local authentication setting only, which allows user account access via these management interfaces. The user may return later to configure Radius or TACACS+. • Sets up the IP address for the management VLAN or enables support for DHCP to configure the management IP address dynamically.
Page 156 Since a switch may be powered on in the field without a serial connection, the switch waits 60 seconds for the user to respond to the setup wizard question in instances where no configuration files exist. If there is no response, the switch continues normal operation using the default factory configuration.
Page 157 Figure 2-1. Easy Setup Wizard Did the user Transfer to CLI mode previously save a startup configuration? Does the user want Transfer to CLI mode to use setup wizard? Request SNMP Is SNMP Management Community String & Required? Server IP Address Request user name, password Request IP Address, Network...
Page 158 A default gateway address is configured. The following example contains the sequence of prompts and responses associated with running an example Dell Easy Setup Wizard session, using the input values listed above. Note in this case a static IP address for the management interface is being set up.
Page 159 The wizard automatically assigns the highest access level [Privilege Level 15] to this account. You can use Dell Network Manager or other management interfaces to change this setting, and to add additional management system later.
Page 160 {public}: public<Enter> Please enter the IP address of the Management System (A.B.C.D) or wildcard (0.0.0.0) to manage from any Management Station. {0.0.0.0}: 192.168.2.1<Enter> Step 2: Now we need to setup your initial privilege (Level 15) user account. This account is used to login to the CLI and Web interface.
Page 161 If the information is incorrect, select (N) to discard configuration and restart the wizard: [Y/N] y<Enter> Thank you for using the Dell Easy Setup Wizard. You will now enter CLI mode..console> Using the CLI...
Page 162 Unit 1 - Waiting to select management unit)> Applying configuration, please wait ... Welcome to Dell Easy Setup Wizard The Setup Wizard guides you through the initial switch configuration, and gets you up and running as quickly as possible. You can skip the setup wizard, and enter CLI mode to manually configure the switch.
Page 163 Please enter the user name. [root]:root Please enter the user password: Please reenter the user password: Step 3: Next, an IP address is setup. The IP address is defined on the default VLAN (VLAN #1), of which all ports are members. This is the IP address you use to access the CLI, Web interface, or SNMP interface for the switch.
Page 164 Do you want to select the operational mode as Simple Mode? [Y/N] n Step 6: If the information is correct, please select (Y) to save the configuration, and copy to the start-up configuration file. If the information is incorrect, select (N) to discard configuration and restart the wizard: [Y/N] Using the CLI...
Page 165: Using Cli Functions And Tools
Using CLI Functions and Tools The CLI has been designed to manage the switch’s configuration file system and to manage switch security. A number of resident tools exist to support these and other functions. Configuration Management All managed systems have software images and databases that must be configured, backed up and restored.
Page 166 configuration file. In this case, if the local configuration file does not exist, then it is created by the command. If it does exist, it is overwritten. If there is not enough space on the local file system to accommodate the file, an error is flagged.
Page 167 CLI prevents the user from accidentally copying a configuration image onto a software image and vice versa. Management Interface Security This section describes the minimum set of management interface security measures implemented by the CLI. Management interface security consists of user account management, user access control and remote network/host access controls.
Page 168 When Radius is used, the field returns the access level for the user. Two vendor specific options are supported. These are CISCO-AV-Pairs(Shell:priv-lvl=x) and Dell Radius VSA (user-group=x). TACACS+ provides the appropriate level of access. The following rules and specifications apply: •...
Page 169 • If authentication servers are used, the user can identify at least two remote servers (the user may choose to configure only one server) and what protocol to use with the server, TACACS+ or Radius. One of the servers is primary and the other is the secondary server (the user is not required to specify a secondary server).
Page 170 • Denied attempts by external management system to access the system. The security log record contains the following information: • The user name, if available, or the protocol being accessed if the event is related to a remote management system. •...
Page 171 Terminal Paging The terminal width and length for CLI displays is 79 characters and 25 lines, respectively. The length setting is used to control the number of lines the CLI will display before it pauses. For example, the CLI pauses at 24 lines and -more- prompts the user with the prompt on the 25th line.
Page 172 total bytes in files: 19,656 Kb # of lost chains: total bytes in lost chains: volume descriptor ptr (pVolDesc): 0x38ff9d0 XBD device block I/O handle: 0x10001 auto disk check on mount: DOS_CHK_REPAIR |DOS_CHK_VERB_2 volume write mode: copyback (DOS_WRITE) max # of simultaneously open files: file descriptors in use: # of different files in use: # of descriptors for deleted files:...
Page 173 - first cluster is in sector # - Update last access date for open-read-close = FALSE - directory structure: VFAT - file name format: 8-bit (extended-ASCII) - root dir start sector: - # of sectors per root: - max # of entries in root: FAT handler information: ------------------------ - allocation group size:...
Page 174 Adding 0 symbols for standalone. CPU: Motorola E500 : Unknown system version. Processor #0. Memory Size: 0x10000000. BSP version 1.2/0. Created: Jan 4 2010, 03:59:27 ED&R Policy Mode: deployed /DskVol// - disk check in progress ... dosChkLib : CLOCK_REALTIME is being reset to TUE JUN 28 14:29:04 2005 Value obtained from file system volume descriptor pointer: 0x348ef70...
Page 175 volume descriptor ptr (pVolDesc): 0x348ef70 XBD device block I/O handle: 0x10001 auto disk check on mount: DOS_CHK_REPAIR |DOS_CHK_VERB_2 volume write mode: copyback (DOS_WRITE) max # of simultaneously open files: file descriptors in use: # of different files in use: # of descriptors for deleted files: # of obsolete descriptors: current volume configuration:...
Page 176 - file name format: 8-bit (extended-ASCII) - root dir start sector: - # of sectors per root: - max # of entries in root: FAT handler information: ------------------------ - allocation group size: 2 clusters - free space on volume: 10,852,352 bytes Timebase: 66.666666 MHz, MEM: 266.666664 MHz, PCI: 66.666666 MHz, CPU: 533.333328 MHz PCI unit 0: Dev 0xb314, Rev 0x01, Chip BCM56314_A0,...
Page 177 # of lost chains: total bytes in lost chains: (Unit 1 - Waiting to select management unit)> Welcome to Dell Easy Setup Wizard The Setup Wizard guides you through the initial switch configuration, and Using the CLI...
Page 178 Would you like to run the setup wizard (you must answer this question within 60 seconds)? [Y/N] n Thank you for using Dell Easy Set up Wizard. You will now enter CLI mode. Applying Global configuration, please wait ... Applying Interface configuration, please wait ...
Page 179 Switch Status Model ID Model ID Status Version ------ ------------ ------------- ------------- ----- ---------------- -------- Mgmt Switch PC6224 PC6224 3.2.0.1 console> Boot Utility Menu If a user is connected through the serial interface during the boot sequence, pressing the <esc> key interrupts the boot process and displays a Boot Utility Menu.
Page 180 - Display operational code vital product data - Abort code update - Update boot code - Delete backup image - Reset the system 10 - Restore Configuration to factory defaults (delete config files) 11 - Activate Backup Image 12 - Password Recovery Procedure The boot utility menu provides the following: •...
Page 181 [Boot Menu] 3 Sending event log, start XMODEM receive..• Option to load new operational code using XMODEM [Boot Menu] 4 Ready to receive the file with XMODEM/CRC..Ready to RECEIVE File xcode.bin in binary mode Send several Control-X characters to cancel before transfer starts.
Page 182 Boot Code CRC........0x2C8B VPD - rel 3 ver 2 maint_lvl 0 build_num 1 Timestamp - Mon Jan 4 04:26:56 2010 File - Dell-Ent-esw-kinnick-pct.8541-V6R- CSxw-6IQHSr3v2m0b1.opr • Option to Abort boot code update [Boot Menu] 6 There is no output from this option.
Page 183 This is the output from the update boot code option: Do you wish to update Boot Code? (y/n) y Validating image2..OK Extracting boot code from image...CRC valid Erasing Boot Flash..^^^^Done. Wrote 0x10000 bytes. Wrote 0x20000 bytes. Wrote 0x30000 bytes. Wrote 0x40000 bytes. Wrote 0x50000 bytes.
Page 184 • Option to Delete backup image. The user is not allowed to delete active image. [Boot Menu] 8 Are you SURE you want to delete backup code : image2 ? (y/n): • Option to Clear All Flash and Reset the System to Default Setting. User action will be confirmed with a Y/N question before executing the command.
Page 185 • Option To Activate the Backup Image. This option determines the active image and toggle the bootloader to use the backup image. [Boot Menu] 11 Backup image - image1 activated. • Option to use the password recovery procedure. It allows the switch to boot one time without prompting for a console password.
Page 186 Using the CLI...
Page 187: Introduction
Layer 2 Commands Introduction The chapters that follow describe commands that conform to the OSI model data link layer (Layer 2). Layer 2 commands provide a logical organization for transmitting data bits on a particular medium. This layer defines the framing, addressing, and checksum functions for Ethernet packets.
Page 188: Aaa Commands
• LLDP Commands • Port Channel Commands • Port Monitor Commands • QoS Commands • RADIUS Commands • Spanning Tree Commands • Switchport Voice Commands • TACACS+ Commands • VLAN Commands • Voice VLAN Commands • 802.1x Commands AAA Commands This chapter explains the following commands: •...
Page 189: Aaa Authentication Dot1X
aaa authentication dot1x Use the aaa authentication dot1x command in Global Configuration mode to create an authentication login list. Syntax method1 aaa authentication dot1x default no aaa authentication dot1x default method1 — At least one from the following table: • Keyword Description radius...
Page 190: Aaa Authentication Enable
aaa authentication enable Use the aaa authentication enable command in Global Configuration mode to set authentication for accessing higher privilege levels. To return to the default configuration, use the no form of this command. Syntax list-name method1 method2 aaa authentication enable {default| ...] list-name no aaa authentication enable {default|...
Page 191: Aaa Authentication Login
list-name method Create a list by entering the aaa authentication enable list-name command where is any character string used to name this list. The method argument identifies the list of methods that the authentication algorithm tries in the given sequence. The additional methods of authentication are used only if the previous method returns an error, not if it fails.
Page 192 method1 [ method2 ...] — Specify at least one from the following table: • Keyword Source or destination enable Uses the enable password for authentication. line Uses the line password for authentication. local Uses the local username database for authentication. none Uses no authentication.
Page 193: Aaa Authorization Network Default Radius
console(config)# aaa authentication login default radius local enable none aaa authorization network default radius Use the aaa authorization network default radius command in Global Configuration mode to enable the switch to accept VLAN assignment by the RADIUS server. Syntax aaa authorization network default radius no aaa authorization network default radius •...
Page 194: Enable Authentication
enable authentication Use the enable authentication command in Line Configuration mode to specify the authentication method list when accessing a higher privilege level from a remote telnet or console. To return to the default specified by the enable authentication command, use the no form of this command. Syntax list-name enable authentication {default|...
Page 195: Ip Http Authentication
Syntax password enable password [encrypted] no enable password password — Password for this level (Range: 8- 64 characters). • • encrypted — Encrypted password entered, copied from another switch configuration. Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
Page 196: Ip Https Authentication
Keyword Source or destination local Uses the local username database for authentication. none Uses no authentication. radius Uses the list of all RADIUS servers for authentication. tacacs Uses the list of all TACACS+ servers for authentication. Default Configuration The local user database is checked. This action has the same effect as the command ip http authentication local.
Page 197: Login Authentication
method1 [ method2 ...] — Specify at least one from the following table: • Keyword Source or destination local Uses the local username database for authentication. none Uses no authentication. radius Uses the list of all RADIUS servers for authentication. tacacs Uses the list of all TACACS+ servers for authentication.
Page 198 no login authentication default — Uses the default list created with the aaa authentication login • command. list-name — Uses the indicated list created with the aaa authentication • login command. Default Configuration Uses the default set with the command aaa authentication login. Command Mode Line Configuration mode User Guidelines...
Page 199: Password (User Exec)
Default Configuration No password is specified. Command Mode Line Configuration mode User Guidelines This command has no user guidelines. Example The following example specifies a password "mcmxxyyy" on a line. console(config-line)# password mcmxxyyy password (User EXEC) Use the password command in User EXEC mode to allow a user to change the password for only that user.
Page 200: Show Authentication Methods
console>password Enter old password:******** Enter new password:******** Confirm new password:******** show authentication methods Use the show authentication methods command in Privileged EXEC mode to display information about the authentication methods. Syntax show authentication methods Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 201: Show Users Accounts
---------------------------------- enableList local Line Login Method List Enable Method List ------- ----------------- ------------------ Console defaultList enableList Telnet defaultList enableList defaultList enableList HTTPS :local HTTP :local DOT1X :none show users accounts Use the show users accounts command in Privileged EXEC mode to display information about the local user database.
Page 202: Show Users Login-History
Example The following example displays information about the local user database. console#show users accounts UserName Privilege Password Password Lockout Aging Expiry date ------------------- --------- -------- ------------ - ------ admin False guest False show users login-history Use the show users login-history command in Global Configuration mode to display information about the login history of users.
Page 203: Username
console#show users login-history Login Time Username Protocol Location -------------------- --------- --------- ----------- ---- Jan 19 2005 08:23:48 Serial Jan 19 2005 08:29:29 Robert HTTP 172.16.0.8 Jan 19 2005 08:42:31 John 172.16.0.1 Jan 19 2005 08:49:52 Betty Telnet 172.16.1.7 username Use the username command in Global Configuration mode to add a new user to the local users database.
Page 204 Command Mode Global Configuration mode User Guidelines This command can be used to unlock a locked user account for an already existing user. Example The following example configures user "bob" with password "xxxyyymmmm" and user level 15. console(config)# username bob password xxxyyymmmm level 15 AAA Commands...
Page 205: Acl Commands
ACL Commands This chapter explains the following commands: • access-list • deny | permit • ip access-group • no ip access-group • mac access-group • mac access-list extended • mac access-list extended rename • show ip access-lists • show mac access-list ACL Commands...
Page 206 access-list Use the access-list command in Global Configuration mode to create an list-name Access Control List (ACL) that is identified by the parameter Syntax std-list-num srcip srcmask access-list {deny | permit} { | every} [log] queue-id interface interface [assign-queue ] [redirect | mirror ext-list-num access-list...
Page 207: Deny | Permit
queue-id — Specifies the particular hardware queue for assign-queue • handling traffic that matches the rule. (Range: 0-6) interface — Allows the traffic matching this rule to be copied to the • mirror specified interface. interface — This parameter allows the traffic matching this rule to redirect •...
Page 208 Syntax srcmac srcmacmask dstmac dstmacmask {deny | permit} { | any} { | any | ethertypekey 0x0600-0xFFFF 0-4095 bpdu } [{ }] [ vlan eq ] [cos 0-4095 [secondary-vlan eq ] [secondary-cos ] [log] [ assign-queue queue-id interface ] [{mirror |redirect} srcmac —...
Page 209: Ip Access-Group
Default Configuration This command has no default configuration. Command Mode Mac-Access-List Configuration mode User Guidelines The no form of this command is not supported, as the rules within an ACL cannot be deleted individually. Rather the entire ACL must be deleted and respecified.
Page 210: Mac Access-Group
seqnum — Precedence for this interface and direction. A lower sequence • number has higher precedence. Range: 1 – 4294967295. Default is Default Configuration This command has no default configuration. Command Mode Global and Interface Configuration User Guidelines Global mode command configures the ACL on all the interfaces, whereas the interface mode command does so for the interface.
Page 211: Mac Access-List Extended
Default Configuration This command has no default configuration. Command Mode Global Configuration mode or Interface Configuration (Ethernet, VLAN or Port Channel) mode User Guidelines An optional sequence number may be specified to indicate the order of this access-list relative to the other access-lists already assigned to this interface and direction.
Page 212: Mac Access-List Extended Rename
Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines Use this command to create a mac access control list. The CLI mode is changed to Mac-Access-List Configuration when this command is successfully executed. Example The following example creates MAC ACL and enters MAC-Access-List- Configuration mode.
Page 213: Show Ip Access-Lists
User Guidelines Command fails if the new name is the same as the old one. Example The following example shows the mac access-list extended rename command. console(config)#mac access-list extended rename DELL1 DELL2 show ip access-lists Use the show ip access-lists command in Privileged EXEC mode to display access lists applied on interfaces and all rules that are defined for the access lists.
Page 214: Show Mac Access-List
ACL Name Rules Interface(s) Vlan(s) ----------------------------------------------------- ------------- ACL40 ACL41 show mac access-list Use the show mac access-list command in Privileged EXEC mode to display a MAC access list and all of the rules that are defined for the ACL. Syntax name show mac access-list name —...
Page 215 Fields Description Rules The number of user-configured rules defined for the MAC ACL. The implicit 'deny all' rule defined at the end of every MAC ACL is not included. Interfaces Displays the list of interfaces (unit/port) to which the MAC ACL is attached in a given direction.
Page 216 ACL Commands...
Page 217 Address Table Commands This chapter explains the following commands: • bridge address • bridge aging-time • bridge multicast address • bridge multicast filtering • bridge multicast forbidden address • bridge multicast forbidden forward-unregistered • bridge multicast forward-all • bridge multicast forward-unregistered •...
Page 218: Bridge Address
bridge address Use the bridge address command in Interface Configuration mode to add a static MAC-layer station source address to the bridge table. To delete the MAC address, use the no form of the bridge address command (using the no form of the command without specifying a MAC address deletes all static MAC addresses belonging to this VLAN).
Page 219 bridge aging-time Use the bridge aging-time command in Global Configuration mode to set the aging time of the address. To restore the default, use the no form of the bridge aging-time command. Syntax seconds bridge aging-time no bridge aging-time seconds — Time is the number of seconds. (Range: 10–1000000 seconds) •...
Page 220 mac-multicast-address ip-multicast-address bridge multicast address { interface-list port-channel-number- [add|remove] {ethernet |port-channel list mac-multicast-address ip-multicast-address no bridge multicast address { add — Adds ports to the group. If no option is specified, this is the default • option. • remove — Removes ports from the group. mac-multicast-address —...
Page 221 console(config)#interface vlan 8 console(config-if-vlan8)#bridge multicast address 0100.5e02.0203 add ethernet 1/g1-1/g9, 1/g2 bridge multicast filtering Use the bridge multicast filtering command in Global Configuration mode to enable filtering of Multicast addresses. To disable filtering of Multicast addresses, use the no form of the bridge multicast filtering command. Syntax bridge multicast filtering no bridge multicast filtering...
Page 222 bridge multicast forbidden address Use the bridge multicast forbidden address command in Interface Configuration mode to forbid adding a specific Multicast address to specific ports. To return to the system default, use the no form of this command. If routers exist on the VLAN, do not change the unregistered multicast drop addresses state to on the routers ports.
Page 223 Examples In this example the MAC address 01:00:5e:02:02:03 is forbidden on port 2/g9 within VLAN 8. console(config)#interface vlan 8 console(config-if-vlan8)#bridge multicast address 01:00:5e:02:02:03 console(config-if-vlan8)#bridge multicast forbidden address 01:00:5e:02:02:03 add ethernet 2/g9 bridge multicast forbidden forward-unregistered Use the bridge multicast forbidden forward-unregistered command in Interface Configuration mode to forbid Forwarding-unregistered-multicast- addresses.
Page 224 bridge multicast forward-all Use the bridge multicast forward-all command in Interface Configuration mode to enable forwarding of all Multicast packets. To restore the default, use the no form of the bridge multicast forward-all command. Syntax bridge multicast forward-all no bridge multicast forward-all Default Configuration Forward-unregistered Command Mode...
Page 225 Command Mode Interface Configuration (VLAN) mode User Guidelines If routers exist on the VLAN, do not change the unregistered multicast drop addresses state to on the routers ports. NOTE: Do not use the bridge multicast forbidden forward-unregistered command with the bridge multicast forward-unregistered command on the same interface. Example The following example displays how to enable forwarding of unregistered multicast addresses.
Page 226 console#clear bridge port security Use the port security command in Interface Configuration mode to disable the learning of new addresses on an interface. To enable new address learning, use the no form of the port security command. Syntax seconds port security [discard] [trap no port security •...
Page 227 port security max Use the port security max command in Interface Configuration mode to configure the maximum addresses that can be learned on the port while the port is in port security mode. To return to the system default, use the no form of this command.
Page 228 vlan — Specific valid VLAN, such as VLAN 1. • interface — A valid Ethernet port . • port-channel-number — A valid port-channel number. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Page 229 Syntax vlan interface-number show bridge address-table count [vlan |ethernet |port- port-channel-number channel vlan — Specifies a valid VLAN, such as VLAN 1 • interface — Specifies a valid Ethernet port • port-channel-number — Specifies a valid port-channel-number • Default Configuration This command has no default configuration.
Page 230 Syntax vlan interface show bridge address-table static [vlan ] [ethernet |port-channel port-channel-number vlan — Specific valid VLAN, such as VLAN 1. • interface — A valid Ethernet port . • port-channel-number — A valid port-channel number. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 231: Default Configuration
mac-multicast-address — A valid MAC Multicast address. • ip- multicast-address — A valid IP Multicast address. • — Multicast address format. Can be ip or mac. • format Default Configuration If format is unspecified, the default is mac. Command Mode Privileged EXEC mode User Guidelines A MAC address can be displayed in IP format only if it is in the range...
Page 232 show bridge multicast filtering Use the show bridge multicast filtering command in Privileged EXEC mode to display the Multicast filtering configuration. Syntax vlan-id show bridge multicast filtering vlan_id — A valid VLAN ID value. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 233 Syntax interface port-channel-number show ports security [ethernet | port-channel interface — A valid Ethernet port . • port-channel-number — A valid port-channel number . • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Page 234 Field Description Status The status can be one of the following: Locked or Unlocked. Actions Action on violations. Maximum The maximum addresses that can be associated on this port in Static Learning mode or in Dynamic Learning mode. Trap Indicates if traps would be sent in case of violation.
Page 235 console#show ports security addresses ethernet 1/g1 Dynamic addresses: 83 Maximum addresses: 100 Learned addresses ------- --------- Address Table Commands...
Page 236 Address Table Commands...
Page 237 CDP Interoperability Commands This chapter explains the following commands: • clear isdp counters • clear isdp table • isdp advertise-v2 • isdp enable • isdp holdtime • isdp timer • show isdp • show isdp entry • show isdp interface •...
Page 238 clear isdp counters The clear isdp counters command clears the ISDP counters. Syntax clear isdp counters Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#clear isdp counters clear isdp table...
Page 239: Isdp Advertise-V2
Example console#clear isdp table isdp advertise-v2 The isdp advertise-v2 command enables the sending of ISDP version 2 packets from the device. Use the “no” form of this command to disable sending ISDP version 2 packets. Syntax isdp advertise-v2 no isdp advertise-v2 Default Configuration ISDP sends version 2 packets by default.
Page 240: Isdp Holdtime
Default Configuration ISDP is enabled. Command Mode Global Configuration mode. Interface (Ethernet) configuration mode. User Guidelines There are no user guidelines for this command. Example The following example enables isdp on interface 1/g1. console(config)#interface ethernet 1/g1 console(config-if-1/g1)#isdp enable isdp holdtime The isdp holdtime command configures the hold time for ISDP packets that the switch transmits.
Page 241: Isdp Timer
User Guidelines There are no user guidelines for this command. Example The following example sets isdp holdtime to 40 seconds. console(config)#isdp holdtime 40 isdp timer The isdp timer command sets period of time between sending new ISDP packets. The range is given in seconds. Use the “no” form of this command to reset the timer to the default.
Page 242 Version 2 Advertisements..... Enabled Neighbors table last time changed..0 days 00:06:01 Device ID......QTFMPW82400020 Device ID format capability..Serial Number Device ID format..... Serial Number (Switching) # (Switching) # (Switching) # (Switching) #hostname Dell-PC6248 (Dell-PC6248) #show isdp CDP Interoperability Commands...
Page 243: Show Isdp Entry
Timer....... 30 Hold Time......180 Version 2 Advertisements..Enabled Neighbors table last time changed. 0 days 00:12:46 Device ID......Dell-PC6248 Device ID format capability..hostname Device ID format....hostname show isdp entry The show isdp entry command displays ISDP entries. If a device id specified, then only the entry about that device is displayed.
Page 244: Show Isdp Interface
Address(es): IP Address: 172.20.1.18 IP Address: 172.20.1.18 Capability Router IGMP Platform cisco WS-C4948 Interface 1/g1 Port ID GigabitEthernet1/1 Holdtime Advertisement Version Entry last changed time 0 days 00:13:50 Version : Cisco IOS Software, Catalyst 4000 L3 Switch Software (cat4000 I9K91S-M), Version 12.2(25)EWA9, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc.
Page 245 Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show isdp interface all Interface Mode --------------- ---------- 1/g1 Enabled 1/g2 Enabled 1/g3 Enabled 1/g4 Enabled 1/g5 Enabled 1/g6 Enabled 1/g7 Enabled 1/g8 Enabled 1/g9 Enabled 1/g10...
Page 246: Show Isdp Neighbors
1/g17 Enabled 1/g18 Enabled 1/g19 Enabled 1/g20 Enabled 1/g21 Enabled 1/g22 Enabled 1/g23 Enabled 1/g24 Enabled console#show isdp interface ethernet 1/g1 Interface Mode --------------- ---------- 1/g1 Enabled show isdp neighbors The show isdp neighbors command displays the list of neighboring devices. Syntax interface show isdp neighbors { ethernet...
Page 247 User Guidelines There are no user guidelines for this command. Example console#show isdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route, S - Switch, H - Host, I - IGMP, r - Repeater Device ID Intf Hold Cap.
Page 248: Show Isdp Traffic
Cisco IOS Software, Catalyst 4000 L3 Switch Software (cat4000-I9K91S-M), Version 12.2(25)EWA9, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Wed 21-Mar-07 12:20 by tinhuang show isdp traffic The show isdp traffic command displays ISDP statistics. Syntax show isdp traffic Default Configuration...
Page 249 ISDP Bad Header........ 0 ISDP Checksum Error......0 ISDP Transmission Failure...... 0 ISDP Invalid Format......0 ISDP Table Full........ 392 ISDP Ip Address Table Full..... 737 CDP Interoperability Commands...
Page 250 CDP Interoperability Commands...
Page 251: Dhcp Layer 2 Relay Commands
DHCP Layer 2 Relay Commands This chapter explains the following commands: • dhcp l2relay (Global Configuration) (Global Configuration) • dhcp l2relay (Interface Configuration) (Interface Configuration) • dhcp l2relay circuit-id • dhcp l2relay remote-id • dhcp l2relay trust • dhcp l2relay vlan DHCP Layer 2 Relay Commands...
Page 252: Dhcp L2Relay (Interface Configuration)
dhcp l2relay (Global Configuration) Use the dhcp l2relay command to enable layer 2 DHCP relay functionality. The subsequent commands mentioned in this section can only be used when the L2-DHCP relay is enabled. Use the "no" form of this command to disable L2-DHCP relay.
Page 253: Dhcp L2Relay Circuit-Id
Command Mode Interface Configuration (Ethernet). User Guidelines There are no user guidelines for this command. Example console(config-if-1/g1)#dhcp l2relay dhcp l2relay circuit-id Use the dhcp l2relay circuit-id command to enable setting the DHCP Option 82 Circuit ID for a VLAN. When enabled, the interface number is added as the Circuit ID in DHCP option 82.
Page 254: Dhcp L2Relay Remote-Id
dhcp l2relay remote-id Use the dhcp l2relay remote-id command to enable setting the DHCP Option 82 Remote ID for a VLAN. When enabled, the supplied string is used for the Remote ID in DHCP Option 82. Use the "no" form of this command to disable setting the DHCP Option 82 Remote ID.
Page 255: Dhcp L2Relay Vlan
Default Configuration DHCP Option 82 is discarded by default. Configuration Mode Interface Configuration (Ethernet). User Guidelines There are no user guidelines for this command. Example console(config-if-1/g1)#dhcp l2relay trust dhcp l2relay vlan Use the dhcp l2relay vlan command to enable the L2 DHCP Relay agent for a set of VLANs.
Page 256 Example console(config)#dhcp l2relay vlan 10,340-345 DHCP Layer 2 Relay Commands...
Page 257: Dhcp Snooping Commands
DHCP Snooping Commands This chapter explains the following commands: • clear ip dhcp snooping statistics • ip dhcp snooping • ip dhcp snooping binding • ip dhcp snooping database • ip dhcp snooping database write-delay • ip dhcp snooping limit •...
Page 258: Ip Dhcp Snooping
clear ip dhcp snooping statistics Use the clear ip dhcp snooping statistics command to clear all DHCP Snooping statistics. Syntax clear ip dhcp snooping statistics Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command.
Page 259: Ip Dhcp Snooping Binding
Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example console(config)#ip dhcp snooping console(config-if-vlan1,2,3)#ip dhcp snooping ip dhcp snooping binding Use the ip dhcp snooping binding command to configure a static DHCP Snooping binding. Use the “no” form of this command to remove a static binding.
Page 260: Ip Dhcp Snooping Database
User Guidelines There are no user guidelines for this command. Example console(config)#ip dhcp snooping binding 00:00:00:00:00:01 vlan 10 10.131.12.134 interface 1/g1 ip dhcp snooping database Use the ip dhcp snooping database command to configure the persistent storage location of the DHCP snooping database. This can be local to the switch or on a remote machine.
Page 261: Ip Dhcp Snooping Database Write-Delay
The following example configures the storage location of the snooping database as remote. console(config)#ip dhcp snooping database tftp://10.131.11.1/db.txt ip dhcp snooping database write-delay Use the ip dhcp snooping database write-delay command to configure the interval in seconds at which the DHCP Snooping database will be stored in persistent storage.
Page 262 Syntax seconds ip dhcp snooping limit { none | rate [ burst interval no ip dhcp snooping limit pps —The maximum number of packets per second allowed (Range: • 0–300 pps). seconds — The time allowed for a burst (Range: 1–15 seconds). •...
Page 263 Default Configuration Logging of filtered messages is disabled by default. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. Example console(config-if-1/g1)#ip dhcp snooping log-invalid console(config-if-1/g1)#no ip dhcp snooping log- invalid ip dhcp snooping trust Use the ip dhcp snooping trust command to configure a port as trusted.
Page 264 Example console(config-if-1/g1)#ip dhcp snooping trust console(config-if-1/g1)#no ip dhcp snooping trust ip dhcp snooping verify mac-address Use the ip dhcp snooping verify mac-address command to enable the verification of the source MAC address with the client MAC address in the received DHCP message. Use the “no” form of this command to disable verification of the source MAC address.
Page 265 Syntax show ip dhcp snooping Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show ip dhcp snooping DHCP snooping is Disabled DHCP snooping source MAC verification is enabled DHCP snooping is enabled on the following VLANs: 11 - 30, 40 Interface...
