Cisco Sx350 Cli Manual
  1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Switch
  5. Sx350
  6. Cli manual

Cisco Sx350 Cli Manual

Hide thumbs Also See for Sx350:
1
Table Of Contents
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
Table of Contents

Advertisement

Quick Links

Download this manual
CLI GUIDE
Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface
Reference Guide

Advertisement

Table of Contents
loading

Related Manuals for Cisco Sx350

Summary of Contents for Cisco Sx350

  • Page 1 CLI GUIDE Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 2: Table Of Contents

    ..............101 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 3 ..........162 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 4 ............. . 212 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 5 ..............268 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 6 ............316 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 7 ............. . 361 DNS Client Commands .................. 363 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 8 ............. . . 412 File System Commands ................417 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 9 ..............471 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 10 ................515 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 11 ............. 579 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 12 (VLAN mode) ......... . . 650 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 13 ............713 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 14 ............... . . 761 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 15 ............821 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 16 ..............867 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 17 ............. . 917 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 18 ..............972 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 19 ..............1024 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 20 ............1085 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 21 ........... . 1145 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 22 ............... 1194 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 23 ..................1239 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 24 ............1283 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 25 ............... . 1320 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 26 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 27: Introduction

    These modes are described in CLI Command Modes. Users are assigned privilege levels. Each user privilege level can access specific CLI modes. User levels are described in the section below. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 28 15, can create users at this level. Example—Create passwords for level 7 and 15 (by the administrator): switchxxxxxx#configure switchxxxxxx<conf># enable password level 7 level7@abc switchxxxxxx<conf># enable password level 15 level15@abc switchxxxxxx<conf># Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 29: Cli Command Modes

    Entering a question mark at the console prompt displays a list of available commands for the current mode and for the level of the user. Specific commands are used to switch from one mode to another. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 30 Global Configuration mode prompt, consisting of the device host name followed by (config)#, is displayed: switchxxxxxx(config)# Use any of the following commands to return from Global Configuration mode to the Privileged EXEC mode: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 31 Interface—Contains commands that configure a specific interface (port, VLAN, port channel, or tunnel) or range of interfaces. The Global Configuration mode command interface is used to enter the Interface Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 32: Accessing The Cli

    Using SSH from an application that supports SSH client running on a computer with a network connection to the switch. Telnet and SSH are disabled by default on the switch. NOTE Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 33 Click Enter twice, so that the device sets the serial port speed to match the PC's serial port speed. When the CLI appears, enter cisco at the User Name prompt and then enter cisco for the Password prompt. The switchxxxxxx# prompt is displayed. You can now enter CLI commands to manage the switch.

  • Page 34: Cli Command Conventions

    | character. One option must be selected. For example, flowcontrol {auto|on|off} means that for the flowcontrol command, either auto, on, or off must be selected. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 35: Editing Features

    For example, to set a password for the administrator, enter: switchxxxxxx(config)# username admin password alansmith When working with the CLI, the command options are not displayed. The standard command to request help is ?. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 36: Terminal Command Buffer

    By default, the history buffer system is enabled, but it can be disabled at any time. For more information on enabling or disabling the history buffer, refer to the history command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 37: Command Completion

    Repeating the key sequence will recall successively more recent commands. Ctrl+A Moves the cursor to the beginning of the command line. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 38: Copying And Pasting Text

    Gigabit Ethernet (10/100/1000 kbits) ports—These can be written as either GigabitEthernet or gi or GE. • —LAG (Port Channel)—Written as either Port-Channel or po. • VLAN—Written as VLAN • Tunnel—Written as tunnel or tu Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 39 ]<first-port-channel-number>[ - <last-port-channel-number>] | tunnel[ ]<first-tunnel-number>[ - <last-tunnel-number>] | vlan[ ]<first-vlan-id>[ - <last-vlan-id>] A sample of this command is shown in the example below: switchxxxxxx#configure switchxxxxxx(config-if)#interface range gi1-5 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 40 If the egress interface is not specified, the default interface is selected. Specifying egress interface = 0 is equal to not defining an egress interface. The following combinations are possible: • ipv6_address%egress-interface—Refers to the IPv6 address on the interface specified. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 41: Loopback Interface

    This is the definition of the IP configuration when the device is in layer 2 mode: • Only one loopback interface is supported. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 42 Start output from the first line that has a sequence of characters matching the given regular expression pattern • include: Includes only lines that have a sequence of characters matching the given regular expression pattern. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 43 Matches 0 or more sequences of the pattern. Matches 1 or more sequences of the pattern. Matches 0 or 1 occurrences of the pattern. Matches the beginning of the string. Matches the end of the string. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 44 The following example matches any letter except the ones listed: [^a-dqsv] The following example matches anything except a right square bracket (]) or the letter d: [^\]d] Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 45 Matches 1 or more single-character or multiple-character patterns. Matches 0 or 1 occurrences of a single-character or multiple-character pattern. The following example matches any number of occurrences of the letter a, including none: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 46 (| ) . Only one of the alternatives can match the string. For example, the regular expression codex|telebit either matches the string codex or the string telebit, but not both codex and telebit. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 47 For example, the expression [^abcd] indicates a range that matches any single letter, as long as it is not the letters a, b, c, or d. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 48: Acl Commands

    An IPv4 ACL is defined by a unique name. IPv4 ACL, IPv6 ACL, MAC ACL or policy maps cannot have the same name. Example switchxxxxxx(config)# ip access-list extended server switchxxxxxx(config-ip-al)# Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 49: Permit ( Ip )

    [log-input] icmp | source source-wildcard | destination no permit {any } {any destination-wildcard | icmp-type | icmp-code number | } [any ] [any ]] [dscp precedence number ][time-range time-range-name Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 50 —Specifies an ICMP message type for filtering ICMP packets. Enter a number or one of the following values: echo-reply, destination-unreachable, source-quench, redirect, alternate-host-address, echo-request, router-advertisement, router-solicitation, time-exceeded, parameter-problem, timestamp, timestamp-reply, information-request, Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 51 ACE containing a log-input keyword, the software might not be able to match the hardware processing rate, and not all packets will be logged. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 52: Deny ( Ip )

    | destination destination-wildcard deny {any } {any | icmp-type | icmp-code priority number | [any ] [any ]][ace-priority ] [dscp precedence number ] [time-range time-range-name ] [disable-port l og-input ] Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 53 —Wildcard bits to be applied to the source IP address. Use 1s in the bit position that you want to be ignored. • destination —Destination IP address of the packet. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 54 —List of TCP flags that should occur. If a flag should be set it is prefixed by “+”.If a flag should be unset it is prefixed by “-”. Available Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 55 ACE (in the current ACL) + 20. The ACE-priority must be unique per ACL.If the user types already existed priority, then the command is rejected. Example switchxxxxxx(config)# ip access-list extended server switchxxxxxx(config-ip-al)# deny ip 176.212.0.0 00.255.255 any Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 56: Ipv6 Access-List (Ipv6 Extended)

    (ARP), which is equivalent to the IPv6 neighbor discovery process, uses a separate data link layer protocol; therefore, by default, IPv4 ACLs implicitly allow ARP packets to be sent and received on an interface. Example switchxxxxxx(config)# ipv6 access-list acl1 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 57: Permit ( Ipv6 )

    {any | { }} {any | }}{any | destination-prefix length destination-port port-range number } {any| } [dscp number time-range-name precedence ] [time-range ] [log-input] Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 58 (42), netbios-dgm (138), netbios-ns (137), non500-isakmp (4500), ntp (123), rip (520), snmp (161), snmptrap (162), sunrpc (111), syslog (514), tacacs (49), talk (517), tftp (69), time (37), who (513), xdmcp (177). (Range: 0–65535) Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 59 If ace-priority is omitted, the system sets the rule's priority to the current highest priority ACE (in the current ACL) + 20. The ACE-priority must be unique per ACL.If the user types already existed priority, then the command is rejected. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 60: Deny ( Ipv6 )

    ] [disable-port | l og-input] source-prefix length source-port port-range no deny tcp {any | { } {any | }}{any | destination-prefix length destination-port port-range number } {any| } [dscp Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 61 (53), drip (3949), echo (7), finger (79), ftp (21), ftp-data 20), gopher (70), hostname (42), irc (194), klogin (543), kshell (544), lpd (515), nntp (119), pop2 (109), pop3 (110), smtp (25), sunrpc (1110, syslog (514), tacacs-ds Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 62 ACE. If a range of ports is used for source port it is counted again if it is also used for destination port. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 63: Mac Access-List

    Command Mode Global Configuration mode User Guidelines A MAC ACL is defined by a unique name. IPv4 ACL, IPv6 ACL, MAC ACL or policy maps cannot have the same name Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 64: Permit ( Mac )

    - Specify the priority of the access control entry (ACE) in the access control list (ACL). "1" value represents the highest priority and "2147483647" number represents the lowest priority.(Range: 1-2147483647) Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 65 Default Configuration No MAC access list is defined. Command Mode MAC Access-list Configuration mode Example switchxxxxxx(config)# mac access-list extended server1 switchxxxxxx(config-mac-al)# permit 00:00:00:00:00:01 00:00:00:00:00:ff any Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 66: Deny (Mac)

    Ethernet interface is disabled if the condition is matched. • log-input—Specifies sending an informational syslog message about the packet that matches the entry. Because forwarding/dropping is done in Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 67: Service-Acl Input

    [ ] [default-action {deny-any | permit-any}] no service-acl input Parameters • acl-name —Specifies an ACL to apply to the interface. See the user guidelines. (Range: 1–32 characters). Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 68 1. • An ACL cannot be bound as input if it has been bound as output. Example switchxxxxxx(config)# mac access-list extended server-acl Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 69: Service-Acl Output

    A MAC ACL cannot be bound on an interface together with an IPv4 ACL or IPv6 ACL. Two ACLs of the same type cannot be added to a port. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 70: Time-Range

    Use the no form of this command to remove the time range from the device. Syntax time-range time-range-name no time-range time-range-name Parameters time-range-name—Specifies the name for the time range. (Range: 1–32 characters) Default Configuration No time range is defined Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 71 • permit (IP) • deny (IP) • permit (IPv6) • deny (IPv6) • permit (MAC) • deny (MAC) Example switchxxxxxx(config)# time-range http-allowed console(config-time-range)#periodic mon 12:00 to wed 12:00 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 72: Absolute

    Default Configuration There is no absolute time when the time range is in effect. Command Mode Time-range Configuration mode Example switchxxxxxx(config)# time-range http-allowed switchxxxxxx(config-time-range)# absolute start 12:00 1 jan 2005 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 73: Periodic

    • list day-of-the-week1 —Specifies a list of days that the time range is in effect. Default Configuration There is no periodic time when the time range is in effect. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 74: Show Time-Range

    Command Mode User EXEC mode Example switchxxxxxx> show time-range http-allowed -------------- absolute start 12:00 1 Jan 2005 end 12:00 31 Dec 2005 periodic Monday 12:00 to Wednesday 12:00 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 75: Show Access-Lists

    234 172.30.40.1 0.0.0.0 any priority 20 permit 234 172.30.8.8 0.0.0.0 any priority 40 Extended IP access list ACL2 permit 234 172.30.19.1 0.0.0.255 any priority 20time-range weekdays switchxxxxxx# show access-lists ACL1 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 76: Show Interfaces Access-Lists

    Ingress: server1 Egress : ip 2.18 clear access-lists counters Use the clear access-lists counters Privileged EXEC mode command to clear access-lists (ACLs) counters. Syntax [interface-id] clear access-lists counters Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 77: Show Interfaces Access-Lists Trapped Packets

    • VLAN—Specifies a VLAN Command Mode Privileged EXEC mode User Guidelines This command shows whether packets were trapped from ACE hits with logging enable on an interface. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 78: Ip Access-List (Ip Standard)

    The any value matches all IP addresses. If is not defined, a src-len value of 32 is applied. A value of must be in the interval 1-32. Default Configuration No access list is defined. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 79 10.29.2.64 to 10.29.2.127. All IP addresses not in this range will be rejected. switchxxxxxx(config)# ip access-list apo permit 10.29.2.64/26 Note: all other access is implicitly denied. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 80: Ipv6 Access-List (Ip Standard)

    IPv6 address based on a matching condition. An implicit deny is applied to address that does not match any access-list entry. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 81 The following example of an access list allows only the one specified prefix: Any IPv6 address that does not match the access list statements will be rejected. switchxxxxxx(config)# ipv6 access-list 1 permit 3001::2/64 Note: all other access implicitly denied. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 82: Commands

    You can select either authentication by a RADIUS server, no authentication (none), or both methods. If you require that authentication succeeds even if no RADIUS server response was received, specify none as the final method in the command line. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 83: Authentication Open

    In the mode the switch performs failure replies received from a Radius server as success. Example The following example enables open mode on interface gi11: switchxxxxxx(config)# interface gi11 switchxxxxxx(config-if)# authentication open Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 84: Clear Dot1X Statistics

    To specify web-based page customizing, the data command is used in Web-Based Page Customization Configuration mode. Syntax value data Parameters • value —String of hexadecimal digit characters up to 320 characters. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 85 Example 2 —The following example shows how Web-Based Page customization is displayed when running the show running-config command: switchxxxxxx# show running-config dot1x page customization data ******** exit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 86: Dot1X Auth-Not-Req

    Interface (VLAN) Configuration mode User Guidelines The guest VLAN cannot be configured as unauthorized VLAN. Example The following example enables unauthorized devices access to VLAN 5. switchxxxxxx(config)# interface vlan switchxxxxxx(config-if)# dot1x auth-not-req Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 87: Dot1X Authentication

    If a dynamic MAC address authenticated by MAC-based authentication is changed to a static one, it will not be manually re-authenticated. b. Removing a dynamic MAC address authenticated by the MAC-based authentication causes its re-authentication. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 88: Dot1X Guest-Vlan

    A device can have only one global guest VLAN. The guest VLAN must be a static VLAN and it cannot be removed. An unauthorized VLAN cannot be configured as guest VLAN. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 89: Dot1X Guest-Vlan Enable

    This command cannot be configured if the monitoring VLAN is enabled on the interface. If the port does not belong to the guest VLAN itThe port is added to the guest VLAN as an egress untagged port. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 90: Dot1X Guest-Vlan Timeout

    —Specifies the time delay in seconds between enabling 802.1X (or port up) and adding the port to the guest VLAN. (Range: 30–180). Default Configuration The guest VLAN is applied immediately. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 91: Dot1X Host-Mode

    Parameters • multi-host—Enable multiple-hosts mode. • single-host—Enable single-hosts mode. • multi-sessions—Enable multiple-sessions mode. Default Configuration Default mode is multi-host. Command Mode Interface (Ethernet) Configuration mode User Guidelines Single-Host Mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 92 (session-based mode). If the multi-sessions mode is configured on a port the port does have any authentication status. Any number of hosts can be Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 93 The MAC address will be removed after the aging timeout expires. Example switchxxxxxx(config)# interface gi11 switchxxxxxx(config-if)# dot1x host-mode multi-host Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 94: Dot1X Max-Hosts

    This command is relevant only for multi-session mode. Example The following example limits the maximum number of authorized hosts on Ethernet port gi11 to 6: switchxxxxxx(config)# interface gi11 switchxxxxxx(config-if)# dot1x max-hosts Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 95: Dot1X Max-Login-Attempts

    The command is applied only to the Web-based authentication. Example The following example sets maximum number of allowed login attempts to 5: switchxxxxxx(config)# interface gi11 switchxxxxxx(config-if)# dot1x max-login-attempts 5 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 96: Dot1X Max-Req

    Example The following example sets the maximum number of times that the device sends an EAP request/identity frame to 6. switchxxxxxx(config)# interface gi11 switchxxxxxx(config-if)# dot1x max-req Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 97: Dot1X

    A user must customize the web-based authentication pages by using the browser Interface. Example The following example shows part of a web-based page customization configuration: switchxxxxxx(config)# dot1x page customization switchxxxxxx(config-web-page)# data 1feabcde switchxxxxxx(config-web-page)# data 17645874 switchxxxxxx(config-web-page)# exit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 98: Dot1X Port-Control

    Note. It is recommended to disable spanning tree or to enable spanning-tree PortFast mode on 802.1X edge ports in auto state that are connected to end Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 99: Dot1X Radius-Attributes Vlan

    RADIUS server authorized the supplicant, but did not provide a supplicant VLAN, the supplicant is accepted. Default Configuration reject Command Mode Interface (Ethernet) Configuration mode User Guidelines If RADIUS provides invalid VLAN information, the authentication is rejected. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 100 To manually re-authenticate, use the dot1x re-authenticate command. The command cannot be configured on a port if it together with • WEB-Based authentication • Multicast TV-VLAN • Q-in-Q • Voice VLAN Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 101: Dot1X Re-Authenticate

    [ interface-id Parameters • interface-id —Specifies an Ethernet port. Default Configuration If no port is specified, command is applied to all ports. Command Mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 102: Dot1X Reauthentication

    3.19 dot1x system-auth-control To enable 802.1X globally, use the dot1x system-auth-control command in Global Configuration mode. To restore the default configuration, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 103: Dot1X Timeout Quiet-Period

    Parameters • seconds —Specifies the time interval in seconds that the device remains in a quiet state following a failed authentication exchange with a client. (Range: 10–65535 seconds). Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 104: Dot1X Timeout Reauth-Period

    To set the number of seconds between re-authentication attempts, use the dot1x timeout reauth-period command in Interface Configuration mode. To restore the default configuration, use the no form of this command. Syntax seconds dot1x timeout reauth-period Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 105: Dot1X Timeout Server-Timeout

    Parameters • seconds server-timeout —Specifies the time interval in seconds during which the device waits for a response from the authentication server. (Range: 1–65535 seconds). Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 106: Dot1X Timeout Silence-Period

    Parameters • seconds —Specifies the silence interval in seconds. The valid range is 60 - 65535. Default Configuration The silence period is not limited. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 107: Dot1X Timeout Supp-Timeout

    EAP request frame from the client before resending the request. (Range: 1–65535 seconds). Default Configuration The default timeout period is 30 seconds. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 108: Dot1X Timeout Tx-Period

    —Specifies the time interval in seconds during which the device waits for a response to an EAP-request/identity frame from the client before resending the request. (Range: 30–65535 seconds). Default Configuration The default timeout period is 30 seconds. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 109: Dot1X Traps Authentication Failure

    Parameters • 802.1x—Enables traps for 802.1X-based authentication. • mac—Enables traps for MAC-based authentication. • web—Enables traps for WEB-based authentication. Default Configuration All traps are disabled. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 110: Dot1X Traps Authentication Quiet

    Global Configuration mode. To disable the traps, use the no form of this command. Syntax dot1x traps authentication quiet no dot1x traps authentication quiet Parameters Default Configuration Quiet traps are disabled. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 111: Dot1X Traps Authentication Success

    • 802.1x—Enables traps for 802.1X-based authentication. • mac—Enables traps for MAC-based authentication. • web—Enables traps for WEB-based authentication. Default Configuration Success traps are disabled. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 112: Dot1X Unlock Client

    Use this command to unlock a client that was locked after the maximum allowed authentication failed attempts and to end the quiet period. If the client is not in the quiet period, the command has no affect. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 113: Dot1X Violation-Mode

    If seconds = 0 traps are disabled. If the parameter is not specified, it defaults to 1 second for the restrict mode and 0 for the other modes. Default Configuration Protect Command Mode Interface (Ethernet) Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 114: Show Dot1X

    Display for all ports. If detailed is not used, only present ports are displayed. Command Mode Privileged EXEC mode Example The following example displays authentication information for all interfaces on which 802.1x is enabled: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 115 Quiet Period: 60 sec Interfaces 802.1X-Based Parameters Tx period: 30 sec Supplicant timeout: 30 sec max-req: 2 Authentication success: 9 Authentication fails: 1 Number of Authorized Hosts: 10 gi12 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 116 Silence period: 1800 sec Quiet Period: 60 sec Interfaces 802.1X-Based Parameters Tx period: 30 sec Supplicant timeout: 30 sec max-req: 2 Authentication success: 2 Authentication fails: 0 gi13 Host mode: multi-host Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 117 Interfaces 802.1X-Based Parameters Tx period: 30 sec Supplicant timeout: 30 sec max-req: 2 Authentication success: 20 Authentication fails: 0 Host mode: multi-host Authentication methods: 802.1x+mac Port Adminstrated status: force-auto Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 118 2 Authentication success: 0 Authentication fails: 0 Supplicant Configuration: retry-max: 2 EAP time period: 15 sec Supplicant Held Period: 30 sec Credentials Name: Basic-User Supplicant Operational status: authorized Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 119 Number of seconds that the device waits for a response from the authentication server before resending the request. • — Session Time Amount of time (HH:MM:SS) that the user is logged in. • — MAC address Supplicant MAC address. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 120: Show Dot1X Locked Clients

    Examples The following example displays locked clients: Example 1 switchxxxxxx# show dot1x locked clients Port MAC Address Remaining Time -------------- -------------- ------- gi11 0008.3b79.8787 gi11 0008.3b89.3128 gi12 0008.3b89.3129 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 121: Show Dot1X Statistics

    EapolFramesRx: 11 EapolFramesTx: 12 EapolStartFramesRx: 1 EapolLogoffFramesRx: 1 EapolRespIdFramesRx: 3 EapolRespFramesRx: 6 EapolReqIdFramesTx: 3 EapolReqFramesTx: 6 InvalidEapolFramesRx: 0 EapLengthErrorFramesRx: 0 LastEapolFrameVersion: 1 LastEapolFrameSource: 00:08:78:32:98:78 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 122 Packet Body Length field is invalid. LastEapolFrameVersion Protocol version number carried in the most recently received EAPOL frame. LastEapolFrameSource Source MAC address carried in the most recently received EAPOL frame. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 123: Show Dot1X Users

    Allan 0008.3b79.8787 Remote 00:11:12 gi12 John 0008.3baa.0022 Remote 00:27:16 gi12 Example 2. The following example displays 802.1X user with supplicant username Bob: switchxxxxxx# show dot1x users username Bob Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 124 802.1X Commands Port Udsername MAC Address Auth Auth Session VLAN Method Server Time ---------------- --------------- -------------------- ---------- --------- ---------- ------- 0008.3b71.1111 802.1x Remote 09:01:00 1020 gi11 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 125: Address Table Commands

    All registered Multicast addresses will be forwarded to the Multicast groups. There are two ways to manage Multicast groups, one is the IGMP Snooping feature, and the other is the bridge multicast forward-all command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 126: Bridge Multicast Mode

    Interface (VLAN) Configuration mode User Guidelines Use the mac-group option when using a network management system that uses a MIB based on the Multicast MAC address. Otherwise, it is recommended to use Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 127 If an application on the device requests (*,G), the operating FDB mode is changed ipv4-group. Example The following example configures the Multicast bridging mode as an mac-group on VLAN 2. switchxxxxxx(config)# interface vlan 2 switchxxxxxx(config-if)# bridge multicast mode mac-group Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 128: Bridge Multicast Address

    To register the group in the bridge database without adding or removing ports or port channels, specify the mac-multicast-address parameter only. Static Multicast addresses can be defined on static VLANs only. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 129: Bridge Multicast Forbidden Address

    Parameters • mac-multicast-address | ipv4-multicast-address—Specifies the group Multicast address. • add—Forbids adding ports to the group. • remove—Forbids removing ports from the group. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 130: Bridge Multicast Ip-Address

    IInterface (VLAN) Configuration mode command. To unregister the IP address, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 131 Static Multicast addresses can be defined on static VLANs only. You can execute the command before the VLAN is created. Example The following example registers the specified IP address to the bridge table: switchxxxxxx(config)# interface vlan 8 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 132: Bridge Multicast Forbidden Ip-Address

    —(Optional) Specifies a list of port channels. Separate nonconsecutive port-channels with a comma and no spaces. Use a hyphen to designate a range of port channels. Default Configuration No forbidden addresses are defined. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 133: Bridge Multicast Source Group

    IP Multicast address. • add—(Optional) Adds ports to the group for the specific source IP address. • remove—(Optional) Removes ports from the group for the specific source IP address. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 134: Bridge Multicast Forbidden Source Group

    Syntax source ip-address group ip-multicast-address {add | bridge multicast forbidden port-channel-list remove} {ethernet interface-list | port-channel ip-address ip-multicast-address no bridge multicast forbidden source group Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 135 VLAN 8: switchxxxxxx(config)# interface vlan 8 switchxxxxxx(config-if)# bridge multicast source 13.16.1.1 group 239.2.2.2 switchxxxxxx(config-if)# bridge multicast forbidden source 13.16.1.1 group 239.2.2.2 add gi14 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 136: Bridge Multicast Ipv6 Mode

    The default mode is mac-group. Command Mode Interface (VLAN) Configuration mode User Guidelines Use the mac-group mode when using a network management system that uses a MIB based on the Multicast MAC address. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 137 You can execute the command before the VLAN is created. Example The following example configures the Multicast bridging mode as an ip-group on VLAN 2. switchxxxxxx(config)# interface vlan 2 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 138: Bridge Multicast Ipv6 Ip-Address

    Separate nonconsecutive port-channels with a comma and no spaces. Use a hyphen to designate a range of port channels. Default Configuration No Multicast addresses are defined. The default option is add. Command Mode Interface (VLAN) Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 139: Bridge Multicast Ipv6 Forbidden Ip-Address

    { } {add | interface-list | port-channel-list remove} {ethernet port-channel ipv6-multicast-address no bridge multicast ipv6 forbidden ip-address Parameters • ipv6-multicast-address—Specifies the group IPv6 Multicast address. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 140: Bridge Multicast Ipv6 Source Group

    To register a source IPv6 address - Multicast IPv6 address pair to the bridge table, and statically add or remove ports to or from the source-group, use the bridge Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 141 The default option is add. Command Mode Interface (VLAN) Configuration mode Example The following example registers a source IPv6 address - Multicast IPv6 address pair to the bridge table: switchxxxxxx(config)# interface vlan 8 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 142: Bridge Multicast Ipv6 Forbidden Source Group

    —Specifies a list of port channels. Separate nonconsecutive port-channels with a comma and no spaces; use a hyphen to designate a range of port channels. Default Configuration No forbidden addresses are defined. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 143: Bridge Multicast Unregistered

    Syntax bridge multicast unregistered {forwarding | filtering} no bridge multicast unregistered Parameters • forwarding—Forwards unregistered Multicast packets. • filtering—Filters unregistered Multicast packets. Default Configuration Unregistered Multicast addresses are forwarded. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 144: Bridge Multicast Forward-All

    Multicast packets. • interface-list ethernet —Specifies a list of Ethernet ports. Separate nonconsecutive Ethernet ports with a comma and no spaces. Use a hyphen to designate a range of ports. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 145: Bridge Multicast Forbidden Forward-All

    Multicast packets. • interface-list ethernet —Specifies a list of Ethernet ports. Separate nonconsecutive Ethernet ports with a comma and no spaces. Use a hyphen to designate a range of ports. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 146: Bridge Unicast Unknown

    Interface (Ethernet, Port Channel) Configuration mode command. To restore the default configuration, use the no form of this command. Syntax bridge unicast unknown {filtering | forwarding} no bridge unicast unknown Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 147: Show Bridge Unicast Unknown

    [ interface-id Parameters interface-id —(Optional) Specify an interface ID. The interface ID can be one of the following types: Ethernet port or port-channel Command Mode Privileged EXEC mode Example Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 148: Mac Address-Table Static

    • delete-on-reset—(Optional)The delete-on-reset static MAC address. • delete-on-timeout—(Optional)The delete-on-timeout static MAC address. • secure—(Optional)The secure MAC address. May be used only in a secure mode. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 149 A secure MAC address may be added only in a secure port mode. • dynamic— a MAC address learned by the switch in non-secure mode. A value of its time-to-live attribute is delete-on-timeout. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 150: Clear Mac Address-Table

    To remove learned or secure entries from the forwarding database (FDB), use the clear mac address-table Privileged EXEC mode command. Syntax interface-id clear mac address-table dynamic interface interface-id clear mac address-table secure interface Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 151: Mac Address-Table Aging-Time

    To set the aging time of the address table, use the mac address-table aging-time Global configuration command. To restore the default, use the no form of this command. Syntax seconds mac address-table aging-time no mac address-table aging-time Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 152: Port Security

    —(Optional) Sends SNMP traps and specifies the minimum time interval in seconds between consecutive traps. (Range: 1–1000000) Default Configuration The feature is disabled by default. The default mode is discard. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 153: Port Security Mode

    To configure the port security learning mode, use the port security mode Interface (Ethernet, Port Channel) Configuration mode command. To restore the default configuration, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 154 The static MAC addresses may be added on the port manually by the address-table static command. The command may be used only when the interface in the regular (non-secure with unlimited MAC learning) mode. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 155: Port Security Max

    —Specifies the maximum number of addresses that can be learned on the port. (Range: 0–256) Default Configuration This default maximum number of addresses is 1. Command Mode Interface (Ethernet, Port Channel) Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 156: Show Mac Address-Table

    —(Optional) Displays entries for a specific interface ID. The interface ID can be one of the following types: Ethernet port or port-channel. • mac-address address —(Optional) Displays entries for a specific MAC address. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 157 Example 2 - Displays address table entries containing the specified MAC address. switchxxxxxx# show mac address-table address 00:3f:bd:45:5a:b1 Aging time is 300 sec VLAN MAC Address Port Type -------- --------------------- ---------- ---------- 00:3f:bd:45:5a:b1 static gi14 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 158: Show Mac Address-Table Count

    4.27 show bridge multicast mode To display the Multicast bridging mode for all VLANs or for a specific VLAN, use the show bridge multicast mode Privileged EXEC mode command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 159: Show Bridge Multicast Address-Table

    [vlan vlan-id show bridge multicast address-table [vlan ] [address mac-multicast-address ] [format {ip | mac}] vlan-id show bridge multicast address-table [vlan ] [address ipv4-multicast-address] [source ipv4-source-address Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 160 If VLAN ID is not entered, entries for all VLANs are displayed. If MAC or IP address is not supplied, entries for all addresses are displayed. Command Mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 161 Multicast address table for VLANs in IPv4-GROUP bridging mode: Vlan MAC Address Type Ports ---- ----------------- -------------- ----- 224.0.0.251 Dynamic gi12 Forbidden ports for Multicast addresses: Vlan MAC Address Ports ---- ----------------- ----- 232.5.6.5 233.22.2.6 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 162 ---- --------------- --------------- -------- ------------------ ff02::4:4:4 Static gi11-2,gi13,Po1 ff02::4:4:4 fe80::200:7ff: Static fe00:200 Forbidden ports for Multicast addresses: Vlan Group Address Source address Ports ---- --------------- --------------- ---------- ff02::4:4:4 gi14 ff02::4:4:4 fe80::200:7ff:f gi14 e00:200 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 163: Show Bridge Multicast Address-Table Static

    Specifies the source IPv4 address. ipv6-address—(Optional) Specifies the source IPv6 address. Default Configuration When all/mac/ip is not specified, all entries (MAC and IP) will be displayed. Command Mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 164 IPv4-SRC-GROUP Table: Vlan Group Address Source address Ports ---- --------------- --------------- ------ Forbidden ports for multicast addresses: Vlan Group Address Source address Ports ---- --------------- --------------- ------ IPv6-GROUP Table Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 165: Show Bridge Multicast Filtering

    To display the Multicast filtering configuration, use the show bridge multicast filtering Privileged EXEC mode command. Syntax vlan-id show bridge multicast filtering Parameters vlan-id—Specifies the VLAN ID. (Range: Valid VLAN) Default Configuration None Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 166: Show Bridge Multicast Unregistered

    —(Optional) Specifies an interface ID. The interface ID can be one of the following types: Ethernet port or Port-channel. Default Configuration Display for all interfaces. Command Mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 167: Show Ports Security

    Display for all interfaces. If detailed is not used, only present ports are displayed. Command Mode Privileged EXEC mode Example The following example displays the port-lock status of all ports. switchxxxxxx# show ports security Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 168: Show Ports Security Addresses

    —(Optional) Specifies an interface ID. The interface ID can be one of the following types: Ethernet port or port-channel. • detailed—(Optional) Displays information for non-present ports in addition to present ports. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 169: Bridge Multicast Reserved-Address

    Syntax mac-multicast-address ethtype bridge multicast reserved-address [ethernet-v2 | llc-snap ] {discard | bridge} mac-multicast-address no bridge multicast reserved-address [ethernet-v2 ethtype sap | | llc llc-snap Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 170 MAC address. Specific configurations (that contain service type) have precedence over less specific configurations (contain only MAC address). The packets that are bridged are subject to security ACLs. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 171: Show Bridge Multicast Reserved-Addresses

    Command Mode Privileged EXEC mode Example switchxxxxxx # show bridge multicast reserved-addresses MAC Address Frame Type Protocol Action ------------------ ----------- -------------- ------------ 01-80-C2-00-00-00 LLC-SNAP 00-00-0C-01-29 Bridge Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 172: Authentication, Authorization And Accounting (Aaa) Commands

    Keyword Description enable Uses the enable password for authentication. line Uses the line password for authentication. local Uses the locally-defined usernames for authentication. none Uses no authentication. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 173: Aaa Authentication Enable

    The aaa authentication enable Global Configuration mode command sets one or more authentication methods for accessing higher privilege levels. To restore the default authentication method, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 174 On a console, the enable password is used if a password exists. If no password is set, authentication still succeeds. This is the same as entering the command aaa authentication enable default enable none. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 175: Login Authentication

    Telnet or console session. Use the no form of this command to restore the default authentication method. Syntax list-name login authentication {default | no login authentication Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 176: Enable Authentication

    Telnet or console. Use the no form of this command to restore the default authentication method. Syntax list-name} enable authentication {default | Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 177: Ip Http Authentication

    The ip http authentication Global Configuration mode command specifies authentication methods for HTTP server access. Use the no form of this command to restore the default authentication method. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 178 The command is relevant for HTTP and HTTPS server users. Example The following example specifies the HTTP access authentication methods. switchxxxxxx(config)# ip http authentication aaa login-authentication radius local none Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 179: Show Authentication Methods

    The following example displays the authentication configuration: switchxxxxxx# show authentication methods Login Authentication Method Lists --------------------------------- Default: Radius, Local, Line Console_Login: Line, None Enable Authentication Method Lists ---------------------------------- Default: Radius, Enable Console_Enable(with authorization): Enable, None Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 180: Password

    Default Configuration No password is defined. Command Mode Line Configuration Mode Example The following example specifies the password ‘secret’ on a console. switchxxxxxx(config)# line console Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 181: Enable Password

    If the administrator wants to manually copy a password that was configured on one switch (for instance, switch B) to another switch (for instance, switch A), the Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 182: Service Password-Recovery

    The following log message is generated to the terminal: “All the configuration and user files were removed”. Syntax service password-recovery no service password-recovery Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 183 Note that choosing to use Password recovery option in the Boot Menu during the boot process will remove the configuration files and the user files. Would you like to continue ? Y/N. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 184: Username

    Global Configuration mode Usage Guidelines The last level 15 user (regardless of whether it is the default user or any user) cannot be removed and cannot be a remote user. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 185: Show Users Accounts

    The show users accounts Privileged EXEC mode command displays information about the users local database. Syntax show users accounts Parameters Default Configuration Command Mode Privileged EXEC mode Example The following example displays information about the users local database: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 186: Aaa Accounting Login

    Parameters • group radius—Uses a RADIUS server for accounting. • group tacacs+—Uses a TACACS+ server for accounting. Default Configuration Disabled Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 187 A unique accounting identifier. (44) Acct-Authentic (45) Indicates how the supplicant was authenticated. Acct-Session-Time Indicates how long the user was (46) logged in. Acct-Terminate-Cau Reports why the session was se (49) terminated. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 188: Aaa Accounting Dot1X

    Configuration mode command. Use the no form of this command to disable accounting. Syntax aaa accounting dot1x start-stop group radius no aaa accounting dot1x start-stop group radius Parameters Default Configuration Disabled Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 189 The arbitrary value that is included in all accounting packets for a specific session. Called-Station-ID (30) The switch MAC address. Calling-Station-ID (31) The supplicant MAC address. Acct-Session-ID (44) A unique accounting identifier. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 190: Show Accounting

    The show accounting EXEC mode command displays information as to which type of accounting is enabled on the switch. Syntax show accounting Parameters Default Configuration Command Mode User EXEC mode Example The following example displays information about the accounting status. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 191: Passwords Complexity Enable

    Contains no character that is repeated more than 3 times consecutively. • Does not repeat or reverse the user name or any variant reached by changing the case of the characters. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 192: Passwords Complexity

    Use the no form of these commands to return to default. Syntax passwords complexity {min-length number } | {min-classes number } | not-current | number {no-repeat } | not-username | not-manufacturer-name Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 193 All the other controls are enabled by default. Command Mode Global Configuration mode Example The following example configures the minimal required password length to 8 characters. passwords complexity min-length 8 switchxxxxxx(config)# Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 194: Passwords Aging

    The following example configures the aging time to be 24 days. passwords aging switchxxxxxx(config)# 5.18 show passwords configuration The show passwords configuration Privileged EXEC mode command displays information about the password management configuration. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 195 New password must be different than the user name: Enabled New password must be different than the manufacturer name: Enabled Enable Passwords Level ----- Line Passwords Line ----- Console Telnet Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 196 Authentication, Authorization and Accounting (AAA) Commands Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 197: Auto-Update And Auto-Configuration

    (Range: 1-16 characters) Default Configuration Enabled by default with the auto option. Command Mode Global Configuration mode User Guidelines The TFTP or SCP protocol is used to download/upload a configuration file. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 198: Boot Host Auto-Update

    (Default)—Auto-configuration uses the TFTP or SCP protocol depending on the Indirect image file's extension. If this option is selected, the extension parameter may be specified or, if not, the default extension is used. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 199: Show Boot

    Use the show boot Privilege EXEC mode command to show the status of the IP DHCP Auto Config process. Syntax show boot Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 200 Image Download via DHCP: enabled switchxxxxxx# show boot Auto Config ------------ Config Download via DHCP: enabled Download Protocol: scp Configuration file auto-save: enabled Auto Config State: Opening <hostname>-config file Auto Update Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 201 Auto Config State: Searching device hostname in indirect file Auto Update ----------- Image Download via DHCP: enabled switchxxxxxx# show boot Auto Config ------------ Config Download via DHCP: enabled Download Protocol: tftp Configuration file auto-save: enabled Auto Update Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 202: Ip Dhcp Tftp-Server Ip Address

    The backup server can be a TFTP server or a SCP server. Examples Example 1. The example specifies the IPv4 address of TFTP server: ip dhcp tftp-server ip address 10.5.234.232 switchxxxxxx(config)# Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 203: Ip Dhcp Tftp-Server File

    No file name Command Mode Global Configuration mode User Guidelines The backup server can be a TFTP server or an SCP server. Examples switchxxxxxx(config)# ip dhcp tftp-server file conf/conf-file Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 204: Ip Dhcp Tftp-Server Image File

    Use the show ip dhcp tftp-server EXEC mode command to display information about the backup server. Syntax show ip dhcp tftp-server Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 205 The backup server can be a TFTP server or a SCP server. Example show ip dhcp tftp-server server address active 1.1.1.1 from sname manual 2.2.2.2 file path on server active conf/conf-file from option 67 manual conf/conf-file1 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 206: Bonjour Commands