Page 266 show ip dhcp snooping binding Use the show ip dhcp snooping binding command to display the DHCP snooping binding entries. Syntax port show ip dhcp snooping binding [ { static | dynamic } ] [ interface vlan-id vlan • static | dynamic—Use these keywords to filter by static or dynamic bindings.
Page 267 00:0F:FE:00:13:04 210.1.1.4 1/g1 86400 show ip dhcp snooping database Use the show ip dhcp snooping database command to display the DHCP snooping configuration related to the database persistence. Syntax show ip dhcp snooping database Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC User Guidelines...
Page 268 • interface—A valid physical interface. Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command. Example console#show ip dhcp snooping interfaces Interface Trust State Rate Limit Burst Interval (pps)
Page 269 Interface Trust State Rate Limit Burst Interval (pps) (seconds) ---------- ------------- ------------- -------- ------- 1/g15 show ip dhcp snooping statistics Use the show ip dhcp snooping statistics command to display the DHCP snooping filtration statistics. Syntax show ip dhcp snooping statistics Default Configuration There is no default configuration for this command.
Page 270 Example console#show ip dhcp snooping statistics Interface MAC Verify Client Ifc DHCP Server Failures Mismatch Msgs Rec'd ----------- ---------- ---------- ----------- 1/g2 1/g3 1/g4 1/g5 1/g6 1/g7 1/g8 1/g9 1/g10 1/g11 1/g12 1/g13 1/g14 1/g15 1/g16 1/g17 1/g18 1/g19 1/g20 DHCP Snooping Commands...
Page 271 Dynamic ARP Inspection Commands This chapter explains the following commands: • arp access-list • clear counters ip arp inspection • ip arp inspection filter • ip arp inspection limit • ip arp inspection trust • ip arp inspection validate • ip arp inspection vlan •...
Page 272 arp access-list Use the arp access-list command to create an ARP ACL. It will place the user in ARP ACL Configuration mode. Use the “no” form of this command to delete an ARP ACL. Syntax acl-name arp access-list acl-name no arp access-list acl-name —...
Page 273 Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#clear counters ip arp inspection ip arp inspection filter Use the ip arp inspection filter command to configure the ARP ACL to be used for a single VLAN or a range of VLANs to filter invalid ARP packets. If the static keyword is given, packets that do not match a permit statement are dropped without consulting the DHCP snooping bindings.
Page 274 Example console(config)#ip arp inspection filter tier1 vlan 2- 10 static console(config)#ip arp inspection filter tier1 vlan 20-30 ip arp inspection limit Use the ip arp inspection limit command to configure the rate limit and burst interval values for an interface. Configuring ‘none’...
Page 275 Example console(config-if-1/g1)#ip arp inspection limit none console(config-if-1/g1)#ip arp inspection limit rate 100 burst interval 2 ip arp inspection trust The ip arp inspection trust command configures an interface as trusted for Dynamic ARP Inspection. Use the “no” form of this command to configure an interface as untrusted.
Page 276 the source MAC address and destination MAC address validations are disabled as a result of the second command. Use the “no” form of this command to disable additional validation checks. Syntax ip arp inspection validate {[src-mac] [dst-mac] [ip]} no ip arp inspection validate {[src-mac] [dst-mac] [ip]} src-mac •...
Page 277 Syntax vlan-range ip arp inspection vlan [ logging ] vlan-range no ip arp inspection vlan [ logging ] vlan-range — A valid range of VLAN IDs. • • logging — Use this parameter to enable logging of invalid packets. Default Configuration Dynamic ARP Inspection is disabled by default.
Page 278 Default Configuration There are no ARP ACL rules created by default. Command Mode ARP Access-list Configuration mode User Guidelines There are no user guidelines for this command. Example console(Config-arp-access-list)#permit ip host 1.1.1.1 mac host 00:01:02:03:04:05 show arp access-list Use the show arp access-list command to display the configured ARP ACLs with the rules.
Page 279 ARP access list H2 permit ip host 1.1.1.1 mac host 00:01:02:03:04:05 permit ip host 1.1.1.2 mac host 00:03:04:05:06:07 ARP access list H3 ARP access list H4 permit ip host 2.1.1.2 mac host 00:03:04:05:06:08 show ip arp inspection ethernet Use the show ip arp inspection ethernet command to display the Dynamic ARP Inspection configuration on all the DAI enabled interfaces.
Page 280 Example console#show ip arp inspection ethernet Interface Trust State Rate Limit Burst Interval (pps) (seconds) --------------- ----------- ---------- --------- ------ 1/g1 Untrusted 1/g2 Untrusted show ip arp inspection statistics Use the show ip arp inspection statistics command to display the statistics of the ARP packets processed by Dynamic ARP Inspection.
Page 281 User Guidelines The following information is displayed for each VLAN when a VLAN range is supplied: VLAN The Vlan-Id for each displayed row. Forwarded The total number of valid ARP packets forwarded in this Vlan. Dropped The total number of invalid ARP packets dropped in this Vlan. DHCP Drops The number of packets dropped due to DHCP Snooping binding database match failure.
Page 282: Show Ip Arp Inspection Vlan
VLAN DHCP DHCP Bad Dest Invalid Drops Drops Permits Permits ---- ---------- ---------- ---------- ---------- ---- ------ ---------- --------- show ip arp inspection vlan Use the show ip arp inspection vlan command to display the Dynamic ARP Inspection configuration on all the VLANs in the given VLAN range. It also displays the global configuration values for source MAC validation, destination MAC validation and invalid IP validation.
Page 283 IP Address Validation If IP address validation of ARP frame is enabled. The following fields are displayed for each VLAN: Vlan The Vlan-Id for each displayed row. Configuratio Whether DAI is enabled on the Vlan. Log Invalid Whether logging of invalid ARP packets is enabled on the Vlan. ACL Name ARP ACL Name if configured on the Vlan Static flag...
Page 284 Dynamic ARP Inspection Commands...
Page 285: Ethernet Configuration Commands
Ethernet Configuration Commands This chapter explains the following commands: • clear counters • description • duplex • flowcontrol • interface ethernet • interface range ethernet • • negotiation • show interfaces advertise • show interfaces configuration • show interfaces counters •...
Page 286: Description
clear counters Use the clear counters command in Privileged EXEC mode to clear statistics on an interface. Syntax interface port-channel-number clear counters [ethernet | port-channel interface — Valid Ethernet port. The full syntax is: unit/port • port-channel-number — Valid port-channel index. •...
Page 287: Duplex
Default Configuration By default, the interface does not have a description. Command Mode Interface Configuration (Ethernet, Port-Channel) mode User Guidelines This command has no user guidelines. Example The following example adds a description to the Ethernet port 5. console(config)#interface ethernet 1/g5 console(config-if-1/g5)# description RD_SW#3 duplex Use the duplex command in Interface Configuration mode to configure the...
Page 288: Flowcontrol
User Guidelines This command has no user guidelines. Example The following example configures the duplex operation of Ethernet port 5 to force full duplex operation. console(config)# interface ethernet 1/g5 console(config-if-1/g5)# duplex full flowcontrol Use the flowcontrol command in Global Configuration mode to configure the flow control.
Page 289: Interface Ethernet
interface ethernet Use the interface ethernet command in Global Configuration mode to enter the interface configuration mode to configure an Ethernet type interface. Syntax interface interface ethernet interface — Valid Ethernet port. The full syntax is unit/port. • Default Configuration This command has no default configuration.
Page 290 Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines Commands under the interface range context are executed independently on each active interface in the range. If the command returns an error on one of the active interfaces, it does not stop executing commands on other active interfaces.
Page 291: Negotiation
Command Mode Interface Configuration (Ethernet) mode User Guidelines The value set allows an additional four bytes for the VLAN tag. Example The following example of the mtu command increases maximum packet size to 9216 bytes. console(config-if-1/g5)#mtu 9216 negotiation Use the negotiation command in Interface Configuration mode to enable auto-negotiation operation for the speed and duplex parameters of a given interface.
Page 292: Show Interfaces Advertise
Example The following example enables auto negotiations on gigabit Ethernet port 5 of unit 1. console(config)#interface ethernet 1/g5 console(config-if-1/g5)#negotiation show interfaces advertise Use the show interfaces advertise command in Privileged EXEC mode to display information about auto-negotiation advertisement. Syntax interface show interfaces advertise [ethernet interface —...
Page 293: Show Interfaces Configuration
1/g2 1G-Copper Enable 1000f console# show interfaces advertise ethernet 1/g1 Port: Ethernet 1/g1 Type: 1G-Copper Link state: Up Auto negotiation: enabled 10h 10f 100h 100f 1000f Admin Local Link ------ ------ ------ ------ ------ Advertisement yes show interfaces configuration Use the show interfaces configuration command in User EXEC mode to display the configuration for all configured interfaces.
Page 294 Example The following example displays the configuration for all configured interfaces: console>show interfaces configuration Port Type Duplex Speed Admin State ----- ------------------------------ ------ ------- ----- 1/g1 Gigabit - Level Full Auto 1/g2 Gigabit - Level Unknown Auto 1/g3 Gigabit - Level Unknown Auto 1/g4...
Page 295: Show Interfaces Counters
1/g12 Gigabit - Level Unknown Auto 1/g13 Gigabit - Level Unknown Auto 1/g14 Gigabit - Level Unknown Auto 1/g15 Gigabit - Level Unknown Auto 1/g16 Gigabit - Level Unknown Auto 1/g17 Gigabit - Level Unknown Auto 1/g18 Gigabit - Level Unknown Auto 1/g19...
Page 296 Syntax interface port-channel- show interfaces counters [ethernet | port-channel number interface — A valid Ethernet port. • port-channel-number — A valid port-channel index. • Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example The following example displays traffic seen by the physical interface: console>show interfaces counters...
Page 297 InOctets InUcastPkts ---- ---------- --------- 27889 OutOctets OutUcastPkts ---- ---------- --------- 23739 The following example displays counters for Ethernet port 1/g1. console#show interfaces counters ethernet 1/g1 Port InOctets InUcastPkts ---- ---------- --------- 1/g1 183892 1289 Port OutOctets OutUcastPkts ---- ---------- --------- 1/g1 9188...
Page 298 Received Pause Frames: 0 Transmitted Pause Frames: 0 The following table describes the fields shown in the display: Field Description InOctets Counted received octets. InUcastPkts Counted received Unicast packets. InMcastPkts Counted received Multicast packets. InBcastPkts Counted received Broadcast packets. OutOctets Counted transmitted octets.
Page 299: Show Interfaces Description
Field Description Internal MAC Rx Errors A count of frames for which reception fails due to an internal MAC sublayer receive error. Received Pause Frames A count of MAC Control frames received with an opcode indicating the PAUSE operation. Transmitted Pause Counted MAC Control frames transmitted on this Frames interface with an opcode indicating the PAUSE operation.
Page 300: Show Interfaces Detail
---- ------------------------------------------------ ----------- 1/g1 Port that should be used for management only 2/g1 2/g2 Description ---- ----------- Output show interfaces detail Add support for a single command that shows VLAN info, STP info, Port status info, Port configuration info. Add a command which wraps all the port commands into a single command.
Page 301 port-channel-number—A valid port-channel trunk index. This command will combine the output of the following commands: show interfaces configuration [ ethernet interface | port-channel port- • channel-number ] show interfaces description [ ethernet interface | port-channel port- • channel-number] show interfaces status [ ethernet interface | port-channel port-channel- •...
Page 302 VLAN Membership mode: General Operating parameters: PVID: 1 (default) Ingress Filtering: Enabled Acceptable Frame Type: All GVRP status: Enabled Protected: Enabled Port 1/xg1 is member in: VLAN Name Egress rule Type ---- --------- ----------- ----- default untagged System VLAN008 tagged Dynamic VLAN0011 tagged...
Page 303: Show Interfaces Status
VLAN0011 tagged IPv6 VLAN untagged VLAN0072 untagged Forbidden VLANS: VLAN Name ---- --------- Spanning Tree Info ------------------ Port 1 (1/xg1) enabled State: Forwarding Role: Root Port id: 128.1 Port cost: 20000 Port Fast: No (configured:no) Designated bridge Priority: 32768 Address: 00:01:42:97:e0:00 Designated port id: 128.25 Designated path cost: 0 BPDU: sent 2, received 120638...
Page 304: Command Mode
port-channel-number — A valid port-channel trunk index. • Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the status for all configured interfaces. console#show interfaces status Port Type...
Page 305 1/g9 Gigabit - Level Unknown Auto Down Inactive 1/g10 Gigabit - Level Unknown Auto Down Inactive 1/g11 Gigabit - Level Unknown Auto Down Inactive 1/g12 Gigabit - Level Unknown Auto Down Inactive 1/g13 Gigabit - Level Unknown Auto Down Inactive 1/g14 Gigabit - Level Unknown...
Page 306 1/xg4 10G - Level Unknown Auto Down Inactive Type Link State ------------------------------ ----- Link Aggregate Down Link Aggregate Down Link Aggregate Down Link Aggregate Down Link Aggregate Down Link Aggregate Down Link Aggregate Down Link Aggregate Down Link Aggregate Down --More-- or (q)uit ch10 Link Aggregate Down...
Page 307 ch27 Link Aggregate Down ch28 Link Aggregate Down ch29 Link Aggregate Down ch30 Link Aggregate Down ch31 Link Aggregate Down ch32 Link Aggregate Down --More-- or (q)uit ch33 Link Aggregate Down ch34 Link Aggregate Down ch35 Link Aggregate Down ch36 Link Aggregate Down ch37 Link Aggregate Down...
Page 308: Show Statistics Ethernet
Type The port designated IEEE shorthand identifier. For example 1000Base-T refers to 1000 Mbps baseband signaling including both Tx and Rx transmissions. Duplex Displays the port Duplex status. Speed Refers to the port speed. Describes the Auto-negotiation status. Link State Displays the Link Aggregation status.
Page 309 Examples The following examples show statistics for port 1/g1 and for the entire switch. console#show statistics ethernet 1/g1 Total Packets Received (Octets)....779533115 Packets Received 64 Octets..... 48950 Packets Received 65-127 Octets....482426 Packets Received 128-255 Octets....101084 Packets Received 256-511 Octets....163671 Packets Received 512-1023 Octets....
Page 310 Alignment Errors....... 0 FCS Errors........0 Overruns........0 Total Received Packets Not Forwarded... 91 Local Traffic Frames......0 802.3x Pause Frames Received....0 Unacceptable Frame Type......91 Multicast Tree Viable Discards....0 Reserved Address Discards...... 0 Broadcast Storm Recovery....... 0 CFI Discards........
Page 311 Total Transmit Packets Discarded....0 Single Collision Frames......0 Multiple Collision Frames...... 0 Excessive Collision Frames..... 0 Port Membership Discards....... 0 802.3x Pause Frames Transmitted....0 GVRP PDUs received......0 --More-- or (q)uit GVRP PDUs Transmitted......0 GVRP Failed Registrations...... 0 BPDU: sent 44432, received 0 EAPOL Frames Transmitted.......
Page 312: Show Storm-Control
--More-- or (q)uit Most Address Entries Ever Used....141 Address Entries Currently in Use....124 Maximum VLAN Entries......1024 Most VLAN Entries Ever Used....6 Static VLAN Entries......6 Dynamic VLAN Entries......0 VLAN Deletes........0 Time Since Counters Last Cleared....1 day 0 hr 42 min 13 sec console# show storm-control...
Page 313: Shutdown
console#show storm-control all Bcast Bcast Mcast Mcast Ucast Ucast Intf Mode Level Mode Level Mode Level ------ ------- ------- ------- ------- ------- ------- 1/g1 Disable 5 Disable 5 Disable 5 1/g2 Disable 5 Disable 5 Disable 5 1/g3 Disable 5 Disable 5 Disable 5 1/g4...
Page 314: Speed
console(config)#interface ethernet 1/g5 console(config-if-1/g5)# shutdown The following example re-enables ethernet port 1/g5. console(config)#interface ethernet 1/g5 console(config-if-1/g5)# no shutdown speed Use the speed command in Interface Configuration mode to configure the speed of a given Ethernet interface when not using auto-negotiation. To restore the default, use the no form of this command.
Page 315: Storm-Control Broadcast
storm-control broadcast Use the storm-control broadcast command in Interface Configuration mode to enable broadcast storm recovery mode for a specific interface. If the mode is enabled, broadcast storm recovery is active, and if the rate of L2 broadcast traffic ingressing on an interface increases beyond the configured threshold, the traffic will be dropped.
Page 316: Storm-Control Unicast
When you use the no storm-control multicast command to "disable" storm- control after having set the level or rate to a non-default value, that value is still set but is not active until you re-enable storm-control. Syntax rate storm-control multicast [level | no storm-control multicast •...
Page 317 Syntax rate storm-control unicast [level | no storm-control unicast • level— The configured rate as a percentage of link-speed. rate — The configured rate in kilobits per second (kbps). (Range: 0-100) • Default Configuration The default value is 5. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines.
Page 318 Ethernet Configuration Commands...
Page 319: Gvrp Commands
GVRP Commands This chapter explains the following commands: • clear gvrp statistics • garp timer • gvrp enable (global) • gvrp enable (interface) • gvrp registration-forbid • gvrp vlan-creation-forbid • show gvrp configuration • show gvrp error-statistics • show gvrp statistics GVRP Commands...
Page 320 clear gvrp statistics Use the clear gvrp statistics command in Privileged EXEC mode to clear all the GVRP statistics information. Syntax interface port-channel-number clear gvrp statistics [ethernet | port-channel interface — A valid Ethernet interface. • port-channel-number — A valid port-channel index. •...
Page 321 leave — Indicates the time in centiseconds that the device waits before • leaving its GARP state. • leaveall — Used to confirm the port within the VLAN. The time is the interval between messages sent, measured in centiseconds. timer_value — Timer values in centiseconds. The range is 10-100 for join, •...
Page 322 gvrp enable (global) Use the gvrp enable (global) command in Global Configuration mode to enable GVRP globally on the switch. To disable GVRP globally on the switch, use the no form of this command. Syntax gvrp enable no gvrp enable Default Configuration GVRP is globally disabled.
Page 323 Command Mode Interface Configuration (Ethernet, Port-Channel) mode User Guidelines An Access port cannot join dynamically to a VLAN because it is always a member of only one VLAN. Membership in untagged VLAN would be propagated in a same way as a tagged VLAN.
Page 324 User Guidelines This command has no user guidelines. Example The following example shows how default dynamic registering and deregistering is forbidden for each VLAN on port 1/g8. console(config)#interface ethernet 1/g8 console(config-if-1/g8)#gvrp registration-forbid gvrp vlan-creation-forbid Use the gvrp vlan-creation-forbid command in Interface Configuration mode to disable dynamic VLAN creation.
Page 325 show gvrp configuration Use the show gvrp configuration command in Privileged EXEC mode to display GVRP configuration information. Timer values are displayed. Other data shows whether GVRP is enabled and which ports are running GVRP. Syntax interface port-channel- show gvrp configuration [ethernet | port-channel number interface —...
Page 326 1/g2 1000 Disabled 1/g3 1000 Disabled 1/g4 1000 Disabled 1/g5 1000 Disabled 1/g6 1000 Disabled 1/g7 1000 Disabled 1/g8 1000 Disabled 1/g9 1000 Disabled 1/g10 1000 Disabled 1/g11 1000 Disabled 1/g12 1000 Disabled 1/g13 1000 Disabled 1/g14 1000 Disabled show gvrp error-statistics Use the show gvrp error-statistics command in User EXEC mode to display GVRP error statistics.
Page 327 User Guidelines This command has no user guidelines. Example The following example displays GVRP error statistics information. console>show gvrp error-statistics GVRP error statistics: ---------------- Legend: INVPROT: Invalid Protocol Id INVATYP: Invalid Attribute Type INVALEN: Invalid Attribute Length INVAVAL: Invalid Attribute Value INVEVENT: Invalid Event Port INVPROT INVATYP...
Page 328 show gvrp statistics Use the show gvrp statistics command in User EXEC mode to display GVRP statistics. Syntax interface port-channel-number show gvrp statistics [ethernet | port-channel interface — A valid Ethernet interface. • port-channel-number — A valid port channel index. •...
Page 329 : Join Empty Sent : Join In Sent sEmp : Empty Sent sLIn : Leave In Sent : Leave Empty Sent : Leave All Sent Port rJIn rEmp rLIn sJIn sEmp ---- ---- ---- ---- ---- --- 1/g1 1/g2 1/g3 1/g4 1/g5 1/g6...
Page 330 GVRP Commands...
Page 331 IGMP Snooping Commands This chapter explains the following commands: • ip igmp snooping (global) • ip igmp snooping (interface) • ip igmp snooping host-time-out • ip igmp snooping leave-time-out • ip igmp snooping mrouter-time-out • show ip igmp snooping groups •...
Page 332: Ip Igmp Snooping (Interface)
ip igmp snooping (global) Use the ip igmp snooping command in Global Configuration mode to globally enable Internet Group Management Protocol (IGMP) snooping. Use the no form of this command to disable IGMP snooping globally. Syntax ip igmp snooping no ip igmp snooping Default Configuration IGMP snooping is disabled.
Page 333 Default Configuration IGMP snooping is disabled. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines IGMP snooping can be enabled on Ethernet interfaces. Example The following example enables IGMP snooping. console(config-if-1/g1)#ip igmp snooping ip igmp snooping host-time-out Use the ip igmp snooping host-time-out command in Interface Configuration mode to configure the host-time-out.
Page 334 User Guidelines The timeout should be more than sum of response time and twice the query interval. Example The following example configures the host timeout to 300 seconds. console(config-if-1/g1)#ip igmp snooping host-time- out 300 ip igmp snooping leave-time-out Use the ip igmp snooping leave-time-out command in Interface Configuration mode to configure the leave-time-out.
Page 335 Use immediate leave only where there is only one host connected to a port. Example The following example configures the host leave-time-out to 60 seconds. console(config-if-1/g1)#ip igmp snooping leave-time- out 60 ip igmp snooping mrouter-time-out Use the ip igmp snooping mrouter-time-out command in Interface Configuration mode to configure the mrouter-time-out.
Page 336 show ip igmp snooping groups Use the show ip igmp snooping groups command in User EXEC mode to display the Multicast groups learned by IGMP snooping. Syntax vlan-id ip-multicast-address show ip igmp snooping groups [vlan ] [address vlan_id — Specifies a VLAN ID value. •...
Page 337 ---- ------------------ ------------------- 224-239.130|2.2.3 1/g19 show ip igmp snooping interface Use the show ip igmp snooping interface command in Privileged EXEC mode to display the IGMP snooping configuration. Syntax interface interface show ip igmp snooping interface {ethernet | port-channel port-channel-number interface —...
Page 338: Ip Igmp Snooping (Vlan)
Multicast Router Present Expiration Time..300 show ip igmp snooping mrouter Use the show ip igmp snooping mrouter command in Privileged EXEC mode to display information on dynamically learned Multicast router interfaces. Syntax show ip igmp snooping mrouter Default Configuration This command has no default configuration.
Page 339 Default Configuration IGMP snooping is disabled on VLAN interfaces by default. Command Mode VLAN Configuration mode User Guidelines This command has no user guidelines. Example The following example enables IGMP snooping on VLAN 2. console(config-vlan)#ip igmp snooping 2 ip igmp snooping fast-leave This command enables or disables IGMP Snooping fast-leave mode on a selected VLAN.
Page 340 Command Mode VLAN Configuration mode User Guidelines This command has no user guidelines. Example The following example enables IGMP snooping fast-leave mode on VLAN 2. console(config-vlan)#ip igmp snooping fast-leave 2 ip igmp snooping groupmembership-interval This command sets the IGMP Group Membership Interval time on a VLAN. The Group Membership Interval time is the amount of time in seconds that a switch waits for a report from a particular group on a particular interface before deleting the interface from the entry.
Page 341 User Guidelines This command has no user guidelines. Example The following example configures an IGMP snooping group membership interval of 520 seconds. console(config-vlan)#ip igmp snooping groupmembership-interval 2 520 ip igmp snooping maxresponse This command sets the IGMP Maximum Response time on a particular VLAN.
Page 342 Example The following example sets the maximum response time to 60 seconds on VLAN 2. console(config-vlan)#ip igmp snooping maxresponse 2 ip igmp snooping mcrtrexpiretime This command sets the Multicast Router Present Expiration time. The time is set on a particular VLAN. This is the amount of time in seconds that a switch waits for a query to be received on an interface before the interface is removed from the list of interfaces with multicast routers attached.
Page 343 Example The following example sets the multicast router present expiration time on VLAN 2 to 60 seconds. console(config-vlan)#ip igmp mcrtexpiretime 2 60 IGMP Snooping Commands...
Page 344 IGMP Snooping Commands...
Page 345 IGMP Snooping Querier Commands This chapter explains the following commands: • ip igmp snooping querier • ip igmp snooping querier election participate • ip igmp snooping querier query-interval • ip igmp snooping querier timer expiry • ip igmp snooping querier version •...
Page 346: Ip Igmp Snooping Querier
ip igmp snooping querier This command enables or disables IGMP Snooping Querier on the system (Global Configuration mode) or on a VLAN. Using this command, you can specify the IP address that the snooping querier switch should use as the source address when generating periodic queries.
Page 347 configured, then use the management IP address as the IGMP snooping querier source address. Using all zeros for the querier IP address removes it. The VLAN IP address takes precedence over the global IP address. Example The following example enables IGMP snooping querier in VLAN Configuration mode.
Page 348 Example The following example configures the snooping querier to participate in the querier election. console(config-vlan)#ip igmp snooping querier election participate ip igmp snooping querier query-interval This command sets the IGMP Querier Query Interval time, which is the amount of time in seconds that the switch waits before sending another periodic query.
Page 349 ip igmp snooping querier timer expiry This command sets the IGMP Querier timer expiration period which is the time period that the switch remains in Non-Querier mode after it has discovered that there is a Multicast Querier in the network. The no form of this command sets the IGMP Querier timer expiration period to its default value.
Page 350 Syntax number ip igmp snooping querier version no ip igmp snooping querier version number — IGMP version. (Range: 1–2) • Default Configuration The querier version default is 2. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example sets the IGMP version of the querier to 1.
Page 351 • Querier Timeout — Displays the amount of time to wait in the Non- Querier operational state before moving to a Querier state. vlan_id When you specify a value for , the following information appears: • VLAN Admin Mode — Indicates whether IGMP Snooping Querier is active on the VLAN.
Page 352 Command Mode Privileged Exec mode User Guidelines This command has no user guidelines. Example The following example shows querier information for VLAN 2. console#show ip igmp snooping querier vlan 2 Vlan 2 : IGMP Snooping querier status ---------------------------------------------- IGMP Snooping Querier Vlan Mode....Disable Querier Election Participate Mode....
Page 353 IP Addressing Commands This chapter explains the following commands: • clear host • ip address • ip address dhcp • ip address vlan • ip default-gateway • ip domain-lookup • ip domain-name • ip host • ip name-server • ipv6 address •...
Page 354: Ip Address
clear host Use the clear host command in Privileged EXEC mode to delete entries from the host name-to-address cache. Syntax name clear host { name — Host name to be deleted from the host name-to-address cache. • (Range: 1-255 characters) * —...
Page 355 mask — Specifies a valid subnet (network) mask IP address. • prefix-length — The number of bits that comprise the IP address prefix. • The prefix length must be preceded by a forward slash (/). (Range: 1-30) Default Configuration The switch management interface obtains an IP address via DHCP by default.
Page 356 Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines The ip address dhcp command allows the switch to dynamically obtain an IP address by using the DHCP protocol. Example The following example acquires an IP address for the switch management interface from DHCP.
Page 357 Example The following example sets VLAN 5 as management VLAN. console(config)#ip address vlan 5 ip default-gateway Use the ip default-gateway command in Global Configuration mode to define a default gateway (router). Syntax ip-address ip default-gateway ip-address — Valid IP address that specifies the IP address of the default •...
Page 358 ip domain-lookup Use the ip domain-lookup command in Global Configuration mode to enable IP Domain Naming System (DNS)-based host name-to-address translation. To disable the DNS, use the no form of this command. Syntax ip domain-lookup no ip domain-lookup Default Configuration The DNS is enabled.
Page 359 Global Configuration mode User Guidelines This command has no user guidelines. Example The following example defines a default domain name of dell.com. console(config)#ip domain-name dell.com ip host Use the ip host command in Global Configuration mode to define static host name-to-address mapping in the host cache.
Page 360 This command has no user guidelines. Example The following example defines a static host name-to-address mapping in the host cache. console(config)#ip host accounting.dell.com 176.10.23.1 ip name-server Use the ip name-server command in Global Configuration mode to define available IPv4 or IPv6 name servers. To delete a name server, use the no form of this command.
Page 361: Ipv6 Address
console(config)#ip name-server 176.16.1.18 ipv6 address Use the ipv6 address command to set the IPv6 address of the management interface. Use the "no" form of this command to reset the IPv6 address to the default. Syntax prefix/prefix-length ipv6 address { [eui64] | autoconfig | dhcp } no ipv6 address prefix —Consists of the bits of the address to be configured.
Page 362: Ipv6 Enable
console(config)#ipv6 address autoconfig console(config)#ipv6 address 2003::6/64 console(config)#ipv6 address 2001::/64 eui64 console(config)#no ipv6 address dhcp console(config)#no ipv6 address autoconfig console(config)#no ipv6 address 2003::6/64 console(config)#no ipv6 address 2001::/64 eui64 console(config)#no ipv6 address ipv6 enable Use the ipv6 enable command to enable IPv6 on the management interface. Use the "no"...
Page 363 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#no ipv6 enable ipv6 gateway Use the ipv6 gateway command to configure an IPv6 gateway for the management interface. Use the "no" form of this command to reset the gateway to the default.
Page 364 show arp switch Use the show arp switch command in Privileged EXEC mode to display the ARP cache entries learned on the management port. Syntax show arp switch Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines Note that this command only show ARP entries used by the management interface.
Page 365: Show Ip Helper-Address
Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example The following example displays information about IP hosts. console>show hosts Host name: Default domain: gm.com, sales.gm.com, usa.sales.gm.com Name/address lookup is enabled Name servers (Preference order): 176.16.1.18 176.16.1.19 Configured host name-to-address mapping: Host...
Page 366 Syntax intf-address ] show ip helper-address [ intf-address — IP address of a routing interface. (Range: Any valid IP • address) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example console#show ip helper-address IP helper is enabled...
Page 367 show ip interface management Use the show ip interface management command to display the management interface configuration. Syntax show ip interface management Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the management interface configuration.
Page 368 IP Addressing Commands...
Page 369 IPv6 Access List Commands This chapter explains the following commands: • {deny | permit} • ipv6 access-list • ipv6 access-list rename • ipv6 traffic-filter • show ipv6 access-lists IPv6 Access List Commands...
Page 370 {deny | permit} This command creates a new rule for the current IPv6 access list. Each rule is appended to the list of configured rules for the list. A rule may either deny or permit traffic according to the specified classification fields.
Page 371 portvalue — The source layer 4 port match condition for the ACL rule is • specified by the port value parameter. (Range: 0–65535). destination ipv6 prefix — IPv6 prefix in IPv6 global address format. • value — The value to match in the Flow Label field of the IPv6 •...
Page 372 console(Config-ipv6-acl)#deny ipv6 2001:DB8::/32 any eq http console(Config-ipv6-acl)#permit ipv6 2001:DB8::/32 console(Config-ipv6-acl)# ipv6 access-list The ipv6 access-list command creates an IPv6 Access Control List (ACL) consisting of classification fields defined for the IP header of an IPv6 frame. The <name> parameter is a case-sensitive alphanumeric string from 1 to 31 characters uniquely identifying the IPv6 access list.
Page 373 console(config)#ipv6 access-list DELL_IP6 console(Config-ipv6-acl)# ipv6 access-list rename The ipv6 access-list rename command changes the name of an IPv6 Access Control List (ACL). This command fails if an IPv6 ACL with the new name already exists. Syntax name newname ipv6 access-list rename name —...
Page 374 An optional sequence number may be specified to indicate the order of this access list relative to other IPv6 access lists already assigned to this interface and direction. A lower number indicates higher precedence order. If a sequence number is already in use for this interface and direction, the specified IPv6 access list replaces the currently attached IPv6 access list using that sequence number.