    Global Configuration mode. To remove L2 interfaces from this list, use the no format of the command. Syntax interface-list bonjour interface range interface-list no bonjour interface range [ Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 207: Show Bonjour

    VLAN 100-103 show bonjour To display Bonjour information, use the show bonjour command in Privileged EXEC mode. Syntax interface-id show bonjour [ Parameters • interface-id —Specifies an interface. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 208 Bonjour global status: enabled Bonjour L2 interfaces list: vlans 1 Service Admin Status Oper Status ------- ------------ -------------- csco-sb enabled enabled http enabled enabled https enabled disabled enabled disabled telnet enabled disabled Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 209: Cdp Commands

    To enable sending of the Appliance TLV, use the cdp appliance-tlv enable command in Global Configuration mode. To disable the sending of the Appliance TLV, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 210 Appliance VLAN-ID TLV; or, if the VVID is not supported on the port, this MIB object will not be configurable and will return 4096. Example switchxxxxxx(config)# cdp appliance-tlv enable Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 211: Cdp Device-Id Format

    Tp enable CDP on interface, use the cdp enable command in Interface (Ethernet) Configuration mode. To disable CDP on an interface, use the no form of the CLI command. Syntax cdp enable Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 212: Cdp Holdtime

    Parameters seconds—Value of the Time-to-Live field in seconds. The value should be greater than the value of the Transmission Timer. Parameters range seconds—10 - 255. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 213: Cdp Log Mismatch Duplex

    Parameters Default Configuration The switch reports duplex mismatches from all ports. Command Mode Global Configuration mode Interface (Ethernet) Configuration mode Example switchxxxxxx(config)# interface gi11 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 214: Cdp Log Mismatch Native

    SYSLOG voip mismatch messages if they do not match, use the cdp log mismatch voip Global and Interface Configuration mode command in Global Configuration mode and Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 215: Cdp Mandatory-Tlvs Validation

    CDP frames, use the cdp mandatory-tlvs validation command in Global Configuration mode. To disables the validation, use the no form of this command. Syntax cdp mandatory-tlvs validation no cdp mandatory-tlvs validation Parameters Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 216: Cdp Pdu

    CDP is globally disabled, CDP packets are flooded to all the ports in the product that are in STP forwarding state, ignoring the VLAN filtering rules. Default Configuration bridging Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 217: Cdp Run

    CDP is a link layer protocols for directly-connected CDP/LLDP-capable devices to advertise themselves and their capabilities. In deployments where the CDP/LLDP capable devices are not directly connected and are separated with CDP/LLDP Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 218: Cdp Source-Interface

    Use the cdp source-interface command to specify an interface whose minimal IP address will be advertised in the TVL instead of the minimal IP address of the outgoing interface. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 219: Cdp Timer

    8.14 clear cdp counters To reset the CDP traffic counters to 0, use the clear cdp counters command in Privileged EXEC mode. Syntax interface-id clear cdp counters [global | Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 220: Clear Cdp Table

    Example 3. The example clears the CDP counters of Ethernet port switchxxxxxx# clear cdp couters interface gi11 8.15 clear cdp table To delete the CDP Cache tables, use the clear cdp table command in Privileged EXEC mode. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 221: Show Cdp

    VLAN mismatch is globally enabled cdp log native VLAN mismatch is globally disabled Mandatory TLVs are Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 222: Show Cdp Entry

    • version—Limits the display to information about the version of software running on the neighbors. Default Configuration Version Command Mode Privileged EXEC mode Example Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 223: Show Cdp Interface

    Compiled Mon 07-Apr-97 19:51 by dschwart 8.18 show cdp interface To display information about ports on which CDP is enabled, use the show cdp interface command in Privileged EXEC mode. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 224: Show Cdp Neighbors

    To display information about neighbors kept in the main or secondary cache, use the show cdp neighbors command in Privileged EXEC mode. Syntax interface-id show cdp neighbors [ ] [detail | secondary] Parameters • interface-id—Displays the neighbors attached to this port. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 225 S I M ESW-520-8P ESW-540-8P gi48 S I M ESW-540-8P 003106131611 gi48 Company fa2/1 XX-23R-E 001828100211 gi48 Company fa2/2 XX-23R-E c47d4fed9302 gi48 Company fa2/5 XX-23R-E show cdp neighbors detail switchxxxxxx# Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 226 IP address: 1.6.1.81 Platform: Company IP Phone x8810, Capabilities: Host Interface: gi11, Port ID (outgoing port): Port 1 Time To Live: 150 sec Version : P00303020204 Duplex: full sysName: a-switch Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 227 VLAN-ID: 1210 Platform: QACSZ 4-wire Power-via-MDI (UPOE) TLV: 4-pair PoE Supported: Yes Spare pair Detection/Classification required: Yes PD Spare Pair Desired State: Disabled PSE Spare Pair Operational State: Disabled Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 228 Interface—The protocol and port number of the port on the current device. • IP Network Prefix—It is used by On Demand Routing (ODR). When transmitted by a hub router, it is a default route (an IP address). When Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 229 Remote Port_ID—Identifies the port the CDP packet is sent on • sysName—An ASCII string containing the same value as the sending device's sysName MIB object. • sysObjectID—The OBJECT-IDENTIFIER value of the sending device's sysObjectID MIB object. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 230: Show Cdp Tlv

    CDP is really running on the port, i.e. CDP is enabled globally and on the port, which is UP. Examples: Example 1 - In this example, CDP is disabled and no information is displayed. switchxxxxxx# show cdp tlv Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 231 CDP is enabled who are up. switchxxxxxx# show cdp tlv interface cdp globally is enabled Capability Codes: R - Router,T - Trans Bridge, B - Source Route Bridge Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 232 CDP is enabled on gi13 Ethernet gi13 is down Example 5 - In this example, CDP is globally enabled and enabled on the PSE PoE port, which is up and information is displayed. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 233 4-pair PoE Supported: Yes Spare pair Detection/Classification required: Yes PD Spare Pair Desired State: Disabled PSE Spare Pair Operational State: Disabled Request-ID is 1 Power management-ID is 1; Available-Power is 15.4; Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 234 4-wire Power-via-MDI (UPOE) TLV: 4-pair PoE Supported: No Power Requested TLV: Request-ID is 1 Power management-ID is 1; Requested Power Level is 10; Requested Power Level is 8; Power Consumption TLV: 10 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 235: Show Cdp Traffic

    CDP version 1 advertisements output: 100, Input CDP version 2 advertisements output: 81784, Input gi11 Total packets output: 81684, Input: 81790 Hdr syntax: 0, Chksum error: 0, Invalid packet: 0 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 236 CDP version 2 advertisements output—The number of CDP Version 2 advertisements sent by the local device. • CDP version 2 advertisements Input—The number of CDP Version 2 advertisements received by the local device. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 237 CDP Commands Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 238: Clock Commands

    —Month (first three letters by name). (Range: Jan...Dec) • year —Year (no abbreviation) (Range: 2000–2097) Default Configuration There is no absolute time when the time range is in effect. Command Mode Time-range Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 239: Clock Dhcp Timezone

    The TimeZone and SummerTime remain effective after the IP address lease time has expired. The TimeZone and SummerTime that are taken from the DHCP server are cleared after reboot. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 240: Clock Set

    —Specifies the current month using the first three letters of the month name. (Range: Jan–Dec) • year —Specifies the current year. (Range: 2000–2037) Default Configuration The time of the image creation. Command Mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 241: Clock Source

    User Guidelines After boot the system clock is set to the time of the image creation. If no parameter is specified, SNTP will be configured as the time source. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 242: Clock Summer-Time

    Parameters • zone —The acronym of the time zone to be displayed when summer time is in effect. (Range: up to 4 characters) Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 243 USA rules for Daylight Saving Time: • From 2007: Start: Second Sunday in March End: First Sunday in November Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 244: Clock Timezone

    —The acronym of the time zone. (Range: Up to 4 characters) • hours-offset —Hours difference from UTC. (Range: (-12)–(+13)) • minutes-offset —(Optional) Minutes difference from UTC. (Range: 0–59) Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 245: Periodic

    Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 246: Sntp Anycast Client Enable

    To enable the SNTP Anycast client, use the sntp anycast client enable command in Global Configuration mode. To restore the default configuration, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 247: Sntp Authenticate

    To enable authentication for received SNTP traffic from servers, use the sntp authenticate command in Global Configuration mode. To restore the default configuration, use the no form of this command. Syntax sntp authenticate no sntp authenticate Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 248: Sntp Authentication-Key

    Parameters • key-number —Specifies the key number. (Range: 1–4294967295) • key-value —Specifies the key value. (Length: 1–8 characters) • encrypted-key-value —Specifies the key value in encrypted format. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 249: Sntp Broadcast Client Enable

    If the parameter is not defined it is the default value. • ipv4—(Optional) Specifies the IPv4 SNTP Broadcast clients are enabled. • ipv6—(Optional) Specifies the IPv6 SNTP Broadcast clients are enabled. Default Configuration The SNTP Broadcast client is disabled. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 250: Sntp Client Enable

    —Specifies an interface ID, which can be one of the following types: Ethernet port, Port-channel or VLAN. Default Configuration The SNTP client is disabled. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 251: Sntp Client Enable (Interface)

    Interface Configuration mode User Guidelines This command enables the SNTP Broadcast and Anycast client on an interface. Use the no form of this command to disable the SNTP client. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 252: Sntp Server

    —(Optional) Specifies the Authentication key to use when sending packets to this peer. (Range:1–4294967295) Default Configuration The following servers with polling and without authentication are defined: • time-a.timefreq.bldrdoc.gov Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 253: Sntp Source-Interface

    Global Configuration mode. To restore the default configuration, use the no form of this command. Syntax interface-id sntp source-interface no sntp source-interface Parameters • interface-id —Specifies the source interface. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 254: Sntp Source-Interface-Ipv6

    Global Configuration mode. To restore the default configuration, use the no form of this command. Syntax interface-id sntp source-interface-ipv6 no sntp source-interface-ipv6 Parameters • interface-id —Specifies the source interface. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 255: Sntp Trusted-Key

    Configuration mode. To restore the default configuration, use the no form of this command. Syntax key-number sntp trusted-key key-number no sntp trusted-key Parameters • key-number —Specifies the key number of the authentication key to be trusted. (Range: 1–4294967295). Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 256: Sntp Unicast Client Enable

    SNTP Unicast clients, use the no form of this command. Syntax sntp unicast client enable no sntp unicast client enable Parameters Default Configuration The SNTP unicast clients are disabled. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 257: Sntp Unicast Client Poll

    Syntax sntp unicast client poll no sntp unicast client poll Parameters Default Configuration Polling is enabled. Command Mode Global Configuration mode User Guidelines The polling interval is 1024 seconds. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 258: Show Clock

    Example 1 - The following example displays the system time and date. switchxxxxxx# show clock 15:29:03 PDT(UTC-7) Jun 17 2002 Time source is SNTP Time from Browser is enabled Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 259: Show Sntp Configuration

    Offset is 60 minutes. DHCP timezone: Enabled 9.21 show sntp configuration To display the SNTP configuration on the device, use the show sntp configuration command in Privileged EXEC mode. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 260 Alice456 ----------------------------------- Authentication is not required for synchronization. No trusted keys Unicast Clients: enabled Unicast Clients Polling: enabled Server: 1.1.1.121 Polling: disabled Encryption Key: disabled Server: 3001:1:1::1 Polling: enabled Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 261: Show Sntp Status

    To display the SNTP servers status, use the show sntp status command in Privileged EXEC mode. Syntax show sntp status Parameters Default Configuration Command Mode Privileged EXEC mode Example The following example displays the SNTP servers status: switchxxxxxx# show sntp status Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 262 Delay: mSec Anycast servers: Server: 176.1.11.8 Interface: VLAN 112 Status: Up Last response: 9:53:21.789 PDT Feb 19 2005 Stratum Level: 10 Offset: 9.98mSec Delay: 289.19mSec Broadcast servers: Server: 3001:1::12 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 263: Show Time-Range

    Time-range Configuration mode in Global Configuration mode. To restore the default configuration, use the no form of this command. Syntax time-range-name time-range time-range-name no time-range Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 264 SNTP. If the software clock is not set by the user or by SNTP, the time range is not activated. Example switchxxxxxx(config)# time-range http-allowed switchxxxxxx(config-time-range)# periodic mon 12:00 to wed 12:00 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 265: Denial Of Service (Dos) Commands

    Fragmented packets are allowed from all interfaces. If mask is unspecified, the default is 255.255.255.255. If prefix-length is unspecified, the default is 32. Command Mode Interface (Ethernet, Port Channel) Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 266: Security-Suite Deny Icmp

    IP address prefix. The prefix length must be preceded by a forward slash (/). Default Configuration Echo requests are allowed from all interfaces. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 267: Security-Suite Deny Martian-Addresses

    {add | remove} ( security-suite deny martian-addresses Add/remove system-reserved IP addresses, see tables below) no security-suite deny martian-addresses (This command removes addresses reserved by security-suite deny martian-addresses {add {ip-address {mask | Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 268 Default Configuration Martian addresses are allowed. Command Mode Global Configuration mode User Guidelines For this command to work, show security-suite configuration must be enabled globally. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 269: Security-Suite Deny Syn

    Interface (Ethernet, Port Channel) Configuration mode command. This a complete block of these connections. To permit creation of TCP connections, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 270 IP addresses and destination TCP ports. Example The following example attempts to block the creation of TCP connections from an interface. It fails because security suite is enabled globally and not per interface. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 271: Security-Suite Deny Syn-Fin

    The feature is disabled by default. Command Mode Global Configuration mode Example The following example blocks TCP packets in which both SYN and FIN flags are set. switchxxxxxx(config)# security-suite deny sin-fin Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 272: Security-Suite Dos Protect

    Global Configuration mode User Guidelines For this command to work, show security-suite configuration must be enabled globally. Example The following example protects the system from the Invasor Trojan DOS attack. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 273: Security-Suite Dos Syn-Attack

    If prefix-length is unspecified, the default is 32. Command Mode Interface (Ethernet, Port Channel) Configuration mode User Guidelines For this command to work, show security-suite configuration must be enabled both globally and for interfaces. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 274: Security-Suite Enable

    When security-suite is enabled, you can specify the types of protection required. The following commands can be used: • show security-suite configuration • show security-suite configuration • show security-suite configuration Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 275 Example 1—The following example enables the security suite feature and specifies that security suite commands are global commands only. When an attempt is made to configure security-suite on a port, it fails. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 276: Security-Suite Syn Protection Mode

    SYN traffic from attacking ports destined to the local system is blocked, and a rate-limited SYSLOG message (one per minute) is generated Default Configuration The default mode is block. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 277: Security-Suite Syn Protection Recovery

    Global Configuration mode command. To set the time period to its default value, use the no form of this command. Syntax security-suite syn protection recovery timeout no security-suite syn protection recovery Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 278: Security-Suite Syn Protection Threshold

    (number of packets per second) from each specific port that triggers identification of TCP SYN attack. (Range: 20-200) Default Configuration The default threshold is 80pps (packets per second). Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 279: Show Security-Suite Configuration

    SYN Rate (pps) ----------------- -------------- -------------- 176.16.23.0\24 Martian addresses filtering Reserved addresses: enabled. Configured addresses: 10.0.0.0/8, 192.168.0.0/16 SYN filtering Interface IP Address TCP port ---------------- -------------- -------------- 176.16.23.0\24 ICMP filtering Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 280: Show Security-Suite Syn Protection

    Protection Mode: Block Threshold: 40 Packets Per Second Period: 100 Seconds Interface Name Last Attack Current Status gi11 Attacked 19:58:22.289 PDT Feb 19 2012 Blocked and Reported Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 281 Denial of Service (DoS) Commands gi12 Attacked 19:58:22.289 PDT Feb 19 2012 Reported gi13 Attacked 19:58:22.289 PDT Feb 19 2012 Blocked and Reported Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 282: Dhcp Relay Commands

    Default Configuration DHCP relay feature is disabled. Command Mode Global Configuration mode Example The following example enables the DHCP relay feature on the device. switchxxxxxx(config)# ip dhcp relay enable Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 283: Ip Dhcp Relay Enable (Interface)

    VLAN, and option 82 is enabled. Example The following example enables DHCP Relay on VLAN 21. switchxxxxxx(config)# interface vlan switchxxxxxx(config-if)# ip dhcp relay enable Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 284: Ip Dhcp Relay Address (Global)

    The no form of the command without the argument deletes all global defined DHCP servers. Example The following example defines the DHCP server on the device. switchxxxxxx(config)# ip dhcp relay address 176.16.1.1 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 285: Ip Dhcp Relay Address (Interface)

    The no form of the command without the argument deletes all DHCP servers. Example The following example defines the DHCP server on the device. switchxxxxxx(config)# interface vlan switchxxxxxx(config-if)# ip dhcp relay address 176.16.1.1 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 286: Show Ip Dhcp Relay

    Maximum number of supported VLANs without IP Address: 0 Number of DHCP Relays enabled on VLANs without IP Address: 4 DHCP relay is enabled on Ports: gi11,po1-2 Active: Inactive: gi11, po1-4 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 287 Maximum number of supported VLANs without IP Address is 4 Number of DHCP Relays enabled on VLANs without IP Address: 2 DHCP relay is enabled on Ports: gi11,po1-2 Active: gi11 Inactive: po1-2 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 288: Ip Dhcp Information Option

    DHCP option-82 data insertion is disabled. Command Mode Global Configuration mode User Guidelines DHCP option 82 would be enabled only if DHCP snooping or DHCP relay are enabled. Example switchxxxxxx(config)# ip dhcp information option Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 289: Show Ip Dhcp Information Option

    Default Configuration Command Mode User EXEC mode Example The following example displays the DHCP Option 82 configuration. switchxxxxxx# show ip dhcp information option Relay agent Information option is Enabled Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 290: Dhcp Server Commands

    Bytes are separated by a period or colon. For example, 01b7.0813.8811.66. • mac-address —Specifies the client MAC address. Default Configuration No address are bound. Command Mode DHCP Pool Host Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 291: Address (Dhcp Network)

    { | low high prefix-length no address Parameters • network-number —Specifies the IP address of the DHCP address pool. • mask —Specifies the pool network mask. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 292: Auto-Default-Router

    To enable auto default router, use the auto-default-router command in DHCP Pool Network Configuration mode or in DHCP Pool Host Configuration mode. To disable auto default router, use the no form of this command. Syntax auto-default-router no auto-default-router Parameters Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 293: Bootfile

    Configuration mode. To delete the boot image file name, use the no form of this command. Syntax filename bootfile no bootfile Parameters • filename —Specifies the file name used as a boot image. (Length: 1–128 characters). Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 294: Clear Ip Dhcp Binding

    Typically, the address supplied denotes the client IP address. If the asterisk (*) character is specified as the address parameter, DHCP clears all dynamic bindings. Use the no ip dhcp pool Global Configuration mode command to delete a manual binding. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 295: Client-Name

    Command Mode DHCP Pool Host Configuration mode Default Configuration No client name is defined. Example The following example defines the string client1 as the client name. switchxxxxxx(config-dhcp)# client-name client1 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 296: Default-Router

    DHCP client is directly connected.  IP Routing is enabled.  Default router was required by the client. Example The following example specifies 10.12.1.99 as the default router IP address. switchxxxxxx(config-dhcp)# 10.12.1.99 default-router Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 297: Dns-Server

    If DNS IP servers are not configured for a DHCP client, the client cannot correlate host names to IP addresses. Example The following example specifies 10.12.1.99 as the client domain name server IP address. switchxxxxxx(config-dhcp)# dns-server 10.12.1.99 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 298: Domain-Name