Page 375 console(config-if-1/g1)#ipv6 traffic-filter DELL_IP6 show ipv6 access-lists The show ipv6 access-lists command displays an IPv6 access list and all of the rules that are defined for the IPv6 ACL. Use the [name] parameter to identify a specific IPv6 ACL to display. Syntax show ipv6 access-lists [name] Default Configuration...
Page 376 ACL Name: STOP_HTTP Inbound Interface(s): 1/g1 Rule Number: 1 Action......... deny Protocol........255(ipv6) Source IP Address......2001:DB8::/32 Destination L4 Port Keyword....80(www/http) Rule Number: 2 Action......... permit Protocol........255(ipv6) Source IP Address......2001:DB8::/32 The command output provides the following information: Field Description Rule Number The ordered rule number identifier defined within the IPv6 ACL.
Page 377 Destination This field displays the destination port for this rule. L4 Port Keyword IP DSCP This field indicates the value specified for IP DSCP. Flow Label This field indicates the value specified for IPv6 Flow Label. Displays when you enable logging for the rule. Assign Queue Displays the queue identifier to which packets matching this rule are assigned.
Page 378 IPv6 Access List Commands...
Page 379 IPv6 MLD Snooping Querier Commands This chapter explains the following commands: • ipv6 mld snooping querier • ipv6 mld snooping querier (VLAN mode) • ipv6 mld snooping querier address • ipv6 mld snooping querier election participate • ipv6 mld snooping querier query-interval •...
Page 380 ipv6 mld snooping querier Use the ipv6 mld snooping querier command to enable MLD Snooping Querier on the system. Use the "no" form of this command to disable MLD Snooping Querier. Syntax ipv6 mld snooping querier no ipv6 mld snooping querier Default Configuration MLD Snooping Querier is disabled by default.
Page 381 Command Mode VLAN Database mode User Guidelines There are no user guidelines for this command. Example console(config-vlan)#ipv6 mld snooping querier 10 ipv6 mld snooping querier address Use the ipv6 mld snooping querier address command to set the global MLD Snooping Querier address. Use the "no" form of this command to reset the global MLD Snooping Querier address to the default.
Page 382 ipv6 mld snooping querier election participate Use the ipv6 mld snooping querier election participate command to enable the Snooping Querier to participate in the Querier Election process when it discovers the presence of another Querier in the VLAN. When this mode is enabled, if the Snooping Querier finds that the other Querier's source address is higher than the Snooping Querier's address, it stops sending periodic queries.
Page 383 Syntax interval ipv6 mld snooping querier query-interval ipv6 mld snooping querier query-interval interval — Amount of time that the switch waits before sending another • general query. (Range: 1–1800 seconds) Default Configuration The default query interval is 60 seconds. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command...
Page 384 Default Configuration The default timer expiration period is 60 seconds. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 mld snooping querier timer expiry 222 show ipv6 mld snooping querier Use the show ipv6 mld snooping querier command to display MLD Snooping Querier information.
Page 385 Querier Address Shows the IP Address which will be used in the IPv6 header while sending out MLD queries. MLD Version Indicates the version of MLD that will be used while sending out the queries. This is defaulted to MLD v1 and it can not be changed.
Page 386 MLD Version Indicates the version of MLD. IPv6 MLD Snooping Querier Commands...
Page 387 LACP Commands This chapter explains the following commands: • lacp port-priority • lacp system-priority • lacp timeout • show lacp ethernet • show lacp port-channel LACP Commands...
Page 388 lacp port-priority Use the lacp port-priority command in Interface Configuration mode to configure the priority value for physical ports. To reset to default priority value, use the no form of this command. Syntax value lacp port-priority no lacp port-priority value — Port priority value. (Range: 1–65535) •...
Page 389 value — Port priority value. (Range: 1–65535) • Default Configuration The default system priority value is 1. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example configures the system priority to 120. console(config)#lacp system-priority 120 lacp timeout Use the lacp timeout command in Interface Configuration mode to assign an...
Page 390: Show Lacp Ethernet
User Guidelines This command has no user guidelines. Example The following example assigns an administrative LACP timeout for port 1/g8 to a long timeout value. console(config)#interface ethernet 1/g8 console(config-if-1/g8)#lacp timeout long show lacp ethernet Use the show lacp ethernet command in Privileged EXEC mode to display LACP information for Ethernet ports.
Page 391 system priority: system mac addr: 00:00:12:34:56:78 port Admin key: port Oper key: port Oper priority: port Admin timeout: LONG port Oper timeout: LONG LACP Activity: ACTIVE Aggregation: AGGREGATABLE synchronization: FALSE collecting: FALSE distributing: FALSE expired: FALSE Partner system priority: system mac addr: 00:00:00:00:00:00 port Admin key: port Oper key:...
Page 392: Show Lacp Port-Channel
expired: FALSE Port 1/g1 LACP Statistics: LACP PDUs sent: LACP PDUs received: show lacp port-channel Use the show lacp port-channel command in Privileged EXEC mode to display LACP information for a port-channel. Syntax port_channel_number show lacp port-channel [ port_channel_number — The port-channel number. •...
Page 393 Oper Key: Partner System Priority: MAC Address: 000000:000000 Oper Key: LACP Commands...
Page 394 LACP Commands...
Page 395: Link Dependency Commands
Link Dependency Commands This chapter explains the following commands: • link-dependency group • no link-dependency group • add ethernet • add port-channel • add port-channel • no add port-channel • depends-on ethernet • no depends-on ethernet • depends-on port-channel • no depends-on port-channel •...
Page 396: No Link-Dependency Group
link-dependency group Use the link-dependency group command to enter the link-dependency mode to configure a link-dependency group Syntax GroupId link-dependency group GroupId — Link dependency group identifier. (Range: 1–16) • Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines No specific guidelines...
Page 397: Add Ethernet
Command Mode Global Configuration mode User Guidelines No specific guidelines Example console(config)#no link-dependency group 1 add ethernet Use the add ethernet command to add member Ethernet port(s) to the dependency list. Syntax intf-list add ethernet intf-list — List of Ethernet interfaces. Separate nonconsecutive ports with •...
Page 398: Add Port-Channel
add port-channel Use the add port-channel command to add member port-channels to the dependency list. Syntax port-channel-list add port-channel port-channel-list — List of port-channel interfaces. Separate • nonconsecutive ports with a comma and no spaces. Use a hyphen to designate the range of ports. (Range: Valid port-channel interface list or range) Default Configuration This command has no default configuration.
Page 399: Depends-On Ethernet
Default Configuration This command has no default configuration. Command Mode Link Dependency mode User Guidelines No specific guidelines Example console(config-linkDep-group-1)#no add port-channel 2 depends-on ethernet Use the depends-on ethernet command to add the dependent Ethernet ports list. Syntax intf-list depends-on ethernet intf-list —...
Page 400: No Depends-On Ethernet
no depends-on ethernet Use the no depends-on ethernet command to remove the dependent Ethernet ports list. Syntax intf-list no depends-on ethernet intf-list — List of Ethernet interfaces. Separate nonconsecutive ports with • a comma and no spaces. Use a hyphen to designate the range of ports. (Range: Valid Ethernet interface list or range) Default Configuration This command has no default configuration.
Page 401: No Depends-On Port-Channel
Default Configuration This command has no default configuration. Command Mode Link Dependency mode User Guidelines No specific guidelines Example console(config-linkDep-group-1)#depends-on port- channel 6 no depends-on port-channel Use the no depends-on port-channel command to remove the dependent port-channels list. Syntax port-channel-list no depends-on port-channel port-channel-list —...
Page 402: Show Link-Dependency
Example console(config-linkDep-group-1)# no depends-on port- channel 6 show link-dependency Use the show link-dependency command to show the link dependencies configured for a particular group. If no group is specified, then all the configured link-dependency groups are displayed. Syntax GroupId show link-dependency [group GroupId —...
Page 403 The following command shows link dependencies for group 2 only. console#show link-dependency group 2 GroupId Member Ports Ports Depended On ------- ---------------------- --------------------- ------------- 1/g1-1/g4 1/g8-1/g9 Link Dependency Commands...
Page 404 Link Dependency Commands...
Page 405: Lldp Commands
LLDP Commands This chapter explains the following commands: • clear lldp remote-data • clear lldp statistics • lldp med • lldp med confignotification • lldp med faststartrepeatcount • lldp med transmit-tlv • lldp notification • lldp notification-interval • lldp receive •...
Page 406: Clear Lldp Statistics
clear lldp remote-data Use the clear lldp remote-data command in Privileged EXEC mode to delete all LLDP information from the remote data table. Syntax clear lldp remote-data Default Configuration By default, data is removed only on system reset. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Page 407: Lldp Med
User Guidelines This command has no user guidelines. Example The following example displays how to reset all LLDP statistics. console#clear lldp statistics lldp med This command is used to enable/disable LLDP-MED on an interface. By enabling MED, the transmit and receive functions of LLDP are effectively enabled.
Page 408: Lldp Med Confignotification
lldp med confignotification This command is used to enable sending the topology change notification. Syntax Description lldp med confignotification no lldp med confignotification Parameter Ranges Not applicable Command Mode Interface (Ethernet) Configuration Default Value By default, notifications are disabled on all supported interfaces. Usage Guidelines No specific guidelines.
Page 409: Lldp Med Transmit-Tlv
Command Mode Global Configuration Default Value Usage Guidelines No specific guidelines. Example console(config)# lldp med faststartrepeatcount 2 lldp med transmit-tlv This command is used to specify which optional TLVs in the LLDP MED set are transmitted in the LLDPDUs. There are certain conditions that have to be met for this port to be MED compliant.
Page 410: Lldp Notification
Parameter Ranges Not applicable. Command accepts keywords only. Command Mode Interface (Ethernet) Configuration Default Value By default, the capabilities and network policy TLVs are included. Example console(config)#interface ethernet 1/g1 console(config-if-1/g1)#lldp med transmit-tlv capabilities console(config-if-1/g1)#lldp med transmit-tlv network-policies lldp notification Use the lldp notification command in Interface Configuration mode to enable remote data change notifications.
Page 411: Lldp Notification-Interval
Example The following example displays how to enable remote data change notifications. console(config-if-1/g3)#lldp notification lldp notification-interval Use the lldp notification-interval command in Global Configuration mode to limit how frequently remote data change notifications are sent. To return the notification interval to the factory default, use the no form of this command.
Page 412 lldp receive Use the lldp receive command in Interface Configuration mode to enable the LLDP receive capability. To disable reception of LLDPDUs, use the no form of this command. Syntax lldp receive no lldp receive Default Configuration The default lldp receive mode is disabled. Command Mode Interface Configuration (Ethernet) mode User Guidelines...
Page 413 transmit-interval — The interval in seconds at which to transmit local data • LLDPDUs. (Range: 5–32768 seconds) hold-multiplier — Multiplier on the transmit interval used to set the TTL • in local data LLDPDUs. (Range: 2–10) reinit-delay — The delay in seconds before re-initialization. (Range: 1–10 •...
Page 414 Syntax lldp transmit no lldp transmit Default Configuration LLDP is disabled on all supported interfaces. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example The following example displays how enable the transmission of local data. console(config-if-1/g3)#lldp transmit lldp transmit-mgmt Use the lldp transmit-mgmt command in Interface Configuration mode to...
Page 415 User Guidelines This command has no user guidelines. Example The following example displays how to include management information in the LLDPDU. console(config-if-1/g3)#lldp transmit-mgmt lldp transmit-tlv Use the lldp transmit-tlv command in Interface Configuration mode to specify which optional type-length-value settings (TLVs) in the 802.1AB basic management set will be transmitted in the LLDPDUs.
Page 416 Example The following example shows how to include the system description TLV in local data transmit. console(config-if-1/g3)#lldp transmit-tlv sys-desc show lldp Use the show lldp command in Privileged EXEC mode to display the current LLDP configuration summary. Syntax show lldp Default Configuration This command has no default configuration.
Page 417 show lldp interface Use the show lldp interface command in Privileged EXEC mode to display the current LLDP interface state. Syntax interface show lldp interface { | all } interface — Specifies a valid physical interface on the switch or unit/port. •...
Page 418 console# show lldp interface 1/g1 Interface Link Transmit Receive Notify TLVs --------- ---- -------- -------- -------- ------- --- 1/g1 Enabled Enabled Enabled 0,1,2,3 TLV Codes: 0 – Port Description, 1 – System Name, 2 – System Description, 3 – System Capability show lldp local-device Use the show lldp local-device command in Privileged EXEC mode to display the advertised LLDP local data.
Page 419 Interface Port ID Port Description --------- -------------------- -------------------- 1/g1 00:62:48:00:00:02 console# show lldp local-device detail 1/g1 LLDP Local Device Detail Interface: 1/g1 Chassis ID Subtype: MAC Address Chassis ID: 00:62:48:00:00:00 Port ID Subtype: MAC Address Port ID: 00:62:48:00:00:02 System Name: System Description: Routing Port Description: System Capabilities Supported: bridge, router...
Page 420 Command Mode Privileged EXEC Default Value Not applicable Usage Guidelines No specific guidelines. Example console(config)#show lldp med LLDP MED Global Configuration Fast Start Repeat Count: 3 Device Class: Network Connectivity show lldp med interface This command displays a summary of the current LLDP MED configuration for a specific interface.
Page 421 Default Value Not applicable Example console#show lldp med interface all LLDP MED Interface Configuration Interface Link configMED operMED ConfigNotify TLVsTx --------- ------ -------- -------- -------- ------ 1/g1 Down Disabled Disabled Disabled 1/g2 Down Disabled Disabled Disabled console #show lldp med interface 1/g1 LLDP MED Interface Configuration Interface Link...
Page 422 2-Location, 3- Extended PSE, 4- Extended PD, 5-Inventory show lldp med local-device This command displays the advertised LLDP local data. This command can display summary information or detail for each interface. Syntax Description unit/port show lldp med local-device detail < >...
Page 423 Vlan ID: 10 Priority: 5 DSCP: 1 Unknown: False Tagged: True Media Policy Application Type : streamingvideo Vlan ID: 20 Priority: 1 DSCP: 2 Unknown: False Tagged: True Inventory Hardware Rev: xxx xxx xxx Firmware Rev: xxx xxx xxx Software Rev: xxx xxx xxx Serial Num: xxx xxx xxx Mfg Name: xxx xxx xxx Model Name: xxx xxx xxx...
Page 424 Device Type: pseDevice Extended POE PSE Available: 0.3 watts Source: primary Priority: critical Extended POE PD Required: 0.2 watts Source: local Priority: low show lldp med remote-device This command displays the current LLDP MED remote data. This command can display summary information or detail for each interface. Syntax Description unit/port show lldp med remote-device {<...
Page 425 Default Value Not applicable Example Console#show lldp med remote-device all LLDP MED Remote Device Summary Local InterfaceDevice Class --------------------- 1/g1Class I 1/g2 Not Defined 1/g3Class II 1/g4Class III 1/g5Network Con Console#show lldp med remote-device detail 1/g1 LLDP MED Remote Device Detail Local Interface: 1/g1 Capabilities MED Capabilities Supported: capabilities,...
Page 426 Network Policies Media Policy Application Type : voice Vlan ID: 10 Priority: 5 DSCP: 1 Unknown: False Tagged: True Media Policy Application Type : streamingvideo Vlan ID: 20 Priority: 1 DSCP: 2 Unknown: False Tagged: True Inventory Hardware Rev: xxx xxx xxx Firmware Rev: xxx xxx xxx Software Rev: xxx xxx xxx Serial Num: xxx xxx xxx...
Page 427 Subtype: elin Info: xxx xxx xxx Extended POE Device Type: pseDevice Extended POE PSE Available: 0.3 Watts Source: primary Priority: critical Extended POE PD Required: 0.2 Watts Source: local Priority: low show lldp remote-device Use the lldp remote-device command in Privileged EXEC mode to display the current LLDP remote data.
Page 428 Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Examples These examples show current LLDP remote data, including a detailed version. console#show lldp remote-device Local Remote Interface Device ID Port --------- ----------------- ----------------- ----- ----- 1/g1 01:23:45:67:89:AB 01:23:45:67:89:AC seconds...
Page 429 Management Address: 192.168.112.1 TTL: 60 seconds show lldp statistics Use the show lldp statistics command in Privileged EXEC mode to display the current LLDP traffic statistics. Syntax interface show lldp statistics { | all } interface — Specifies a valid physical interface on the switch or unit/port. •...
Page 430 Total Deletes........ 0 Total Drops........0 Total Ageouts........ 1 Interface Total Total Discards Errors Ageout Discards Unknowns MED 802.1 802.3 --------- ----- ----- -------- ------ ------ -------- -------- ---- ----- ----- 1/g11 29395 82562 0 The following table explains the fields in this example. Parameter Description Last Update...
Page 431 Parameter Description Discards Number of LLDP frames received on the indicated port and discarded for any reason. Errors Number of non-valid LLDP frames received on the indicated port. Ageouts Number of times a remote data entry on the indicated port has been deleted due to TTL expiration.
Page 432 LLDP Commands...
Page 433: Port Channel Commands
Port Channel Commands This chapter explains the following commands: • channel-group • interface port-channel • interface range port-channel • hashing-mode • no hashing-mode • show interfaces port-channel • show statistics port-channel Port Channel Commands...
Page 434 channel-group Use the channel-group command in Interface Configuration mode to configure a port-to-port channel. To remove the channel-group configuration from the interface, use the no form of this command. Syntax port-channel-number channel-group mode {on|auto} no channel-group port-channel-number — Number of a valid port-channel for the current •...
Page 435 Syntax port-channel-number interface port-channel port-channel-number — A valid port-channel trunk index. • Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example enters the context of port-channel number 1. console(config)# interface port-channel 1 console(config-if-ch1)# interface range port-channel...
Page 436 Command Mode Global Configuration mode User Guidelines Commands in the interface range context are executed independently on each interface in the range. If the command returns an error on one of the interfaces, it stops the execution of the command on subsequent interfaces. Example The following example shows how port-channels 1, 2 and 8 are grouped to receive the same command.
Page 437 Command Mode Interface Configuration (port-channel) User Guidelines No specific guidelines. Example console(config)#interface port-channel l console(config-if-ch1)#hashing-mode 4 no hashing-mode Use the no hashing-mode command to set the hashing algorithm on Trunk ports to the default (3). Syntax Description no hashing-mode Default Configuration This command has no default configuration.
Page 438 show interfaces port-channel Use the show interfaces port-channel command to show port-channel information. Syntax Description port-channel number show interfaces port-channel [ port-channel-number ] — Number of the port channel to show. This • parameter is optional. If the port channel number is not given, all the channel groups are displayed.
Page 439: Show Statistics Port-Channel
No Configured Ports No Configured Ports <default> No Configured Ports <default> Hash algorithm type 1 - Source MAC, VLAN, EtherType, source module and port Id 2 - Destination MAC, VLAN, EtherType, source module and port Id 3 - Source IP and source TCP/UDP port 4 - Destination IP and destination TCP/UDP port 5 - Source/Destination MAC, VLAN, EtherType and source MODID/port...
Page 440 User Guidelines This command has no user guidelines. Example The following example shows statistics about port-channel 1. console#show statistics port-channel 1 Total Packets Received (Octets)....0 Packets Received > 1522 Octets....0 Packets RX and TX 64 Octets....1064 Packets RX and TX 65-127 Octets....140 Packets RX and TX 128-255 Octets....
Page 441 FCS Errors........0 Overruns........0 Total Received Packets Not Forwarded... 0 Local Traffic Frames......0 802.3x Pause Frames Received....0 Unacceptable Frame Type......0 Multicast Tree Viable Discards....0 Reserved Address Discards...... 0 Broadcast Storm Recovery....... 0 CFI Discards........0 Upstream Threshold......
Page 442 Excessive Collision Frames..... 0 Port Membership Discards....... 0 802.3x Pause Frames Transmitted....0 GVRP PDUs received......0 GVRP PDUs Transmitted......0 GVRP Failed Registrations...... 0 Time Since Counters Last Cleared....0 day 0 hr 17 min 52 sec console# Port Channel Commands...
Page 443: Port Monitor Commands
Port Monitor Commands This chapter explains the following commands: • monitor session • show monitor session Port Monitor Commands...
Page 444: Monitor Session
monitor session Use the monitor session command in Global Configuration mode to configure a probe port and a monitored port for monitor session (port monitoring). Use the src-interface parameter to specify the interface to monitor. Use rx to monitor only ingress packets, or use tx to monitor only egress packets.
Page 445: Show Monitor Session
Example The following examples shows various port monitoring configurations. console(config)#monitor session 1 source interface 1/g8 console(config)#monitor session 1 destination interface 1/g10 console(config)#monitor session 1 mode show monitor session Use the show monitor session command in Privileged EXEC mode to display status of port monitoring.
Page 446 ---------- ---------- ---------- ------------- ----- Enable 1/g10 1/g8 Rx,Tx Port Monitor Commands...
Page 447: Qos Commands
QoS Commands This chapter explains the following commands: • assign-queue • class • class-map • class-map rename • classofservice dot1p-mapping • classofservice ip-dscp-mapping • classofservice trust • conform-color • cos-queue min-bandwidth • cos-queue strict • diffserv • drop • mark cos •...
Page 448 • match ip tos • match protocol • match source-address mac • match srcip • match srcip6 • match srcl4port • match vlan • mirror • police-simple • policy-map • redirect • service-policy • show class-map • show classofservice dot1p-mapping •...
Page 449: Class
assign-queue Use the assign-queue command in Policy-Class-Map Configuration mode to modify the queue ID to which the associated traffic stream is assigned. Syntax queueid assign-queue < > queueid — Specifies a valid queue ID. (Range: integer from 0–6.) • Default Configuration This command has no default configuration.
Page 450: Class-Map
Example The following example shows how to specify the DiffServ class name of "DELL." console(config)#policy-map DELL1 console(config-classmap)#class DELL class-map Use the class-map command in Global Configuration mode to define a new match-all . To delete the existing class, use the no form DiffServ class of type of this command.
Page 451: Class-Map Rename
User Guidelines There are no user guidelines for this command. Example The following example creates a class-map named "DELL" which requires all ACE’s to be matched. console(config)#class-map DELL console(config-cmap)# class-map rename Use the class-map rename command in Global Configuration mode to change the name of a DiffServ class.
Page 452: Classofservice Dot1P-Mapping
console(config)# classofservice dot1p-mapping Use the classofservice dot1p-mapping command in Global Configuration mode to map an 802.1p priority to an internal traffic class. In Interface Configuration mode, the mapping is applied only to packets received on that interface. Use the no form of the command to remove mapping between an 802.1p priority and an internal traffic class.
Page 453: Classofservice Ip-Dscp-Mapping
classofservice ip-dscp-mapping Use the classofservice ip-dscp-mapping command in Global Configuration mode to map an IP DSCP value to an internal traffic class. Syntax ipdscp trafficclass classofservice ip-dscp-mapping ipdscp — Specifies the IP DSCP value to which you map the specified •...
Page 454: Conform-Color
Syntax classofservice trust {dot1p|untrusted|ip-dscp} no classofservice trust • dot1p — Specifies that the mode be set to trust dot1p (802.1p) packet markings. • untrusted — Sets the Class of Service Trust Mode for all interfaces to Untrusted. • ip-dscp — Specifies that the mode be set to trust IP DSCP packet markings.
Page 455: Cos-Queue Min-Bandwidth
of the policy command, the conform action defaults to send, the exceed action defaults to drop, and the violate action defaults to drop. These actions can be set with this command. Syntax conform-color Default Configuration This command has no default configuration. Command Mode Policy-Class-Map Configuration mode User Guidelines...
Page 456: Cos-Queue Strict
Default Configuration This command has no default configuration. Command Mode Global Configuration mode or Interface Configuration (Ethernet, Port- channel) mode User Guidelines The maximum number of queues supported per interface is seven. Example The following example displays how to specify the minimum transmission bandwidth for seven interfaces.
Page 457: Diffserv
Command Mode Global Configuration mode or Interface Configuration (Ethernet, Port- channel) mode User Guidelines This command has no user guidelines. Example The following example displays how to activate the strict priority scheduler mode for two queues. console(config)#cos-queue strict 1 2 The following example displays how to activate the strict priority scheduler mode for three queues.
Page 458: Drop
User Guidelines This command has no user guidelines. Example The following example displays how to set the DiffServ operational mode to active. console(Config)#diffserv drop Use the drop command in Policy-Class-Map Configuration mode to specify that all packets for the associated traffic stream are to be dropped at ingress. Syntax drop Default Configuration...
Page 459: Mark Cos
mark cos Use the mark cos command in Policy-Class-Map Configuration mode to mark all packets for the associated traffic stream with the specified class of service value in the priority field of the 802.1p header. If the packet does not already contain this header, one is inserted.
Page 460: Mark Ip-Precedence
dscpval — Specifies a DSCP value (10, 12, 14, 18, 20, 22, 26, 28, 30, 34, 36, • 38, 0, 8, 16, 24, 32, 40, 48, 56, 46) or a DSCP keyword (af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, be, cs0, cs1, cs2, cs3, cs4, cs5, cs6, cs7, ef).
Page 461: Match Class-Map
User Guidelines. This command has no user guidelines. Example The following example displays console(config)#policy-map p1 in console(config-policy-map)#class c1 console(config-policy-classmap)#mark ip-precedence 2 console(config-policy-classmap)# match class-map Use the match class-map command to add to the specified class definition the set of match conditions defined for another class. Use the no form of this command to remove from the specified class definition the set of match conditions defined for another class.
Page 462: Match Cos
Example The following example adds match conditions defined for the Dell class to the class currently being configured. console(config-classmap)#match class-map Dell The following example deletes the match conditions defined for the Dell class from the class currently being configured.
Page 463: Match Destination-Address Mac
Command Mode Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example displays adding a match condition to the specified class. console(config-classmap)#match cos 1 match destination-address mac Use the match destination-address mac command in Class-Map Configuration mode to add to the specified class definition a match condition based on the destination MAC address of a packet.
Page 464 Example The following example displays adding a match condition for the specified MAC address and bit mask. console(config-classmap)#match destination-address mac AA:ED:DB:21:11:06 FF:FF:FF:EF:EE:EE match dstip Use the match dstip command in Class-Map Configuration mode to add to the specified class definition a match condition based on the destination IP address of a packet.
Page 465 match dstip6 The match dstip6 command adds to the specified class definition a match condition based on the destination IPv6 address of a packet. Syntax destination-ipv6-prefix/prefix-length match dstip6 destination-ipv6-prefix — IPv6 prefix in IPv6 global address format. • prefix-length —IPv6 prefix length value. •...
Page 466 Default Configuration This command has no default configuration. Command Mode Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example displays adding a match condition based on the destination layer 4 port of a packet using the "echo" port name keyword. console(config-classmap)#match dstl4port echo match ethertype Use the match ethertype command in Class-Map Configuration mode to add...
Page 467 Example The following example displays how to add a match condition based on ethertype. console(config-classmap)#match ethertype arp match ip6flowlbl The match ip6flowlbl command adds to the specified class definition a match condition based on the IPv6 flow label of a packet. Syntax label match ip6flowlbl...
Page 468 match ip dscp Use the match ip dscp command in Class-Map Configuration mode to add to the specified class definition a match condition based on the value of the IP DiffServ Code Point (DSCP) field in a packet. This field is defined as the high-order six bits of the Service Type octet in the IP header.
Page 469 match ip precedence Use the match ip precedence command in Class-Map Configuration mode to add to the specified class definition a match condition based on the value of the IP precedence field. Syntax precedence match ip precedence precedence — Specifies the precedence field in a packet. This field is the •...
Page 470 Syntax tosbits tosmask match ip tos tosbits — Specifies a two-digit hexadecimal number. (Range: 00–ff) • tosmask — Specifies the bit positions in the tosbits parameter that are • used for comparison against the IP TOS field in a packet. This value of this parameter is expressed as a two-digit hexadecimal number.
Page 471 protocol-name — Specifies one of the supported protocol name keywords. • icmp , igmp , ip , tcp , and udp . The supported values are protocol-number — Specifies the standard value assigned by IANA. • (Range 0–255) Default Configuration This command has no default configuration.
Page 472 Command Mode Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example adds to the specified class definition a match condition based on the source MAC address of the packet. console(config-classmap)# match source-address mac 10:10:10:10:10:10 11:11:11:11:11:11 match srcip Use the match srcip command in Class-Map Configuration mode to add to the specified class definition a match condition based on the source IP...
Page 473 Example The following example displays adding a match condition for the specified IP address and address bit mask. console(config-classmap)#match srcip 10.240.1.1 10.240.0.0 match srcip6 The match srcip6 command adds to the specified class definition a match condition based on the source IPv6 address of a packet. Syntax source-ipv6-prefix/prefix-length match srcip6...
Page 474 Syntax portkey port-number match srcl4port { portkey — Specifies one of the supported port name keywords. A match • condition is specified by one layer 4 port number. The currently supported values are: domain, echo, ftp, ftpdata, http, smtp,snmp, telnet, tftp, and www.
Page 475 Default Configuration This command has no default configuration. Command Mode Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example displays adding a match condition for the VLAN ID "2." console(config-classmap)#match vlan 2 mirror Use the mirror command in Policy-Class-Map Configuration mode to mirror all the data that matches the class defined to the destination port specified.
Page 476 Example The following example displays how to copy all the data to ethernet port 1/g5. console(config-policy-classmap)#mirror 1/g5 police-simple Use the police-simple command in Policy-Class-Map Configuration mode to establish the traffic policing style for the specified class. The simple form of the police command uses a single data rate and burst size, resulting in two outcomes: conform and nonconform.
Page 477 User Guidelines Only one style of police command (simple) is allowed for a given class instance in a particular policy. Example The following example shows how to establish the traffic policing style for the specified class. console(config-policy-classmap)#police-simple 33 34 conform-action transmit violate-action transmit policy-map Use the policy-map command in Global Configuration mode to establish a new DiffServ policy.
Page 478: Redirect
Example The following example shows how to establish a new DiffServ policy named "DELL." console(config)#policy-map DELL console(config-policy-classmap)# redirect Use the redirect command in Policy-Class-Map Configuration mode to specify that all incoming packets for the associated traffic stream are redirected to a specific egress interface (physical port or port-channel).
Page 479 Example The following example shows how to attach a service policy named "DELL" to all interfaces. console(config)#service-policy DELL QoS Commands...
Page 480 This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays all the configuration information for the class named "Dell". console#show class-map Class L3 Class Name Type Proto Reference Class Name...
Page 481 match_icmp6 ipv6 console#show class-map ipv4 Class Name........ipv4 Class Type........All Class Layer3 Protocol......ipv4 Match Criteria Values ---------------------------- ------------------------ ------------- Source IP Address 2.2.2.2 (255.255.255.0) console#show class-map stop_http_class Class Name........stop_http_class Class Type........All Class Layer3 Protocol......ipv6 Match Criteria Values ---------------------------- ------------------------ -------------...
Page 482 show classofservice dot1p-mapping Use the show classofservice dot1p-mapping command in Privileged EXEC mode to display the current Dot1p (802.1p) priority mapping to internal traffic classes for a specific interface. Syntax unit>/<port-type><port> show classofservice dot1p-mapping [< |port- port-channel number channel <unit>/<port-type><port> — Specifies a valid unit/port combination: •...
Page 483: Show Classofservice Ip-Dscp-Mapping
User Priority Traffic Class ------------- --------------- The following table lists the parameters in the example and gives a description of each. Parameter Description User Priority The 802.1p user priority value. Traffic Class The traffic class internal queue identifier to which the user priority value is mapped.
Page 484 Command Mode Privileged EXEC mode User Guidelines Example console#show classofservice ip-dscp-mapping IP DSCP Traffic Class ------------- ------------- 0(be/cs0 8(cs1) 10(af11) 12(af12) 14(af13) 16(cs2) QoS Commands...
Page 485 18(af21) --More-- or (q)uit 20(af22) 22(af23) 24(cs3) 26(af31) 28(af32) 30(af33) 32(cs4) 34(af41) 36(af42) 38(af43) 40(cs5) QoS Commands...
Page 486 --More-- or (q)uit 46(ef) 48(cs6) 56(cs7) console# QoS Commands...
Page 487: Show Classofservice Trust
show classofservice trust Use the show classofservice trust command in Privileged EXEC mode to display the current trust mode setting for a specific interface. Syntax unit>/<port-type><port> port- show classofservice trust [< |port-channel channel number <unit>/<port-type><port> — Specifies a valid unit/port combination: •...
Page 488: Show Diffserv
show diffserv Use the show diffserv command in Privileged EXEC mode to display the DiffServ general information, which includes the current administrative mode setting as well as the current and maximum number of DiffServ components. Syntax show diffserv Default Configuration This command has no default configuration.
Page 489: Show Diffserv Service Interface Ethernet In
Service Table Size Current/Max....26 / show diffserv service interface ethernet in Use the show diffserv service interface ethernet command in Privileged EXEC mode to display policy service information for the specified interface. Syntax <unit>/<port-type><port> show diffserv service interface ethernet unit>/<port-type><port>...
Page 490: Show Diffserv Service Interface Port-Channel In
show diffserv service interface port-channel in Syntax Description channel-group show diffserv service interface port-channel channel-group : A valid port-channel in the system. (Range: 1–18) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC User Guidelines Not applicable Example console#show diffserv service interface port-channel 1 in...
Page 491: Show Interfaces Cos-Queue
OperStatus Policy Name ----------- ----------- ------------ --------------- ---- 1/g1 Down DELL show interfaces cos-queue Use the show interfaces cos-queue command in Privileged EXEC mode to display the class-of-service queue configuration for the specified interface. Syntax unit>/<port-type><port> show interfaces cos-queue [<...
Page 492 port > — port number. Values are 1-24 or 1-48 for port_type g, and – < 1-4 for port_type xg. Example: xg2 is the 10 gigabit Ethernet port 2. port-channel number — Specifies a valid port-channel number. Range is 1- •...
Page 493 Weighted Tail Drop Weighted Tail Drop Weighted Tail Drop Weighted Tail Drop Weighted Tail Drop Weighted Tail Drop This example displays the COS configuration for the specified interface 1/g1. console#show interfaces cos-queue 1/g1 Interface........1/g1 Interface Shaping Rate......0 Queue Id Min.
Page 494: Show Policy-Map
Weighted Tail Drop Weighted Tail Drop Weighted Tail Drop The following table lists the parameters in the examples and gives a description of each. Parameter Description Interface The port of the interface. If displaying the global configuration, this output line is replaced with a global configuration indication.
Page 495: Show Policy-Map Interface
Policy Name Policy Type Class Members ----------- ----------- ------------- POLY1 DellClass DELL DellClass show policy-map interface Use the show policy-map interface command in Privileged EXEC mode to display policy-oriented statistics information for the specified interface. Syntax unit/port show policy-map interface unit/port —...
Page 496: Show Service-Policy
This command has no user guidelines. Example The following example displays the statistics information for port 1/g1. console#show policy-map interface 1/g1 in Interface........1/g1 Operational Status......Down Policy Name........DELL Interface Summary: Class Name........murali In Discarded Packets......0 Class Name........test In Discarded Packets......
Page 497 This command has no user guidelines. Example The following example displays a summary of policy-oriented statistics information. console#show service-policy Oper Policy Intf Stat Name ------ ----- ------------------------------- 1/g1 Down DELL 1/g2 Down DELL 1/g3 Down DELL 1/g4 Down DELL 1/g5 Down DELL...
Page 498: Traffic-Shape
traffic-shape Use the traffic-shape command in Global Configuration mode and Interface Configuration mode to specify the maximum transmission bandwidth limit rate shaping for the interface as a whole. This process, also known as , has the effect of smoothing temporary traffic bursts over time so that the transmitted traffic rate is bounded.
Page 499: Radius Commands
RADIUS Commands This chapter explains the following commands: • aaa accounting network default start-stop group radius • acct-port • auth-port • deadtime • • msgauth • name • primary • priority • radius-server deadtime • radius-server host • radius-server key •...
Page 500: Acct-Port
aaa accounting network default start-stop group radius Use the aaa accounting network default start-stop group radius command to enable RADIUS accounting on the switch. Use the “no” form of this command to disable RADIUS accounting. Syntax aaa accounting network default start-stop group radius no aaa accounting network default start-stop group radius Default Configuration RADIUS accounting is disabled by default.
Page 501: Auth-Port
Default Configuration The default value of the port number is 1813. Command Mode Radius (accounting) mode User Guidelines There are no user guidelines for this command. Example The following example sets port number 56 for accounting requests. console(config)#radius-server host acct 3.2.3.2 console(Config-acct-radius)#acct-port 56 auth-port Use the auth-port command in Radius mode to set the port number for...
Page 502: Deadtime
Example The following example sets the port number 2412 for authentication requests. console(config)#radius-server host 192.143.120.123 console(config-radius)#auth-port 2412 deadtime Use the deadtime command in Radius mode to improve Radius response times when a server is unavailable by causing the unavailable server to be skipped.
Page 503: Msgauth
Use the key command to specify the encryption key which is shared with the RADIUS server. Use the "no" form of this command to remove the key. Syntax key-string key-string — A string specifying the encryption key (Range: 0 - 128 •...
Page 504: Name
Default Configuration The message authenticator attribute is enabled by default. Command Mode Radius mode User Guidelines There are no user guidelines for this command. Example console(Config-auth-radius)#msgauth name Use the name command to assign a name to a RADIUS server. Use the "no" form of this command to reset the name to the default.
Page 505: Primary
primary Use the primary command to specify that a configured server should be the primary server in the group of authentication servers which have the same server name. Multiple primary servers can be configured for each group of servers which have the same name. When the RADIUS client has to perform transactions with an authenticating RADIUS server of the specified name, it uses the primary server that has the specified server name by default.
Page 506: Radius-Server Deadtime
Default Configuration The default priority is 0. Command Mode Radius mode User Guidelines User must enter the mode corresponding to a specific Radius server before executing this command. Example The following example specifies a priority of 10 for the designated server. console(config)#radius-server host 192.143.120.123 console(config-radius)#priority 10 radius-server deadtime...
Page 507 User Guidelines This command has no user guidelines. Example The following example sets the interval for which any unavailable Radius servers are skipped over by transaction requests to 10 minutes. console(config)#radius-server deadtime 10 radius-server host Use the radius-server host command in Global Configuration mode to specify a RADIUS server host and enter RADIUS Configuration mode.
Page 508 Global Configuration mode User Guidelines This command has no user guidelines. Example The following example sets the authentication and encryption key for all Radius communications between the device and the Radius server to “dell- .” server console(config)#radius-server key dell-server RADIUS Commands...
Page 509 radius-server retransmit Use the radius-server retransmit command in Global Configuration mode to specify the number of times the Radius client will retransmit requests to the Radius server. To reset the default configuration, use the no form of this command. Syntax retries radius-server retransmit no radius-server retransmit...
Page 510 no radius-server source-ip source — Specifies the source IP address. • Default Configuration The default IP address is the outgoing IP interface. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example configures the source IP address used for communication with Radius servers to 10.1.1.1.
Page 511 User Guidelines This command has no user guidelines. Example The following example sets the interval for which a switch waits for a server host to reply to 5 seconds. console(config)#radius-server timeout 5 retransmit Use the retransmit command in Radius mode to specify the number of times the Radius client retransmits requests to the Radius server.
Page 512 show radius-servers Use the show radius-servers command to display the list of configured RADIUS servers and the values configured for the global parameters of the RADIUS client. Syntax servername show radius-servers [ accounting | authentication ] [ name [ accounting — This optional parameter will cause accounting servers to be displayed.
Page 513 Field Description Named Accounting The number of configured named RADIUS server groups. Server Groups Timeout The configured timeout value, in seconds, for request retransmissions. Retransmit The configured value of the maximum number of times a request packet is retransmitted. Deadtime The length of time an unavailable RADIUS server is skipped.
Page 514 Retransmit : 3 Deadtime : 0 Source IP : 0.0.0.0 RADIUS Attribute 4 Mode : Disable RADIUS Attribute 4 Value : 0.0.0.0 console#show radius-servers accounting name Server Name Host Address Port Type -------------------------------- ------------------------ ------ -- -------- Default-RADIUS-Server 2.2.2.2 1813 Secondary console#show radius-servers name Default-RADIUS-Server RADIUS Server Name......
Page 515 Syntax ipaddress show radius-servers statistics [ accounting | authentication ] { hostname servername | name • accounting | authentication — The type of server (accounting or authentication). ipaddress — The RADIUS server host IP address. • hostname — Host name of the Radius server host (Range: 1–158 •...
Page 516 Field Description Malformed The number of malformed RADIUS Accounting Response Responses packets received from this server. Malformed packets include packets with an invalid length. Bad authenticators or signature attributes or unknown types are not included as malformed accounting responses. The number of RADIUS Accounting Response packets Authenticators containing invalid authenticators received from this accounting server.
Page 517 Field Description Malformed Access The number of malformed RADIUS Access Response packets Responses received from this server. Malformed packets include packets with an invalid length. Bad authenticators or signature attributes or unknown types are not included as malformed access responses. The number of RADIUS Access Response packets containing Authenticators invalid authenticators or signature attributes received from this...
Page 518 Unknown Types......... 0 Packets Dropped....... 0 console#show radius-server statistics name Default_RADIUS_Server RADIUS Server Name......Default_RADIUS_Server Server Host Address......192.168.37.200 Access Requests....... 0.00 Access Retransmissions......0 Access Accepts........ 0 Access Rejects........ 0 Access Challenges......0 Malformed Access Responses....0 Bad Authenticators......0 Pending Requests......
Page 519: Timeout
Default Configuration The IP address is of the outgoing IP interface. Command Mode Radius mode User Guidelines User must enter the mode corresponding to a specific Radius server before executing this command. Example The following example specifies 10.240.1.23 as the source IP address. console(config)#radius-server host 192.143.120.123 console(config-radius)#source-ip 10.240.1.23 timeout...
Page 520 Example The following example specifies the timeout setting for the designated Radius Server. console(config)#radius-server host 192.143.120.123 console(config-radius)#timeout 20 usage Use the usage command in Radius mode to specify the usage type of the server. Syntax type usage type — Variable can be one of the following values: login , 802.1x or all . •...
Page 521 Spanning Tree Commands This chapter explains the following commands: • clear spanning-tree detected-protocols • exit (mst) • instance (mst) • name (mst) • revision (mst) • show spanning-tree • show spanning-tree summary • spanning-tree • spanning-tree auto-portfast • spanning-tree bpdu flooding •...
Page 522 • spanning-tree portfast bpdufilter default • spanning-tree portfast default • spanning-tree port-priority • spanning-tree priority • spanning-tree tcnguard • spanning-tree transmit hold-count Spanning Tree Commands...
Page 523: Exit (Mst)
clear spanning-tree detected-protocols Use the clear spanning-tree detected-protocols command in Privileged EXEC mode to restart the protocol migration process (force the renegotiation with neighboring switches) on all interfaces or on the specified interface. Syntax interface clear spanning-tree detected-protocols [ethernet | port-channel port-channel-number interface —...
Page 524 Default Configuration MST configuration. Command Mode MST mode User Guidelines This command has no user guidelines. Example The following example shows how to exit the MST configuration mode and save changes. console(config)#spanning-tree mst configuration console(config-mst)#exit instance (mst) Use the instance command in MST mode to map VLANS to an MST instance.
Page 525: Name (Mst)
User Guidelines Before mapping VLANs to an instance use the spanning-tree mst enable command to enable the instance. All VLANs that are not explicitly mapped to an MST instance are mapped to the common and internal spanning tree (CIST) instance (instance 0) and cannot be unmapped from the CIST.
Page 526 Example The following example sets the configuration name to “region1”. console(config)#spanning-tree mst configuration console(config-mst)#name region1 revision (mst) Use the revision command in MST mode to identify the configuration revision number. To return to the default setting, use the no form of this command.
Page 527 Syntax interface-number port-channel- show spanning-tree [ethernet | port-channel number ] [ instance-id] instance instance-id] show spanning-tree [detail] [active | blockedports] | [instance show spanning-tree mst-configuration — Displays detailed information. • detail — Displ ays active ports only. • active — Displays blocked ports only. •...
Page 528 Address 80:00:00:FC:E3:90:00:5D This Switch is the Root. Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec TxHoldCount 6 Interfaces Name State Prio.Nbr Cost Role PortFast Restricted ------ -------- --------- ---------- ---- ----- --- ----- ------- 1/g1 Enabled 128.1 Disb 1/g2...
Page 529 1/g7 Enabled 128.7 Disb 1/g8 Enabled 128.8 Disb 1/g9 Enabled 128.9 Disb 1/g10 Enabled 128.10 Disb 1/g11 Enabled 128.11 Disb 1/g12 Enabled 128.12 Disb 1/g13 Enabled 128.13 Disb 1/g14 Enabled 128.14 Disb 1/g15 Enabled 128.15 Disb 1/g16 Enabled 128.16 Disb 1/g17 Enabled 128.17...
Page 530 Name State Prio.Nbr Cost Role PortFast Restricted ------ -------- --------- ---------- ---- ----- --- ----- ------- 1/g21 Enabled 128.21 Disb 1/g22 Enabled 128.22 Disb 1/g23 Enabled 128.23 Disb 1/g24 Enabled 128.24 Disb 1/xg1 Enabled 128.25 Disb 1/xg2 Enabled 128.26 Disb 1/xg3 Enabled 128.27...
Page 531 Enabled 128.631 Disb Enabled 128.632 Disb --More-- or (q)uit /**************************************************** *******************************/ console(config)# console#show spanning-tree Spanning tree Enabled BPDU Flooding disabled Portfast BPDU filtering Disabled m ode rstp CST Regional Root: 80:00:00:FC:E3:90:00:5D Regional Root Path Cost: ROOT ID Address 40:00:00:FC:E3:90:06:0F Path Cost 20000 Root Port 1/g1...
Page 532 Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Interfaces Name State Prio.Nbr Cost Role PortFast Restricted ------ -------- --------- ---------- ---- ----- --- ----- ------- --More-- or (q)uit Name State Prio.Nbr Cost Role PortFast Restricted ------ -------- --------- ---------- ---- ----- --- -----...
Page 533 1/g8 Enabled 128.8 Disb 1/g9 Enabled 128.9 Disb 1/g10 Enabled 128.10 Disb 1/g11 Enabled 128.11 Disb 1/g12 Enabled 128.12 Disb 1/g13 Enabled 128.13 Disb 1/g14 Enabled 128.14 Disb 1/g15 Enabled 128.15 Disb 1/g16 Enabled 128.16 Disb --More-- or (q)uit Name State Prio.Nbr Cost...
Page 534 1/g20 Enabled 128.20 Disb 1/g21 Enabled 128.21 Disb 1/g22 Enabled 128.22 Disb 1/g23 Enabled 128.23 Disb 1/g24 Enabled 128.24 Disb 1/xg1 Enabled 128.25 Disb 1/xg2 Enabled 128.26 Disb 1/xg3 Enabled 128.27 Disb 1/xg4 Enabled 128.28 Disb Enabled 128.626 Disb Enabled 128.627 Disb Enabled...
Page 535 Enabled 128.629 Disb Enabled 128.630 Disb Enabled 128.631 Disb Enabled 128.632 Disb Enabled 128.633 Disb Enabled 128.634 Disb ch10 Enabled 128.635 Disb ch11 Enabled 128.636 Disb ch12 Enabled 128.637 Disb ch13 Enabled 128.638 Disb ch14 Enabled 128.639 Disb ch15 Enabled 128.640 Disb ch16...
Page 536 ch19 Enabled 128.644 Disb --More-- or (q)uit /**************************************************** *******************************/ console#show spanning-tree active Spanning tree Enabled (BPDU flooding : Disabled) Portfast BPDU filtering Disabl ed mode rstp CST Regional Root: 80:00:00:FC:E3:90:00:5D Regional Root Path Cost: ###### MST 0 Vlan Mapped: 1, 3001 ROOT ID Address 40:00:00:FC:E3:90:06:0F...
Page 537 Name State Prio.Nbr Cost Role PortFast RestrictedPort ------ -------- --------- ---------- ---- ----- --- ----- ------- --More-- or (q)uit Name State Prio.Nbr Cost Role PortFast RestrictedPort ------ -------- --------- ---------- ---- ----- --- ----- ------- 1/g1 Enabled 128.1 20000 Root 1/g3 Enabled 128.3...
Page 538 Regional Root Path Cost: ###### MST 0 Vlan Mapped: 1, 3001 ROOT ID Address 40:00:00:FC:E3:90:06:0F Path Cost 20000 Root Port 1/g1 Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 Address 80:00:00:FC:E3:90:00:5D Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Interfaces Name...
Page 539 1/g4 Enabled 128.4 20000 Altn 1/g5 Enabled 128.5 20000 Altn show spanning-tree summary Use the show spanning-tree summary command to display spanning tree settings and parameters for the switch. Syntax show spanning-tree summary Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines...
Page 540: Spanning-Tree
Configuration Revision Identifier used to identify the configuration currently Level being used. Configuration Digest Key A generated Key used in the exchange of the BPDUs. Configuration Format Specifies the version of the configuration format being Selector used in the exchange of BPDUs. The default value is zero.
Page 541 Syntax spanning-tree no spanning-tree Default Configuration Spanning-tree is enabled. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example enables spanning-tree functionality. console(config)#spanning-tree spanning-tree auto-portfast Use the spanning-tree auto-portfast command to set the port to auto portfast mode.
Page 542 Usage Guidelines There are no user guidelines for this command. Example The following example enables spanning-tree functionality on ethernet interface 4/g1. console#config console(config)#interface ethernet 4/g1 console(config-if-4/g1)#spanning-tree auto-portfast spanning-tree bpdu flooding The spanning-tree bpdu flooding command allows flooding of BPDUs received on non-spanning-tree ports to all other non-spanning-tree ports. Use the “no”...
Page 543: Spanning-Tree Bpdu-Protection
spanning-tree bpdu-protection Use the spanning-tree bpdu-protection command in Global Configuration mode to enable BPDU protection on a switch. Use the no form of this command to resume the default status of BPDU protection function. For an access layer device, the access port is generally connected to the user terminal (such as a desktop computer) or file server directly and configured as an edge port to implement the fast transition.
Page 544: Spanning-Tree Cost
spanning-tree cost Use the spanning-tree cost command in Interface Configuration mode to configure the spanning-tree path cost for a port. To return to the default port path cost, use the no form of this command. The command "spanning-tree mst 0 external-cost is used to set path "...
Page 545: Spanning-Tree Disable
spanning-tree disable Use the spanning-tree disable command in Interface Configuration mode to disable spanning-tree on a specific port. To enable spanning-tree on a port, use the no form of this command. Syntax spanning-tree disable no spanning-tree disable Default Configuration By default, all ports are enabled for spanning-tree. Command Mode Interface Configuration (Ethernet, Port-Channel) mode User Guidelines...
Page 546: Spanning-Tree Guard
no spanning-tree forward-time seconds — Time in seconds. (Range: 4–30) • Default Configuration The default forwarding-time for IEEE Spanning-tree Protocol (STP) is 15 seconds. Command Mode Global Configuration mode. User Guidelines When configuring the Forward-Time the following relationship should be satisfied: 2*(Forward-Time - 1) >= Max-Age.
Page 547: Spanning-Tree Loopguard
Default Configuration Neither root nor loop guard is enabled. Command Mode Interface Configuration (Ethernet, Port Channel) mode. User Guidelines There are no user guidelines for this command. Example The following example disables spanning-tree guard functionality on ethernet interface 4/g1. console#config console(config)#interface ethernet 4/g1 console(config-if-4/g1)#spanning-tree guard none spanning-tree loopguard...
Page 548: Spanning-Tree Max-Age
Example The following example enables spanning-tree loopguard functionality on all ports. console(config)#spanning-tree loopguard default spanning-tree max-age Use the spanning-tree max-age command in Global Configuration mode to configure the spanning-tree bridge maximum age. To reset the default maximum age, use the no form of this command. Syntax seconds spanning-tree max-age...
Page 549: Spanning-Tree Max-Hops
spanning-tree max-hops Use the spanning-tree max-hops command to set the MSTP Max Hops parameter to a new value for the common and internal spanning tree. Use the “no” form of this command to reset the Max Hops to the default. Syntax hops spanning-tree max-hops...
Page 550: Spanning-Tree Mst 0 External-Cost
mstp — Multiple Spanning Tree Protocol (MSTP) is enabled. • Default Configuration Rapid Spanning Tree Protocol (RSTP) is supported. Command Mode Global Configuration mode User Guidelines In RSTP mode the switch would use STP when the neighbor switch is using STP .
Page 551: Spanning-Tree Mst Configuration
Default Configuration The default cost is 0, which signifies that the cost is automatically calculated based on port speed. Port Channel — 20,000 10 Gbps — 2000 1 Gbps — 20,000 100 Mbps — 200,000 10 Mbps — 2,000,000 Command Mode Interface Configuration (Ethernet, Port Channel) mode User Guidelines There are no user guidelines for this command.
Page 552: Spanning-Tree Mst Cost
User Guidelines For two or more switches to be in the same MST region, they must have the same VLAN mapping, the same configuration revision number and the same name. Example The following example configures an MST region. console (config)#spanning-tree mst configuration console (config-mst)#instance 1 add vlan 10-20 console (config-mst)#name region1 console (config-mst)#revision 1...
Page 553: Spanning-Tree Mst Port-Priority
— 20,000 • Port-Channel Command Mode Interface Configuration (Ethernet, Port-Channel) mode User Guidelines This command has no user guidelines. Example The following example configures the MSTP instance 1 path cost for interface 1/g9 to 4. console(config)#interface ethernet 1/g9 console(config-if-1/g9)#spanning-tree mst 1 cost 4 spanning-tree mst port-priority Use the spanning-tree mst port-priority command in Interface Configuration mode to configure port priority.
Page 554: Spanning-Tree Mst Priority
Example The following example configures the port priority of port 1/g1 to 144. console(config)#interface ethernet 1/g1 console(config-if-1/g1)#spanning-tree mst 1 port- priority 144 spanning-tree mst priority Use the spanning-tree mst priority command in Global Configuration mode to set the switch priority for the specified spanning-tree instance. To return to the default setting, use the no form of this command.
Page 555: Spanning-Tree Portfast
console(config)#spanning-tree mst 1 priority 4096 spanning-tree portfast Use the spanning-tree portfast command in Interface Configuration mode to enable PortFast mode. In PortFast mode, the interface is immediately put into the forwarding state upon linkup, without waiting for the timer to expire. To disable PortFast mode, use the no form of this command.
Page 556: Spanning-Tree Portfast Bpdufilter Default
spanning-tree portfast bpdufilter default The spanning-tree portfast bpdufilter default command discards BPDUs received on spanning-tree ports in portfast mode. Use the “no” form of the command to disable discarding. Syntax spanning-tree portfast bpdufilter default no spanning-tree portfast bpdufilter default Default Configuration This feature is disabled by default.
Page 557: Spanning-Tree Port-Priority
Default Configuration Portfast mode is disabled by default. Command Mode Global Configuration mode Usage Guidelines There are no usage guidelines for this command. Example The following example enables Portfast mode on all ports. console(config)#spanning-tree portfast default spanning-tree port-priority Use the spanning-tree port-priority command in Interface Configuration mode to configure port priority.
Page 558: Spanning-Tree Priority
Example The following example configures the spanning priority on 1/g5 to 96. console(config)#interface ethernet 1/g5 console(config-if-1/g5)#spanning-tree port-priority spanning-tree priority Use the spanning-tree priority command in Global Configuration mode to configure the spanning-tree priority. The priority value is used to determine which bridge is elected as the root bridge.
Page 559: Spanning-Tree Tcnguard
spanning-tree tcnguard Use the spanning-tree tcnguard command to prevent a port from propagating topology change notifications. Use the “no” form of the command to enable TCN propagation. Syntax spanning-tree tcnguard no spanning-tree tcnguard Default Configuration TCN propagation is disabled by default. Command Mode Interface Configuration (Ethernet, Port Channel) mode User Guidelines...
Page 560 Default Configuration The default hold count is 6 BPDUs. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example sets the maximum number of BPDUs sent to 6. console(config)#spanning-tree transmit hold-count 6 Spanning Tree Commands...
Page 561 Switchport Voice Commands This chapter explains the following commands: • show switchport voice • switchport voice detect auto Switchport Voice Commands...
Page 562: Show Switchport Voice
show switchport voice Use the show switchport voice command to show the status of auto-voip on an interface or all interfaces. Syntax interface index show switchport voice [interface {ethernet | port-channel interface —Specifies a valid interface. The full syntax is unit/port. •...
Page 563 1/g8 Enabled 1/g9 Enabled 1/g10 Enabled 1/g11 Enabled 1/g12 Enabled 1/g13 Enabled 1/g14 Enabled 1/g15 Enabled 1/g16 Enabled 1/g17 Enabled 1/g18 Enabled 1/g19 Enabled 1/g20 Enabled --More-- or (q)uit console#show switchport voice ethernet 1/g1 Interface Auto VoIP Mode Traffic Class --------- -------------- ------------- 1/g1 Disabled...
Page 564 Disabled The command output provides the following information: • AutoVoIP Mode—The Auto VoIP mode on the interface. • Traffic Class—The Cos Queue or Traffic Class to which all VoIP traffic is mapped. This is not configurable and defaults to the highest COS queue available in the system for data traffic.
Page 565 TACACS+ Commands This chapter explains the following commands: • • port • priority • show tacacs • tacacs-server host • tacacs-server key • tacacs-server timeout • timeout TACACS+ Commands...
Page 566: Port
Use the key command in TACACS Configuration mode to specify the authentication and encryption key for all TACACS communications between the device and the TACACS server. This key must match the key used on the TACACS daemon. Syntax key [ key-string ] —...
Page 567: Priority
Default Configuration The default port number is 49. Command Mode TACACS Configuration mode User Guidelines This command has no user guidelines. Example The following example displays how to specify server port number 1200. console(tacacs)#port 1200 priority Use the priority command in TACACS Configuration mode to specify the order in which servers are used, where 0 (zero) is the highest priority.
Page 568 console(config-tacacs)#priority 10000 show tacacs Use the show tacacs command in Privileged EXEC mode to display the configuration and statistics of a TACACS+ server. Syntax ip-address show tacacs [ ip-address — • The name or IP address of the host. Default Configuration This command has no default configuration.
Page 569 tacacs-server host Use the tacacs-server host command in Global Configuration mode to configure a TACACS+ server. This command enters into the TACACS+ configuration mode. To delete the specified hostname or IP address, use the no form of this command. Syntax ip-address hostname tacacs-server host {...
Page 570 This command has no user guidelines. Example The following example sets the authentication encryption key. console(config)#tacacs-server key dell-s tacacs-server timeout Use the tacacs-server timeout command in Global Configuration mode to set the interval during which a switch waits for a server host to reply. To restore the default, use the no form of this command.
Page 571: Timeout
Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example sets the timeout value as 30. console(config)#tacacs-server timeout 30 timeout Use the timeout command in TACACS Configuration mode to specify the timeout value in seconds. If no timeout value is specified, the global value is used.
Page 572 TACACS+ Commands...
Page 573: Vlan Commands
VLAN Commands This chapter explains the following commands: • dvlan-tunnel ethertype • interface vlan • interface range vlan • mode dvlan-tunnel • name • protocol group • protocol vlan group • protocol vlan group all • show dvlan-tunnel • show dvlan-tunnel interface •...
Page 574 • switchport trunk allowed vlan • vlan • vlan association mac • vlan association subnet • vlan database • vlan makestatic • vlan protocol group • vlan protocol group add protocol • vlan protocol group name • vlan protocol group remove •...
Page 575 dvlan-tunnel ethertype Use the dvlan-tunnel ethertype command in Global Configuration mode to configure the ethertype for the specified interface. To configure the EtherType on the specified interface to its default value, use the no form of this command. Syntax 0-65535 dvlan-tunnel ethertype {802.1Q | vman | custom <...
Page 576 Syntax vlan-id interface vlan vlan-id — The ID of a valid VLAN (Range: 1–4093). • Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example configures the VLAN 1 IP address of 131.108.1.27 and subnet mask 255.255.255.0.
Page 577 Command Mode Global Configuration mode User Guidelines Commands used in the interface range context are executed independently on each interface in the range. If the command returns an error on one of the interfaces, an error message is displayed and execution continues on other interfaces.
Page 578: Name
Example The following example displays how to enable Double VLAN Tunneling at ethernet port 1/g1. console(config-if-1/g1)#mode dvlan-tunnel name Use the name command in Interface Configuration mode to add a name to a VLAN. To remove the VLAN name, use the no form of this command. NOTE: This command cannot be configured for a range of interfaces (range context).
Page 579 protocol group Use the protocol group command in VLAN Database mode to attach a groupid VLAN ID to the protocol-based group identified by . A group may only be associated with one VLAN at a time. However, the VLAN association can be changed.
Page 580 protocol vlan group Use the protocol vlan group command in Interface Configuration mode to add the physical unit/port interface to the protocol-based group identified by groupid . A group may have more than one interface associated with it. Each interface and protocol combination can be associated with one group only. If adding an interface to a group causes any conflicts with protocols currently associated with the group, this command fails and the interface(s) are not added to the group.
Page 581 console(config-if-1/g1)#protocol vlan group 2 protocol vlan group all Use the protocol vlan group all command in Global Configuration mode to groupid add all physical interfaces to the protocol-based group identified by A group may have more than one interface associated with it. Each interface and protocol combination can be associated with one group only.
Page 582: Show Dvlan-Tunnel Interface
console(config)#protocol vlan group all 2 show dvlan-tunnel Use the show dvlan-tunnel command in Privileged EXEC mode to display all interfaces enabled for Double VLAN Tunneling. Syntax show dvlan-tunnel Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Page 583: Show Interfaces Switchport
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays detailed information for unit/port "1/g1." console#show dvlan-tunnel interface 1/g1 Interface Mode EtherType --------- ------- -------------- 1/g1 Enable vMAN...
Page 584 Syntax interface port-channel- show interfaces switchport {ethernet |port-channel number Interface — Specific interface, such as ethernet 1/g8. • port-channel-number — Valid port-channel trunk index. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Page 585 VLAN008 tagged Dynamic VLAN0011 tagged Static IPv6 VLAN untagged Static VLAN0072 untagged Static Static configuration: PVID: 1 (default) Ingress Filtering: Enabled Acceptable Frame Type: All Port 1/g1 is statically configured to: VLAN Name Egress rule ---- --------- ----------- VLAN0011 tagged IPv6 VLAN untagged VLAN0072...