    To specify IP addresses that a DHCP server must not assign to DHCP clients, use the ip dhcp excluded-address command in Global Configuration mode. To remove the excluded IP addresses, use the no form of this command. Syntax low-address high-address ip dhcp excluded-address Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 299: Ip Dhcp Pool Host

    Host Configuration mode, use the ip dhcp pool host command in Global Configuration mode. To remove the address pool, use the no form of this command. Syntax name ip dhcp pool host name no ip dhcp pool host Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 300: Ip Dhcp Pool Network

    Network Configuration mode, use the ip dhcp pool network command in Global Configuration mode. To remove the address pool, use the no form of this command. Syntax name ip dhcp pool network name no ip dhcp pool network Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 301: Ip Dhcp Server

    Global Configuration mode. To disable the DHCP server, use the no form of this command. Syntax ip dhcp server no ip dhcp server Default Configuration The DHCP server is disabled. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 302: Lease

    • infinite—Specifies that the duration of the lease is unlimited. Default Configuration The default lease duration is 1 day. Command Mode DHCP Pool Network Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 303: Netbios-Name-Server

    Parameters • ip-address ip-address2 ip-address8 ]—Specifies the IP addresses of NetBIOS WINS name servers. Up to eight addresses can be specified in one command line. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 304: Netbios-Node-Type

    Peer-to-peer NetBIOS node type. • m-node—Specifies the Mixed NetBIOS node type. • h-node—Specifies the Hybrid NetBIOS node type. Command Mode DHCP Pool Network Configuration mode DHCP Pool Host Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 305: Next-Server

    DHCP Pool Network Configuration mode DHCP Pool Host Configuration mode User Guidelines The client will connect, using the SCP/TFTP protocol, to this server in order to download the configuration file. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 306: Next-Server-Name

    The client will connect, using the SCP/TFTP protocol, to this server in order to download the configuration file. Example The following example specifies www.bootserver.com as the name of the next server in the boot process of a DHCP client. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 307: Option

    Each byte can be separated by a period, colon, or white space. • hex none—Specifies the zero-length hexadecimal string. • text description —User description Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 308 Enable/Disable Option" Example 2. The following example configures DHCP option 2, which specifies the offset of the client in seconds from Coordinated Universal Time (UTC): switchxxxxxx(config-dhcp)# option integer 3600 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 309: Show Ip Dhcp

    To display the allocated address or all the allocated addresses on the DHCP server, use the show ip dhcp allocated command in User EXEC mode. Syntax ip-address show ip dhcp allocated [ Parameters • ip-address —(Optional) Specifies the IP address. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 310 172.16.3.254 DHCP server enabled The number of allocated entries is 2 IP address Hardware address Lease expiration Type ---------- ---------------- -------------------- ------- 172.16.3.254 02c7.f800.0422 Infinite Static Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 311: Show Ip Dhcp Binding

    The number of used (all types) entries is 6 The number of pre-allocated entries is 1 The number of allocated entries is 1 The number of expired entries is 1 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 312 Server. Client Identifier The MAC address or client identifier of the host as recorded on the DHCP Server. Lease The lease expiration date of the host IP address. expiration Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 313: Show Ip Dhcp Declined

    The number of declined entries is 2 IP address Hardware address 172.16.1.11 00a0.9802.32de 172.16.3.254 02c7.f800.0422 switchxxxxxx# show ip dhcp declined 172.16.1.11 DHCP server enabled The number of declined entries is 2 IP address Hardware address Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 314: Show Ip Dhcp Excluded-Addresses

    DHCP server, use the show ip dhcp expired command in User EXEC mode. Syntax ip-address show ip dhcp expired [ Parameters • ip-address —(Optional) Specifies the IP. Command Mode User EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 315: Show Ip Dhcp Pool Host

    [ Parameters • address —(Optional) Specifies the client IP address. • name —(Optional) Specifies the DHCP pool name. (Length: 1-32 characters) Command Mode User EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 316 Default router: 172.16.1.1 Client name: client1 DNS server: 10.12.1.99 Domain name: yahoo.com NetBIOS name server: 10.12.1.90 NetBIOS node type: h-node Next server: 10.12.1.99 Next-server-name: 10.12.1.100 Bootfile: Bootfile Time server 10.12.1.99 Options: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 317: Show Ip Dhcp Pool Network

    Example 1—The following example displays configuration of all DHCP network pools: switchxxxxxx# show ip dhcp pool network The number of network pools is 2 Name Address range mask Lease ---------------------------------------------------- marketing 10.1.1.17-10.1.1.178 255.255.255.0 0d:12h:0m Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 318 Options: Code Type Len Value Description ------- --- -------------------- -------------------------------- integer 4 3600 ascii 16 qq/aaaa/bbb.txt boolean 1 false "IP Forwarding Enable/Disable Option" 4 134.14.14.1 ip-list 8 1.1.1.1, 12.23.45.2 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 319: Show Ip Dhcp Pre-Allocated

    IP address Hardware address 172.16.1.11 00a0.9802.32de 172.16.3.254 02c7.f800.0422 switchxxxxxx# show ip dhcp pre-allocated 172.16.1.11 DHCP server enabled The number of pre-allocated entries is 1 IP address Hardware address 172.16.1.15 00a0.9802.32de Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 320: Show Ip Dhcp Server Statistics

    To specify the time servers list for a DHCP client, use the time-server command in DHCP Pool Network Configuration mode or in DHCP Pool Host Configuration mode. To remove the time servers list, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 321 The time server’s IP address should be on the same subnet as the client subnet. Example The following example specifies 10.12.1.99 as the time server IP address. switchxxxxxx(config-dhcp)# time-server 10.12.1.99 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 322: Dhcp Snooping Commands

    VLAN is enabled by using the ip dhcp snooping vlan Global Configuration mode command. Example The following example enables DHCP Snooping on the device. switchxxxxxx(config)# ip dhcp snooping Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 323: Ip Dhcp Snooping Vlan

    Use the ip dhcp snooping trust Interface Configuration (Ethernet, Port-channel) mode command to configure a port as trusted for DHCP snooping purposes. Use the no form of this command to restore the default configuration. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 324: Ip Dhcp Snooping Information Option Allowed-Untrusted

    Use the no form of this command to drop these packets from an untrusted port. Syntax ip dhcp snooping information option allowed-untrusted no ip dhcp snooping information option allowed-untrusted Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 325: Ip Dhcp Snooping Verify

    The switch verifies that the source MAC address in a DHCP packet received on an untrusted port matches the client hardware address in the packet. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 326: Ip Dhcp Snooping Database

    To ensure that the lease time in the database is accurate, the Simple Network Time Protocol (SNTP) must be enabled and configured. The device writes binding changes to the binding database file only if the device system clock is synchronized with SNTP. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 327: Ip Dhcp Snooping Binding

    —Specifies the time interval, in seconds, after which the binding entry is no longer valid. (Range: 10–4294967294). infinite—Specifies infinite lease time. Default Configuration No static binding exists. Command Mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 328: Clear Ip Dhcp Snooping Database

    13.8 clear ip dhcp snooping database Use the clear ip dhcp snooping database Privileged EXEC mode command to clear the DHCP Snooping binding database. Syntax clear ip dhcp snooping database Parameters Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 329: Show Ip Dhcp Snooping

    DHCP snooping is configured on following VLANs: 21 DHCP snooping database is Enabled Relay agent Information option 82 is Enabled Option 82 on untrusted port is allowed Verification of hwaddr field is Enabled Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 330: Show Ip Dhcp Snooping Binding

    —Specifies a VLAN ID. • interface-id —Specifies an interface ID. The interface ID can be one of the following types: Ethernet port or Port-channel. Command Mode User EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 331: Ip Source-Guard

    Use the no form of this command to disable IP Source Guard on the device or on an interface. Syntax ip source-guard no ip source-guard Parameters Default Configuration IP Source Guard is disabled. Command Mode Interface (Ethernet, Port Channel) Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 332: Ip Source-Guard Binding

    —Specifies an interface ID. The interface ID can be one of the following types: Ethernet port or Port-channel. Default Configuration No static binding exists. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 333: Ip Source-Guard Tcam Retries-Freq

    —Specifies the retries frequency in seconds. (Range: 10–600) • never—Disables automatic searching for TCAM resources. Default Configuration The default retries frequency is 60 seconds. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 334: Ip Source-Guard Tcam Locate

    Since the IP Source Guard uses the Ternary Content Addressable Memory (TCAM) resources, there may be situations when IP Source Guard addresses are inactive because of a lack of TCAM resources. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 335: Show Ip Source-Guard Configuration

    [i Parameters • interface-id —Specifies an interface ID. The interface ID can be one of the following types: Ethernet port or Port-channel. Command Mode User EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 336: Show Ip Source-Guard Status

    —Specifies a VLAN ID. • interface-id —Specifies an interface ID. The interface ID can be one of the following types: Ethernet port or Port-channel. Command Mode User EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 337: Show Ip Source-Guard Inactive

    TCAM space. Use the ip source-guard tcam locate command to manually retry locating TCAM resources for the inactive IP Source Guard addresses. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 338: Show Ip Source-Guard Statistics

    —Display the statistics on this VLAN. Command Mode User EXEC mode Example switchxxxxxx# show ip source-guard statistics VLAN Statically Permitted Stations DHCP Snooping Permitted Stations ---- ------------------------------- -------------------------------- Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 339: Ip Arp Inspection

    Use the ip arp inspection vlan Global Configuration mode command to enable ARP inspection on a VLAN, based on the DHCP Snooping database. Use the no form of this command to disable ARP inspection on a VLAN. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 340: Ip Arp Inspection Trust

    Address Resolution Protocol (ARP) packets are inspected. Use the no form of this command to restore the default configuration. Syntax ip arp inspection trust no ip arp inspection trust Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 341: Ip Arp Inspection Validate

    Address Resolution Protocol (ARP) inspection. Use the no form of this command to restore the default configuration. Syntax ip arp inspection validate no ip arp inspection validate Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 342: Ip Arp Inspection List Create

    ARP binding list and enters the ARP list configuration mode. Use the no form of this command to delete the list. Syntax ip arp inspection list create name no ip arp inspection list create name Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 343: Ip Mac

    —Specifies the IP address to be entered to the list. • mac-address —Specifies the MAC address associated with the IP address. Default Configuration No static ARP binding is defined. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 344: Ip Arp Inspection List Assign

    No static ARP binding list assignment exists. Command Mode Global Configuration mode Example The following example assigns the static ARP binding list Servers to VLAN 37. switchxxxxxx(config)# 37 servers ip arp inspection list assign Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 345: Ip Arp Inspection Logging Interval

    Use the show ip arp inspection EXEC mode command to display the ARP inspection configuration for all interfaces or for a specific interface. Syntax interface-id show ip arp inspection [ Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 346: Show Ip Arp Inspection List

    Use the show ip arp inspection list Privileged EXEC mode command to display the static ARP binding list. Syntax show ip arp inspection list Parameters Command Mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 347: Show Ip Arp Inspection Statistics

    Counters values are kept when disabling the ARP Inspection feature. Example switchxxxxxx# show ip arp inspection statistics Vlan Forwarded Packets Dropped Packets IP/MAC Failures ---- ----------------------------------------------- Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 348: Clear Ip Arp Inspection Statistics

    ARP Inspection statistics globally. Syntax clear ip arp inspection statistics [vlan vlan-id Parameters • vlan-id —Specifies VLAN ID. Command Mode Privileged EXEC mode Example switchxxxxxx# clear ip arp inspection statistics Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 349: Dhcpv6 Commands

    (for example, Domain Name System [DNS] servers). Example The following example restarts the DHCP for IPv6 client on VLAN 100: switchxxxxxx# clear ipv6 dhcp client vlan 100 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 350: Ipv6 Dhcp Client Information Refresh

    Use the infinite keyword, to prevent refresh, if the server does not send an information refresh time option. Example The following example configures an upper limit of 2 days: switchxxxxxx(config)# interface vlan 100 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 351: Ipv6 Dhcp Client Information Refresh Minimum

    This command may be configured in the following situations: • In unstable environments where unexpected changes are likely to occur. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 352: Ipv6 Dhcp Client Stateless

    Parameters This command has no arguments or keywords. Default Configuration Information request is disabled on an interface. Command Mode Interface Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 353 DHCPv6 client and relay functions are mutually exclusive on an interface. Example The following example enables the Stateless service: switchxxxxxx(config)# interface vlan 100 switchxxxxxx(config-if)# ipv6 dhcp client stateless switchxxxxxx(config-if)# exit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 354: Ipv6 Dhcp Duid-En

    RFC3315) with the Base MAC Address as a Link-layer Address. Use this command to change the DUID format to the Vendor Based on Enterprise Number. Examples Example 1. The following sets the DIID-EN format: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 355: Ipv6 Dhcp Relay Destination (Global)

    If this argument is configured, client messages are forwarded to the well-known link-local Multicast address All_DHCP_Relay_Agents_and_Servers (FF02::1:2) through the link to which the output interface is connected. Default Configuration There is no globally-defined relay destination. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 356 FE80::1:2 vlan 200 Example 2. The following example sets that client messages are forwarded to VLAN 200: switchxxxxxx(config)# ipv6 dhcp relay destination vlan 200 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 357: Ipv6 Dhcp Relay Destination (Interface)

    Multicast address All_DHCP_Relay_Agents_and_Servers (FF02::1:2) through the link to which the output interface is connected. Default Configuration The relay function is disabled, and there is no relay destination on an interface. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 358 By default, the relay function is disabled, and there is no relay destination on an interface. Use the no form of the command with arguments to remove a specific address. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 359 100 ipv6 dhcp relay destination 3002::1:2 switchxxxxxx(config-if)# exit switchxxxxxx(config-if)# Example 4. The following example enables DHCPv6 relay on VLAN 100: switchxxxxxx(config)# interface vlan 100 switchxxxxxx(config-if)# ipv6 dhcp relay destination Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 360: Show Ipv6 Dhcp

    Example 1. The following is sample output from this command when the switch’s DUID format is vendor based on enterprise number: switchxxxxxx# show ipv6 dhcp The switch’s DHCPv6 unique identifier(DUID)is 0002000000090CC084D303000912 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 361 The switch’s DHCPv6 unique identifier(DUID)is 000300010024012607AA Format: 3 Hardware type: 1 MAC Address: 0024.0126.07AA Relay Destinations: 2001:001:250:A2FF:FEBF:A056 2001:1001:250:A2FF:FEBF:A056 2001:1011:250:A2FF:FEBF:A056 via VLAN 100 FE80::250:A2FF:FEBF:A056 via VLAN 100 FE80::250:A2FF:FEBF:A056 via VLAN 200 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 362: Show Ipv6 Dhcp Interface

    Reconfigure service is enabled Information Refresh Minimum Time: 600 seconds Information Refresh Time: 86400 seconds Received Information Refresh Time: 3600 seconds Remain Information Refresh Time: 411 seconds DHCP server: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 363 Remain Information Refresh Time: 0 seconds VLAN 1010 is in relay mode DHCP Operational mode is enabled Relay source interface: VLAN 101 Relay destinations: 2001:001:250:A2FF:FEBF:A056 FE80::250:A2FF:FEBF:A056 via FastEthernet 1/0/10 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 364: Dns Client Commands

    To define a static hostname-to-address mappings in the DNS hostname cache, use the ip host command. To delete a static hostname-to-address mappings in the DNS hostname cache, use the no ip host command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 365: Ip Domain Lookup

    Parameters Default Configuration Enabled. Command Mode Global Configuration mode Example The following example enables DNS-based host name-to-address translation. switchxxxxxx(config)# ip domain lookup Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 366: Ip Domain Name

    (.) is used to separate labels. The maximum size of each domain level is 63 characters. The maximum name size is 158 bytes. Example The following example defines the default domain name as ‘www.website.com’. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 367: Ip Domain Polling-Interval

    DNS Request messages for the IP address using the polling interval. Example The following example shows how to configure the polling interval of 100 seconds: switchxxxxxx(config)# ip domain polling-interval 100 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 368: Ip Domain Retry

    15.6 ip domain timeout Use the ip domain timeout command in Global Configuration mode to specify the amount of time to wait for a response to a DNS query. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 369: Ip Host

    Use the ip host Global Configuration mode command to define the static host name-to-address mapping in the DNS host name cache. Use the no form of this command to remove the static host name-to-address mapping. Syntax hostname address1 address2...address8 ip host Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 370 The entry is deleted if all its addresses are deleted. Example The following example defines a static host name-to-address mapping in the host cache. switchxxxxxx(config)# accounting.website.com 176.10.23.1 ip host Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 371: Ip Name-Server

    (if one existed). Example The following example shows how to specify IPv4 hosts 172.16.1.111, 172.16.1.2, and IPv6 host 2001:0DB8::3 as the name servers: switchxxxxxx(config)# ip name-server 172.16.1.111 172.16.1.2 2001:0DB8::3 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 372: Show Hosts

    The following is sample output with no parameters specified: switchxxxxxx# show hosts Name/address lookup is enabled Domain Timeout: 3 seconds Domain Retry: 4 times Domain Polling Interval: 10 seconds Default Domain Table Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 373 Host Flag Address;Age...in preference order example1.company.com (dynamic, OK) 2002:0:130F::0A0:1504:0BB4;1 112.0.2.10 176.16.8.8;123 124 173.0.2.30;39 example2.company.com (dynamic, ??) example3.company.com (static, OK) 120.0.2.27 example4.company.com (dynamic, OK) 24 173.0.2.30;15 example5.company.com (dynamic, Ne); 12 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 374: Eee Commands

    If auto-negotiation is not enabled on the port and its speed is less than 1 Giga, the EEE operational status is disabled. Example switchxxxxxx(config)# eee enable Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 375: Eee Enable (Interface)

    To enable EEE support by LLDP on an Ethernet port, use the eee lldp enable Interface Configuration command. To disable the support, use the no format of the command. Syntax eee lldp enable no eee lldp enable Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 376: Show Eee

    16.4 show eee Use the show eee EXEC command to display EEE information. Syntax [interface-id] show eee Parameters interface-id—(Optional) Specify an Ethernet port. Defaults None Command Mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 377 Example 3 - The following is the information displayed when the port is in status DOWN. switchxxxxxx# show eee gi11 Port Status: DOWN EEE capabilities: Speed 10M: EEE not supported Speed 100M: EEE supported Speed : EEE supported Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 378 Current port speed: 1000Mbps EEE Remote status: disabled EEE Administrate status: enabled EEE Operational status: disabled (neighbor does not support) EEE LLDP Administrate status: enabled EEE LLDP Operational status: disabled Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 379 EEE Remote status: enabled EEE Administrate status: enabled EEE Operational status: enabled EEE LLDP Administrate status: disabled EEE LLDP Operational status: disabled Resolved Tx Timer: 10usec Local Tx Timer: 10 usec Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 380 Example 9 - The following is the information displayed when EEE is running on the port, EEE LLDP is enabled but not synchronized with the remote link partner. switchxxxxxx# show eee gi14 Port Status: up EEE capabilities: Speed 10M: EEE not supported Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 381 EEE Operational status: enabled EEE LLDP Administrate status: enabled EEE LLDP Operational status: enabled Resolved Tx Timer: 10usec Local Tx Timer: 10 usec Remote Rx Timer: 5 usec Resolved Timer: 25 usec Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 382 EEE Commands Local Rx Timer: 20 usec Remote Tx Timer: 25 usec Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 383: Ethernet Configuration Commands

    Ethernet port, port-channel, VLAN, range, IP interface or tunnel. Default Configuration None Command Mode Global Configuration mode Examples Example 1—For Ethernet ports: switchxxxxxx(config)# interface gi11 switchxxxxxx(config-if)# Example 2—For port channels (LAGs): switchxxxxxx(config)# interface po1 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 384: Interface Range

    17.3 shutdown To disable an interface, use the shutdown Interface Configuration mode command. To restart a disabled interface, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 385 If the switch shuts down a port channel it additionally shuts down all ports of the port channel too. Examples Example 1—The following example disables gi14 operations. switchxxxxxx(config)# interface gi14 switchxxxxxx(config-if)# shutdown switchxxxxxx(config-if)# Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 386: Operation Time

    To control the time that the port is up, use the operation time Interface (Ethernet, Port Channel) Configuration mode command. To cancel the time range for the port operation time, use the no form of this command. Syntax time-range-name operation time Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 387: Description

    17.5 description To add a description to an interface, use the description Interface (Ethernet, Port Channel) Configuration mode command. To remove the description, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 388: Speed

    To restore the default configuration, use the no form of this command. Syntax speed {10 1000 } no speed Parameters • 10—Forces10 Mbps operation • 100—Forces 100 Mbps operation Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 389: Duplex

    Syntax {half | full} duplex no duplex Parameters • half—Forces half-duplex operation. • full—Forces full-duplex operation. Default Configuration The interface operates in full duplex mode. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 390: Negotiation

    10h, 10f, 100h,100f, 1000f ). 10h—Advertise 10 half-duplex 10f—Advertise 10 full-duplex 100h—Advertise 100 half-duplex 100f—Advertise 100 full-duplex 1000f—Advertise 1000 full-duplex • Preferred—(Optional) Specifies the master-slave preference: Master—Advertise master preference Slave—Advertise slave preference Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 391: Flowcontrol

    Parameters • auto—Specifies auto-negotiation of Flow Control. • on—Enables Flow Control. • off—Disables Flow Control. Default Configuration Flow control is Disabled. Command Mode Interface (Ethernet, Port Channel) Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 392: Mdix

    Default Configuration The default setting is Auto. Command Mode Interface (Ethernet) Configuration mode Example The following example enables automatic crossover on port gi11. switchxxxxxx(config)# interface gi11 switchxxxxxx(config-if)# mdix auto Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 393: Back-Pressure

    17.12 port jumbo-frame To enable jumbo frames on the device, use the port jumbo-frame Global Configuration mode command. To disable jumbo frames, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 394: Link-Flap Prevention

    Global Configuration mode command. Use the no form of this command to restore the default configuration. Syntax link-flap prevention {enable | disable} no link-flap prevention Parameters enable—Enables Link-flap Prevention. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 395: Clear Counters

    The following example enables link-flap prevention on the device. switchxxxxxx(config)# link-flap prevention 17.14 clear counters To clear counters on all or on a specific interface, use the clear counters Privileged EXEC mode command. Syntax [interface-id] clear counters Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 396: Set Interface Active

    Ethernet port or port-channel. Command Mode Privileged EXEC mode User Guidelines This command is used to activate interfaces that were configured to be active, but were shut down by the system. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 397: Errdisable Recovery Cause

    UDLD Shutdown state. • storm-control—Enables the error recovery mechanism for the Storm Control Shutdown state. • link-flap—Enables the error recovery mechanism for the link-flap prevention Err-Disable state. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 398: Errdisable Recovery Interval

    Parameters seconds—Specifies the error recovery timeout interval in seconds. (Range: 30– 86400) Default Configuration The default error recovery timeout interval is 300 seconds. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 399: Errdisable Recovery Reset

    • link-flap—Reactivate all interfaces in the link-flap prevention Err-Disable state. • interface-id— interface Reactivate interfaces that were configured to be active, but were shut down by the system. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 400: Show Interfaces Configuration

    Privileged EXEC mode command. Syntax [interface-id | detailed show interfaces configuration Parameters • interface-id—(Optional) Specifies an interface ID. The interface ID can be one of the following types: Ethernet port or port-channel. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 401 State ------ ------ ----- -------- ------- ----- Disabled switchxxxxxx# show interfaces configuration Port Type Speed Flow Cont ------ ---- ----------- ----- ------- ---- 10G-Fiber 10000 10G-Fiber 10000 10G-Fiber 10000 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 402: Show Interfaces Status

    Link Back Mdix Port Type Duplex Speed Neg ctrl State Pressure Mode ------ --------- ------ ----- -------- ---- ------ -------- -- gi11 1G-Copper Full 1000 Disabled Off Disabled Off Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 403: Show Interfaces Advertise

    Displays information for non-present ports in addition to present ports. Default Configuration Display for all interfaces. If detailed is not used, only present ports are displayed. Command Mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 404: Show Interfaces Description

    Auto negotiation: disabled. 17.22 show interfaces description To display the description for all configured interfaces or for a specific interface, use the show interfaces description Privileged EXEC mode command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 405: Show Interfaces Counters

    ----------- Output 17.23 show interfaces counters To display traffic seen by all the physical interfaces or by a specific interface, use the show interfaces counters Privileged EXEC mode command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 406 ---------- ------------ ------------ ------------ ------------ gi11 7051 FCS Errors: 0 Single Collision Frames: 0 Multiple Collision Frames: 0 SQE Test Errors: 0 Deferred Transmissions: 0 Late Collisions: 0 Excessive Collisions: 0 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 407 Ethernet Configuration Commands Carrier Sense Errors: 0 Oversize Packets: 0 Internal MAC Rx Errors: 0 Symbol Errors: 0 Received Pause Frames: 0 Transmitted Pause Frames: 0 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 408 Number of frames received that exceed the maximum permitted frame size. Internal MAC Rx Errors Number of frames for which reception fails due to an internal MAC sublayer receive error. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 409: Show Ports Jumbo-Frame

    Privileged EXEC mode Example The following example displays whether jumbo frames are enabled on the device. switchxxxxxx# show ports jumbo-frame Jumbo frames are disabled Jumbo frames will be enabled after reset Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 410: Show Link-Flap Prevention

    To display the Err-Disable configuration of the device, use the show errdisable recovery Privileged EXEC mode command. Syntax show errdisable recovery Parameters This command has no arguments or keywords Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 411: Show Errdisable Interfaces

    17.27 show errdisable interfaces To display the Err-Disable state of all interfaces or of a specific interface, use the show errdisable interfaces Privileged EXEC mode command. Syntax [interface-id] show errdisable interfaces Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 412: Clear Switchport Monitor

    Parameters interface-id-list—(Optional) Specifies a list of interface ID. The interface ID can be one of the following types: Ethernet port or port-channel. Default Configuration All monitored statistics are cleared. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 413: Show Switchport Monitor

    —last 12 samples, sampled every 7 days (midnight saturday to midnight saturday according to system time). • utilization —shows per time frame the utilization calculated. • rx —shows received counters statistics. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 414 Weeks Rx/TX utilization utilization utilization utilization ------------ ----------- ----------- ----------- --------- gi11 Example 2—The following example displays monitored Tx statistics gathered in minutes time frame seen by interface gi11 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 415 Time Unicast frames Broadcast frames Multicast frames Good Sent Sent Sent Octet Sent ---------- -------------- ----------- ----------- ------- 04:22:00(~) 04:23:00 (~) Not all samples are available. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 416 Number of frames received that are an Received integral number of octets in length but do not pass the FCS check. Rx Utilization Utilization in percentage for Received frames on the interface. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 417 Description Tx Utilization Utilization in percentage for Sent frames on the interface. Rx/Tx Utilization An average of the Rx Utilization and the Tx Utilization in percentage on the interface. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 418: File System Commands

    < > ::= string up to 63 characters Filenames and directory names consist only of characters from the portable filename character set. The set includes the following characters: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 419 URL alias specifies the Startup Configuration File. This file has the following permissions: readable • localization. The predefined URL alias specifies the Secondary Language Dictionary file. This file has the following permissions: readable Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 420 Example 3. The following example specifies a file on TFTP server using a DNS name: tftp://files.export.com/aaa/dat/file.txt Example 4. The following example specifies a file on FLASH: flash://aaa/dat/file.txt Example 5. The following example specifies files using the current directory: ./dat/file.txt Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 421: System Flash Files

    The system files are divided to the following groups: • Inner System files. The files are created by the switch itself. For example the Syslog file. • Files installed/Uninstalled by user. This group includes the following files: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 422 Mirror Configuration files. • flash://system/localization/—The directory contains the Secondary Language Dictionary file. • flash://system/syslog/—The directory contains the Syslog file. • flash://system/applications/—The directory contains inner system files managed by the switch applications. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 423: Boot Config

    Configuration file is deleted. Use the boot config running-config command to install Startup Configuration from Running Configuration. Use the boot config mirror-config command to install Startup Configuration from the Mirror Configuration file. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 424: Boot Localization

    To install a file as the Secondary Language Dictionary file, use the boot localization command in Privileged EXEC mode. To return to the default, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 425 Example 1. The following example installs the Secondary Language Dictionary file from a TFTP server: switchxxxxxx(config)# boot localization tftp://196.1.1.1/web-dictionaries/germany-dictionary.dat Example 2. The following example installs the Secondary Language Dictionary file from FLASH: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 426: Boot System

    Use the boot system inactive-image command to set the inactive image as active one and the active image as inactive one. Use the show bootvar / show version command to display information about the active and inactive images. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 427 User EXEC mode User Guidelines When a terminal session is started the current directory of the session is set to flash://. Use the cd command to change the current directory. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 428: Copy

    [exclude | include-encrypted | include-plaintext] src-url copy running-config copy running-config startup-config Parameters • src-url —The location URL of the source file to be copied. The predefined URL aliases can be configured. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 429 Example Example 1. The following example copies file file1 from the TFTP server 172.16.101.101 to the flash://aaaa/file1 file: switchxxxxxx# copy tftp://172.16.101.101/file1 flash://aaa/file1 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 430: Delete

    To delete a local file, use the delete command in Privileged EXEC mode. Syntax delete delete startup-config delete localization Parameters • —Specifies the local URL of the local file to be deleted. The predefined and network URLs cannot be configured. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 431: Dir

    • —Specifies the local URL of the directory to be displayed. The predefined and network URLs cannot be configured. If the argument is omitted the current directory is used. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 432: Mkdir

    Nov 29 2010 7:12:30 image1 -rw- 2014 Nov 20 2010 9:12:30 data 18.10 mkdir To create a new directory, use the mkdir command in Privileged EXEC mode. Syntax mkdir Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 433: More

    To display the contents of a file, use the more command in User EXEC mode. Syntax more Parameters • —Specifies the local URL or predefined file name of the file to display. Command Mode User EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 434: Pwd

    To show the current directory, use the pwd command in User EXEC mode. Syntax pwd [usb: I flash:] Parameters • usb:—Display the current directory on the USB driver. • flash:—Display the current directory on the FLASH driver. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 435: Reload

    Parameters • —Schedules a reload of the image to take effect in the specified minutes or hours and minutes. The reload must take place within approximately 24 days. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 436 Use the reload cancel command to cancel the scheduled reload. To display information about a scheduled reload, use the show reload command. Example Example 1. The following example reloads the switch: switchxxxxxx# reload Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 437: Rename

    Example 5. The following example cancels a reload. switchxxxxxx# reload cancel Reload cancelled. 18.14 rename To rename a local file or directory, use the rename command in Privileged EXEC mode. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 438 ./text1sav.txt Example 2. The following example renames the flash://a/b directory to the flash://e/g/h directory: switchxxxxxx# pwd flash://a/b/c/d switchxxxxxx> dir flash://a Permissions • d-directory • r-readable • w-writable Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 439 134560K of 520000K are free Directory of flash://mng/ File Name Permission File Size Last Modified --------- ---------- --------- -------------------- switchxxxxxx> dir flash://e/g/h Permissions • d-directory • r-readable • w-writable • x-executable Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 440: Rmdir

    Example 1. The following example removes the directory called ‘backup/config/’ from FLASH: switchxxxxxx# rmdir flash://backup/config/ Remove flash://backup/config? [Y/N]Y Example 2. The following example removes the directory called ‘aaa/config’ from the mass-storage device connected to the USB port: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 441: Service Mirror-Configuration

    Example 1 - The following example disables the mirror-configuration service: no service mirror-configuration switchxxxxxx(config)# This operation will delete the mirror-config file if exists. Do you want to continue? (Y/N) [N] Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 442: Show Bootvar / Show Version

    Example Example 1. The following example gives an example of the command output after reload: switchxxxxxx# show bootvar Active-image: flash://system/images/image_v12-03.ros Version: 12.03 MD5 Digest: 23FA000012857D8855AABC7577AB5562 Date: 04-Jul-2014 Time: 15:03:07 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 443 Example 3. This example continues the inactive one, after a system reload: switchxxxxxx# show bootvar Active-image: flash://system/images/image_v14-01.ros Version: 14.01 MD5 Digest: 23FA000012857D8855AABC7577AB5562 Date: 24-Jul-2014 Time: 23:11:17 Inactive-image: flash://system/images/image_v12-03.ros Version: 12.03 MD5 Digest: 6 3FA000012857D8855AABEA7451265456 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 444 Example 5. This example continues the inactive one, after a system reload: switchxxxxxx# show bootvar Active-image: flash://system/images/image_v12-03.ros Version: 12.03 MD5 Digest: 6 3FA000012857D8855AABEA7451265456 Date: 04-Jul-2014 Time: 15:03:07 Inactive-image: flash://system/images/_image_v12-03.ros Version: 12.03 MD5 Digest: 6 3FA000012857D8855AABEA7451265456 Date: 04-Jul-2014 Time: 15:03:07 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 445 MD5 Digest: 23FA000012857D8855AABC7577AB5562 Date: 24-Jul-2014 Time: 23:11:17 Active after reboot switchxxxxxx# boot system tftp://1.1.1.1/image_v14-04.ros switchxxxxxx# show bootvar Active-image: flash://system/images/image_v12-03.ros Version: 12.03 MD5 Digest: 6 3FA000012857D8855AABEA7451265456 Date: 04-Jul-2014 Time: 15:03:07 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 446 Active-image: flash://system/images/image_v12-03.ros Version: 12.03 MD5 Digest: 6 3FA000012857D8855AABEA7451265456 Date: 04-Jul-2014 Time: 15:03:07 Inactive after reboot Inactive-image: flash://system/images/image_v14-01.ros Version: 14.01 MD5 Digest: 23FA000012857D8855AABC7577AB5562 Date: 24-Jul-2014 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 447: Show Mirror-Configuration Service

    User EXEC mode. Syntax show mirror-configuration service Command Mode User EXEC mode Example The following example displays the status of the mirror-configuration service switchxxxxxx# show mirror-configuration service Mirror-configuration service is enabled Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 448: Show Reload

    No scheduled reload 18.20 show running-config To display the contents of the currently running configuration file, use the show running-config command in Privileged EXEC mode. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 449 / R750_NIK_1_2_584_002 CLI v1.0 file SSD indicator encrypted ssd-control-start ssd config ssd file passphrase control unrestricted no ssd file integrity control ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0 no spanning-tree interface range gi11-4 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 450: Show Startup-Config

    Command Mode Privileged EXEC mode Example The following example displays the startup configuration file contents. switchxxxxxx# show startup-config config-file-header AA307-02 v1.2.5.76 / R750_NIK_1_2_584_002 CLI v1.0 file SSD indicator encrypted Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 451 1000 exit no lldp run interface vlan 1 ip address 1.1.1.1 255.0.0.0 exit line console exec-timeout 0 exit switchxxxxxx# Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 452: Write

    Overwrite file [startup-config] ?[Yes/press any key for no]..15-Sep-2010 11:27 :48 %COPY-I-FILECPY: Files Copy - source URL running-config destination URL flash://startup-config 15-Sep-2010 11:27:50 %COPY-N-TRAP: The copy operation was completed successfully Copy succeeded Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 453: Garp Vlan Registration Protocol (Gvrp) Commands

    Ethernet port or Port-channel. Default Configuration All GVRP statistics are cleared. Command Mode Privileged EXEC mode Example The following example clears all GVRP statistical information on switchxxxxxx# clear gvrp statistics gi14 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 454: Gvrp Enable (Global)

    To enable GVRP on an interface, use the gvrp enable Interface (Ethernet, Port Channel) Configuration mode command. To disable GVRP on an interface, use the no form of this command. Syntax gvrp enable no gvrp enable Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 455: Gvrp Registration-Forbid

    To allow dynamic registration of VLANs on a port, use the no form of this command. Syntax gvrp registration-forbid no gvrp registration-forbid Parameters This command has no arguments or keywords. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 456: Gvrp Vlan-Creation-Forbid

    Parameters This command has no arguments or keywords. Default Configuration Enabled. Command Mode Interface (Ethernet, Port Channel) Configuration mode Example The following example disables dynamic VLAN creation on Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 457: Show Gvrp Configuration

    GVRP Feature is currently Enabled on the device. Maximum VLANs: 4094 Port(s) GVRP-Status Regist- Dynamic Timers(ms) ration VLAN Creation Join Leave Leave All ---- ----------- -------- ------------- ---- ----- ---------- Enabled Forbidden Disabled 10000 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 458: Show Gvrp Error-Statistics

    : Invalid Attribute Type INVALEN : Invalid Attribute Length INVAVAL : Invalid Attribute Value INVEVENT: Invalid Event Port INVPROT INVATYP INVAVAL INVALEN INVEVENT -------- ------- ------- ------- ------- -------- Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 459: Show Gvrp Statistics

    : Leave All Received sJE : Join Empty Sent sJIn: Join In Sent sEmp: Empty Sent sLIn: Leave In Sent sLE : Leave Empty Sent sLA : Leave All Sent Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 460 GARP VLAN Registration Protocol (GVRP) Commands Port rJIn rEmp rLIn sJIn sEmp sLIn ----- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 461: Green Ethernet

    Use the green-ethernet energy-detect Interface configuration mode command to enable Green Ethernet-Energy-Detect mode on a port. Use the no form of this command, to disable it on a port. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 462: Green-Ethernet Short-Reach (Global)

    Use the green-ethernet short-reach Global Configuration mode command to enable Green-Ethernet Short-Reach mode globally. Use the no form of this command to disabled it. Syntax green-ethernet short-reach no green-ethernet short-reach Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 463: Green-Ethernet Short-Reach (Interface)

    The VCT length check can be performed only on a copper port operating at a speed of 1000 Mbps. If the media is not copper or the link speed is not 1000, Mbps Short-Reach mode is not applied. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 464: Green-Ethernet Power-Meter Reset

    Default Configuration None Command Mode Privileged EXEC mode Example green-ethernet power-meter reset switchxxxxxx# 20.6 show green-ethernet To display green-ethernet configuration and information, use the show green-ethernet Privileged EXEC mode command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 465 If there are a several reasons, then only the highest priority reason is displayed. Energy-Detect Non-Operational Reasons Priority Reason Description Port is not present Link Type is not supported (fiber, auto media select) Port Link is up – NA Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 466 Short-Reach cable length threshold: 50m Port Energy-Detect Short-Reach VCT Cable Admin Oper Reason Admin Force Oper Reason Length ---- ----- ---- ------- ----- ----- ---- ------- ------ gi11 gi12 < 50 gi13 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 467: Igmp Commands

    Example The following example clears the counters for VLAN 100: switchxxxxxx# clear ip igmp counters vlan 100 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 468: Ip Igmp Last-Member-Query-Count

    3 switchxxxxxx(config-if)# exit 21.3 ip igmp last-member-query-interval To configure the Internet Group Management Protocol (IGMP) last member query interval, use the ip igmp last-member-query-interval command in Interface Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 469: Ip Igmp Query-Interval

    Management Protocol (IGMP) host-query messages from an interface, use the ip igmp query-interval command in Interface Configuration mode. To restore the default IGMP query interval, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 470: Ip Igmp Query-Max-Response-Time