Page 586 Port 1/g1 is member in: VLAN Name Egress rule Type ---- --------- ----------- ----- IP Telephony tagged Static Static configuration: PVID: 8 Ingress Filtering: Disabled Acceptable Frame Type: All Port 1/g2 is statically configured to: VLAN Name Egress rule ---- --------- ----------- VLAN0072...
Page 587: Show Port Protocol
Port 2/g19 is member in: VLAN Name Egress rule Type ---- --------- ----------- ----- 2921 Primary A untagged Static 2922 Community A1 untagged Static Static configuration: PVID: 2922 Ingress Filtering: Enabled Acceptable Frame Type: Untagged GVRP status: Disabled Port 2/g19 is member in: VLAN Name Egress rule...
Page 588: Show Switchport Protected
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the Protocol-Based VLAN information for either the entire system. console#show port protocol all Group Group Name Protocol(s...
Page 589: Show Vlan
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example identifies test as the protected group. console#show switchport protected 0 Name......... test show vlan Use the show vlan command in Privileged EXEC mode to display VLAN information.
Page 590: Show Vlan Association Mac
VLAN Name Ports Type Authorization -------- --------------- ------ ----- ------ -------- default 1/g1-1/g2 Other Required 2/g1-1/g4 VLAN0010 1/g3-1/g4 dynamic Required VLAN0011 1/g1-1/g2 static Required VLAN0020 1/g3-1/g4 static Required VLAN0021 static Required VLAN0030 static Required VLAN0031 static Required VLAN0011 1/g1-1/g2 static Required 3964 Guest VLAN...
Page 591: Show Vlan Association Subnet
User Guidelines This command has no user guidelines. Example The following example shows no entry in MAC address to VLAN cross- reference. console#show vlan association mac MAC Address VLAN ID ----------------------- ------- 0001.0001.0001.0001 console# show vlan association subnet Use the show vlan association subnet command in Privileged EXEC mode to display the VLAN associated with a specific configured IP-Address and netmask.
Page 592: Switchport Access Vlan
Example The following example shows the case if no IP Subnet to VLAN association exists. console#show vlan association subnet IP Address IP Mask VLAN ID ---------------- ---------------- ------- The IP Subnet to VLAN association does not exist. switchport access vlan Use the switchport access vlan command in Interface Configuration mode to configure the VLAN ID when the interface is in access mode.
Page 593: Switchport Forbidden Vlan
console(config-if-1/g8)#switchport access vlan 23 switchport forbidden vlan Use the switchport forbidden vlan command in Interface Configuration mode to forbid adding specific VLANs to a port. To revert to allowing the addition of specific VLANs to the port, use the remove parameter of this command.
Page 594: Switchport General Acceptable-Frame-Type Tagged-Only
switchport general acceptable-frame-type tagged-only Use the switchport general acceptable-frame-type tagged-only command in Interface Configuration mode to discard untagged frames at ingress. To enable untagged frames at ingress, use the no form of this command. Syntax switchport general acceptable-frame-type tagged-only no switchport general acceptable-frame-type tagged-only Default Configuration All frame types are accepted at ingress.
Page 595: Switchport General Ingress-Filtering Disable
vlan-list — List of VLAN IDs to add. Separate nonconsecutive VLAN • IDs with a comma and no spaces. Use a hyphen to designate a range of IDs. vlan-list — List of VLAN IDs to remove. Separate nonconsecutive remove • VLAN IDs with a comma and no spaces.
Page 596: Switchport General Pvid
no switchport general ingress-filtering disable Default Configuration Ingress filtering is enabled. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines This command has no user guidelines. Example The following example shows how to enables port ingress filtering on 1/g8. console(config)#interface ethernet 1/g8 console(config-if-1/g8)#switchport general ingress- filtering disable switchport general pvid...
Page 597: Switchport Mode
Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines This command has no user guidelines. Example The following example shows how to configure the PVID for 1/g8, when the interface is in general mode. console(config)#interface ethernet 1/g8 console(config-if-1/g8)#switchport general pvid 234 switchport mode Use the switchport mode command in Interface Configuration mode to configure the VLAN membership mode of a port.
Page 598: Switchport Protected
Default Configuration The default for this command is access. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines This command has no user guidelines. Example The following example configures 1/g8 to access mode. console(config)#interface ethernet 1/g8 console(config-if-1/g8)#switchport mode access switchport protected Use the switchport protected command in Interface Configuration mode to groupid configure a protected port.
Page 599: Switchport Protected Name
Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example The following example configures Ethernet port 1/g1 as a member of protected group 1. console(config)#interface ethernet 1/g1 console(config-if-1/g1)#switchport protected 1 switchport protected name Use the switchport protected name command in Global Configuration mode to adds the port to the protected group 1 and also sets the group name to "protected".
Page 600: Switchport Trunk Allowed Vlan
Example The following example assigns the name "protected" to group 1. console(config-if-1/g1)#switchport protected 1 name protected switchport trunk allowed vlan Use the switchport trunk allowed vlan command in Interface Configuration mode to add VLANs to or remove VLANs from a trunk port. Syntax vlan-list vlan-list...
Page 601: Vlan Association Mac
vlan Use the vlan command in VLAN Database mode to configure a VLAN. To delete a VLAN, use the no form of this command. Syntax vlan-range vlan vlan-range no vlan vlan-range — A list of valid VLAN IDs to be added. List separate, non- •...
Page 602: Vlan Association Subnet
Syntax mac-address vlanid vlan association mac mac-address no vlan association mac mac-address — MAC address to associate. (Range: Any MAC address in the format xxxx.xxxx.xxxx) vlanid — VLAN to associate with subnet. (Range: 1-4093) Default Configuration No assigned MAC address. Command Mode VLAN Database mode User Guidelines...
Page 603: Vlan Database
Default Configuration No assigned ip-subnet. Command Mode VLAN Database mode User Guidelines This command has no user guidelines. Example The following example associates IP address with VLAN ID 100. console(config-vlan)#vlan association subnet 192.245.23.45 255.255.255.0 100 vlan database Use the vlan database command in Global Configuration mode to enter the VLAN database configuration mode.
Page 604: Vlan Makestatic
console(config-vlan)# vlan makestatic This command changes a dynamically created VLAN (one that is created by GVRP registration) to a static VLAN (one that is permanently configured and defined). The ID is a valid VLAN identification number. VLAN range is 2- 4093.
Page 605 If multiple vlan protocol groups are created, deletes one of the groupd, and then saves the configuration, the older implementation of this command resulted incorrectly applying the groupids on reload. So, the existing command vlan protocol group <groupname> is updated to vlan protocol group <groupid>...
Page 606 adding a protocol to a group causes any conflicts with interfaces currently associated with the group, this command fails and the protocol is not added to the group. To remove the protocol from the protocol-based VLAN group identified by groupid , use the no form of this command.
Page 607: Vlan Routing
Syntax groupid > < groupName > vlan protocol group name < groupid > no vlan protocol group name < groupid —The protocol-based VLAN group ID, which is automatically • generated when you create a protocol-based VLAN group with the vlan protocol group command.
Page 608 Syntax vlan routing [ index | vlanid — Valid VLAN ID (Range 1–4093). • index — Internal interface ID. This optional parameter is listed in the • configuration file for all VLAN routing interfaces. When a nonstop forwarding failover occurs, this information enables the system to correlate checkpointed state information with the proper interfaces and their configuration.
Page 609 User Guidelines This command has no user guidelines. Example The following example displays the removal of the protocol-based VLAN group identified as "2." console(config)#vlan protocol group remove 2 VLAN Commands...
Page 610 VLAN Commands...
Page 611 Voice VLAN Commands This chapter explains the following commands: • voice vlan • voice vlan (Interface) • voice vlan data priority • show voice vlan Voice VLAN Commands...
Page 612 voice vlan This command is used to enable the voice vlan capability on the switch. Syntax voice vlan no voice vlan Parameter Ranges Not applicable Command Mode Global Configuration Usage Guidelines Not applicable Default Value This feature is disabled by default. Example console(config)#voice vlan console(config)#no voice vlan...
Page 613 trust • Trust the dot1p priority or DSCP values contained in packets — arriving on the voice vlan port. • untrust Do not trust the dot1p priority or DSCP values contained in — packets arriving on the voice vlan port. •...
Page 614 Command Mode Interface Configuration Default Value trust Example console(config-if-1/g1)#voice vlan data priority untrust console(config-if-1/g1)#voice vlan data priority trust show voice vlan unit/port show voice vlan [interface {< > |all}] Syntax When the interface parameter is not specified, only the global mode of the voice VLAN is displayed.
Page 615 Interface..........1/g1 Voice VLAN Interface Mode....Enabled Voice VLAN ID......... Voice VLAN COS Override....False Voice VLAN Port Status.....Disabled Voice VLAN Commands...
Page 616 Voice VLAN Commands...
Page 617 802.1x Commands This chapter explains the following commands: • dot1x mac-auth-bypass • dot1x max-req • dot1x max-users • dot1x port-control • dot1x re-authenticate • dot1x re-authentication • dot1x system-auth-control • dot1x timeout guest-vlan-period • dot1x timeout quiet-period • dot1x timeout re-authperiod •...
Page 618 802.1x Option 81 • radius-server attribute 4 802.1x Commands...
Page 619 dot1x mac-auth-bypass Use the dot1x mab-enable command to enable MAB on an interface. Use the “no” form of this command to disable MAB on an interface. Syntax dot1x mac-auth-bypass no dot1x mac-auth-bypass Default Configuration MAC Authentication Bypass is disabled by default. Command Mode Interface Configuration (Ethernet) mode User Guidelines...
Page 620 Default Configuration count The default value for the parameter is 2. Command Mode Interface Configuration (Ethernet) mode User Guidelines Change the default value of this command only to adjust for unusual circumstances, such as unreliable links or specific behavioral problems with certain clients and authentication servers.
Page 621 Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example The following command limits the number of devices that can authenticate on port 1/g2 to 3. console(config-if-1/g2)#dot1x max-users 3 dot1x port-control Use the dot1x port-control command in Interface Configuration mode to enable the IEEE 802.1X operation on the port.
Page 622 Default Configuration The default configuration is auto. Command Mode Interface Configuration (Ethernet) mode User Guidelines It is recommended that you disable the spanning tree or enable spanning-tree PortFast mode on 802.1x edge ports (ports in auto state that are connected to end stations), in order to go immediately to the forwarding state after successful authentication.
Page 623 User Guidelines This command has no user guidelines. Example The following command manually initiates a re-authentication of the 802.1x- enabled port. console# dot1x re-authenticate ethernet 1/g16 dot1x re-authentication Use the dot1x re-authentication command in Interface Configuration mode to enable periodic re-authentication of the client. To return to the default setting, use the no form of this command.
Page 624 dot1x system-auth-control Use the dot1x system-auth-control command in Global Configuration mode to enable 802.1x globally. To disable 802.1x globally, use the no form of this command. Syntax dot1x system-auth-control no dot1x system-auth-control Default Configuration The default for this command is disabled. Command Mode Global Configuration mode User Guidelines...
Page 625 Default Configuration The switch remains in the quiet state for 90 seconds. Command Mode Interface Configuration (Ethernet) mode User Guidelines It is recommended that the user set the dot1x timeout guest-vlan-period to at least three times the while timer, so that at least three EAP Requests are sent, before assuming that the client is a dot1x unaware client.
Page 626 Command Mode Interface Configuration (Ethernet) mode User Guidelines During the quiet period, the switch does not accept or initiate any authentication requests. Change the default value of this command only to adjust for unusual circumstances, such as unreliable links or specific behavioral problems with certain clients and authentication servers.
Page 627 Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example The following example sets the number of seconds between re-authentication attempts to 300. console(config)# interface ethernet 1/g16 console(config-if-1/g16)# dot1x timeout re-authperiod dot1x timeout server-timeout Use the dot1x timeout server-timeout command in Interface Configuration mode to set the time that the switch waits for a response from the authentication server.
Page 628: Dot1X Timeout Supp-Timeout
User Guidelines The actual timeout is this parameter or the product of the Radius transmission times the Radius timeout, whichever is smaller Example The following example sets the time for the retransmission to the authentication server to 3600 seconds. console(config-if-1/g1)# dot1x timeout server-timeout 3600 dot1x timeout supp-timeout Use the dot1x timeout supp-timeout command in Interface Configuration...
Page 629: Dot1X Timeout Tx-Period
Example The following example sets the time for the retransmission of an EAP-request frame to the client to 3600 seconds. console(config-if-1/g1)# dot1x timeout supp-timeout 3600 dot1x timeout tx-period Use the dot1x timeout tx-period command in Interface Configuration mode to set the number of seconds that the switch waits for a response to an Extensible Authentication Protocol (EAP)-request/identity frame from the client before resending the request.
Page 630: Show Dot1X
Example The following command sets the number of seconds that the switch waits for a response to an EAP-request/identity frame to 3600 seconds. console(config)# interface ethernet 1/g16 console(config-if-1/g16)# dot1x timeout tx-period 3600 show dot1x Use the show dot1x command in Privileged EXEC mode to display 802.1X status for the switch or for the specified interface.
Page 631 Port Admin Oper Reauth Reauth Mode Mode Control Period ------- ------------------ ------------ -------- --------- 1/g8 auto Authorized FALSE 3600 User Name........Clark Quiet Period........60 Transmit Period........ 30 Maximum Requests....... 2 Max Users........16 VLAN Assigned........Supplicant Timeout......30 Server Timeout (secs)......30 Authenticator PAE State......
Page 632 Field Description Port The port number. Admin mode The port admin mode. Possible values are: Force-auth, Force-unauth, Auto, and mac-based. Oper mode The control mode under which this port is operating. Possible values are: Authorized or Unauthorized. Reauth Control Indicates whether re-authentication is enabled on this port.
Page 633: Show Dot1X Clients
Field Description Supplicant Timeout The timer used by the authenticator state machine on this port to timeout the supplicant. The value is expressed in seconds and will be in the range of 1 and 65535. Server timeout Time in seconds the switch waits for a response from the authentication server before resending the request.
Page 634 Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays information about the 802.1x clients authenticated on port 1/g9. console#show dot1x clients ethernet 1/g9 Interface........
Page 635: Show Dot1X Ethernet
VLAN Assigned........1 The following table describes the significant fields shown in the display: Field Description Interface The port number. Username The username representing the identity of the Supplicant. This field shows the username when the port control is auto or mac-based. If the port is Authorized, it shows the username of the current user.
Page 636: Privileged Exec Mode
Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show dot1x ethernet 1/g1 Administrative Mode....Disabled Port Admin Oper Reauth Reauth Mode Mode Control Period -------...
Page 637: Show Dot1X Statistics
show dot1x statistics Use the show dot1x statistics command in Privileged EXEC mode to display 802.1x statistics for the specified interface. Syntax interface show dot1x statistics ethernet interface — Ethernet port name. The full syntax is unit/port . • Default Configuration This command has no default configuration.
Page 638 EAP Response Frames Received....0 EAP Request/Id Frames Transmitted....0 EAP Request Frames Transmitted....0 Invalid EAPOL Frames Received....0 EAPOL Length Error Frames Received..... 0 The following table describes the significant fields shown in the display. Field Description EapolFramesRx The number of valid EAPOL frames of any type that have been received by this Authenticator.
Page 639: Show Dot1X Users
Field Description LastEapolFrameVersion The protocol version number carried in the most recently received EAPOL frame. LastEapolFrameSource The source MAC address carried in the most recently received EAPOL frame. show dot1x users Use the show dot1x users command in Privileged EXEC mode to display 802.1x authenticated users for the switch.
Page 640: Dot1X Guest-Vlan
Port Username --------- --------- 1/g1 The following table describes the significant fields shown in the display: Field Description Username The username representing the identity of the Supplicant. Port The port that the user is using. 802.1x Advanced Features dot1x guest-vlan Use the dot1x guest-vlan command in Interface Configuration mode to set the guest VLAN on a port.
Page 641: Dot1X Unauth-Vlan
Example The following example sets the guest VLAN on port 1/g2 to VLAN 10. console(config-if-1/g2)#dot1x guest-vlan 10 dot1x unauth-vlan Use the dot1x unauth-vlan command in Interface Configuration mode to specify the unauthenticated VLAN on a port. The unauthenticated VLAN is the VLAN to which supplicants that fail 802.1X authentication are assigned.
Page 642 Multiple Hosts column and add an Unauthenticated VLAN column, which indicates whether an unauthenticated VLAN is configured on a port. The command has also been updated to show the Guest VLAN ID (instead of the status) since it is now configurable per port. Syntax interface show dot1x advanced [ethernet...
Page 643 console#show dot1x advanced ethernet 1/g2 Port Guest Unauthenticated VLAN Vlan --------- --------- --------------- 1/g2 802.1x Commands...
Page 644: Radius-Server Attribute 4
802.1x Option 81 radius-server attribute 4 Use the radius-server attribute 4 command in Global Configuration mode to set the network access server (NAS) IP address for the RADIUS server. Use the no version of the command to set the value to the default. Syntax ip-address radius-server attribute 4...
Page 645: Layer 3 Commands
Layer 3 Commands Introduction The chapters that follow describe commands that conform to the OSI model’s Network Layer (Layer 3). Layer 3 commands perform a series of exchanges over various data links to deliver data between any two nodes in a network. These commands define the addressing and routing structure of the Internet.
Page 646: Arp Commands
• PIM-SM Commands • Router Discovery Protocol Commands • Routing Information Protocol Commands • Tunnel Interface Commands • Virtual LAN Routing Commands • Virtual Router Redundancy Protocol Commands ARP Commands This chapter explains the following commands: • • arp cachesize •...
Page 647: Arp Cachesize
Use the arp command in Global Configuration mode to create an Address Resolution Protocol (ARP) entry. Use the no form of the command to remove the entry. Syntax ip-address mac-address ip-address no arp ip-address — IP address of a device on a subnet attached to an existing •...
Page 648: Arp Dynamicrenew
Syntax integer arp cachesize no arp cachesize integer — Maximum number of ARP entries in the cache. (Range: • 256–1024) Default Configuration The default integer value is 896. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example defines an arp cachesize of 500.
Page 649: Arp Purge
Command Mode Global Configuration mode User Guidelines When an ARP entry reaches its maximum age, the system must decide whether to retain or delete the entry. If the entry has recently been used to forward data packets, the system will renew the entry by sending an ARP request to the neighbor.
Page 650: Arp Resptime
Syntax ip-address arp purge ip-address — The IP address to be removed from ARP cache. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example removes the specified IP address from arp cache. console#arp purge 192.168.1.10 arp resptime Use the arp resptime command in Global Configuration mode to configure...
Page 651: Arp Retries
User Guidelines This command has no user guidelines. Example The following example defines a response timeout of 5 seconds. console(config)#arp resptime 5 arp retries Use the arp retries command in Global Configuration mode to configure the ARP count of maximum requests for retries. To return to the default value, use the no form of this command.
Page 652: Arp Timeout
arp timeout Use the arp timeout command in Global Configuration mode to configure the ARP entry ageout time. Use the no form of the command to set the ageout time to the default. Syntax integer arp timeout no arp timeout integer —...
Page 653 Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example clears all entries ARP of type dynamic, including gateway, from ARP cache. console#clear arp-cache gateway clear arp-cache management Use the clear arp-cache management command to clear all entries from the ARP cache learned from the management port.
Page 654 ip proxy-arp Use the ip proxy-arp command in Interface Configuration mode to enable proxy ARP on a router interface. Without proxy ARP , a device only responds to an ARP request if the target IP address is an address configured on the interface where the ARP request arrived.
Page 655 Syntax show arp [brief] [switch] • brief — Display ARP parameters and cache. • switch — Display ARP cache for the switch. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example shows show arp command output.
Page 656 IP Address Address Interface Type ---------- ---------------- ------------- ------- ----------- console# ARP Commands...
Page 657 DHCP and BOOTP Relay Commands This chapter explains the following commands: • bootpdhcprelay cidridoptmode • bootpdhcprelay maxhopcount • bootpdhcprelay minwaittime • show bootpdhcprelay DHCP and BOOTP Relay Commands...
Page 658 bootpdhcprelay cidridoptmode Use the bootpdhcprelay cidridoptmode command in Global Configuration mode to enable the circuit ID option and remote agent ID mode for BootP/DHCP Relay on the system. Use the no form of the command to disable the circuit ID option and remote agent ID mode for BootP/DHCP Relay.
Page 659 bootpdhcprelay maxhopcount Use the bootpdhcprelay maxhopcount command in Global Configuration mode to configure the maximum allowable relay agent hops for BootP/DHCP Relay on the system. Use the no form of the command to set the maximum hop count to the default value. Syntax integer bootpdhcprelay maxhopcount...
Page 660: Bootpdhcprelay Cidridoptmode
Syntax integer bootpdhcprelay minwaittiime no bootpdhcprelay minshoshow arpshow arpwshshow arposhow arpwshoshow arpwshow arp arp arp ashow arprpwaittime integer — Minimum wait time for BootP/DHCP Relay on the system. • (Range: 0-100 seconds) Default Configuration integer 0 is the default configuration. Command Mode Global Configuration mode User Guidelines...
Page 661 Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example enables the circuit ID and remote agent ID options. console(config)#bootpdhcprelay cidridoptmode Circuit Id and Remote Agent Id Mode set Successfully. show bootpdhcprelay Use the show bootpdhcprelay command in User EXEC mode to display the BootP/DHCP Relay information.
Page 662 Example The following example defines the Boot/DHCP Relay information. console#show bootpdhcprelay Maximum Hop Count......4 Minimum Wait Time(Seconds)..... 0 Circuit Id Option Mode......Disable DHCP and BOOTP Relay Commands...
Page 663 DHCPv6 Commands This chapter explains the following commands: • clear ipv6 dhcp • dns-server • domain-name • ipv6 dhcp pool • ipv6 dhcp relay • ipv6 dhcp relay-agent-info-opt • ipv6 dhcp relay-agent-info-remote-id-subopt • ipv6 dhcp server • prefix-delegation • service dhcpv6 •...
Page 664 clear ipv6 dhcp Use the clear ipv6 dhcp command in Privileged EXEC mode to clear DHCPv6 statistics for all interfaces or for a specific interface. Syntax vlan-id clear ipv6 dhcp {statistics | interface vlan statistics} vlan-id — Valid VLAN ID. •...
Page 665 Default Configuration This command has no default configuration. Command Mode IPv6 DHCP Pool Configuration mode User Guidelines DHCPv6 pool can have multiple number of domain names with maximum of Example The following example sets the ipv6 DNS server address of 2020:1::1, which is provided to a DHCPv6 client by the DHCPv6 server.
Page 666 User Guidelines DHCPv6 pool can have multiple number of domain names with maximum of Example The following example sets the DNS domain name "test", which is provided to a DHCPv6 client by the DHCPv6 server. console(config)#ipv6 dhcp pool addrpool console(config-dhcp6s-pool)#domain-name test console(config-dhcp6s-pool)#no domain-name test ipv6 dhcp pool Use the ipv6 dhcp pool command in Global Configuration mode to enter...
Page 667 Example The following example enters IPv6 DHCP Pool Configuration mode. console(config)#ipv6 dhcp pool addrpool console(config-dhcp6s-pool)# ipv6 dhcp relay Use the ipv6 dhcp relay command in Interface Configuration mode to configure an interface for DHCPv6 relay functionality. Syntax relay-address vlan-id ipv6 dhcp relay {destination [interface vlan ] | interface vlan-id...
Page 668 User Guidelines relay-address relay-interface is an IPv6 global address, then is not required. relay-address relay-interface is a link-local or multicast address, then relay-address required. Finally, a value for is not specified, then a value for relay-interface must be specified and the DHCPV6-ALLAGENTS multicast address (i.e.
Page 669 Example The following example configures the number 100 to represent the DHCPv6 Relay Agent Information Option. console(config)#ipv6 dhcp relay-agent-info-opt 100 ipv6 dhcp relay-agent-info-remote-id-subopt Use the ipv6 dhcp relay-agent-info-remote-id-subopt command in Global Configuration mode to configure a number to represent the DHCPv6 the “remote-id”...
Page 670 Syntax pool-name pref-value ipv6 dhcp server [rapid-commit] [preference pool-name — The name of the DHCPv6 pool containing stateless and/or • prefix delegation parameters • rapid-commit — Is an option that allows for an abbreviated exchange between the client and server. pref-value —...
Page 671 DUID — Client DUID (e.g. 00:01:00:09:f8:79:4e:00:04:76:73:43:76'). • hostname — Client hostname used for logging and tracing. (Range: 0-31 • characters.) valid-lifetime — Valid lifetime for delegated prefix. (Range: 0-4294967295 • seconds) preferred-lifetime — Preferred lifetime for delegated prefix. (Range: 0- •...
Page 672: Show Ipv6 Dhcp
Default Configuration Enabled is the default state. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example enables DHCPv6 globally. console#configure console(config)#service dhcpv6 console(config)#no service dhcpv6 show ipv6 dhcp Use the show ipv6 dhcp command in Privileged EXEC mode to display the DHCPv6 server name and status.
Page 673: Show Ipv6 Dhcp Binding
Example The following example displays the DHCPv6 server name and status. console#show ipv6 dhcp DHCPv6 is disabled Server DUID: show ipv6 dhcp binding Use the show ipv6 dhcp binding command in Privileged EXEC mode to display the configured DHCP pool. Syntax ipv6-addr show ipv6 dhcp binding [...
Page 674: Show Ipv6 Dhcp Interface
show ipv6 dhcp interface Use the show ipv6 dhcp interface command in User EXEC mode to display DHCPv6 information for all relevant interfaces or a specified interface. If an interface is specified, the optional statistics parameter is available to view statistics for the specified interface.
Page 675 Option Flags........console> show ipv6 dhcp interface vlan 11 statistics DHCPv6 Interface vlan11 Statistics ------------------------------------ DHCPv6 Solicit Packets Received....0 DHCPv6 Request Packets Received....0 DHCPv6 Confirm Packets Received....0 DHCPv6 Renew Packets Received....0 DHCPv6 Rebind Packets Received....0 DHCPv6 Release Packets Received....
Page 676: Show Ipv6 Dhcp Pool
show ipv6 dhcp pool Use the show ipv6 dhcp pool command in Privileged EXEC mode to display the configured DHCP pool. Syntax pool-name show ipv6 dhcp pool pool-name — Name of the pool. (Range: 1-32 characters) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 677 Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the DHCPv6 server name and status. console> show ipv6 dhcp statistics DHCPv6 Interface Global Statistics ------------------------------------ DHCPv6 Solicit Packets Received....0 DHCPv6 Request Packets Received....0 DHCPv6 Confirm Packets Received....
Page 678 DHCPv6 Relay-forward Packets Transmitted..0 Total DHCPv6 Packets Transmitted....0 DHCPv6 Commands...
Page 679: Dvmrp Commands
DVMRP Commands This chapter explains the following commands: • ip dvmrp • ip dvmrp metric • ip dvmrp trapflags • show ip dvmrp • show ip dvmrp interface • show ip dvmrp neighbor • show ip dvmrp nexthop • show ip dvmrp prune •...
Page 680: Ip Dvmrp Metric
ip dvmrp Use the ip dvmrp command to set the administrative mode of DVMRP in the router to active. IGMP must be enabled before DVMRP can be enabled. Syntax ip dvmrp no ip dvmrp Default Configuration Disabled is the default configuration. Command Mode Global Configuration Interface Configuration (VLAN) mode...
Page 681: Ip Dvmrp Trapflags
Default Configuration 1 the default value. Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example configures a metric of 5 for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip dvmrp metric 5 ip dvmrp trapflags Use the ip dvmrp trapflags command in Global Configuration mode to enable the DVMRP trap mode.
Page 682: Show Ip Dvmrp
console(config)#ip dvmrp trapflags console(config)#no ip dvmrp trapflags show ip dvmrp Use the show ip dvmrp command in Privileged EXEC mode to display the system-wide information for DVMRP . Syntax show ip dvmrp Default Configuration This command has no default condition. Command Mode Privileged EXEC mode User Guidelines...
Page 683: Show Ip Dvmrp Interface
show ip dvmrp interface Use the show ip dvmrp interface command in Privileged EXEC mode to display the interface information for DVMRP on the specified interface. Syntax vlan-id show ip dvmrp interface vlan vlan-id — Valid VLAN ID. • Default Configuration This command has no default condition.
Page 684: Show Ip Dvmrp Nexthop
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the neighbor information for DVMRP. console(config)#show ip dvmrp neighbor No neighbors available. show ip dvmrp nexthop Use the show ip dvmrp nexthop command in Privileged EXEC mode to display the next hop information on outgoing interfaces for routing multicast datagrams.
Page 685: Show Ip Dvmrp Prune
Source IP Source Mask Interface Type -------------- -------------- --------- ------ show ip dvmrp prune Use the show ip dvmrp prune command in Privileged EXEC mode to display the table that lists the router’s upstream prune information. Syntax show ip dvmrp prune Default Configuration This command has no default condition.
Page 686 Syntax show ip dvmrp route Default Configuration This command has no default condition. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the multicast routing information for DVMRP. console#show ip dvmrp route Upstream Expiry Up Time...
Page 687: Igmp Commands
IGMP Commands This chapter explains the following commands: • ip igmp • ip igmp last-member-query-count • ip igmp last-member-query-interval • ip igmp query-interval • ip igmp query-max-response-time • ip igmp robustness • ip igmp startup-query-count • ip igmp startup-query-interval • ip igmp version •...
Page 688: Ip Igmp Last-Member-Query-Count
ip igmp Use the ip igmp command in Global Configuration mode to set the administrative mode of IGMP in the system to active. Syntax ip igmp no ip igmp Default Configuration Disabled is the default state. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
Page 689: Ip Igmp Last-Member-Query-Interval
Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example sets 10 as the number of VLAN 2 Group-Specific Queries. console#configure console(config)#interface vlan 2 console(config-if-vlan2)#ip igmp last-member-query- count 10 console(config-if-vlan2)#no ip igmp last-member- query-count ip igmp last-member-query-interval Use the ip igmp last-member-query-interval command in Interface...
Page 690: Ip Igmp Query-Interval
User Guidelines This command has no user guidelines. Example The following example configures 2 seconds as the Maximum Response Time inserted in VLAN 15’s Group-Specific Queries. console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp last-member-query- interval 20 ip igmp query-interval Use the ip igmp query-interval command in Interface Configuration mode to configure the query interval for the specified interface.
Page 691: Ip Igmp Query-Max-Response-Time
console(config-if-vlan15)#ip igmp query-interval 10 ip igmp query-max-response-time Use the ip igmp query-max-response-time command in Internet Configuration mode to configure the maximum response time interval for the specified interface. It is the maximum query response time advertised in IGMPv2 queries on this interface. The time interval is specified in tenths of a second.
Page 692: Ip Igmp Robustness
ip igmp robustness Use the ip igmp robustness command in Interface Configuration mode to configure the robustness that allows tuning of the interface, that is, tuning for the expected packet loss on a subnet. If a subnet is expected to have significant loss, the robustness variable may be increased for the interface.
Page 693 no ip igmp startup-query-count count — The number of startup queries. (Range: 1-20) • Default Configuration The default count value is 2. Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example sets for VLAN 15 the number of queries sent out on startup at 10.
Page 694 Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example sets at 10 seconds the interval between general queries sent at startup for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp startup-query- interval 10 ip igmp version Use the ip igmp version command in Interface Configuration mode to configure the version of IGMP for an interface.
Page 695 console(config-if-vlan15)#ip igmp version 2 show ip igmp Use the show ip igmp command in Privileged EXEC mode to display system- wide IGMP information. Syntax show ip igmp Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Page 696 show ip igmp groups Use the show ip igmp groups command in Privileged EXEC mode to display the registered multicast groups on the interface. If detail is specified, this command displays the registered multicast groups on the interface in detail. Syntax vlanid show ip igmp groups interface vlan...
Page 697 show ip igmp interface Use the show ip igmp interface command in Privileged EXEC mode to display the IGMP information for the specified interface. Syntax vlan-id show ip igmp interface vlan vlan-id — Valid VLAN ID • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 698 Last Member Query Interval (1/10 of a second).. 10 Last Member Query Count......2 show ip igmp interface membership Use the show ip igmp interface membership command in Privileged EXEC mode to display the list of interfaces that have registered in the multicast group.
Page 699 --------- --------------- ------------ ------------ ------------- console(config)#show ip igmp interface membership 224.5.5.5 detail IGMP INTERFACE DETAILED MEMBERSHIP INFO Interface Group Compat Source Filter Source Hosts Expiry Time Mode Mode ---------- ------------- -------------- ------------- - ------------ show ip igmp interface stats Use the show ip igmp interface stats command in User EXEC mode to display the IGMP statistical information for the interface.
Page 700 Examples The following example displays the IGMP statistical information for VLAN 7. console#show ip igmp interface stats vlan 7 Querier Status......... Querier Querier IP Address......7.7.7.7 Querier Up Time (secs) ......55372 Querier Expiry Time (secs) ....0 Wrong Version Queries......0 Number of Joins........
Page 701 IGMP Proxy Commands This chapter explains the following commands: • ip igmp-proxy • ip igmp-proxy reset-status • ip igmp-proxy unsolicited-report-interval • show ip igmp-proxy • show ip igmp-proxy interface • show ip igmp-proxy groups • show ip igmp-proxy groups detail IGMP Proxy Commands...
Page 702 ip igmp-proxy Use the ip igmp-proxy command in Interface Configuration mode to enable the IGMP Proxy on the router. To enable the IGMP Proxy on the router, multicast forwarding must be enabled and there must be no multicast routing protocols enabled on the router. Syntax ip igmp-proxy no ip igmp-proxy...
Page 703 Default Configuration This command has no default configuration. Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example resets the host interface status parameters of the IGMP Proxy router. console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp-proxy reset-status ip igmp-proxy unsolicited-report-interval Use the ip igmp-proxy unsolicited-report-interval command in Interface...
Page 704 Example The following example sets 10 seconds as the unsolicited report interval for the IGMP Proxy router. console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp-proxy unsolicited- report-interval 10 show ip igmp-proxy Use the show ip igmp-proxy command in Privileged EXEC mode to display a summary of the host interface status parameters.
Page 705 Operational Mode....... Enable Version........3 Number of Multicast Groups..... 0 Unsolicited Report Interval....1 Querier IP Address on Proxy Interface..0.0.0.0 Older Version 1 Querier Timeout....0 Older Version 2 Querier Timeout....0 Proxy Start Frequency......1 show ip igmp-proxy interface Use the show ip igmp-proxy interface command in Privileged EXEC mode to display a detailed list of the host interface status parameters.
Page 706 Interface Index........ vlan13 Query Rcvd Report Rcvd Report Sent Leave Rcvd Leave Sent ----------------------------------------------------- ------------ ----- ----- ----- ----- show ip igmp-proxy groups Use the show ip igmp-proxy groups command in Privileged EXEC mode to display a table of information about multicast groups that IGMP Proxy reported.
Page 707 console#show ip igmp-proxy groups Interface Index........ vlan13 Group Address Last Reporter Up Time Member State Filter Mode Sources ------------- --------------- ------- ------------ ---- ------- ------ 225.0.1.1 13.13.13.1 DELAY- MEMBER Exclude 225.0.1.2 13.13.13.1 DELAY- MEMBER Exclude show ip igmp-proxy groups detail Use the show ip igmp-proxy groups detail command in Privileged EXEC mode to display complete information about multicast groups that IGMP Proxy has reported.
Page 708 Group Address Last Reporter Up Time Member State Filter Mode Sources ------------- --------------- ------- ------------ ----------- ------- 225.0.1.1 13.13.13.1 DELAY- MEMBER Exclude 225.0.1.2 13.13.13.1 DELAY- MEMBER Exclude IGMP Proxy Commands...
Page 709 IP Helper Commands This chapter explains the following commands: • clear ip helper statistics • ip helper-address (global configuration) • ip helper-address (interface configuration) • ip helper enable • show ip helper-address • show ip helper statistics IP Helper Commands...
Page 710: Ip Helper-Address (Global Configuration)
clear ip helper statistics Use the clear ip helper statistics command to reset to 0 the statistics displayed in show ip helper statistics. Syntax clear ip helper statistics Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
Page 711 dest-udp-port — A destination UDP port number from 0 to 65535. • port-name — The destination UDP port may be optionally specified by its • name. Whether a port is specified by its number or its name has no effect on behavior.
Page 712: Ip Helper-Address (Interface Configuration)
To relay UDP packets received on any interface for all default ports (Table 4) to the server at 20.1.1.1, use the following commands: console#config console(config)#ip helper-address 20.1.1.1 ip helper-address (interface configuration) Use the ip helper-address (interface configuration) command to configure the relay of certain UDP broadcast packets received on a specific interface.
Page 713 Default Configuration No helper addresses are configured. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command can be invoked multiple times on routing interface, either to specify multiple server addresses for a given port number or to specify multiple port numbers handled by a specific server. The command no ip helper-address with no arguments clears all helper addresses on the interface.
Page 714 This command takes precedence over an ip helper- address command given in global configuration mode. With the following configuration, the relay agent relays DHCP packets received on any interface other than vlan 5 and vlan 6 to 192.168.40.1, relays DHCP and DNS packets received on vlan 5 to 192.168.40.2, relays SNMP traps (port 162) received on interface vlan 6 to 192.168.23.1, and drops DHCP packets...
Page 715: Show Ip Helper-Address
Default Configuration IP helper is enabled by default. Command Mode Global Configuration mode. User Guidelines This command can be used to temporarily disable IP helper without deleting all IP helper addresses. This command replaces the bootpdhcprelay enable command, but affects not only relay of DHCP packets, but also relay of any other protocols for which an IP helper address has been configured.
Page 716 Interface The relay configuration is applied to packets that arrive on this interface. This field is set to “any” for global IP helper entries. UDP Port The relay configuration is applied to packets whose destination UDP port is this port. Entries whose UDP port is identified as “any”...
Page 717 Syntax show ip helper statistics Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines Field descriptions: DHCP client The number of valid messages received from a DHCP client. messages received The count is only incremented if IP helper is enabled globally, the ingress routing interface is up, and the packet passes a number of validity checks, such as having a TTL >...
Page 718 DHCP message The number of DHCP client messages received with secs fields with secs field that are less than the minimum value. The minimum secs value below min is a configurable value and is displayed in show bootpdhcprelay. A log message is written for each such failure. The DHCP relay agent does not relay these packets.
Page 719: Ip Routing Commands
IP Routing Commands This chapter explains the following commands: • encapsulation • ip address • ip mtu • ip netdirbcast • ip route • ip route default • ip route distance • ip routing • routing • show ip brief •...
Page 720: Ip Address
encapsulation Use the encapsulation command in Interface Configuration mode to configure the link layer encapsulation type for the packet. Routed frames are always ethernet encapsulated when a frame is routed to a VLAN. Syntax encapsulation {ethernet | snap} • ethernet — Specifies Ethernet encapsulation. •...
Page 721 ip-address subnet-mask prefix-length no ip address } [ secondary ] ip-address — IP address of the interface. • subnet-mask — Subnet mask of the interface • prefix-length — Length of the prefix. Must be preceded by a forward slash • (/).
Page 722: Ip Netdirbcast
stack uses its default IP MTU and ignores the value set using the ip mtu command. OSPF advertises the IP MTU in the Database Description packets it sends to its neighbors during database exchange. If two OSPF neighbors advertise different IP MTUs, they will not form an adjacency (unless OSPF has been instructed to ignore differences in IP MTU with the ip ospf mtuignore command).
Page 723: Ip Route
no ip netdirbcast Default Configuration Disabled is the default configuration. Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example defines the IP address and subnet mask for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip netdirbcast ip route Use the ip route command in Global Configuration mode to configure a...
Page 724: Ip Route Default
prefix-length — Length of prefix. Must be preceded with a forward slash • (/). (Range: 0-32 bits) nextHopRtr — IP address of the next hop router. • preference — Specifies the preference value, a.k.a. administrative distance, • of an individual static route. (Range: 1-255) Default Configuration Default value of preference is 1.
Page 725: Ip Route Distance
preference — Specifies the preference value, a.k.a administrative distance, • of an individual static route. (Range: 1-255) Default Configuration Default value of preference is 1. Command Mode Global Configuration mode User Guidelines For routed management traffic: 1 Router entries are checked for applicable destinations. 2 The globally assigned default-gateway is consulted.
Page 726: Ip Routing
integer no ip route distance integer — Specifies the distance (preference) of an individual static route. • (Range 1-255) Default Configuration Default value of distance is 1. Command Mode Global Configuration mode User Guidelines Lower route distance values are preferred when determining the best route. Example The following example sets the default route metric to 80.
Page 727: Routing
User Guidelines Use this command to globally enable IPv4 routing. Example console(config)#ip routing routing Use the routing command in Interface Configuration mode to enable IPv4 and IPv6 routing for an interface. View the current value for this function with the show ip brief command. The value is labeled Routing Mode in the output display.
Page 728: Show Ip Brief
show ip brief Use the show ip brief command in Privileged EXEC mode to display all the summary information of the IP. Syntax show ip brief Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Page 729 vlan-id — Valid VLAN ID • loopback-id — Valid loopback ID. (Range: 0-7) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Examples The following examples display all IP information and information specific to VLAN 15.
Page 730 ---------- --------------- --------------- -------- - ------- vlan1 192.168.10.10 255.255.255.0 Disable Disable vlan2 0.0.0.0 0.0.0.0 Enable Disable loopback2 0.0.0.0 0.0.0.0 Disable Disable console#show ip interface vlan 15 Primary IP Address......192.168.10.10/255.255.255.0 Secondary IP Address(es)....... 192.168.20.20/255.255.255.0 Routing Mode........Disable Administrative Mode......Disable Forward Net Directed Broadcasts....
Page 731: Show Ip Protocols
Encapsulation Type......Ethernet IP MTU......... 1500 show ip protocols Use the show ip protocols command in Privileged EXEC mode to display the parameters and current state of the active routing protocols. Syntax show ip protocols Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 732: Show Ip Route
Interface Send Receive Key-chain -------- --------- ----------- ---------- 176.1.1.1 1 1 flowers 176.2.1.1 passive 2 Routing Information Sources: Gateway Last Update 176.1.1.2 0:00:17 Preference: 60 Routing Protocol is "ospf" Redistributing: OSPF, External direct, Static, RIP Interfaces: Interface Metric Key-chain -------- --------- ----------- ---------- 176.1.1.1 10 flowers 176.2.1.1 1 Routing Information Sources:...
Page 733 protocol — Specifies the protocol that installed the routes. (Range: • connected, ospf, rip static) ip-address — Specifies the network for which the route is to be displayed • and displays the best matching best-route for the address. subnet-mask — Subnet mask of the IP address. •...
Page 734: Show Ip Route Preferences
show ip route preferences Use the show ip route preferences command in Privileged EXEC mode displays detailed information about the route preferences. Route preferences are used in determining the best route. Lower router preference values are preferred over higher router preference values. Syntax show ip route preferences Default Configuration...
Page 735: Show Ip Route Summary
show ip route summary Use the show ip route summary command in Privileged EXEC mode to display the routing table summary. Syntax show ip route summary [all] • all — Shows the number of all routes, including best and non-best routes. To include only the number of best routes, do not use this optional parameter.
Page 736: Show Ip Stats
show ip stats Use the show ip stats command in User EXEC mode to display IP statistical information. Refer to RFC 1213 for more information about the fields that are displayed. Syntax show ip stats Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines...
Page 737 IpReasmTimeout......... 0 IpReasmReqds........0 IpReasmOKs........0 IpReasmFails........0 IpFragOKs........0 IpFragFails........0 IpFragCreates........0 IpRoutingDiscards......0 IcmpInMsgs........3 IcmpInErrors........0 IcmpInDestUnreachs......0 IcmpInTimeExcds........ 0 IcmpInParmProbs........ 0 IcmpInSrcQuenchs....... 0 IcmpInRedirects........ 0 IcmpInEchos........3 IcmpInEchoReps......... 0 IcmpInTimestamps....... 0 IcmpInTimestampReps......0 IcmpInAddrMasks........ 0 IcmpInAddrMaskReps......
Page 738: Vlan Routing
IcmpOutSrcQuenchs......0 IcmpOutRedirects....... 0 IcmpOutEchoReps........ 3 IcmpOutTimestamps......0 IcmpOutTimestampReps......0 IcmpOutAddrMasks....... 0 vlan routing Use this command to enable routing on a VLAN. Use the “no” form of this command to disable routing on a VLAN. Syntax vlan routing vlanid [ index ] no vlan routing vlanid vlanid —...
Page 739: Ipv6 Mld Snooping Commands
IPv6 MLD Snooping Commands This chapter explains the following commands: • ipv6 mld snooping immediate-leave • ipv6 mld snooping groupmembership-interval • ipv6 mld snooping maxresponse • ipv6 mld snooping mcrtexpiretime • ipv6 mld snooping (Global) • ipv6 mld snooping (Interface) •...
Page 740 ipv6 mld snooping immediate-leave The ipv6 mld snooping immediate-leave command enables or disables MLD Snooping snooping immediate-leave admin mode on a selected interface or VLAN. Enabling fast-leave allows the switch to immediately remove the layer 2 LAN interface from its forwarding table entry upon receiving an MLD done message for that multicast group without first sending out MAC-based general queries to the interface.
Page 741: Ipv6 Mld Snooping Groupmembership-Interval
ipv6 mld snooping groupmembership-interval The ipv6 mld snooping groupmembership-interval command sets the MLD Group Membership Interval time on a VLAN or interface. The Group Membership Interval time is the amount of time in seconds that a switch waits for a report from a particular group on a particular interface before deleting the interface from the entry.
Page 742: Ipv6 Mld Snooping Mcrtexpiretime
interface because it did not receive a report for a particular group in that interface. This value must be less than the MLD Query Interval time value. The range is 1 to 3599 seconds. Syntax ipv6 mld snooping maxresponse [vlan-id] [seconds] no ipv6 mld snooping maxresponse [vlan-id] vlan_id —...
Page 743: Ipv6 Mld Snooping (Global)
vlan-id no ipv6 mld snooping mcrtexpiretime [ vlan_id — Specifies a VLAN ID value in VLAN Database mode. • seconds — multicast router present expiration time in seconds. (Range: • 1–3600) Default Configuration The default multicast router present expiration time is 300 seconds. Command Mode Interface Configuration mode.
Page 744: Ipv6 Mld Snooping (Vlan)
User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 mld snooping ipv6 mld snooping (Interface) The ipv6 mld snooping (Interface) command enables MLD Snooping on an interface. If an interface has MLD Snooping enabled and it becomes a member of a port-channel (LAG), MLD Snooping functionality is disabled on that interface.
Page 745: Show Ipv6 Mld Snooping
Syntax vlan-id ipv6 mld snooping vlan-id no ipv6 mld snooping vlan-id — Specifies a VLAN ID value. • Default Configuration MLD Snooping is disabled. Command Mode VLAN Database mode. User Guidelines There are no user guidelines for this command. Example console(config-vlan)#ipv6 mld snooping 1 show ipv6 mld snooping The show ipv6 mld snooping command displays MLD Snooping...
Page 746 User Guidelines This command has no user guidelines. Example With no optional arguments, the command displays the following information: • Admin Mode — Indicates whether or not MLD Snooping is active on the switch. • Interfaces Enabled for MLD Snooping — Interfaces on which MLD Snooping is enabled.
Page 747: Show Ipv6 Mld Snooping Groups
show ipv6 mld snooping groups The show ipv6 mld snooping groups command displays the MLD Snooping entries in the MFDB table. Syntax vlan-id ipv6-multicast- show ipv6 mld snooping groups [{vlan | address address vlan_id — Specifies a VLAN ID value. •...
Page 748 --------------------------------------------- Vlan Ipv6 Address Ports ---- ----------------------- ---------------------------- ------------ console#show ipv6 mld snooping groups vlan 2 Vlan Ipv6 Address Type Ports ---- ----------------------- ------- ------------------- ------------- 3333.0000.0004 Dynamic 1/g1,1/g3 3333.0000.0005 Dynamic 1/g1,1/g3 MLD Reporters that are forbidden statically: --------------------------------------------- Vlan Ipv6 Address Ports ----...
Page 749: Ipv6 Multicast Commands
IPv6 Multicast Commands This chapter explains the following commands: • ipv6 pimsm (Global config) • ipv6 pimsm (VLAN Interface config) • ipv6 pimsm bsr-border • ipv6 pimsm bsr-candidate • ipv6 pimsm dr-priority • ipv6 pimsm hello-interval • ipv6 pimsm join-prune-interval •...
Page 750: Ipv6 Pimsm (Vlan Interface Config)
ipv6 pimsm (Global config) Use the ipv6 pimsm command to administratively enable of PIMSM for IPv6 multicast routing. Use the "no" form of this command to disable PIMSM for IPv6. Syntax ipv6 pimsm no ipv6 pimsm Default Configuration IPv6 PIMSM is disabled on the router by default. Command Mode Global Configuration mode User Guidelines...
Page 751: Ipv6 Pimsm Bsr-Border
Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 pimsm ipv6 pimsm bsr-border Use the ipv6 pimsm bsr-border command to prevent bootstrap router (BSR) messages from being sent or received through an interface. Use the "no" form of this command to disable the interface from being the BSR border.
Page 752: Ipv6 Pimsm Bsr-Candidate
ipv6 pimsm bsr-candidate Use the ipv6 pimsm bsr-candidate command to configure the router to announce its candidacy as a bootstrap router (BSR). Use the "no" form of this command to stop the router from announcing its candidacy as a bootstrap router.
Page 753: Ipv6 Pimsm Dr-Priority
ipv6 pimsm dr-priority Use the ipv6 pimsm dr-priority command to set the priority value for which a router is elected as the designated router (DR). Use the "no" form of this command to set the priority to the default. Syntax priority ipv6 pimsm dr-priority no ipv6 pimsm dr-priority...
Page 754: Ipv6 Pimsm Join-Prune-Interval
Default Configuration The default hello interval is 30 seconds. Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 pimsm hello-interval 45 ipv6 pimsm join-prune-interval Use the ipv6 pimsm join-prune-interval command to configure the interface join/prune interval for the PIM-SM router.
Page 755: Ipv6 Pimsm Register-Threshold
Example console(config-if-vlan3)#ipv6 pimsm join-prune- interval 90 ipv6 pimsm register-threshold Use the ipv6 pimsm register-threshold command to configure the Register Threshold rate for the RP router to switch to the shortest path. Use the "no" form of this command to set the register threshold rate to the default. Syntax threshold ipv6 pimsm register-threshold...
Page 756: Ipv6 Pimsm Rp-Candidate
Syntax rp-address group-address/prefixlength ipv6 pimsm rp-address [ override ] no ipv6 pimsm rp-address rp-address — An RP address. • group-address —The group address to display. • prefixlength —This parameter specifies the prefix length of the IP address • for the media gateway. (Range: 1–32) Default Configuration There are no static RP addresses configured by default.
Page 757: Ipv6 Pimsm Spt-Threshold
• prefixlength—This parameter specifies the prefix length of the IP address for the media gateway. (Range: 1–32) Default Configuration The router does not advertise itself as a PIM candidate rendezvous point by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
Page 758: Ipv6 Pimsm Ssm
User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 pimsm spt-threshold 1000 ipv6 pimsm ssm Use the ipv6 pimsm ssm command to define the Source Specific Multicast (SSM) range of multicast addresses. Syntax ipv6 pimsm ssm { default | group-address/prefixlength } •...
Page 759 Syntax show ipv6 pimsm Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show ipv6 pimsm Admin Mode........Enabled Data Threshold Rate (Kbps)..... 1000 Register Threshold Rate (Kbps)....
Page 760: Show Ipv6 Pimsm Bsr
vlan 6 Enabled Operational vlan 9 Enabled Operational show ipv6 pimsm bsr Use the show ipv6 pimsm bsr command to display the bootstrap router (BSR) information. The output includes elected BSR information and information about the locally configured candidate rendezvous point (RP) advertisement. Syntax show ipv6 pimsm bsr Default Configuration...
Page 761: Show Ipv6 Pimsm Interface
show ipv6 pimsm interface Use the show ipv6 pimsm interface command to display interface config parameters. If no interface is specified, all interfaces are displayed. Syntax vlan-id show ipv6 pimsm interface [ vlan • vlan-id— A valid VLAN ID value. Default Configuration There is no default configuration for this command.
Page 762: Show Ipv6 Pimsm Neighbor
BSR Border........Disabled show ipv6 pimsm neighbor Use the show ipv6 pimsm neighbor command to display IPv6 PIMSM neighbors learned on the routing interfaces. Syntax vlan-id show ipv6 pimsm neighbor [ all | interface vlan vlan-id —A valid VLAN ID value. •...
Page 763: Show Ipv6 Pimsm Rphash
show ipv6 pimsm rphash Use the show ipv6 pimsm rphash command to display which rendezvous point (RP) is being selected for a specified group. Syntax group-address show ipv6 pimsm rphash group-address —Group IP address supported by RP. Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines...
Page 764 Syntax rp-address show ipv6 pimsm rp mapping [ rp-address — IP address of RP. • Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show ipv6 pimsm rp mapping Group Address........
Page 765: Ipv6 Routing Commands
IPv6 Routing Commands This chapter explains the following commands: • clear ipv6 neighbors • clear ipv6 statistics • ipv6 address • ipv6 enable • ipv6 forwarding • ipv6 host • ipv6 mld last-member-query-count • ipv6 mld last-member-query-interval • ipv6 mld-proxy •...
Page 766 • ipv6 route • ipv6 route distance • ipv6 unicast-routing • ping ipv6 • ping ipv6 interface • show ipv6 brief • show ipv6 interface • show ipv6 mld groups • show ipv6 mld interface • show ipv6 mld-proxy • show ipv6 mld-proxy groups •...
Page 767: Clear Ipv6 Statistics
clear ipv6 neighbors Use the clear ipv6 neighbors command in Privileged EXEC mode to clear all entries in the IPv6 neighbor table or an entry on a specific interface. Syntax vlan-id clear ipv6 neighbors [vlan vlan-id — Valid VLAN ID. •...
Page 768: Ipv6 Address
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example clears IPv6 statistics for VLAN 11. console(config)#clear ipv6 statistics vlan 11 ipv6 address Use the ipv6 address command in Interface Configuration mode to configure an IPv6 address on an interface (including tunnel and loopback interfaces) and to enable IPv6 processing on this interface.
Page 769: Ipv6 Enable
prefix — Consists of the bits of the address to be configured. • prefix-length — Designates how many of the high-order contiguous bits of • the address make up the prefix. • eui64 — The optional eui-64 field designates that IPv6 processing on the interfaces is enabled using an EUI-64 interface ID in the low order 64 bits prefix_length must be 64 of the address.
Page 770: Ipv6 Forwarding
Default Configuration Disabled is the default configuration. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode. User Guidelines This command has no user guidelines. Example The following example enables IPv6 routing, which has not been configured with an explicit IPv6 address. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 enable ipv6 forwarding...
Page 771: Ipv6 Host
— Host name. • ipv6-address — IPv6 address of the host. • Default Configuration No IPv6 hosts are defined. Command Mode Global Configuration mode. User Guidelines This command has no user guidelines. Example console(config)#ipv6 host Dell 2001:DB8::/32 IPv6 Routing Commands...
Page 772: Ipv6 Mld Last-Member-Query-Count
ipv6 mld last-member-query-count The ipv6 mld last-member-query-count command sets the number of listener-specific queries sent before the router assumes that there are no local members on the interface. Use the “no” form of this command to set the last member query count to the default. Syntax last-member-query-count ipv6 mld last-member-query-count...
Page 773: Ipv6 Mld-Proxy
no ipv6 mld last-member-query-interval last-member-query-interval — The last member query interval (Range: • 0–65535 milliseconds). Default Configuration The default last member query interval is 1 second. Command Mode Interface Configuration (VLAN) mode. User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 mld last-member-query- interval 5000...
Page 774: Ipv6 Mld-Proxy Reset-Status
User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 mld-proxy ipv6 mld-proxy reset-status Use the ipv6 mld-proxy reset-status command to reset the host interface status parameters of the MLD Proxy router. This command is only valid when MLD Proxy is enabled on the interface.
Page 775: Ipv6 Mld Query-Interval
Syntax interval ipv6 mld-proxy unsolicited-report-interval no ipv6 mld-proxy unsolicited-report-interval interval — The interval between unsolicited reports (Range: 1–260 • seconds). Default Configuration The unsolicited report interval is 1 second by default. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines Example console(config-if-vlan3)#ipv6 mld-proxy unsolicit- rprt-interval 10...
Page 776: Ipv6 Mld Query-Max-Response-Time
Command Mode Interface Configuration (VLAN) mode. User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 mld query-interval 130 ipv6 mld query-max-response-time The ipv6 mld query-max-response-time command sets MLD query maximum response time for the interface. This value is used in assigning the maximum response time in the query messages that are sent on that interface.
Page 777: Ipv6 Mld Router
ipv6 mld router The ipv6 mld router command is used to enable MLD in the router in global configuration mode and for a specific interface in interface configuration mode. Use the “no” form of this command to disable MLD. Syntax ipv6 mld router no ipv6 mld router Default Configuration...
Page 778: Ipv6 Nd Dad Attempts
mtu — Is the maximum transmission unit. (Range: 1280-1500) • Default Configuration The default MTU is 1500. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines. Example The following example sets the maximum transmission unit (MTU) size, in bytes, of IPv6 packets.
Page 779: Ipv6 Nd Managed-Config-Flag
User Guidelines This command has no user guidelines. Example The following example sets at 10 the number of duplicate address detection probes transmitted while doing neighbor discovery. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 nd dad attempts 10 ipv6 nd managed-config-flag Use the ipv6 nd managed-config-flag command in Interface Configuration mode to set the “managed address configuration”...
Page 780: Ipv6 Nd Ns-Interval
console(config-if-vlan15)#ipv6 nd managed-config-flag ipv6 nd ns-interval Use the ipv6 nd ns-interval command in Interface Configuration mode to set the interval between router advertisements for advertised neighbor solicitations. An advertised value of 0 means the interval is unspecified. Syntax milliseconds ipv6 nd ns-interval no ipv6 nd ns-interval milliseconds —...
Page 781 Syntax ipv6 nd other-config-flag no ipv6 nd other-config-flag Default Configuration False is the default configuration. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines. Example The following example sets to true the “other stateful configuration” flag in router advertisements console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 nd other-config-flag...
Page 782 preferred-lifetime — Preferred-lifetime of the router in seconds. (Range: • 0–4294967295 seconds) • no-autocoding — Do not use Prefix for autoconfiguration. • off-link — Do not use Prefix for onlink determination. Default Configuration 604800 seconds is the default value for valid-lifetime, 2592000 seconds for preferred lifetime.
Page 783 ipv6 nd ra-interval Use the ipv6 nd ra-interval command in Interface Configuration mode to set the transmission interval between router advertisements. Syntax maximum minimum ipv6 nd ra-interval no ipv6 nd ra-interval maximum — The maximum interval duration (Range: 4–1800 seconds). •...
Page 784 Syntax seconds ipv6 nd ra-lifetime no ipv6 nd ra-lifetime seconds — Lifetime duration. The value must be zero, or it must be an • integer between the value of the router advertisement transmission interval and 9000 seconds. A value of zero means this router is not to be used as the default router.
Page 785 Default Configuration The default value for neighbor discovery reachable times is 0 milliseconds. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines. Example The following example sets the router advertisement time at 5000 milliseconds to consider a neighbor reachable after neighbor discovery confirmation.
Page 786 Example The following example suppresses router advertisement transmission. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 nd suppress-ra ipv6 pimdm Use the ipv6 pimdm command to enable PIM-DM Multicast Routing Mode across the router in global configuration mode or on a specific routing interface in interface mode. Use the “no” form of this command to disable PIM-DM.
Page 787 Syntax interval ipv6 pimdm hello-interval no ipv6 pimdm hello-interval • interval - The hello interval time in seconds (Range: 0–65535). Default Configuration The default hello interval is 30 seconds. Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example console(config-if-vlan5)#ipv6 pimdm hello-interval ipv6 route...
Page 788 interface — Identifies direct static routes from point-to-point and • broadcast interfaces, and must be specified when using a link-local address as the next hop. tunnel or vlan — Is the tunnel or vlan interface to associate with the route. •...
Page 789 Syntax integer ipv6 route distance integer no ipv6 route distance integer — Specifies the distance (preference) of an individual static route. • (Range 1-255) Default Configuration integer Default value of is 1. Command Mode Global Configuration mode User Guidelines Lower route distance values are preferred when determining the best route. Example The following example sets the default distance to 80.
Page 790 User Guidelines This command has no user guidelines. Example The following example globally enables Ipv6 unicast datagram forwarding. console(config)#ipv6 unicast-routing console(config)#no ipv6 unicast-routing ping ipv6 Use ping ipv6 command in Privileged EXEC mode to determine whether another computer is on the network. To use the command, configure the switch for network (in-band) connection.
Page 791 Example The following example determines whether another computer is on the network at the IPv6 address specified. console(config)#ping ipv6 2030:1::1/64 Send count=3, Receive count=0 from 2030:1::1/64 Average round trip time = 0.00 ms ping ipv6 interface Use ping ipv6 interface command in the Privileged EXEC mode to determine whether another computer is on the network.
Page 792 User Guidelines This command has no user guidelines. Example The following example determines whether another computer is on the network at the IPv6 address specified. console(config)#ping ipv6 interface loopback 1 FE80::202:BCFF:FE00:3068/128 Send count=3, Receive count=0 from FE80::202:BCFF:FE00:3068/128 Average round trip time = 0.00 ms show ipv6 brief Use the show ipv6 brief command in Privileged EXEC mode to display the IPv6 status of forwarding mode and IPv6 unicast routing mode.
Page 793 IPv6 Forwarding Mode......Enable IPv6 Unicast Routing Mode...... Disable IPv6 Hop Limit........1 show ipv6 interface Use the show ipv6 interface command in Privileged EXEC mode to show the usability status of IPv6 interfaces. Syntax loopback-id tunnel-id show ipv6 interface {brief|loopback | tunnel |vlan vlan-id...
Page 794 IPv6 Prefix is ...... FE80::2FC:E3FF:FE90:147/128 3FF0:1236:C261::1/64 Routing Mode........Enabled Administrative Mode......Enabled IPv6 Routing Operational Mode....Enabled Interface Maximum Transmit Unit....1500 Router Duplicate Address Detection Transmits... 1 Router Advertisement NS Interval....0 Router Lifetime Interval....... 1800 Router Advertisement Reachable Time.... 0 Router Advertisement Interval....
Page 795 Autonomous Flag........ Enabled console#show ipv6 interface brief Oper. Interface Mode IPv6 Address/Length ---------- -------- --------------------------------- vlan3 Enabled FE80::2FC:E3FF:FE90:147/128 3FF0:1236:C261::1/64 loopback 1 Enabled FE80::2FC:E3FF:FE90:145/128 3FF0:C221:1234::1/64 loopback 2 Disabled tunnel 1 Disabled 3FFE:1234::1/64 [TENT] show ipv6 mld groups The show ipv6 mld groups command is used to display information about multicast groups that MLD reported.