    To configure the maximum response time advertised in Internet Group Management Protocol (IGMP) queries, use the ip igmp query-max-response-time command in Interface Configuration mode. To restore the default value, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 471 Therefore, the hosts must know to respond faster than 10 seconds (or the value you configure). Example The following example configures a maximum response time of 8 seconds: switchxxxxxx(config)# interface vlan 100 switchxxxxxx(config-if)# ip igmp query-max-response-time 8 switchxxxxxx(config-if)# exit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 472: Ip Igmp Robustness

    To configure which version of Internet Group Management Protocol (IGMP) the router uses, use the ip igmp version command in Interface Configuration mode. To restore the default value, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 473: Show Ip Igmp Counters

    21.8 show ip igmp counters To display the Internet Group Management Protocol (IGMP) traffic counters, use the show ip igmp counters command in User EXEC mode. Syntax interface-id show ip igmp counters [ Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 474: Show Ip Igmp Groups

    To display the multicast groups that are directly connected to the router and that were learned through Internet Group Management Protocol (IGMP), use the show ip igmp groups command in User EXEC mode. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 475 IGMP Connected Group Membership Expires: never - switch itself has joined the group Group Address Interface Expires 224.1.1.1 VLAN 100 00:01:30 224.10.12.79 VLAN 100 never 225.1.1.1 VLAN 100 00:00:27 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 476: Show Ip Igmp Groups Summary

    To display the number of (*, G) and (S, G) membership reports present in the Internet Group Management Protocol (IGMP) cache, use the show ip igmp groups summary command in User EXEC mode. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 477: Show Ip Igmp Interface

    No. of (S,G) routes = 0—Displays the number of include and exclude mode sources present in the IGMP cache. 21.11 show ip igmp interface To display multicast-related information about an interface, use the show ip igmp interface command in User EXEC mode. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 478 Administrative IGMP max query response time is 10 seconds Operational IGMP max query response time is 10 seconds Administrative Last member query response interval is 1000 milliseconds Operational Last member query response interval is 1000 milliseconds Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 479: Igmp Proxy Commands

    Examples Example 1. The following example adds a downstream interface to an IGMP Proxy process with vlan 200 as its Upstream interface: switchxxxxxx(config)# interface vlan 100 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 480: Ip Igmp-Proxy Downstream Protected

    This command has no arguments or keywords. Default Configuration Forwarding from downstream interfaces is allowed. Command Mode Global Configuration mode User Guidelines Use the ip igmp-proxy downstream protected command to block forwarding from downstream interfaces. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 481: Ip Igmp-Proxy Downstream Protected Interface

    Use the ip igmp-proxy downstream protected interface disabled command to block forwarding from the given downstream interface. Use the ip igmp-proxy downstream protected interface enabled command to allow forwarding from the given downstream interface. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 482: Ip Igmp-Proxy Ssm

    —Specifies the standard IP access list name defining the SSM range. Default Configuration The command is disabled. Command Mode Global Configuration mode User Guidelines A new ip igmp-proxy ssm command overrides the previous ip igmp-proxy ssm command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 483: Show Ip Igmp-Proxy Interface

    IGMP Proxy is enabled or to display the IGMP Proxy configuration for a given interface. Examples Example 1. The following example displays IGMP Proxy status on all interfaces where the IGMP Proxy is enabled: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 484 IGMP Proxy is enabled Global Downdtream interfaces protection is disabled SSM Access List Name: IP Multicast Tarffic Discarding from Downdtream interfaces is disabled vlan 100 is a Upstream interface Downstream interfaces: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 485 IGMP Proxy is disabled: switchxxxxxx# show ip igmp-proxy interface vlan 1 IP Forwarding is enabled IP Multicast Routing is enabled IGMP Proxy is disabled Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 486: Igmp Snooping Commands

    To enable IGMP snooping on a specific VLAN, use the ip igmp snooping vlan command in Global Configuration mode. To return to the default, use the no form of this command. Syntax vlan-id ip igmp snooping vlan Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 487: Ip Igmp Snooping Vlan Mrouter

    Syntax vlan-id ip igmp snooping vlan mrouter learn pim-dvmrp vlan-id no ip igmp snooping vlan mrouter learn pim-dvmrp Parameters • vlan-id —Specifies the VLAN. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 488: Ip Igmp Snooping Vlan Mrouter Interface

    Parameters • vlan-id —Specifies the VLAN. • interface-list —Specifies the list of interfaces. The interfaces can be one of the following types: Ethernet port or Port-channel. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 489: Ip Igmp Snooping Vlan Forbidden Mrouter

    —Specifies the VLAN. • interface-list —Specifies a list of interfaces. The interfaces can be of one of the following types: Ethernet port or Port-channel. Default Configuration No ports defined. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 490: Ip Igmp Snooping Vlan Static

    —(Optional) Specifies a list of interfaces. The interfaces can be of one of the following types: Ethernet port or Port-channel. Default Configuration No Multicast addresses are defined. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 491: Ip Igmp Snooping Vlan Multicast-Tv

    —Multicast IP address • count number —(Optional) Configures multiple contiguous Multicast IP addresses. If not specified, the default is 1. (Range: 1–256) Default Configuration No Multicast IP address is associated. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 492: Ip Igmp Snooping Map Cpe Vlan

    Parameters • cpe-vlan-id —Specifies the CPE VLAN ID. • vlan-id—Specifies the Multicast-TV VLAN ID. Default Configuration No mapping exists. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 493: Ip Igmp Snooping Querier

    Parameters Default Configuration Enabled Command Mode Global Configuration mode User Guidelines To run the IGMP Snooping querier on a VLAN, you have enable it globally and on the VLAN. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 494: Ip Igmp Snooping Vlan Querier

    The IGMP Snooping querier can be enabled on a VLAN only if IGMP Snooping is enabled for that VLAN. Example The following example enables the IGMP Snooping querier on VLAN 1: switchxxxxxx(config)# ip igmp snooping vlan 1 querier Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 495: Ip Igmp Snooping Vlan Querier Address

    To enable IGMP Querier election mechanism of an IGMP Snooping querier on a specific VLAN, use the ip igmp snooping vlan querier election command in Global Configuration mode. To disable Querier election mechanism, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 496 It is recommended to disable IGMP Querier election mechanism if there is an IPM Multicast router on the VLAN. Example The following example disables IGMP Snooping Querier election on VLAN 1: switchxxxxxx(config)# no ip igmp snooping vlan 1 querier election Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 497: Ip Igmp Snooping Vlan Querier Version

    Global Configuration mode command in Global Configuration mode. To return to the default, use the no form of this command. Syntax vlan-id ip igmp snooping vlan immediate-leave Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 498: Show Ip Igmp Snooping Cpe Vlans

    User EXEC mode. Syntax vlan-id show ip igmp snooping cpe vlans [vlan Parameters • vlan-id vlan —(Optional) Specifies the CPE VLAN ID. Command Mode User EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 499: Show Ip Igmp Snooping Groups

    Use the show ip igmp snooping groups command with parameters to see a needed subset of all Multicast groups learned by IGMP snooping To see the full Multicast address table (including static addresses), use the show bridge multicast address-table command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 500: Show Ip Igmp Snooping Interface

    1000 IGMP Snooping is globally enabled IGMP Snooping Querier is globally enabled VLAN 1000 IGMP Snooping is enabled IGMP snooping last immediate leave: enable Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 501: Show Ip Igmp Snooping Mrouter

    —(Optional) Specifies the VLAN ID. Command Mode User EXEC mode Example The following example displays information on dynamically learned Multicast router interfaces for VLAN 1000: switchxxxxxx# show ip igmp snooping mrouter interface 1000 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 502: Show Ip Igmp Snooping Multicast-Tv

    The following example displays the IP addresses associated with all Multicast TV VLANs. switchxxxxxx# show ip igmp snooping multicast-tv VLAN IP Address ---- ----------- 1000 239.255.0.0 1000 239.255.0.1 1000 239.255.0.2 1000 239.255.0.3 1000 239.255.0.4 1000 239.255.0.5 1000 239.255.0.6 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 503 IGMP Snooping Commands 1000 239.255.0.7 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 504: Ip Addressing Commands

    —Specifies the network mask of the IP address. • prefix-length —Specifies the number of bits that comprise the IP address prefix. The prefix length must be preceded by a forward slash (/). (Range: 8–30) Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 505 1.1.1.1 255.0.0.0 ip address switchxxxxxx(config)# exit switchxxxxxx(config)# interface vlan switchxxxxxx(config-if)# ip address 1.2.1.1 255.255.0.0 switchxxxxxx(config)# This IP address overlaps IP address 1.1.1.1/8 on vlan1, are you sure? [Y/N]Y Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 506: Ip Address Dhcp

    The default route (Default Gateway) received in DHCP Router option (Option 3) is assigned a metric of 8. Use the no form of the command to disable DHCP client on interface. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 507: Renew Dhcp

    Example The following example renews an IP address on VLAN 19 that was acquired from a DHCP server: switchxxxxxx# renew dhcp vlan Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 508: Ip Default-Gateway

    Use the no ip default-gateway command to delete all default gateways. Example The following example defines default gateway 192.168.1.1. switchxxxxxx(config)# ip default-gateway 192.168.1.1 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 509: Show Ip Interface

    Enabled Valid 10.5.234.202/24 vlan 4 UP/DOWN Static disable Disabled Valid Example 2 - The following example displays the IP addresses configured on the given L2 interfaces and their types: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 510: Arp

    The software uses ARP cache entries to translate 32-bit IP addresses into 48-bit hardware (MAC) addresses. Because most hosts support dynamic address resolution, static ARP cache entries generally do not need to be specified. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 511: Arp Timeout (Global)

    The default ARP timeout is 60000 seconds, if IP Routing is enabled, and 300 seconds if IP Routing is disabled. Command Mode Global Configuration mode Example The following example configures the ARP timeout to 12000 seconds. switchxxxxxx(config)# arp timeout 12000 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 512: Ip Arp Proxy Disable

    24.9 ip proxy-arp Use the ip proxy-arp Interface Configuration mode command to enable an ARP proxy on specific interfaces. Use the no form of this command disable it. Syntax ip proxy-arp Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 513: Clear Arp-Cache

    Use the clear arp-cache Privileged EXEC mode command to delete all dynamic entries from the ARP cache. Syntax clear arp-cache Command Mode Privileged EXEC mode Example The following example deletes all dynamic entries from the ARP cache. switchxxxxxx# clear arp-cache Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 514: Show Arp

    Interface IP Address HW Address Status ------- --------------- ---------- ----------------- ------- VLAN 1 10.7.1.102 00:10:B5:04:DB:4B Dynamic VLAN 1 10.7.1.135 00:50:22:00:2A:A4 Static VLAN 2 11.7.1.135 00:12:22:00:2A:A4 Dynamic 12.10.1.13 00:11:55:04:DB:4B Dynamic Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 515: Show Arp Configuration

    80000 Seconds Interface configuration: VLAN 1: ARP Proxy: disabled ARP timeout:60000 Seconds VLAN 10: ARP Proxy: enabled ARP timeout:70000 Seconds VLAN 20: ARP Proxy: enabled ARP timeout:80000 Second (Global) Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 516: Interface Ip

    Syntax ip-interface | address udp-port-list ip helper-address { all} ip-interface | address no ip helper-address { all} Parameters • ip-interface —Specifies the IP interface. • all—Specifies all IP interfaces. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 517 Forwarding of BOOTP/DHCP (ports 67, 68) cannot be enabled with this command. Use the DHCP relay commands to relay BOOTP/DHCP packets. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 518: Show Ip Helper-Address

    The following example displays the IP helper addresses configuration on the system: switchxxxxxx# show ip Interface Helper Address UDP Ports ------------ -------------- ------------------------ 192.168.1.1 172.16.8.8 37, 42, 49, 53, 137, 138 192.168.2.1 172.16.9.9 37, 49 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 519: Show Ip Dhcp Client Interface

    DNS Domain Search List: company.com Host Name: switch_floor7 Configuration Server Addresses: 192.1.1.1 202.1.1.1 Configuration Path Name: qqq/config/aaa_config.dat Image Path Name: qqq/image/aaa_image.ros POSIX Timezone string: EST5EDT4,M3.2.0/02:00,M11.1.0/02:00 VLAN 1200 is in client mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 520 DNS Servers: 115.1.1.1, 87.12.34.20 DNS Domain Search List: company.com Host Name: switch_floor7 company.com Configuration Server Addresses: configuration. Configuration Path Name: qqq/config/aaa_config.dat Image Path Name: qqq/image/aaa_image.ros POSIX Timezone string: EST5EDT4,M3.2.0/02:00,M11.1.0/02:00 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 521: Ip Routing Protocol-Independent Commands

    ACL: • permit—The route specified by the set command Policy routing. • deny—The route specified by the IP Forwarding table (regular routing). Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 522 20 switchxxxxxx(config-route-map)# match ip address access-list pr-acl2 switchxxxxxx(config-route-map)# set ip next-hop 50.1.1.1 switchxxxxxx(config-route-map)# exit switchxxxxxx(config)# interface vlan 1 switchxxxxxx(config-if)# ip policy route-map pbr switchxxxxxx(config-if)# exit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 523: Ip Redirects

    1.1.1.1 and re-enables the messages on IP interface 2.2.2.2: switchxxxxxx(config)# interface ip 1.1.1.1 switchxxxxxx(config-ip)# no ip redirects switchxxxxxx(config-ip)# exit switchxxxxxx(config)# interface ip 2.2.2.2 switchxxxxxx(config-ip)# ip redirects switchxxxxxx(config-ip)# exit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 524: Ip Route

    Use the no ip route comand with the parameter to remove only one static route to the given subnet via the given next hop. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 525: Ip Routing

    25.4 ip routing To enable IP routing, use the ip routing command in global configuration mode. To disable IP routing, use the no form of this command. Syntax ip routing Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 526: Show Ip Route

    —The value of the subnet mask. • longer-prefixes—Specifies that only routes matching the IP address and mask pair should be displayed. • connected—Displays connected routes. • icmp—Displays routes added by ICMP Direct. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 527 10.119.0.0/16 0.0.0.0 vlan2 C> 10.120.0.0/16 0.0.0.0 vlan3 Example 2. The following is sample output from the show ip route command when IP Routing is enabled: show ip route switchxxxxxx# Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 528 Next Hop Status: Active VLAN 110 Route Map: BPR_20 Status: Not Active (VLAN 110 status is DOWN) ACL Name: ACLTCPHTTP Next Hop: 1.1.1.20 Next Hop Status: Active VLAN 200 Route Map: BPR_A0 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 529 Codes: > - best, C - connected, S - static Policy Routing VLAN 1 Route Map: BPR1 Status: Active ACL Name: ACLTCPHTTP Next Hop: 1.1.1.1 Next Hop Status: Active ACL Name: ACLTCPTELNET Next Hop: 2.2.2.2 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 530 S> 10.16.2.64/26 100.1.14.244 00:02:22 vlan1 S> 10.16.2.128/26 1/1 110.9.2.2 00:02:22 vlan3 S> 10.16.208.0/24 1/1 120.120.5.44 00:02:22 vlan2 S> 10.16.223.0/24 1/1 20.1.2.24 00:02:22 vlan5 S> 10.16.236.0/24 1/1 30.19.54.240 00:02:23 vlan6 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 531: Show Ip Route Summary

    The following is sample output from the show ip route summary command: switchxxxxxx# show ip route summary IP Routing Table Summary - 90 entries 35 connected, 25 static Number of prefixes: /16: 16, /18: 10, /22: 15, /24: 19 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 532 IP Routing Protocol-Independent Commands Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 533: Ip System Management Commands

    —Timeout in milliseconds to wait for each reply, from 50 to 65535 milliseconds. The default is 2000 milliseconds (50–65535). • source-address source —Source address (Unicast IPv4 address or global Unicast IPv6 address). Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 534 64 bytes from 10.1.1.1: icmp_seq=1. time=8 ms 64 bytes from 10.1.1.1: icmp_seq=2. time=8 ms 64 bytes from 10.1.1.1: icmp_seq=3. time=7 ms ----10.1.1.1 PING Statistics---- 4 packets transmitted, 4 packets received, 0% packet loss Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 535 64 bytes from FF02::1: icmp_seq=1. time=0 ms 64 bytes from FF02::1: icmp_seq=1. time=70 ms 64 bytes from FF02::1: icmp_seq=2. time=0 ms 64 bytes from FF02::1: icmp_seq=1. time=1050 ms 64 bytes from FF02::1: icmp_seq=2. time=70 ms Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 536: Ssh

    Specifies the decimal TCP port number. The default port is the SSH port (22). • keyword —Specifies the one or more keywords listed in the Keywords table in the User Guidelines. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 537 Telnet connection except that the connection is encrypted. With authentication and encryption, the SSH client allows for a secure communication over an insecure network. Only one SSH terminal connection can be active at the same time. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 538: Telnet

    The telnet EXEC mode command logs on to a host that supports Telnet. Syntax telnet { ip-address hostname port keyword ...] Parameters • ip-address— Specifies the destination host IP address (IPv4 or IPv6). Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 539 ?/help A sample of this list follows. switchxxxxxx> /help [Special telnet escape help] ^^ B sends telnet BREAK ^^ C sends telnet IP Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 540 (UUCP) and other non-Telnet protocols. Ctrl-shift-6 x Returns to the System Command Prompt. Ports Table Keyword Description Port Number Border Gateway Protocol chargen Character generator Remote commands daytime Daytime discard Discard Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 541 Simple Mail Transport Protocol sunrpc Sun Remote Procedure Call syslog Syslog tacacs TAC Access Control System talk Talk telnet Telnet time Time uucp Unix-to-Unix Copy Program whois Nickname World Wide Web Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 542: Traceroute

    The default count is 3. (Range: 1–10) • time_out timeout —The number of seconds to wait for a response to a probe packet. The default is 3 seconds. (Range: 1–60) Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 543 3 SUNV--STAN.POS.calren2.net (198.32.249.73) 1 msec 1 msec 1 msec 4 Abilene--QSV.POS.calren2.net (198.32.249.162) 1 msec 1 msec 1 msec 5 kscyng-snvang.abilene.ucaid.edu (198.32.8.103) 33 msec 35 msec 35 msec 6 iplsng-kscyng.abilene.ucaid.edu (198.32.8.80) 47 msec 45 msec 45 msec Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 544 Fragmentation required and DF is set. Host unreachable. Network unreachable. Protocol unreachable. Source quench. Fragment reassembly time exceeded Source route failed. Port unreachable. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 545: Ipv4 Ipm Router Commands

    To forward IPv4 Multicast packets on an interface, IPv4 Multicast forwarding must be enabled globally and an IPMv4 Routing protocol must be enabled on the interface. Example The following example enables IP Multicast routing using IGMP Proxy: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 546: Ip Multicast Ttl-Threshold

    TTL threshold value automatically become border routers. Example The following example sets the TTL threshold on a border router to 200: switchxxxxxx(config)# interface vlan 100 switchxxxxxx(config-if)# ip multicast ttl-threshold 200 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 547: Show Ip Mroute

    IP Multicast routing table. “Expires” indicates per interface how long (in hours, minutes, and seconds) until the entry will be removed from the IP Multicast routing table. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 548 Example 2. The following is sample output from the show ip mroute command: show ip mroute switchxxxxxx# Timers: Uptime/Expires IP Multicast Routing Table (*, 224.0.255.3), 5:29:15/00:03:01 Incoming interface: vlan2 Outgoing interface list: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 549: Show Ip Multicast

    Example 1. The following is sample output from the show ip multicast command without the interface keyword when no IP Multicast Routing protocol is enabled: show ip multicast switchxxxxxx# Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 550 IGMP Proxy is enabled on the interface and the interface is an IGMP Proxy Downlink interface: show ip multicast interface vlan 100 switchxxxxxx# IP Unicast Forwarding: enabled IP Multicast Protocol: IGP Proxy vlan 200 TTL-threshold: 0 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 551 100 switchxxxxxx# IP Unicast Forwarding: enabled IP Multicast Protocol: IGMP Proxy vlan 200 IP Status: enabled hop-threshold: 100 IGMP Protocol: IGMPv3 IGMP Proxy: disabled Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 552: Ipv6 Commands