Page 796 User Guidelines vlan-id The following fields are displayed as a table when vlan is specified: Number of (*, G) Displays the number of groups present in the MLD Table. entries Number of (S, G) Displays the number of include and exclude mode sources entries present in the MLD Table.
Page 797 Source Address The IP address of the source. Uptime Time elapsed in seconds since the source has been known. Expiry Time Time left in seconds before the entry is removed. Example console#show ipv6 mld groups ff1e::5 Interface........vlan Group Address........FF1E::5 Last Reporter........
Page 798 Group Address........FF1E::1 Interface........vlan Up Time (hh:mm:ss)......00:04:23 Expiry Time (hh:mm:ss)......----- Group Address........FF1E::2 Interface........vlan Up Time (hh:mm:ss)......00:04:23 Expiry Time (hh:mm:ss)......----- Group Address........FF1E::3 Interface........vlan Up Time (hh:mm:ss)......00:04:23 Expiry Time (hh:mm:ss)......----- Group Address........FF1E::4 IPv6 Routing Commands...
Page 799 Interface........vlan Up Time (hh:mm:ss)......00:04:23 Expiry Time (hh:mm:ss)......----- show ipv6 mld interface The show ipv6 mld interface command is used to display MLD related information for an interface. Syntax vlan-id show ipv6 mld interface { vlan | all } vlan-id —...
Page 800 Query Interval This field indicates the configured query interval for the interface. Query Max This field indicates the configured maximum query response Response Time time (in seconds) advertised in MLD queries on this interface. Robustness This field displays the configured value for the tuning for the expected packet loss on a subnet attached to the interface.
Page 801 Example console#show ipv6 mld interface vlan 2 Interface........vlan MLD Global Admin Mode......Enabled MLD Interface Admin Mode....... Disabled MLD Operational Mode......Disabled MLD Version........2 Query Interval (secs)......100 Query Max Response Time(milli-secs) ... 1111 Robustness........2 Startup Query Interval (secs) ....31 Startup Query Count......
Page 802 Default Configuration There is no default configuration for this command. User Guidelines The command displays the following parameters only when you enable MLD Proxy: Interface Index The interface number of the MLD Proxy interface. Admin Mode Indicates whether MLD Proxy is enabled or disabled. This is a configured value.
Page 803 Version........3 Num of Multicast Groups......0 Unsolicited Report Interval....1 Querier IP Address on Proxy Interface..fe80::1:2:5 Older Version 1 Querier Timeout....00:00:00 Proxy Start Frequency......1 show ipv6 mld-proxy groups Use the show ipv6 mld-proxy groups command to display information about multicast groups that the MLD Proxy reported.
Page 804 Member State Possible values are: • Idle_Member—The interface has responded to the latest group membership query for this group. • Delay_Member—The interface is going to send a group membership report to respond to a group membership query for this group. Filter Mode Possible values are Include or Exclude.
Page 805 Command Mode Privileged EXEC User Guidelines The following parameters are displayed by this command: Interface The interface number of the MLD-Proxy. Group Address The IP address of the multicast group. Last Reporter The IP address of the host that last sent a membership report for the current group on the network attached to the MLD Proxy interface (upstream interface).
Page 806 FF1E::1 FE80::100:2.3 DELAY_MEMBER Exclude Group Source List Expiry Time ------------------ --------------- 2001::1 00:02:40 2001::2 -------- FF1E::2 FE80::100:2.3 DELAY_MEMBER Include Group Source List Expiry Time ------------------ --------------- 3001::1 00:03:32 3002::2 00:03:32 FF1E::3 FE80::100:2.3 DELAY_MEMBER Exclude FF1E::4 FE80::100:2.3 DELAY_MEMBER Include Group Source List Expiry Time ------------------ ---------------...
Page 807 Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC User Guidelines The following parameters are displayed only when MLD Proxy is enabled: nterface The MLD Proxy interface. The column headings of the table associated with the interface are as follows: The MLD version.
Page 808: Show Ipv6 Mld Traffic
----- ----- show ipv6 mld traffic The show ipv6 mld traffic command is used to display MLD statistical information for the router. Syntax show ipv6 mld traffic Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines The following fields are displayed: Valid MLD Packets...
Page 809: Show Ipv6 Neighbors
Example console#show ipv6 mld traffic Valid MLD Packets Received..... 52 Valid MLD Packets Sent......7 Queries Received....... 0 Queries Sent........7 Reports Received....... 52 Reports Sent........0 Leaves Received........ 0 Leaves Sent........0 show ipv6 neighbors Use the show ipv6 neighbors command in Privileged EXEC mode to display information about the IPv6 neighbors.
Page 810: Show Ipv6 Pimdm
console(config)#show ipv6 neighbors Neighbor Last IPv6 Address Address isRtr State Updated Interface -------------------- ----------------- ----- ------- --------- show ipv6 pimdm The show ipv6 pimdm command is used to display PIM-DM Global Configuration parameters and PIM DM interface status. Syntax show ipv6 pimdm Command Mode Privileged EXEC mode.
Page 811: Show Ipv6 Pimdm Interface
Interface Interface Mode Protocol State --------- -------------- ---------------- vlan 10 Enable Non-Operational vlan 20 Enable Non-Operational show ipv6 pimdm interface The show ipv6 pimdm interface command is used to display PIM-DM Configuration information for all interfaces or for the specified interface. If no interface is specified, Configuration of all interfaces is displayed.
Page 812: Show Ipv6 Pimdm Neighbor
Neighbor Count ........ 0 Hello Interval (secs)......30 Designated Router......Not Supported console#show ipv6 pimdm interface all Address Interface Neighbor Hello Count Interval -------------- --------- -------- ------- 192.168.37.6 vlan 10 192.168.36.129 vlan 20 10.1.37.2 vlan 24 show ipv6 pimdm neighbor The show ipv6 pimdm neighbor command is used to display PIM-DM Neighbor information including Neighbor Address, Uptime and Expiry time for all interfaces or for the specified interface.
Page 813: Show Ipv6 Route
User Guidelines There are no user guidelines for this command. Example console#show ipv6 pimdm neighbor interface vlan 10 Up Time Expiry Time Neighbor Addr Interface hh:mm:ss hh:mm:ss --------------- ---------- --------- ----------- show ipv6 route Use the show ipv6 route command in Privileged EXEC mode to display the IPv6 routing table.
Page 814: Show Ipv6 Route Preferences
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the IPv6 routing table. console(config)#show ipv6 route IPv6 Routing Table - 0 entries Codes: C - connected, S - static O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF Ext 1, OE2 - OSPF Ext 2 ON1 - OSPF NSSA Ext Type 1, ON2 - OSPF NSSA Ext Type 2 show ipv6 route preferences...
Page 815: Show Ipv6 Route Summary
Example The following example shows the preference value associated with the type of route. console#show ipv6 route preferences Local.......... 0 Static......... 1 OSPF Intra-area routes......110 OSPF Inter-area routes......110 OSPF External routes......110 show ipv6 route summary Use the show ipv6 route summary command in Privileged EXEC mode to display a summary of the routing table.
Page 816: Show Ipv6 Traffic
Example The following example displays a summary of the routing table. console#show ipv6 route summary IPv6 Routing Table Summary - 0 entries Connected Routes....... 0 Static Routes........0 OSPF Routes........0 Intra Area Routes......0 Inter Area Routes......0 External Type-1 Routes....... 0 External Type-2 Routes.......
Page 817 Command Mode User EXEC mode User Guidelines This command has no user guidelines. Examples The following examples show traffic and statistics for IPv6 and ICMPv6, first for all interfaces and an individual VLAN. console> show ipv6 traffic IPv6 STATISTICS Total Datagrams Received........
Page 818 Datagrams Successfully Reassembled......0 Datagrams Failed To Reassemble......0 Datagrams Forwarded........0 Datagrams Locally Transmitted......0 Datagrams Transmit Failed......... 0 Datagrams Successfully Fragmented......0 Datagrams Failed To Fragment......0 Fragments Created......... 0 Multicast Datagrams Received......0 Multicast Datagrams Transmitted......0 console>...
Page 819 Received Datagrams Discarded Due To MTU....0 Received Datagrams Discarded Due To No Route....0 Received Datagrams With Unknown Protocol....0 Received Datagrams Discarded Due To Invalid Address..0 Received Datagrams Discarded Due To Truncated Data..0 Received Datagrams Discarded Other......
Page 820: Show Ipv6 Vlan
Multicast Datagrams Received......0 Multicast Datagrams Transmitted......0 show ipv6 vlan Use the show ipv6 vlan command in Privileged EXEC mode to display IPv6 VLAN routing interface addresses. Syntax show ipv6 vlan Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 821: Traceroute Ipv6
traceroute ipv6 Use the traceroute ipv6 command in Privileged EXEC mode to discover the routes that packets actually take when traveling to their destination through the network on a hop-by-hop basis. Syntax ip-address hostname port traceroute ipv6 { ipv6-address — Destination IPv6 address. •...
Page 822 IPv6 Routing Commands...
Page 823: Loopback Interface Commands
Loopback Interface Commands This chapter explains the following commands: • interface loopback • show interfaces loopback Loopback Interface Commands...
Page 824: Show Interfaces Loopback
interface loopback Use the interface loopback command in Global Configuration mode to enter the Interface Loopback configuration mode. Syntax loopback-id interface loopback loopback-id no interface loopback • loopback-id — Loopback identifier. (Range: 0-7) Default Configuration This command has no default configuration. Command Mode Global Configuration mode.
Page 825 Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Examples The following examples display information about configured loopback interfaces. console# show interfaces loopback Loopback Id Interface IP Address Received Packets Sent Packets...
Page 826 Loopback Interface Commands...
Page 827: Multicast Commands
Multicast Commands This chapter explains the following commands: • ip mcast boundary • ip mroute • ip multicast • ip multicast ttl-threshold • ip pimsm • ip pimsm bsr-border • ip pimsm bsr-candidate • ip pimsm dr-priority • ip pimsm hello-interval •...
Page 828 • show ip pimsm rphash • show ip pimsm rp mapping Multicast Commands...
Page 829: Ip Mroute
ip mcast boundary Use the ip mcast boundary command in Interface Configuration mode to groupipaddr add an administrative scope multicast boundary specified by mask for which this multicast administrative boundary is applicable. groupipaddr mask is a group IP address and is a group IP mask.
Page 830: Ip Multicast
Syntax source-address source-mask rpf-address preference ip mroute source-address source no ip mroute source-address — The IP address of the multicast data source. • source-mask — The IP subnet mask of the multicast data source. • rpf-address — The IP address of the next hop towards the source. •...
Page 831: Ip Multicast Ttl-Threshold
no ip multicast Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example enables IP multicast on the router. console#configure console(config)#ip multicast console(config)#no ip multicast ip multicast ttl-threshold Use the ip multicast ttl-threshold command in Interface Configuration ttlvalue...
Page 832: Ip Pimsm
User Guidelines This command has no user guidelines. Example ttlvalue The following example applies a of 5 to the VLAN 15 routing interface. console(config)#interface vlan 15 console(config-if-vlan15)#ip multicast ttl-threshold ip pimsm The ip pimsm command is used to administratively enable PIM-SM multicast routing mode on a particular router interface.
Page 833: Ip Pimsm Bsr-Border
ip pimsm bsr-border The ip pimsm bsr-border command is used to prevent bootstrap router (BSR) messages from being sent or received through an interface. Use the “no” form of this command to disable the interface from being the BSR border. Syntax ip pimsm bsr-border no ip pimsm bsr-border...
Page 834 hash-mask-length — The length of a mask that is to be ANDed with the • group address before the hash function is called. All groups with the same seed hash correspond to the same RP. For example, if this value is 24, only the first 24 bits of the group addresses matter.
Page 835 Default Configuration The default election priority is 1. Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ip pimsm dr-priority 12 ip pimsm hello-interval The ip pimsm hello-interval command is used to configure the PIM-SM Hello Interval for the specified interface.
Page 836 Example console(config-if-vlan3)#ip pimsm hello-interval 60 ip pimsm join-prune-interval The ip pimsm join-prune-interval command is used to configure the interface join/prune interval for the PIM-SM router. Use the “no” form of this command to set the join/prune interval to the default. This command deprecates the ip pimsm message-interval command.
Page 837 Syntax threshold ip pimsm register-threshold no ip pimsm register-threshold threshold — The threshold rate (Range: 0–2000 Kbps). • Default Configuration The default threshold rate is 0. Previously, the default was 50. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ip pimsm register-threshold 1000 ip pimsm rp-address...
Page 838 Default Configuration There are no static RP addresses configured by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ip pimsm rp-address 192.168.20.1 225.1.0.0 255.255.255.0 ip pimsm rp-candidate The ip pimsm rp-candidate command is used to configure the router to advertise itself as a PIM candidate rendezvous point (RP) to the bootstrap router (BSR).
Page 839: Ip Pimsm Spt-Threshold
User Guidelines There are no user guidelines for this command. Example console(config)#ip pimsm rp-candidate interface vlan 3 225.2.0.0 255.255.0.0 ip pimsm spt-threshold The ip pimsm spt-threshold command is used to configure the Data Threshold rate for the last-hop router to switch to the shortest path. Use the “no”...
Page 840 Syntax group-address group-mask ip pimsm ssm {default | no ip pimsm ssm • default — Defines the SSM range access list to 232/8. group-address group-mask — defines the SSM range. • Default Configuration There is no SSM range defined by default. Command Mode Global Configuration mode User Guidelines...
Page 841 User Guidelines This command has no user guidelines. Example The following command shows information about the entries in the multicast address table. console#show bridge multicast address-table count Capacity: 1024 Used: 4 Static addresses: 2 Dynamic addresses: 1 Forbidden addresses: 1 The following table shows the information the command displays: Field Description...
Page 842 Syntax show ip mcast Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays system-wide multicast information. console#show ip mcast Admin Mode........Enabled Protocol State......... Non- Operational Table Max Size ........
Page 843 Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays all the configured administrative scoped multicast boundaries. console#show ip mcast boundary all MULTICAST BOUNDARY Interface Group Ip Mask...
Page 844 User Guidelines This command has no user guidelines. Example The following example displays the multicast information for VLAN 15. console#show ip mcast interface vlan 15 Interface --------- ----- show ip mcast mroute Use the show ip mcast mroute command in Privileged EXEC mode to display a summary or all the details of the multicast table.
Page 845 Source IP Group Protocol Interface Interface List --------- -------- -------- ------- ---- ----------- console#show ip mcast mroute detail Multicast Route Table Expiry Up Time Source Ip Group Ip Time(secs) (secs) Neighbor Flags --------- ----------- ---------- ----------- -------- ------- ----- show ip mcast mroute group Use the show ip mcast mroute group command in Privileged EXEC mode to display the multicast configuration settings such as flags, timer settings, incoming and outgoing interfaces, RPF neighboring routers, and expiration...
Page 846 Example The following example displays the multicast configuration settings such as flags, timer settings, incoming and outgoing interfaces. console#show ip mcast mroute group 224.5.5.5 summary Multicast Route Table Summary Incoming Outgoin Source IP Group Protocol Interface Interface List --------- --------------- --------- --------- ------- --------- console#show ip mcast mroute group 224.5.5.5 detail Multicast Route Table...
Page 847 Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays multicast configuration settings. console#show ip mcast mroute source 10.1.1.1 summary Multicast Route Table Summary Incoming Outgoi Source IP...
Page 848 show ip mcast mroute static Use the show ip mcast mroute static command in Privileged EXEC mode to display all the static routes configured in the static mcast table if it is specified or display the static route associated with the particular sourceipaddr Syntax sourceipaddr...
Page 849 show ip pimsm bsr The show ip pimsm bsr command displays the bootstrap router (BSR) information. The output includes elected BSR information and information about the locally configured candidate rendezvous point (RP) advertisement. This command deprecates the show ip pimsm componenttable command. Syntax show ip pimsm bsr Default Configuration...
Page 850: Show Ip Pimsm Interface
Example console#show ip pimsm bsr BSR Address........1.1.1.1 BSR Priority........20 BSR Hash Mask Length......Next bootstrap message(hh:mm:ss)....00:00:11 Next Candidate RP advertisement(hh:mm:ss)..00:00:00 show ip pimsm interface The show ip pimsm interface command displays interface config parameters. If no interface is specified, all interfaces are displayed. This command deprecates the show ip pimsm interface stats command.
Page 851: Show Ip Pimsm Rphash
Slot/Port........vlan IP Address........1.1.1.1 Subnet Mask........255.255.255.0 Hello Interval (secs)......30 Join Prune Interval (secs)..... 60 Neighbor Count ........ 0 Designated Router......1.1.1.1 DR Priority........1 BSR Border........Disabled show ip pimsm rphash The show ip pimsm rphash command displays which rendezvous point (RP) is being selected for a specified group.
Page 852: Show Ip Pimsm Rp Mapping
User Guidelines The following fields are displayed: RPAddress of the RP for the group specified OriginIndicate by which mechanism (BSR or static) the RP was selected. Example console#show ip pimsm rphash 225.1.0.5 Type Address ---------------- ----- 1.1.1.1 Static show ip pimsm rp mapping The show ip pimsm rp mapping command is used to display all group-to-RP mappings of which the router is aware (either configured or learned from the bootstrap router (BSR)).
Page 853 Example console#show ip pimsm rp mapping Group Address........225.1.0.0 Group Mask........255.255.255.0 RP Address........1.1.1.1 origin......... Static Group Address........225.2.0.0 Group Mask........255.255.255.0 RP Address........2.2.2.2 origin......... BSR Multicast Commands...
Page 854 Multicast Commands...
Page 855: Ospf Commands
OSPF Commands This chapter explains the following commands: • area default-cost • area nssa • area nssa default-info-originate • area nssa no-redistribute • area nssa no-summary • area nssa translator-role • area nssa translator-stab-intv • area range • area stub •...
Page 856 • exit-overflow-interval • external-lsdb-limit • ip ospf area • ip ospf authentication • ip ospf cost • ip ospf dead-interval • ip ospf hello-interval • ip ospf mtu-ignore • ip ospf network • ip ospf priority • ip ospf retransmit-interval •...
Page 857 • show ip ospf interface • show ip ospf interface brief • show ip ospf interface stats • show ip ospf neighbor • show ip ospf range • show ip ospf statistics • show ip ospf stub table • show ip ospf virtual-link •...
Page 858: Area Nssa
area default-cost Use the area default-cost command in Router OSPF Configuration mode to configure the monetary default cost for the stub area. Use the no form of the command to return the cost to the default value. Syntax area-id integer area default-cost area-id...
Page 859: Area Nssa Default-Info-Originate
Syntax area-id area nssa area-id no area nssa area-id — Identifies the OSPF not-so-stubby-area. (Range: 0–4294967295) • Default Configuration This command has no default configuration. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures not-so-stubby-area 10 as an NSSA.
Page 860: Area Nssa No-Redistribute
integer — Specifies the metric of the default route advertised to the • NSSA. (Range: 1–16777214) • comparable — A metric type of nssa-external 1 • non-comparable — A metric type of nssa-external 2 Default Configuration If no metric is defined, 10 is the default configuration. Command Mode Router OSPF Configuration mode.
Page 861: Area Nssa No-Summary
Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the NSSA ABR. console(config-router)#area 20 nssa no-redistribute area nssa no-summary Use the area nssa no-summary command in Router OSPF Configuration mode to configure the NSSA so that summary LSAs are not advertised into the NSSA.
Page 862: Area Nssa Translator-Role
area nssa translator-role Use the area nssa translator-role command in Router OSPF Configuration mode to configure the translator role of the NSSA. Syntax area-id area nssa translator-role {always | candidate} area-id no area nssa translator-role area-id — Identifies the OSPF NSSA to configure. (Range: IP address or •...
Page 863: Area Range
Syntax area-id integer area nssa translator-stab-intv area-id no area nssa translator-stab-intv area-id — Identifies the OSPF NSSA to configure. (Range: IP address or • decimal from 0–4294967295) integer — The period of time that an elected translator continues to • perform its duties after it determines that its translator status has been deposed by another router.
Page 864: Area Stub
Syntax area-id ip-address subnet-mask area range {summarylink | nssaexternallink} [advertise |not-advertise] area-id ip-address subnet-mask no area range {summarylink | nssaexternallink} area-id — Identifies the OSPF NSSA to configure. (Range: IP address or • decimal from 0–4294967295) ip-address — IP address. •...
Page 865: Area Stub No-Summary
External LSAs and Summary LSAs can significantly reduce the link state database of routers within the stub area. Use the no form of the command to remove the stub area. Syntax area-id area stub area-id no area stub area-id — Identifies the area identifier of the OSPF stub. (Range: IP •...
Page 866: Area Virtual-Link
area-id no area stub no-summary area-id — Identifies the OSPF area to configure. (Range: IP address or • decimal from 0–4294967295) Default Configuration Disabled is the default configuration. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example prevents the Summary LSA from being advertised into the area 3 NSSA.
Page 867: Area Virtual-Link Authentication
Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example creates an OSPF virtual interface for area 10 and neighbor router. console(config-router)#area 10 virtual-link 192.168.2.2 area virtual-link authentication Use the area virtual-link authentication command in Router OSPF Configuration mode to configure the authentication type and key for the OSPF virtual interface identified by the area ID and neighbor ID.
Page 868: Area Virtual-Link Dead-Interval
Default Configuration This command has no default configuration. Command Mode Router OSPF Configuration mode. User Guidelines Unauthenticated interfaces do not need an authentication key. Example The following example configures the authentication type and key for the area 10 OSPF virtual interface and neighbor ID. console(config-router)#area 10 virtual-link 192.168.2.2 authentication encrypt test123 100 area virtual-link dead-interval...
Page 869: Area Virtual-Link Hello-Interval
Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the dead interval for the area 10 OSPF virtual interface on the virtual interface and neighbor router. console(config-router)#area 10 virtual-link 192.168.2.2 dead-interval 655555 area virtual-link hello-interval Use the area virtual-link hello-interval command in Router OSPF Configuration mode to configure the hello interval for the OSPF virtual...
Page 870: Area Virtual-Link Retransmit-Interval
User Guidelines This command has no user guidelines. Example The following example configures a 50-second wait interval. console(config-router)#area 10 virtual-link 192.168.2.2 hello-interval 50 area virtual-link retransmit-interval Use the area virtual-link retransmit-interval command in Router OSPF Configuration mode to configure the retransmit interval for the OSPF virtual interface on the virtual interface identified by the area ID and neighbor ID.
Page 871: Area Virtual-Link Transmit-Delay
Example The following example configures a 500-second retransmit wait interval. console(config-router)#area 10 virtual-link 192.168.2.2 retransmit-interval 500 area virtual-link transmit-delay Use the area virtual-link transmit-delay command in Router OSPF Configuration mode to configure the transmit delay for the OSPF virtual interface identified by the area ID and neighbor ID. Use the no form of the command to return the transmit delay to the default value.
Page 872: Auto-Cost
console(config-router)#area 10 virtual-link 192.168.2.2 transmit-delay 40 auto-cost By default, OSPF computes the link cost of each interface from the interface bandwidth. The link cost is computed as the ratio of a “reference bandwidth” to the interface bandwidth (ref_bw / interface bandwidth), where interface bandwidth is defined by the “bandwidth”...
Page 873: Bandwidth
bandwidth By default, OSPF computes the link cost of an interface as the ratio of the reference bandwidth to the interface bandwidth. Reference bandwidth is specified with the auto-cost command. For the purpose of the OSPF link cost calculation, the bandwidth command specifies the interface bandwidth. The bandwidth is specified in kilobits per second.
Page 874: Clear Ip Ospf
no capability opaque Default Configuration Opaque Capability is enabled by default. Command Mode Router Configuration mode. User Guidelines There are no user guidelines for this command. Example console(config-router)#capability opaque clear ip ospf Use the clear ip ospf command to reset specific OSPF states. If no parameters are specified, OSPF is disabled and then re-enabled.
Page 875: Default-Information Originate
Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Example The following example shows the options for the clear ip ospf command. console#clear ip ospf ? <cr>...
Page 876: Default-Metric
• always — Always advertise default routes. integer — The metric (or preference) value of the default route. (Range: • 1–16777214) • 1 — External type-1 route. • 2 — External type-2 route. Default Configuration The default metric is none and the default type is 2. Command Mode Router OSPF Configuration mode.
Page 877: Distance Ospf
Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets a value of 50 for the default metric. console(config-router)#default-metric 50 distance ospf The distance ospf command sets the preference values of OSPF route types in the router.
Page 878: Distribute-List Out
Examples The following examples set route preference values of OSPF in the router. console(config-router)#distance ospf intra 4 console(config-router)#distance ospf type1 19 distribute-list out Use the distribute-list out command in Router OSPF Configuration mode to specify the access list to filter routes received from the source protocol. Use the no form of the command to remove the specified source protocol from the access list.
Page 879: Enable
Example The following example specifies the access list to filter routes received from the RIP source protocol. console(config-router)#distribute-list ACL40 out rip enable Use the enable command in Router OSPF Configuration mode to reset the default administrative mode of OSPF in the router (active). Use the no form of the command to disable the administrative mode for OSPF.
Page 880: External-Lsdb-Limit
Syntax seconds exit-overflow-interval no exit-overflow-interval seconds — Number of seconds after entering overflow state that a router • will wait before attempting to leave the overflow state. (Range: 0–2147483647) Default Configuration 0 seconds is the default configuration. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines.
Page 881: Ip Ospf Area
integer — Maximum number of non-default ASexternal-LSAs allowed in • the router's link-state database. (Range: –1 to 2147483647) Default Configuration -1 is the default configuration. Command Mode Router OSPF Configuration mode. User Guidelines The external LSDB limit MUST be set identically in all routers attached to the OSPF backbone and/or any regular OSPF area.
Page 882: Ip Ospf Authentication
Command Mode Interface Configuration (VLAN) mode. User Guidelines There are no user guidelines for this command. Example console(config-if-vlan1)#ip ospf area 192.168.1.10 ip ospf authentication Use the ip ospf authentication command in the Interface Configuration mode to set the OSPF Authentication Type and Key for the specified interface.
Page 883: Ip Ospf Cost
User Guidelines Unauthenticated interfaces do not need an authentication key or authentication key ID. Example The following example sets the OSPF Authentication Type and Key for VLAN console(config-if-vlan15)#ip ospf authentication encrypt test123 100 ip ospf cost Use the ip ospf cost command in Interface Configuration mode to configure the cost on an OSPF interface.
Page 884: Ip Ospf Dead-Interval
ip ospf dead-interval Use the ip ospf dead-interval command in Interface Configuration to set the OSPF dead interval for the specified interface. Use the no form of the command to return the interval to the default value. Syntax seconds ip ospf dead-interval no ip ospf dead-interval seconds —...
Page 885: Ip Ospf Mtu-Ignore
Syntax seconds ip ospf hello-interval no ip ospf hello-interval seconds — Number of seconds to wait before sending Hello packets from • the interface. (Range: 1–65535) Default Configuration 10 is the default number of seconds. Command Mode Interface Configuration (VLAN) mode. User Guidelines The value for the length of time must be the same for all routers attached to a network.
Page 886: Ip Ospf Network
Default Configuration This command has no default configuration. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example disables OSPF MTU mismatch detection on VLAN interface 15. console(config-if-vlan15)#ip ospf mtu-ignore ip ospf network Use the ip ospf network command to configure OSPF to treat an interface as a point-to-point rather than broadcast interface.
Page 887: Ip Ospf Priority
Usage Guidelines OSPF treats interfaces as broadcast interfaces by default. Loopback interfaces have a special loopback network type, which cannot be changed. When there are only two routers on the network, OSPF can operate more efficiently by treating the network as a point-to-point network. For point-to-point networks, OSPF does not elect a designated router or generate a network link state advertisement (LSA).
Page 888: Ip Ospf Retransmit-Interval
User Guidelines A value of 1 is the highest router priority. A value of 0 indicates that the interface is not eligible to become the designated router on this network. Example The following example sets the OSPF priority for the VLAN 15 router at 100. console(config-if-vlan15)#ip ospf priority 100 ip ospf retransmit-interval Use the ip ospf retransmit-interval command in Interface Configuration...
Page 889: Ip Ospf Transmit-Delay
console(config-if-vlan15)#ip ospf retransmit-interval ip ospf transmit-delay Use the ip ospf transmit-delay command in Interface Configuration mode to set the OSPF Transit Delay for the specified interface. Use the no form of the command to return the delay to the default value. Syntax seconds ip ospf transmit-delay...
Page 890: Network Area
Syntax integer maximum-paths no maximum-paths integer — Number of paths that OSPF can report for a given destination. • (Range: 1–4.) Default Configuration integer 4 is the default value. Command Mode Router OSPF Configuration mode. User Guidelines OSPF is only enabled on an interface if the primary IPv4 address on the interface matches a network area range.
Page 891 Syntax ip-address wildcard-mask area-id network area ip-address wildcard-mask area-id no network area ip-address — Base IPv4 address of the network area. • wildcard-mask — The network mask indicating the subnet. • area-id — The ID of the area (Range: IP address or decimal from •...
Page 892 Syntax nsf [ ietf ] [ planned-only ] no nsf [ietf] ietf — This keyword is used to distinguish the IETF standard implementation of graceful restart from other implementations. Since the IETF implementation is the only one supported, this keyword is optional. planned-only —...
Page 893: Nsf Helper
nsf helper Use the nsf-helper to allow OSPF to act as a helpful neighbor for a restarting router. Use the “no” form of this command to prevent OSPF from acting as a helpful neighbor. Syntax nsf helper[ planned-only ] no nsf helper •...
Page 894: Nsf Restart-Interval
Syntax nsf [ietf ] helper strict-lsa-checking no nsf [ietf ] helper strict-lsa-checking • ietf —This keyword is used to distinguish the IETF standard implementation of graceful restart from other implementations. Since the IETF implementation is the only one supported, this keyword is optional. Default Configuration A helpful neighbor exits helper mode when a topology change occurs.
Page 895: Passive-Interface Default
ietf — This keyword is used to distinguish the IETF standard • implementation of graceful restart from other implementations. Since the IETF implementation is the only one supported, this keyword is optional. seconds — The number of seconds that the restarting router asks its •...
Page 896: Passive-Interface
Command Mode Router OSPF Configuration mode. User Guidelines There are no user guidelines for this command. Example console(config-router)#passive-interface passive-interface Use the passive-interface command to set the interface as passive. It overrides the global passive mode that is currently effective on the interface. Use the “no”...
Page 897: Redistribute
redistribute Use the redistribute command in Router OSPF Configuration mode to configure OSPF protocol to allow redistribution of routes from the specified source protocol/routers. Use the no version of the command to disable redistribution from the selected source or to reset options to their default values.
Page 898: Router-Id
Example The following example configures OSPF protocol to allow redistribution of routes from the specified source protocol/routers. console(config-router)#redistribute rip metric 90 metric-type 1 tag 555 subnets router-id Use the router-id command in Router OSPF Configuration mode to set a 4- digit dotted-decimal number uniquely identifying the router OSPF ID.
Page 899: Show Ip Ospf
Syntax router ospf Default Configuration This command has no default configuration. Command Mode Global Configuration mode. User Guidelines The command prompt changes when the router ospf command executes. Example The following example enters into router OSPF mode. console(config)#router ospf console(config-router)# show ip ospf Use the show ip ospf command to display information relevant to the OSPF router.