    IPv6 address based on an IPv6 general prefix and enable IPv6 processing on an interface. To remove the address from the interface, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 553 IPv6 addresses from an interface, including link local manually configured addresses. Example The following example defines the IPv6 global address 2001:DB8:2222:7272::72 on vlan 100: switchxxxxxx(config)# interface vlan 100 switchxxxxxx(config-if)# ipv6 address 2001:DB8:2222:7272::72/64 switchxxxxxx(config-if)# exit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 554: Ipv6 Address Anycast

    Anycast address. Anycast addresses can be used only by a router, not a host, and Anycast addresses must not be used as the source address of an IPv6 packet. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 555: Ipv6 Address Autoconfig

    Advertisement messages. To disable automatic configuration of IPv6 addresses and to remove the automatically configured address from the interface, use the no form of this command. Syntax ipv6 address autoconfig no ipv6 address autoconfig Parameters N/A. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 556: Ipv6 Address Eui-64

    EUI-64 interface ID in the low order 64 bits of the address. To remove the address from the interface, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 557 64 then the following 64 bits are taken from the EUI-64 Interface ID. • prefix-length > 64 then the following (128- prefix-length ) bits are taken from prefix-length the last (64-( -64)) bits of the EUI-64 Interface ID. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 558: Ipv6 Address Link-Local

    RFC4293 where the address is specified in hexadecimal using 16-bit values between colons. Default Configuration The default Link-local address is defined. Command Mode Interface Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 559: Ipv6 Default-Gateway

    Parameters • ipv6-address —Specifies the IPv6 address of an IPv6 router that can be used to reach a network. Default Configuration No default gateway is defined. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 560: Ipv6 Enable

    To disable IPv6 processing on an interface that has not been configured with an explicit IPv6 address, use the no form of this command. Syntax ipv6 enable no ipv6 enable Parameters N/A. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 561: Ipv6 Hop-Limit

    Syntax ipv6 hop-limit value no ipv6 hop-limit Parameters • value —Maximum number of hops. The acceptable range is from 1 to 255. Default Configuration The default is 64 hops. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 562: Ipv6 Icmp Error-Interval

    1 to 200. Default Configuration The default interval is 100ms and the default bucketsize is 10 i.e. 100 ICMP error messages per second. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 563: Ipv6 Link-Local Default Zone

    Ipv6 link-local default zone Parameters • interface-id —Specifies the interface that is used as the egress interface for packets sent without a specified IPv6Z interface identifier or with the default 0 identifier. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 564: Ipv6 Nd Advertisement-Interval

    Use the ipv6 nd advertisement-interval command to indicate to a visiting mobile node the interval at which that node may expect to receive RAs. The node may use this information in its movement detection algorithm. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 565: Ipv6 Nd Dad Attempts

    0 to 600. Configuring a value of 0 disables duplicate address detection processing on the specified interface; a value of 1 configures a single transmission without follow-up transmissions. Default Configuration Command Mode Interface Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 566 SYSLOG message is issued. All configuration commands associated with the duplicate address remain as configured while the state of the address is set to DUPLICATE. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 567: Ipv6 Nd Hop-Limit

    To return the hop limit to its default value, use the no form of this command. Syntax value ipv6 nd hop-limit no ipv6 nd hop-limit Parameters • value —Maximum number of hops. The acceptable range is from 1 to 255. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 568: Ipv6 Nd Managed-Config-Flag

    “managed address configuration flag” in IPv6 router advertisements. To clear the flag from IPv6 router advertisements, use the no form of this command. Syntax ipv6 nd managed-config-flag no ipv6 nd managed-config-flag Parameters N/A. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 569: Ipv6 Nd Ns-Interval

    IPv6 neighbor solicitation retransmissions on an interface. To restore the default interval, use the no form of this command. Syntax milliseconds ipv6 nd ns-interval no ipv6 nd ns-interval Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 570: Ipv6 Nd Other-Config-Flag

    Other Stateful configuration flag in IPv6 router advertisements. To clear the flag from IPv6 router advertisements, use the no form of this command. Syntax ipv6 nd other-config-flag no ipv6 nd other-config-flag Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 571: Ipv6 Nd Prefix

    Use the ipv6 nd prefix command in Interface Configuration mode to configure which IPv6 prefixes are included in IPv6 Neighbor Discovery (ND) router advertisements. To remove the prefixes, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 572 (for example, because the prefix was also configured using the ipv6 address command), then it will be removed. • no-onlink—Configures the specified prefix as not on-link. The prefix will be advertised with the L-bit clear. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 573 Prefix table (changed (configured) by the ipv6 nd prefix command). • Advertise all prefixes configured by the ipv6 nd prefix command without the no-advertise keyword. Default Keyword Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 574 VLAN 1 with a valid lifetime of 1000 seconds and a preferred lifetime of 900 seconds. The prefix is inserted in the Routing table: switchxxxxxx(config)# interface vlan 1 switchxxxxxx(config-if)# ipv6 nd prefix 2001:0DB8::/35 1000 900 switchxxxxxx(config-if)# exit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 575: Ipv6 Nd Ra Interval

    User Guidelines The interval between transmissions should be less than or equal to the IPv6 router advertisement lifetime if you configure the route as a default router by using this Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 576: Ipv6 Nd Ra Lifetime

    Parameters • seconds —Remaining length of time, in seconds, that this router will continue to be useful as a default router (Router Lifetime value). A value of Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 577: Ipv6 Nd Ra Suppress

    IPv6 router advertisement transmissions on an interface. To re-enable the sending of IPv6 router advertisement transmissions on an interface, use the no form of this command. Syntax ipv6 nd ra suppress no ipv6 nd ra suppress Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 578 Example 2. The following example enables the sending of IPv6 router advertisements on tunnel 1: switchxxxxxx(config)# interface tunnel 1 switchxxxxxx(config-if)# no ipv6 nd ra suppress switchxxxxxx(config-if)# exit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 579: Ipv6 Nd Reachable-Time

    A value of 0 means indicates that the configured time is unspecified by this router. Example The following example configures an IPv6 reachable time of 1,700,000 milliseconds for VLAN 1: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 580: Ipv6 Nd Router-Preference

    A DRP is useful when, for example, two routers on a link may provide equivalent, but not equal-cost, routing, and policy may dictate that hosts should prefer one of the routers. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 581: Ipv6 Neighbor

    Command Mode Global Configuration mode User Guidelines This command is similar to the command. Use the ipv6 neighbor command to add a static entry in the IPv6 neighbor discovery cache. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 582 Example 2. The following example deletes the static entry in the IPv6 neighbor discovery cache for a neighbor with the IPv6 address 2001:0DB8::45A and link-layer address 0002.7D1A.9472 on VLAN 1: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 583: Ipv6 Policy Route-Map

    (Policy Routing) command. Default Configuration No policy routing occurs on the interface. Command Mode Interface Configuration mode User Guidelines Use the ipv6 policy route-map command to enable IPv6 policy routing. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 584 10 switchxxxxxx(config-route-map)# match ipv6 address access-list pr-acl1 switchxxxxxx(config-route-map)# set ipv6 next-hop 3012:12af::1 switchxxxxxx(config-route-map)# exit switchxxxxxx(config)# route-map pbr 20 switchxxxxxx(config-route-map)# match ipv6 address access-list pr-acl2 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 585: Ipv6 Redirects

    The following example disables the sending of ICMP IPv6 redirect messages on VLAN 100 and re-enables the messages on VLAN 2: switchxxxxxx(config)# interface vlan 100 switchxxxxxx(config-if)# no ipv6 redirects switchxxxxxx(config-if)# exit switchxxxxxx(config)# interface vlan 2 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 586: Ipv6 Route

    —Static route metric. Acceptable values are from 1 to 65535. The default value is 1. Default Configuration Static entries are not configured in the IPv6 neighbor discovery cache. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 587: Ipv6 Unicast-Routing

    To disable the forwarding of IPv6 Unicast datagrams, use the no form of this command. Syntax ipv6 unicast-routing no ipv6 unicast-routing Parameters N/A. Default Configuration IPv6 Unicast routing is disabled. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 588: Ipv6 Unreachables

    If the switch receives a datagram that it cannot deliver to its ultimate destination because it knows of no route to the destination address, it replies to the originator of that datagram with an ICMP host unreachable message. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 589: Show Ipv6 Interface

    This command also displays the parameters that IPv6 uses for operation on this interface and any configured features. If the interface’s hardware is usable, the interface is marked up. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 590 ND advertised reachable time is 0 milliseconds ND advertised retransmit interval is 0 milliseconds ND router maximum advertisement interval is 600 seconds ND router minimum advertisement interval is 198 seconds (DEFAULT) Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 591 ND reachable time—Displays the neighbor discovery reachable time (in milliseconds) assigned to this interface. • ND advertised reachable time—Displays the neighbor discovery reachable time (in milliseconds) advertised on this interface. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 592 ND DAD is disabled, number of DAD attempts: 1 ND reachable time is 30000 milliseconds ND advertised reachable time is 0 milliseconds ND advertised retransmit interval is 0 milliseconds Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 593 The type is manual or autoconfig. • Joined group address(es):—Indicates the Multicast groups to which this interface belongs. • —Maximum transmission unit of the interface. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 594 ISATAP Router DNS name is—The DNS name of the ISATAP Router Example 3. The following command with the brief keyword displays information about all interfaces that IPv6 is defined on: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 595 1 prefix IPv6 Prefix Advertisements VLAN 1 Codes: A - Address, P - Prefix is advertised, R is in Routing Table Code Prefix Flags Valid Lifetime Preferred Lifetime Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 596: Show Ipv6 Link-Local Default Zone

    Link Local Default Zone is VLAN 1 Example 2. The following example displays the default zone when it is not defined: switchxxxxxx# show ipv6 link-local default zone Link Local Default Zone is not defined Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 597: Show Ipv6 Nd Prefix

    Example The following example displays IPv6 prefixes: switchxxxxxx# show ipv6 nd prefix vlan 100 vlan 100 default valid-lifetime 2,592,000 secs preferred-lifetime 604,800 secs on-link auto-config prefix 2001::1/64 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 598: Show Ipv6 Neighbors

    16-bit values between colons. • ipv6-hostname —Specifies the IPv6 host name of the remote networking device. Default Configuration All IPv6 ND cache entries are listed. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 599 Age—Time (in minutes) since the address was confirmed to be reachable. A hyphen (-) indicates a static entry. • Link-layer Addr—MAC address. If the address is unknown, a hyphen (-) is displayed. • Interface—Interface which the neighbor is connected to. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 600: Show Ipv6 Route

    • interface-id interface —Identifier of an interface. Default Configuration All IPv6 routing information for all active routing tables is displayed. Command Mode User EXEC mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 601 VLAN 1 Lifetime 1784 sec ND> 2001::/64 [2/1] via :: fe80::200:cff:fe4a:dfa8 VLAN 100 ND> 2002:1:1:1::/64 [2/1] via :: fe80::200:cff:fe4a:dfa8 VLAN 100 ND> 3001::/64 [2/1] via :: fe80::200:cff:fe4a:dfa8 VLAN 101 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 602 Status: Not Active (No IP interface on VLAN 100) ACL Name: ACLTCPHTTP Next Hop: 4214::10 Next Hop Status: Active VLAN 110 Route Map: BPR_20 Status: Not Active (VLAN 110 status is DOWN) Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 603: Show Ipv6 Route Summary

    IPv6 routing table in summary format. Syntax show ipv6 route summary Parameters N/A. Command Mode User EXEC mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 604: Show Ipv6 Static

    (the network portion of the address). A slash mark must precede the decimal value. • interface-id interface —Identifier of an interface. • detail—Specifies for invalid routes, the reason why the route is not valid. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 605 5000::/16, interface VLAN2, metric 1 * 5555::/16, via nexthop 4000::1, metric 1 5555::/16, via nexthop 9999::1, metric 1 * 5555::/16, via nexthop 4001:AF00::1, metric 1 * 6000::/16, via nexthop 2007::1, metric 1 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 606 5000::/16, interface VLAN2, metric 1 Interface is down * 5555::/16, via nexthop 4000::1, metric 1 5555::/16, via nexthop 9999::1, metric 1 Route does not fully resolve * 5555::/16, via nexthop 4001:AF00::1, metric 1 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 607 IPv6 Commands * 6000::/16, via nexthop 2007::1, metric 1 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 608: Ipv6 First Hop Security

    When a user-defined policy is attached to a port the default policy for that port is detached. If the user-define policy is detached from the port, the default policy is reattached. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 609: Address-Config

    VLAN. If it is defined in a policy attached to a port in the VLAN, this value overrides the value in the policy attached to the VLAN. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 610: Address-Prefix-Validation

    Policy attached to port or port channel: the value configured in the policy attached to the VLAN. Policy attached to VLAN: global configured value. Command Mode Neighbor Binding Policy Configuration mode. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 611: Clear Ipv6 First Hop Security Counters

    This command clears port counters about packets handled by IPv6 First Hop Security. Use the interface keyword to clear all counters for the specific port. Use the command without keyword to clear all counters. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 612: Clear Ipv6 First Hop Security Error Counters

    29.5 clear ipv6 neighbor binding prefix table To remove dynamic entries from the Neighbor Prefix table, use the clear ipv6 neighbor binding prefix table command in Privilege EXEC configuration mode. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 613 100: switchxxxxxx# clear ipv6 neighbor binding prefix table vlan 100 Example 3. The following example clears one specific prefix: switchxxxxxx# clear ipv6 neighbor binding prefix table vlan 100 2002:11aa:0000:0001::/64 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 614: Clear Ipv6 Neighbor Binding Table

    If the ndp keyword and the dhcp keyword is not defined, the entries are removed regardless their origin. If no keywords or arguments are entered, all dynamic entries are deleted. All keyword and argument combinations are allowed. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 615: Device-Role (Ipv6 Dhcp Guard)

    VLAN. IPv6 DHCP Guard discards the following DHCPv6 messages sent by DHCPv6 servers/relays and received on ports configured as client: • ADVERTISE Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 616: Device-Role (Neighbor Binding)

    IPv6 First Hop Security. Default Configuration Policy attached to port or port channel: Value configured in the policy attached to the VLAN. Policy attached to VLAN: Perimeter. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 617: Device-Role (Nd Inspection Policy)

    To specify the role of the device attached to the port within an IPv6 ND Inspection policy, use the device-role command in ND Inspection Policy Configuration mode. To disable this function, use the no form of this command. Syntax device-role {host | router} Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 618 The following example defines an ND Inspection policy named policy 1 and configures the port role as router: switchxxxxxx(config)# ipv6 nd inspection policy policy1 switchxxxxxx(config-nd-inspection)# device-role router switchxxxxxx(config-nd-inspection)# exit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 619: Device-Role (Ra Guard Policy)

    Example The following example defines an RA Guard policy named policy 1 and configures the port role as router: switchxxxxxx(config)# ipv6 nd raguard policy policy1 switchxxxxxx(config-ra-guard)# device-role router Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 620: Drop-Unsecure

    VLAN. If it is defined in a policy attached to a port in the VLAN, this value overrides the value in the policy attached to the VLAN. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 621: Hop-Limit

    Default Configuration Policy attached to port or port channel: the value configured in the policy attached to the VLAN. Policy attached to VLAN: global configuration. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 622: Ipv6 Dhcp Guard

    To enable the DHCPv6 guard feature on a VLAN, use the ipv6 dhcp guard command in VLAN Configuration mode. To return to the default, use the no form of this command. Syntax ipv6 dhcp guard Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 623 100 switchxxxxxx(config-if)# ipv6 dhcp guard switchxxxxxx(config-if)# exit Example 2—The following example enables DHCPv6 Guard on VLANs 100-107: switchxxxxxx(config)# interface range vlan 100-107 switchxxxxxx(config-if-range)# ipv6 dhcp guard switchxxxxxx(config-if-range)# exit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 624: Ipv6 Dhcp Guard Attach-Policy (Port Mode)

    The set of rules that is applied to an input packet is built in the following way: • The rules, configured in the policy attached to the port on the VLAN on which the packet arrived are added to the set. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 625 VLANs 12-20: switchxxxxxx(config)# interface gi11 switchxxxxxx(config-if)# ipv6 dhcp guard attach-policy policy1 vlan 1-10 switchxxxxxx(config-if)# ipv6 dhcp guard attach-policy policy2 vlan 12-20 switchxxxxxx(config-if)# exit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 626: Ipv6 Dhcp Guard Attach-Policy (Vlan Mode)

    Use the no form of the command to detach the current policy and to re-attach the default policy. The the no form of the command has no effect if the default policy was attached. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 627: Ipv6 Dhcp Guard Policy

    This command defines the DHCPv6 Guard policy name, and places the router in DHCPv6 Guard Policy Configuration mode. The following commands can be configured in IPv6 DHCP Guard Policy Configuration mode: • device-role (IPv6 DHCP Guard) Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 628 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 629: Ipv6 Dhcp Guard Preference

    Range 0-255. The value of the high boundary must be equal to or greater than the value of the low boundary. • value minimum —Advertised preference value is greater than or equal to the value argument. Range 0-255. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 630 Example 1—The following example defines a global minimum preference value of 10 and a global maximum preference value of 102 using two commands: switchxxxxxx(config)# ipv6 dhcp guard preference minimum 10 switchxxxxxx(config)# ipv6 dhcp guard preference maximum 102 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 631: Ipv6 First Hop Security

    Use the ipv6 first hop security command to enable IPv6 First Hop Security on a VLAN. Examples Example 1—The following example enables IPv6 First Hop Security on VLAN 100: switchxxxxxx(config)# interface vlan 100 switchxxxxxx(config-if)# ipv6 first hop security Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 632: Ipv6 First Hop Security Attach-Policy (Port Mode)

    VLANs on the device on which IPv6 First Hop Security is enabled. Default Configuration The IPv6 First Hop Security default policy is applied. Command Mode Interface (Ethernet, Port Channel) Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 633 Example 2—In the following example, the IPv6 First Hop Security policy policy1 is attached to the gi11 port and applied to VLANs 1-10 and 12-20: switchxxxxxx(config)# interface gi11 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 634: Ipv6 First Hop Security Attach-Policy (Vlan Mode)

    VLAN Configuration mode. To return to the default, use the no form of this command. Syntax policy-name ipv6 first hop security attach-policy no ipv6 first hop security attach-policy Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 635: Ipv6 First Hop Security Logging Packet Drop

    Global Configuration mode. To return to the default, use the no form of this command. Syntax ipv6 first hop security logging packet drop Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 636: Ipv6 First Hop Security Policy

    Syntax policy-name ipv6 first hop security policy policy-name no ipv6 first hop security policy Parameters • policy-name —The IPv6 First Hop Security policy name (up to 32 characters). Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 637 You can define a policy using the ipv6 first hop security policy command multiple times. If an attached policy is removed, it is detached automatically before removing. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 638: Ipv6 Nd Inspection

    VLAN Configuration mode. To return to the default, use the no form of this command. Syntax ipv6 nd inspection no ipv6 nd inspection Parameters Default Configuration ND Inspection on a VLAN is disabled. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 639: Ipv6 Nd Inspection Attach-Policy (Port Mode)

    To attach an ND Inspection policy to a specific port, use the ipv6 nd inspection attach-policy command in Interface Configuration mode. To return to the default, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 640 The rules, configured in the policy attached to the VLAN are added to the set if they have not been added. • The global rules are added to the set if they have not been added. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 641 1-10 switchxxxxxx(config-if)# ipv6 nd inspection attach-policy policy2 vlan 12-20 switchxxxxxx(config-if)# exit Example 4—In the following example, ND Inspection detaches policy policy1 from the gi11 port: switchxxxxxx(config)# interface gi11 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 642: Ipv6 Nd Inspection Attach-Policy (Vlan Mode)