Page 900 Router ID A 32-bit integer in dotted decimal format identifying the router about which information is displayed. This is a configured value. OSPF Admin Shows whether OSPF is administratively enabled or disabled. Mode RFC 1583 This configuration option controls the preference rules used Compatibility when choosing among multiple external LSAs advertising the same destination.
Page 901 Metric Shows the metric for the advertised default routes. If the metric is not configured, this field is not configured. Metric Type Shows whether the metric for the default route is advertised as External Type 1 or External Type 2. Number of Active The number of OSPF areas to which the router is attached on Areas...
Page 902 LSAs Received Shows the number of link-state advertisements received determined to be new instantiations. LSA Count The number of LSAs in the link state database. Maximum Number The limit on the number of LSAs that the router can store in its of LSAs link state database.
Page 903 Source Shows source protocol/routes that are being redistributed. Possible values are static, connected, or RIP . Shows the decimal value attached to each external route. Subnets When this option is not configured, OSPF will only redistribute classful prefixes. Distribute-List Shows the access list used to filter redistributed routes. Example The following example displays OSPF router information.
Page 904 Default Metric......... Not configured Default Route Advertise......Disabled Always......... FALSE Metric......... Not configured Metric Type........External Type 2 Number of Active Areas......1 (1 normal, 0 stub, 0 nssa) ABR Status........Disable ASBR Status........Disable Stub Router........FALSE External LSDB Overflow......FALSE External LSA Count......
Page 905: Show Ip Ospf Abr
LSA High Water Mark......4 Retransmit List Entries......0 Maximum Number of Retransmit Entries... 72800 Retransmit Entries High Water Mark..... 2 NSF Support........Disabled NSF Restart Interval......120 NSF Restart Status......Not Restarting NSF Restart Age........ 0 seconds NSF Restart Exit Reason......Not Attempted NSF Helper Support......
Page 906: Show Ip Ospf Area
User Guidelines There are no user guidelines for this command. Example console#show ip ospf abr Type Router Id Cost Area ID Next Next Hop ----- --------- ----- --------------- --------- ------- INTRA 3.3.3.3 0.0.0.1 10.1.23.3 lan11 INTRA 4.4.4.4 0.0.0.1 10.1.24.4 lan12 show ip ospf area Use the show ip ospf area command in Privileged EXEC mode to display information about the identified OSPF area.
Page 907 User Guidelines This command has no user guidelines. Example The following example displays OSPF router information. console#show ip ospf area 10 AreaID......... 0.0.0.10 External Routing....... Import External LSAs Spf Runs........0 Area Border Router Count....... 0 Area LSA Count......... 0 Area LSA Checksum......
Page 908: Show Ip Ospf Asbr
Redistribute into NSSA......Enable Default Information Originate....TRUE Default Metric......... 250 Default Metric Type......Non- Comparable Translator Role........ Candidate Translator Stability Interval....2000 Translator State....... Disabled show ip ospf asbr The show ip ospf asbr command displays the internal OSPF routing table entries to Autonomous System Boundary Routes (ASBR).
Page 909: Show Ip Ospf Database
Type Router Id Cost Area ID Next Hop Next Intf ----- ---------- ---- -------- ----------- ----- ------ INTRA 1.1.1.1 0.0.0.1 10.1.12.1 vlan1 INTRA 4.4.4.4 0.0.0.1 10.1.24.4 vlan1 show ip ospf database Use the show ip ospf database command in Privileged EXEC mode to display information about the link state database when OSPF is enabled.
Page 910 adv-router — Display the LSAs that are restricted by the advertising • router. To specify a router, enter the IP address of the router. • self-originate — Display the LSAs in that are self-originated. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode.
Page 911 Link Id Adv Router Sequence Chksm Options Rtr Opt --------------- --------------- ----- -------- ------ ----- -- ------- 2.2.2.2 20.20.20.20 1165 80000005 f86d -E--O- Network Summary States (Area 0.0.0.0) Link Id Adv Router Sequence Chksm Options Rtr Opt --------------- --------------- ----- -------- ------ ----- -- ------- 5.2.0.0 0.0.0.0...
Page 912 Link Id Adv Router Sequence Chksm Options Rtr Opt --------------- --------------- ----- -------- ------ ----- -- ------- 5.2.0.0 0.0.0.0 1361 80000005 ef59 ------ Area Opaque States (Area 0.0.0.0) Link Id Adv Router Sequence Chksm Options Rtr Opt --------------- --------------- ----- -------- ------ ----- -- ------- 5.2.0.0 0.0.0.0...
Page 913: Show Ip Ospf Database Database-Summary
5.2.0.0 0.0.0.0 1364 80000005 d373 show ip ospf database database-summary Use the show ip ospf database database-summary command to display the number of each type of LSA in the database for each area and for the router. The command also displays the total number of LSAs in the database. This command has been modified.
Page 914 Subtotal Shows Number of entries for the identified area. Opaque AS Shows Number of opaque AS LSAs in the database. Total Shows Number of entries for all areas. Example The following example displays the number of each type of LSA in the database for each area and for the router.
Page 915: Show Ip Ospf Interface
Opaque Area........0 Subtotal........0 Router database summary Router......... 0 Network........0 Summary Net........0 Summary ASBR........0 Type-7 Ext........0 Opaque Link........0 Opaque Area........0 Type-5 Ext........0 Self-Originated Type-5 Ext..... 0 Opaque AS........0 Total.......... 0 show ip ospf interface Use the show ip ospf interface command in Privileged EXEC mode to display the information for the VLAN or loopback interface.
Page 916 Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays the information for the IFO object or virtual interface tables associated with VLAN 3. console#show ip ospf interface vlan 10 IP Address........1.1.1.1 Subnet Mask........
Page 917: Show Ip Ospf Interface Brief
State.......... designated- router Designated Router......1.1.1.1 Backup Designated Router....... 0.0.0.0 Number of Link Events......2 show ip ospf interface brief Use the show ip ospf interface brief command in Privileged EXEC mode to display brief information for the IFO object or virtual interface tables. Syntax show ip ospf interface brief Default Configuration...
Page 918: Show Ip Ospf Interface Stats
vlan2 Disable 0.0.0.0 vlan3 Disable 0.0.0.0 loopback2 Disable 0.0.0.0 show ip ospf interface stats Use the show ip ospf interface stats command in User EXEC mode to display the statistics for a specific interface. The information is only displayed if OSPF is enabled.
Page 919: Show Ip Ospf Neighbor
AS Border Router Count.........0 Area LSA Count.........1 Address..........2.2.2.2 OSPF Interface Events........1 Virtual Events......... 0 Neighbor Events........0 External LSA Count........0 show ip ospf neighbor Use the show ip ospf neighbor command in Privileged EXEC mode to display information about OSPF neighbors.
Page 920 User Guidelines This command has no user guidelines. Example The following examples display information about OSPF neighbors on the specified Ethernet and IP interfaces. console #show ip ospf neighbor 10.1.23.50 Interface......... vlan 20 Neighbor IP Address....... 10.1.13.50 Interface Index......65 Area Id........
Page 921 Area Id — The OSPF area in which the adjacency is formed Options — The options advertised by the neighbor Router Priority: The router priority advertised by the neighbor Dead timer — The number of seconds until the dead timer expires Up Time —...
Page 922 When FASTPATH sends a grace LSA, it sets the Restart Reason to Software Restart on a planned warm restart (when the "initiate failover" command is invoked), and to Unknown on an unplanned warm restart. • Remaining Grace Time — The number of seconds remaining in the current graceful restart interval.
Page 923: Show Ip Ospf Statistics
show ip ospf range Use the show ip ospf range command in Privileged EXEC mode to display information about the area ranges for the specified area-id. Syntax area-id show ip ospf range area-id — Identifies the OSPF area whose ranges are being displayed. •...
Page 924: Show Ip Ospf Stub Table
information. For each of the 15 most recent SPF runs, the table lists how long ago the SPF ran, how long the SPF took, and the reasons why the SPF was scheduled. Syntax show ip ospf statistics Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode.
Page 925: Show Ip Ospf Virtual-Link
Syntax show ip ospf stub table Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays the OSPF stub table. console(config)#show ip ospf stub table AreaId TypeofService Metric Val Import...
Page 926 neighbor-id — Identifies the neighbor’s router ID. (Range: Valid IP • address) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays the OSPF Virtual Interface information for area 10 and its neighbor.
Page 927: Show Ip Ospf Virtual-Link Brief
show ip ospf virtual-link brief Use the show ip ospf virtual-link brief command in Privileged EXEC mode to display the OSPF Virtual Interface information for all areas in the system. Syntax show ip ospf virtual-link brief Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode.
Page 928: Timers Spf
timers spf Use the timers spf command in Router OSPF Configuration mode to configure the SPF delay and hold time. Use the no form of the command to reset the numbers to the default value. Syntax delay-time hold-time timers spf no timers spf delay-time —...
Page 929 1583compatibility Use the 1583compatibility command in Router OSPF Configuration mode to enable OSPF 1583 compatibility. Use the no form of the command to disable it. Syntax 1583compatibility no 1583compatibility Default Configuration Enabled is the default configuration. Command Mode Router OSPF Configuration mode. User Guidelines If all OSPF routers in the routing domain are capable of operating according to RFC 2328, OSPF 1583 compatibility mode should be disabled.
Page 930 OSPF Commands...
Page 931: Ospfv3 Commands
OSPFv3 Commands This chapter explains the following commands: • area default-cost • area nssa • area nssa default-info-originate • area nssa no-redistribute • area nssa no-summary • area nssa translator-role • area nssa translator-stab-intv • area range • area stub •...
Page 932 • ipv6 ospf hello-interval • ipv6 ospf mtu-ignore • ipv6 ospf network • ipv6 ospf priority • ipv6 ospf retransmit-interval • ipv6 ospf transmit-delay • ipv6 router ospf • maximum-paths • • nsf helper • nsf helper strict-lsa-checking • nsf restart-interval •...
Page 933 • show ipv6 ospf virtual-link • show ipv6 ospf virtual-link brief OSPFv3 Commands...
Page 934: Area Nssa
area default-cost Use the area default-cost command in Router OSPFv3 Configuration mode to configure the monetary default cost for the stub area. The operator must specify the area id and an integer value between 1-16777215. Use the no form of the command to return the cost to the default value. Syntax areaid cost...
Page 935: Area Nssa Default-Info-Originate
Syntax areaid area nssa areaid no area nssa areaid — Valid OSPFv3 area identifier. • Default Configuration This command has no default configuration. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures area 1 to function as an NSSA. console(config)#ipv6 router ospf console(config-rtr)#area 1 nssa area nssa default-info-originate...
Page 936: Area Nssa No-Redistribute
comparable — Metric Type (nssa-external 1). • non-comparable — Metric Type (nssa-external 2). • Default Configuration If no metric is defined, 10 is the default configuration. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the default metric value for the default route advertised into the NSSA.
Page 937: Area Nssa No-Summary
Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the area 1 NSSA ABR so that learned external routes will not be redistributed to the NSSA. console(config)#ipv6 router ospf console(config-rtr)#area 1 nssa no-redistribute area nssa no-summary Use the area nssa no-summary command in Router OSPFv3 Configuration mode to configure the NSSA so that summary LSAs are not advertised into...
Page 938: Area Nssa Translator-Role
Example The following example configures the area 1 NSSA so that summary LSAs are not advertised into the NSSA. console(config)#ipv6 router ospf console(config-rtr)#area 1 nssa no-summary area nssa translator-role Use the area nssa translator-role command in Router OSPFv3 Configuration mode to configure the translator role of the NSSA. Use the no form of the command to remove the configuration.
Page 939: Area Nssa Translator-Stab-Intv
console(config-rtr)#area 1 nssa translator-role always area nssa translator-stab-intv Use the area nssa translator-stab-intv command in Router OSPFv3 Configuration mode to configure the translator stability interval of the NSSA. The stability interval is the period of time that an elected translator continues to perform its duties after it determines that its translator status has been deposed by another router.
Page 940: Area Range
area range Use the area range command in Router OSPF Configuration mode to configure a summary prefix for routes learned in a given area. There are two types of area ranges. An area range can be configured to summarize intra-area routes.
Page 941: Area Stub
Example The following example creates an area range for the area 1 NSSA. console(config)#ipv6 router ospf console(config-rtr)#area 1 range 2020:1::1/64 summarylink area stub Use the area stub command in Router OSPFv3 Configuration mode to create a stub area for the specified area ID. A stub area is characterized by the fact that AS External LSAs are not propagated into the area.
Page 942: Area Stub No-Summary
area stub no-summary Use the area stub no-summary command in Router OSPFv3 Configuration mode to disable the import of Summary LSAs for the stub area identified by areaid. Syntax areaid area stub no-summary areaid no area stub no-summary areaid — Valid OSPFv3 area identifier. •...
Page 943: Area Virtual-Link Dead-Interval
areaid neighbor-id no area virtual-link areaid — Valid OSPFv3 area identifier (or decimal value in the range of 0- • 4294967295). neighbor-id — Identifies the Router ID or IP address of the neighbor. • Default Configuration This command has no default configuration. Command Mode Router OSPFv3 Configuration mode.
Page 944: Area Virtual-Link Hello-Interval
Default Configuration seconds 40 is the default value for Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures a 20-second dead interval for the OSPF virtual interface on the virtual interface identified by area 1 and its neighbor. console(config)#ipv6 router ospf console(config-rtr)#area 1 virtual-link 2 dead- interval 20...
Page 945: Area Virtual-Link Retransmit-Interval
User Guidelines This command has no user guidelines. Example The following example configures a hello interval of 20 seconds for the OSPF virtual interface on the virtual interface identified by area 1 and its neighbor. console(config)#ipv6 router ospf console(config-rtr)#area 1 virtual-link 2 hello- interval 20 area virtual-link retransmit-interval Use the area virtual-link retransmit-interval command in Router OSPFv3...
Page 946: Area Virtual-Link Transmit-Delay
Example The following example configures the retransmit interval of 20 seconds for the OSPF virtual interface on the virtual interface identified by area 1 and its neighbor. (config)#ipv6 router ospf (config-rtr)#area 1 virtual-link 2 retransmit- interval 20 area virtual-link transmit-delay Use the area virtual-link transmit-delay command in Router OSPFv3 Configuration mode to configure the transmit delay for the OSPF virtual areaid...
Page 947: Default-Information Originate
console(config-rtr)#area 1 virtual-link 2 transmit- delay 20 default-information originate Use the default-information originate command in Router OSPFv3 Configuration mode to control the advertisement of default routes. Use the no form of the command to return the default route advertisement settings to the default value.
Page 948: Default-Metric
console(config-rtr)#default-information originate metric 100 metric-type 2 default-metric Use the default-metric command in Router OSPFv3 Configuration mode to set a default for the metric of distributed routes. Syntax metric default-metric no default-metric metric — Metric value used for distribution (Range: 1-16777214) •...
Page 949: Enable
Syntax distance distance ospf {external | inter-area | intra-area } distance no distance ospf {external | inter-area | intra-area } distance — Used to select the best path when there are two or more routes • to the same destination from two different routing protocols (Range: 1–255).
Page 950: Exit-Overflow-Interval
Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example enables administrative mode of OSPF in the router (active). console(config)#ipv6 router ospf console(config-rtr)#enable exit-overflow-interval Use the exit-overflow-interval command in Router OSPFv3 Configuration mode to configure the exit overflow interval for OSPF.
Page 951: External-Lsdb-Limit
Example The following example configures the exit overflow interval for OSPF at 100 seconds. console(config)#ipv6 router ospf console(config-rtr)#exit-overflow-interval 100 external-lsdb-limit Use the external-lsdb-limit command in Router OSPFv3 Configuration mode to configure the external LSDB limit for OSPF. If the value is -1, then there is no limit.
Page 952: Ipv6 Ospf
console(config-rtr)#external-lsdb-limit 100 ipv6 ospf Use the ipv6 ospf command in Interface Configuration mode to enable OSPF on a router interface or loopback interface. Syntax ipv6 ospf no ipv6 ospf Default Configuration Disabled is the default configuration. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines.
Page 953: Ipv6 Ospf Cost
areaid — Is a 32-bit integer, formatted as a 4-digit dotted-decimal number • or a decimal value. It uniquely identifies the area to which the interface connects. Assigning an area id which does not exist on an interface causes the area to be created with default values. (Range: 0-4294967295). Default Configuration This command has no default configuration.
Page 954: Ipv6 Ospf Dead-Interval
User Guidelines This command has no user guidelines. Example The following example configures a cost of 100. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 ospf cost 100 ipv6 ospf dead-interval Use the ipv6 ospf dead-interval command in Interface Configuration mode to set the OSPF dead interval for the specified interface. Syntax seconds ipv6 ospf dead-interval...
Page 955: Ipv6 Ospf Hello-Interval
console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 ospf dead-interval 100 ipv6 ospf hello-interval Use the ipv6 ospf hello-interval command in Interface Configuration mode to set the OSPF hello interval for the specified interface. Syntax seconds ipv6 ospf hello-interval no ipv6 ospf hello-interval seconds — A valid positive integer which represents the length of time of •...
Page 956: Ipv6 Ospf Network
receives a Database Description packet, it examines the MTU advertised by the neighbor. By default, if the MTU is larger than the router can accept, the Database Description packet is rejected and the OSPF adjacency is not established. Syntax ipv6 ospf mtu-ignore no ipv6 ospf mtu-ignore Default Configuration Enabled is the default state.
Page 957: Ipv6 Ospf Priority
Syntax ipv6 ospf network { broadcast | point-to-point } no ipv6 ospf network • broadcast — The network type is broadcast. • point-to-point — The network type is point-to-point. Default Configuration Broadcast is the default state. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines.
Page 958: Ipv6 Ospf Retransmit-Interval
Default Configuration 1, the highest router priority, is the default value. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode. User Guidelines This command has no user guidelines. Example The following example sets the OSPF priority at 50 for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 ospf priority 50 ipv6 ospf retransmit-interval...
Page 959: Ipv6 Ospf Transmit-Delay
User Guidelines This command has no user guidelines. Example The following example sets the OSPF retransmit interval at 100 seconds. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 ospf retransmit- interval 100 ipv6 ospf transmit-delay Use the ipv6 ospf transmit-delay command in Interface Configuration mode to set the OSPF Transmit Delay for the specified interface.
Page 960: Ipv6 Router Ospf
console(config-if-vlan15)#ipv6 ospf transmit-delay ipv6 router ospf Use the ipv6 router ospf command in Global Configuration mode to enter Router OSPFv3 Configuration mode. Syntax ipv6 router ospf Default Configuration This command has no default configuration. Command Mode Global Configuration mode. User Guidelines This command has no user guidelines.
Page 961 Default Configuration maxpaths 2 is the default value for Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets the number of paths that OSPF can report for a destination to 1. console(config)#ipv6 router ospf console(config-rtr)#maximum-paths 1 Use this command to enable OSPF graceful restart.
Page 962: Nsf Helper
Command Mode Router OSPFv3 Configuration mode User Guidelines Graceful restart works in concert with nonstop forwarding to enable the hardware to continue forwarding IPv6 packets using OSPFv3 routes while a backup unit takes over management unit responsibility. When OSPF executes a graceful restart, it informs its neighbors that the OSPF control plane is restarting, but that it will be back shortly.
Page 963: Nsf Helper Strict-Lsa-Checking
Command Mode Router OSPFv3 Configuration mode User Guidelines The grace LSA announcing the graceful restart includes a restart reason. Reasons 1 (software restart) and 2 (software reload/upgrade) are considered planned restarts. Reasons 0 (unknown) and 3 (switch to redundant control processor) are considered unplanned restarts.
Page 964: Nsf Restart-Interval
User Guidelines The restarting router is unable to react to topology changes. In particular, the restarting router will not immediately update its forwarding table; therefore, a topology change may introduce forwarding loops or black holes that persist until the graceful restart completes. By exiting the graceful restart on a topology change, a router tries to eliminate the loops or black holes as quickly as possible by routing around the restarting router.
Page 965: Passive-Interface
User Guidelines The grace period must be set long enough to allow the restarting router to reestablish all of its adjacencies and complete a full database exchange with each of those neighbors. Example – passive-interface Use the passive-interface command to set the interface or tunnel as passive. It overrides the global passive mode that is currently effective on the interface or tunnel.
Page 966: Passive-Interface Default
passive-interface default The passive-interface default command enables the global passive mode by default for all interfaces. It overrides any interface level passive mode. Use the “no” form of this command to disable the global passive mode by default for all interfaces. Any interface previously configured to be passive reverts to non- passive mode.
Page 967: Router-Id
tag — Tag. (Range: 0-4294967295) • Default Configuration 2 is the default value for metric-type, 0 for Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines. Example The following example configures the OSPFv3 protocol to allow redistribution of routes from the specified source protocol/routers.
Page 968: Show Ipv6 Ospf
Example The following example sets a 4-digit dotted-decimal number identifying the Router OSPF ID as 2.3.4.5. console(config)#ipv6 router ospf console(config-rtr)#router-id 2.3.4.5 show ipv6 ospf Use the show ipv6 ospf command in Privileged EXEC mode to display information relevant to the OSPF router. Syntax show ipv6 ospf Default Configuration...
Page 969 AutoCost Ref BW The configured autocost reference bandwidth. This value is used to determine the OSPF metric on its interfaces. The reference bandwidth is divided by the interface speed to compute the metric. Default Passive When enabled, OSPF interfaces are passive by default. Setting Maximum Paths Shows the maximum number of paths that OSPF can report for...
Page 970 External LSDB OSPF enters this state when the number of external LSAs Overflow exceeds a configured limit, as described in RFC 1765. External LSA Shows the number of external (LS type 5) link-state Count advertisements in the link-state database. External LSA Shows the sum of the LS checksums of external link-state Checksum advertisements contained in the link-state database.
Page 971 NSF Helper Whether this router is configured to act as a graceful restart Support helpful neighbor. Possible values are: Helper Support Always, Disabled, or Planned. NSF Helper Strict As a graceful restart helpful neighbor, whether to terminate the LSA Checking helper relationship if a topology change occurs during a neighbor's graceful restart.
Page 972 External LSDB Limit......No Limit Default Metric......... Not Configured Maximum Paths........2 Default Route Advertise......Disabled Always......... FALSE Metric......... Metric Type........External Type 2 NSF Support........Disabled NSF Restart Interval......120 seconds NSF Helper Support......Always NSF Helper Strict LSA Checking....Enabled OSPFv3 Commands...
Page 973: Show Ipv6 Ospf Abr
show ipv6 ospf abr This command displays the internal OSPFv3 routes to reach Area Border Routers (ABR). This command takes no options. Syntax show ipv6 ospf abr Default Configuration This command has no default configuration. Command Mode User EXEC mode. User Guidelines This command has no user guidelines.
Page 974: Show Ipv6 Ospf Area
show ipv6 ospf area Use the show ipv6 ospf area command in Privileged EXEC mode to display information about the area. Syntax areaid show ipv6 ospf area areaid — Identifier for the OSPF area being displayed. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode.
Page 975: Show Ipv6 Ospf Asbr
show ipv6 ospf asbr The show ipv6 ospf asbr command displays the internal OSPFv3 routes to reach Autonomous System Boundary Routes (ASBR). This command takes no options. Syntax show ipv6 ospf asbr Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode.
Page 976: Show Ipv6 Ospf Database
show ipv6 ospf database Use the show ipv6 ospf database command in Privileged EXEC mode to display information about the link state database when OSPFv3 is enabled. If no parameters are entered, the command displays the LSA headers. Optional parameters specify the type of link state advertisements to display. The information below is only displayed if OSPF is enabled.
Page 977 User Guidelines This command has no user guidelines. Example The following example displays information about the link state database when OSPFv3 is enabled. console#show ipv6 ospf database Router Link States (Area 0.0.0.0) Adv Router Link Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- -- ----- ------- 1.1.1.1...
Page 978 1.1.1.1 80000001 3970 2.2.2.2 80000001 1B8A 1.1.1.1 80000001 3529 2.2.2.2 80000001 FC5E Link States (Area 0.0.0.0) Adv Router Link Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- -- ----- ------- 1.1.1.1 80000008 2D89 V6 E--R- 2.2.2.2 8000000A 6F82 V6 E--R- 2.2.2.2 80000001 7782 V6...
Page 979 -------------- --------------- ----- -------- ---- -- ----- ------- 1.1.1.1 8000002E 35AD V 6E--R- --V-B 2.2.2.2 8000004A D2F3 V 6E--R- ----B Network Link States (Area 0.0.0.1) Adv Router Link Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- -- ----- ------- 1.1.1.1 80000001 B9E2 V 6E--R-...
Page 980: Show Ipv6 Ospf Database Database-Summary
2.2.2.2 80000003 FE6E V 6E--R- Intra Prefix States (Area 0.0.0.1) Adv Router Link Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- -- ----- ------- 1.1.1.1 8000003A 37C4 2.2.2.2 8000004F 439A 1.1.1.1 10634 80000002 440A show ipv6 ospf database database-summary Use the show ipv6 ospf database database-summary command in Privileged EXEC mode to display the number of each type of LSA in the database and the total number of LSAs in the database.
Page 981: Show Ipv6 Ospf Interface
Example The following example displays the number of each type of LSA in the database and the total number of LSAs in the database. console#show ipv6 ospf database database-summary OSPF Router with ID (0.0.0.2) Router database summary Router......... 0 Network........0 Inter-area Prefix......
Page 982 tunnel-id — Tunnel identifier. (Range: 0-7) • loopback-id — Loopback identifier. (Range: 0-7) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the information in VLAN 11’s virtual interface tables.
Page 983: Show Ipv6 Ospf Interface Brief
Metric Cost........10 (computed) OSPF Mtu-ignore........ Disable OSPF cannot be initialized on this interface. show ipv6 ospf interface brief Use the show ipv6 ospf interface brief command in Privileged EXEC mode to display brief information for the IFO object or virtual interface tables. Syntax show ipv6 ospf interface brief Default Configuration...
Page 984: Show Ipv6 Ospf Interface Stats
show ipv6 ospf interface stats Use the show ipv6 ospf interface stats command in User EXEC mode to display the statistics for a specific interface. The command only displays information if OSPF is enabled. Syntax vlan-id show ipv6 ospf interface stats vlan vlan-id —...
Page 985 OSPF Interface Events......53 Virtual Events......... 13 Neighbor Events........ 6 External LSA Count......0 LSAs Received........660 Originate New LSAs......853 Sent Packets........1013 Received Packets....... 893 Discards........48 Bad Version........0 Virtual Link Not Found......9 Area Mismatch........39 Invalid Destination Address....
Page 986: Show Ipv6 Ospf Interface Vlan
show ipv6 ospf interface vlan Use the show ipv6 ospf interface vlan command in Privileged EXEC mode to display OSPFv3 configuration and status information for a specific vlan. Syntax vlan-id show ipv6 ospf interface vlan { | brief } vlan-id — Valid VLAN ID. Range is 1-4093. •...
Page 987: Show Ipv6 Ospf Neighbor
LSA Ack Interval......1 Iftransit Delay Interval....1 Authentication Type...... None Metric Cost......10 (computed) OSPF Mtu-ignore......Disable OSPF Interface Type...... broadcast State........backup- designated-router Designated Router......1.1.1.1 Backup Designated Router....2.2.2.2 Number of Link Events....46 show ipv6 ospf neighbor Use the show ipv6 ospf neighbor command in Privileged EXEC mode to display information about OSPF neighbors.
Page 988 Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Examples The following examples display information about OSPF neighbors, in the first case in a summary table, and in the second in a table specific to tunnel 1. console#show ipv6 ospf neighbor Router ID Priority Intf Interface...
Page 989: Show Ipv6 Ospf Range
Authentication Type......None Metric Cost........1 (computed) OSPF Mtu-ignore........ Disable OSPF cannot be initialized on this interface. show ipv6 ospf range Use the show ipv6 ospf range command in Privileged EXEC mode to display information about the area ranges for the specified area identifier. Syntax areaid show ipv6 ospf range...
Page 990: Show Ipv6 Ospf Stub Table
show ipv6 ospf stub table Use the show ipv6 ospf stub table command in Privileged EXEC mode to display the OSPF stub table. The information below will only be displayed if OSPF is initialized on the switch. Syntax show ipv6 ospf stub table Default Configuration This command has no default configuration.
Page 991 Syntax areaid neighbor show ipv6 ospf virtual-link areaid — Identifies the OSPF area whose virtual interface information is • being displayed. neighbor — Router ID of neighbor. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines.
Page 992: Show Ipv6 Ospf Virtual-Link Brief
show ipv6 ospf virtual-link brief Use the show ipv6 ospf virtual-link brief command in Privileged EXEC mode to display the OSPFV3 Virtual Interface information for all areas in the system. Syntax show ipv6 ospf virtual-link brief Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode.
Page 993: Pim-Dm Commands
PIM-DM Commands This chapter explains the following commands: • ip pimdm • show ip pimdm • show ip pimdm interface • show ip pimdm neighbor PIM-DM Commands...
Page 994: Show Ip Pimdm
ip pimdm Use the ip pimdm command in Global Configuration mode to enable the administrative mode of PIM-DM in the router. Syntax ip pimdm no ip pimdm Default Configuration Disabled is the default state. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
Page 995: Show Ip Pimdm Interface
User Guidelines This command has no user guidelines. Example The following example displays system-wide information for PIM-DM. console(config)#show ip pimdm Admin Mode........Disable PIM-DM INTERFACE STATUS Interface Interface Mode Protocol State --------- --------------- --------------- show ip pimdm interface Use the show ip pimdm interface command in Privileged EXEC mode to display interface information for PIM-DM on the specified interface.
Page 996: Show Ip Pimdm Neighbor
Interface Mode......... Disable Hello Interval (secs)......30 show ip pimdm neighbor Use the show ip pimdm neighbor command in Privileged EXEC mode to display the neighbor information for PIM-DM on the specified interface. Syntax vlan-id show ip pimdm neighbor [ interface vlan | all] vlan-id —...
Page 997: Pim-Sm Commands
PIM-SM Commands This chapter explains the following commands: • ip pimsm • ip pimsm spt-threshold • ip pim-trapflags • show ip pimsm • show ip pimsm interface • show ip pimsm neighbor • show ip pimsm rphash PIM-SM Commands...
Page 998: Ip Pimsm Spt-Threshold
ip pimsm Use the ip pimsm command in Global Configuration mode to set administrative mode of PIM-SM multicast routing across the router to enabled. IGMP must be enabled before PIM-SM can be enabled. Syntax ip pimsm no ip pimsm Default Configuration PIM-SM is disabled by default.
Page 999: Ip Pim-Trapflags
Default Configuration 50 kilobits/sec is the default rate. Command Mode Global Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures a threshold rate of 100 kilobits/sec. console(config)#ip pimsm spt-threshold 100 ip pim-trapflags Use the ip pim-trapflags command in Global Configuration mode to enable the PIM trap mode for both Sparse Mode (SM) and Dense Mode (DM).
Page 1000: Show Ip Pimsm
show ip pimsm Use the show ip pimsm command in Privileged EXEC mode to display the system-wide information for PIM-SM. Syntax show ip pimsm Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays the system-wide information for PIM-SM.

This manual is also suitable for:

Powerconnect 6224p Powerconnect 6224f Powerconnect 6248 Powerconnect 6248p

Dell PowerConnect 6224 Command Line Interface Manual

1 Command Groups

3 Layer 2 Commands

6 Address Table Commands

7 CDP Interoperability Commands

10 Dynamic ARP Inspection Commands

13 IGMP Snooping Commands

14 IGMP Snooping Querier Commands

17 Ipv6 MLD Snooping Querier Commands

25 Spanning Tree Commands

26 Switchport Voice Commands

29 Voice VLAN Commands

33 DHCP and BOOTP Relay Commands

31 Layer 3 Commands

37 IGMP Proxy Commands

2 Using the CLI

4 AAA Commands

5 ACL Commands

8 DHCP Layer 2 Relay Commands

9 DHCP Snooping Commands

11 Ethernet Configuration Commands

Quick Links

CLI Reference Guide

Related Manuals for Dell PowerConnect 6224

Summary of Contents for Dell PowerConnect 6224