    The no form of the command does not have an effect if the default policy was attached. Example In the following example, the ND Inspection policy policy1 is attached to VLAN 100: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 643: Ipv6 Nd Inspection Drop-Unsecure

    ND Inspection policy commands are ignored. Example The following example enables the switch to drop messages with no or invalid options or an invalid signature: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 644: Ipv6 Nd Inspection Policy

    Each policy of the same type (for example, ND Inspection policies) must have a unique name. Policies of different types can have a same policy name. The switch supports two predefined ND Inspection policies named: "vlan_default" and "port_default": Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 645 Example 2. The following example defines an ND Inspection policy as policy1 by a few steps: switchxxxxxx(config)# ipv6 nd inspection policy policy1 switchxxxxxx(config-nd-inspection)# drop-unsecure switchxxxxxx(config-nd-inspection)# exit switchxxxxxx(config)# ipv6 nd inspection policy policy1 switchxxxxxx(config-nd-inspection)# device-role router Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 646: Ipv6 Nd Inspection Sec-Level Minimum

    User Guidelines This command specifies the minimum security level parameter value when the drop-unsecured feature is configured. This command has no effect if dropping of non secure messages is disabled. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 647: Ipv6 Nd Inspection Validate Source-Mac

    MAC address is checked against the link-layer address. Use this command to drop the packet if the link-layer address and the MAC addresses are different from each other. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 648: Ipv6 Nd Raguard

    (see the device-role command). RA Guard validates received RA messages based on an RA Guard policy attached to the source port. RA Guard is performed before ND inspection. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 649: Ipv6 Nd Raguard Attach-Policy (Port Mode)

    . If the vlan keyword is not configured, the policy is applied to all VLANs on the device on which RA Guard policy is enabled. Default Configuration The RA Guard default policy is applied. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 650 Example 2—In the following example, the RA Guard policy policy1 is attached to the gi11 port and applied to VLANs 1-10 and 12-20: switchxxxxxx(config)# interface gi11 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 651: Ipv6 Nd Raguard Attach-Policy (Vlan Mode)

    Syntax policy-name ipv6 nd raguard attach-policy no ipv6 nd raguard attach-policy Parameters • policy-name —The RA Guard policy name (up to 32 characters). Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 652: Ipv6 Nd Raguard Hop-Limit

    —Verifies that the hop-count limit is lower than or equal to the value argument. Range 1-255. The value of the high boundary must be equal to or greater than the value of the low boundary. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 653 100 Example 2—The following example defines a minimum Cur Hop Limit value of 3 and a maximum Cur Hop Limit value of 100 using a single command: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 654: Ipv6 Nd Raguard Managed-Config-Flag

    Example The following example enables M flag verification that checks if the value of the flag is 0: switchxxxxxx(config)# ipv6 nd raguard managed-config-flag off Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 655: Ipv6 Nd Raguard Other-Config-Flag

    Example The following example shows how the command enables O flag verification that checks if the value of the flag is 0: switchxxxxxx(config)# ipv6 nd raguard other-config-flag off Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 656: Ipv6 Nd Raguard Policy

    The policies cannot be removed, but they can be changed. The no ipv6 nd raguard policy does not remove these policies, it only removes the policy configuration defined by the user. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 657 Example 2—The following example defines an RA Guard named policy1 using multiple steps: switchxxxxxx(config)# ipv6 nd raguard policy policy1 switchxxxxxx(config-ra-guard)# other-config-flag disable Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 658: Ipv6 Nd Raguard Router-Preference

    • value minimum —Specifies the minimum allowed Advertised Default Router Preference value. The following values are acceptable: low, medium and high (see RFC4191). Default Configuration Verification is disabled. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 659 Example 2—The following example defines that only a value of medium is acceptable using a single command: switchxxxxxx(config)# ipv6 nd raguard router-preference minimum medium maximum medium Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 660: Ipv6 Neighbor Binding

    100 switchxxxxxx(config-if)# ipv6 neighbor binding switchxxxxxx(config-if)# exit Example 2—The following example enables NB integrity on VLANs 100-107: switchxxxxxx(config)# interface range vlan 100-107 switchxxxxxx(config-if-range)# ipv6 neighbor binding Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 661: Ipv6 Neighbor Binding Address-Config

    NDP messages. • How global IPv6 addresses, bound from NDP messages, are checked against the Neighbor Prefix table, if prefix validation is enabled: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 662 Example 3. The following example specifies that only stateless global IPv6 address binding from NDP can be applied switchxxxxxx(config)# ipv6 neighbor binding address-prefix-validation Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 663: Ipv6 Neighbor Binding Address-Prefix

    [vlan Parameters • ipv6-prefix prefix-length —IPv6 prefix. • vlan-id vlan —ID of the specified VLAN. • autoconfig—The prefix can be used for stateless configuration. Default Configuration No static prefix Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 664 100 2001:0DB8:101::/64 Example 3. The following example deletes all static entries defined on the specified VLAN: switchxxxxxx(config)# no ipv6 neighbor binding address-prefix vlan 100 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 665: Ipv6 Neighbor Binding Address-Prefix-Validation

    If an address does not belong, it is not bound. Example The following example shows how to enable bound address validation against the Neighbor Prefix table: switchxxxxxx(config)# ipv6 neighbor binding address-prefix-validation Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 666: Ipv6 Neighbor Binding Attach-Policy (Port Mode)

    The set of rules that is applied to an input packet is built in the following way: • The rules, configured in the policy attached to the port on the VLAN on which the packet arrived are added to the set. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 667 VLANs 12-20: switchxxxxxx(config)# interface gi11 switchxxxxxx(config-if)# ipv6 neighbor binding attach-policy policy1 vlan 1-10 switchxxxxxx(config-if)# ipv6 neighbor binding attach-policy policy2 vlan 12-20 switchxxxxxx(config-if)# exit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 668: Ipv6 Neighbor Binding Attach-Policy (Vlan Mode)

    Use the no form of the command to return to detach the current policy and reattach the default policy. The no form of the command has no effect if the default policy was attached. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 669: Ipv6 Neighbor Binding Lifetime

    Use the ipv6 neighbor binding lifetime command to change the default lifetime. Example The following example changes the lifetime for binding entries to 10 minutes: switchxxxxxx(config)# ipv6 neighbor binding lifetime 10 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 670: Ipv6 Neighbor Binding Logging

    Binding table overflow. Example The following example shows how to enable Binding table event logging: switchxxxxxx(config)# ipv6 neighbor binding logging Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 671: Ipv6 Neighbor Binding Max-Entries

    Example The following example shows how to specify globally the maximum number of entries that can be inserted into the cache per MAC: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 672: Ipv6 Neighbor Binding Policy

    The policies cannot be removed, but they can be changed. The no ipv6 neighbor binding policy does not remove these policies, it only removes the policy configuration defined by the user. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 673 Example 2—The following example defines a Neighbor Binding policy named policy1 using multiple steps: switchxxxxxx(config)# ipv6 neighbor binding policy policy1 switchxxxxxx(config-nbr-binding)# device-role internal switchxxxxxx(config-nbr-binding)# exit switchxxxxxx(config)# ipv6 neighbor binding policy policy1 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 674: Ipv6 Neighbor Binding Static

    —ID of the specified VLAN. • interface interface-id —Adds static entries to the specified port. • mac-address —MAC address of the static entry. Default Configuration No static entry. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 675: Ipv6 Source Guard

    Interface (VLAN) Configuration mode User Guidelines IPv6 Source Guard blocks an IPv6 data message arriving on a port if its source IPv6 address is bound to another port, or it is unknown. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 676: Ipv6 Source Guard Attach-Policy (Port Mode)

    —The IPv6 Source Guard policy name (up to 32 characters). Default Configuration The IPv6 Source Guard default policy is applied. Command Mode Interface (Ethernet, Port Channel) Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 677 Example 2—In the following example IPv6 Source Guard detaches policy1 from the gi11 port: switchxxxxxx(config)# interface gi11 switchxxxxxx(config-if)# no ipv6 source guard attach-policy switchxxxxxx(config-if)# exit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 678: Ipv6 Source Guard Policy

    The policy cannot be removed, but it can be changed. The no ipv6 source guard policy does not remove the policy, it only removes any policy configurations defined by the user. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 679: Logging Binding

    Binding policy, use the logging binding command in Neighbor Binding Policy Configuration mode. To return to the default, use the no form of this command. Syntax logging binding [enable | disable] no logging binding Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 680: Logging Packet Drop

    IPv6 First Hop Security Policy Configuration mode. To return to the default, use the no form of this command. Syntax logging packet drop [enable | disable] no logging packet drop Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 681: Managed-Config-Flag

    IPv6 RA Guard policy, use the managed-config-flag command in RA Guard Policy Configuration mode. To return to the default, use the no form of this command. Syntax managed-config-flag {on | off | disable} Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 682: Match Ra Address

    IPv6 RA Guard policy, use the match ra address command in RA Guard Policy Configuration mode. To return to the default, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 683 FE80::A8BB:CCFF:FE01:F700 only: switchxxxxxx(config)# ipv6 nd raguard policy policy1 switchxxxxxx(config-ra-guard)# match ra address prefix-list list1 switchxxxxxx(config-ra-guard)# exit switchxxxxxx(config)# ipv6 prefix-list list1 permit FE80::A8BB:CCFF:FE01:F700/128 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 684: Match Ra Prefixes

    RA Guard configuration mode, matches the prefixes to the prefix list named list1, and the 2001:101::/64 prefixes and denies 2001:100::/64 prefixes: switchxxxxxx(config)# ipv6 nd raguard policy policy1 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 685: Match Reply

    IPv6 DHCP Guard verifies the assigned IPv6 addresses to the configure prefix list passed in the IA_NA and IA_TA options of the following DHCPv6 messages sent by DHCPv6 servers/relays: • ADVERTISE • REPLY Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 686: Match Server Address

    DHCPv6 Guard Policy Configuration mode. To return to the default, use the no form of this command. Syntax ipv6-prefix-list-name match server address {prefix-list } | disable Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 687 Use the disable keyword to disable verification of the DHCP server's and relay’s IPv6 address. Example The following example defines a DHCPv6 Guard policy named policy1, places the switch in DHCPv6 Guard Policy Configuration mode, matches the server or relay Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 688: Max-Entries

    MAC address. Default Configuration Policy attached to port or port channel: the value configured in the policy attached to the VLAN. Policy attached to VLAN: global configuration. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 689: Other-Config-Flag

    IPv6 RA Guard policy, use the other-config-flag command in RA Guard Policy Configuration mode. To return to the default, use the no form of this command. Syntax other-config-flag {on | off | disable} no other-config-flag Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 690: Preference

    To enable verification of the preference in messages sent by DHCPv6 servers within a DHCPv6 Guard policy, use the preference command in DHCPv6 Guard Policy Configuration mode. To return to the default, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 691 The following example defines a DHCPv6 Guard policy named policy1, places the switch in DHCPv6 Guard Policy Configuration mode, and defines a minimum preference value of 10: switchxxxxxx(config)# ipv6 dhcp guard policy policy1 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 692: Router-Preference

    Policy attached to port or port channel: the value configured in the policy attached to the VLAN. Policy attached to VLAN: global configuration. Command Mode RA Guard Policy Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 693: Sec-Level Minimum

    Default Configuration Policy attached to port or port channel: the value configured in the policy attached to the VLAN. Policy attached to VLAN: global configuration. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 694: Show Ipv6 Dhcp Guard

    Privilege EXEC configuration mode. Syntax show ipv6 dhcp guard Parameters Command Mode Privileged EXEC mode User Guidelines The show ipv6 dhcp guard command displays DHCPv6 Guard global configuration. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 695: Show Ipv6 Dhcp Guard Policy

    DHCPv6 Examples Example 1—The following example displays the Policy Configuration for a policy named policy1: switchxxxxxx# show ipv6 dhcp guard policy policy1 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 696 VLANs policy2 200-300 vlan-default 1-199,301-4094 Attached to ports: Policy Name Ports VLANs policy1 gi11-2 1-100 port-default gi11-2 101-4094 gi13-4 1-1094 Example 3—The following example displays the user defined policies: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 697: Show Ipv6 First Hop Security

    The following example gives an example of the show ipv6 first hop security command: switchxxxxxx# show ipv6 first hop security IPv6 First Hop Security is enabled on VLANs:1-4,6,7,100-120 Logging Packet Drop: enabled Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 698: Show Ipv6 First Hop Security Active Policies

    IPv6 ND Inspection is enabled on VLANs:1-4,6,7,100-120 IPv6 Neighbor Binding Integrity is enabled on VLANs:1-4,6,7,100-120 IPv6 RA Guard is enabled on VLANs:1-4,6,7,100-120 IPv6 Source Guard is enabled on VLANs:1-3,7,100-112 gi11, VLAN 100 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 699 10 (from policy2 attached to the VLAN) maximum: 20 (from global configuration) manage-config-flag: on(from policy2 attached to the VLAN) ra address verification:: disabled(default) ra prefixes prefix list name: list1(from policy2 attached to the VLAN) Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 700: Show Ipv6 First Hop Security Attached Policies

    VLAN specified by the interface-id vlan-id arguments. Examples The following example displays the attached policy on gi11 and VLAN 100: switchxxxxxx# show ipv6 first hop security attached policies interface gi11 vlan 100 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 701: Show Ipv6 First Hop Security Counters

    Examples The following examples displays information about packets counted on port gi1 switchxxxxxx# show ipv6 first hop security counters interface gi11 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 702 Unauthorized cur hop limit ND Inspection Invalid source MAC ND Inspection Unsecure message ND Inspection Unauthorized sec level Source guard NoBinding NB Integrity Illegal ICMPv6 message NB Integrity Illegal DHCPv6 message Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 703: Show Ipv6 First Hop Security Error Counters

    To display IPv6 First Hop Security policies on all ports configured with the IPv6 First Hop Security feature, use the show ipv6 first hop security policy command in privileged EXEC mode. Syntax policy-name show ipv6 first hop security policy [ | active] Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 704 1-4094 Po1-4 1-4094 Example 2—The following example displays the attached policies: switchxxxxxx# show ipv6 first hop security policy active Attached to VLAN: Policy Name VLANs policy2 200-300 vlan-default 1-199,301-4094 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 705: Show Ipv6 Nd Inspection

    To display ND Inspection global configuration, use the show ipv6 nd inspection command in Privilege EXEC configuration mode. Syntax show ipv6 nd inspection Parameters Command Mode Privileged EXEC mode User Guidelines This command displays ND Inspection global configuration. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 706: Show Ipv6 Nd Inspection Policy

    Examples Example 1—The following example displays the policy configuration for a policy named policy1: switchxxxxxx# show ipv6 nd inspection policy policy1 ND Inspection Policy: policy1 device-role: router drop-unsecure: enabled Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 707: Show Ipv6 Nd Raguard

    29.74 show ipv6 nd raguard To display RA Guard global configuration, use the show ipv6 nd raguard command in Privilege EXEC configuration mode. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 708: Show Ipv6 Nd Raguard Policy

    To display a router advertisements (RAs) guard policy on all ports configured with the RA guard feature, use the show ipv6 nd raguard policy command in privileged EXEC mode. Syntax policy-name show ipv6 nd raguard policy [ | active] Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 709 Ports VLANs gi11-2 1-58,68-4094 gi13-4 1-4094 Po1-4 1-4094 Example 2—The following example displays the attached policies: switchxxxxxx# show ipv6 nd raguard policy active Attached to VLANs: Policy Name VLANs Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 710: Show Ipv6 Neighbor Binding

    Parameters Command Mode Privileged EXEC mode User Guidelines This displays Neighbor Binding global configuration. Example The following example gives an example of the show ipv6 neighbor binding command output: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 711: Show Ipv6 Neighbor Binding Policy

    Privileged EXEC mode User Guidelines This command either displays all policies or a specific one. Examples Example 1—The following example displays the policy configuration for a policy named policy1: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 712 1-4094 Po1-4 1-4094 Example 2—The following example displays the attached policies: switchxxxxxx# show ipv6 neighbor binding policy active Attached to VLAN: Policy Name VLANs policy2 200-300 vlan-default 1-199,301-4094 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 713: Show Ipv6 Neighbor Binding Prefix Table

    This command displays the Neighbor Prefix table. The display output can be limited to the specified VLAN. If no VLAN is configured, all prefixes are displayed. Example The following example displays the learned prefixes: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 714: Show Ipv6 Neighbor Binding Table

    —Displays the Binding table entries that match the specified IPv6 address. • mac-address —Displays the Binding table entries that match the specified MAC address. Command Mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 715 Static—The static IPv6 address manually defined by the ipv6 neighbor binding static command. • NDP—The IPv6 address learnt from the NDP protocol messages. • DHCP—The IPv6 address learnt from the DHCPv6 protocol messages. • State—Entry’s state: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 716: Show Ipv6 Source Guard

    This displays IPv6 Source Guard global configuration. Example The following example gives an example of the show ipv6 source guard command output: switchxxxxxx# show ipv6 source guard IPv6 Source Guard is enabled on VLANs:1-4,6,7,100-120 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 717: Show Ipv6 Source Guard Policy

    Neighbor Binding Policy: policy1 trusted port: disabled Attached to ports: Ports gi11-2 gi14 Po1-4 Example 2—The following example displays the attached policies: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 718: Trusted-Port (Ipv6 Source Guard)

    IPv6 Source Guard Policy Configuration mode. To return to the default, use the no form of this command. Syntax trusted-port no trusted-port Parameters Default Configuration not trusted. Command Mode IPv6 Source Guard Policy Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 719: Validate Source-Mac

    Policy attached to port or port channel: the value configured in the policy attached to the VLAN. Policy attached to VLAN: global configuration. Command Mode ND inspection Policy Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 720 The following example enables the router to drop an NDP message whose link-layer address does not match the MAC address: switchxxxxxx(config)# ipv6 nd inspection policy policy1 switchxxxxxx(config-nd-inspection)# validate source-mac switchxxxxxx(config-nd-inspection)# exit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 721: Ipv6 Ipm Router Commands

    To forward IPv6 Multicast packets on an interface, IPv6 Multicast forwarding must be enabled globally and an IPMv6 Routing protocol must be enabled on the interface. Example The following example enables IPv6 Multicast routing using MLD Proxy: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 722: Ipv6 Multicast Hop-Threshold

    Example The following example sets the Hop Limit threshold on a border router to 200: switchxxxxxx(config)# interface vlan 100 switchxxxxxx(config-if)# ipv6 multicast hop-threshold 200 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 723: Show Ipv6 Mroute

    IPv6 Multicast routing table. “Expires” indicates per interface how long (in hours, minutes, and seconds) until the entry will be removed from the IPv6 Multicast routing table. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 724 Example 2. The following is sample output from the show ipv6 mroute command: show ip mroute switchxxxxxx# Timers: Uptime/Expires IPv6 Multicast Routing Table (*, FF07::1), 00:04:45/00:02:47, RP 2001:0DB8:6::6 Incoming interface: vlan5 Outgoing interface list: vlan40, 00:04:45/00:02:47 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 725: Show Ipv6 Multicast

    Example 1. The following is sample output from the show ipv6 multicast command without the interface keyword when no IPv6 Multicast Routing protocol is enabled: show ipv6 multicast switchxxxxxx# Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 726 MLD Proxy is enabled on the interface and the interface is an MLD Proxy Downlink interface: show ipv6 multicast interface vlan 100 switchxxxxxx# IPv6 Unicast Forwarding: enabled Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 727 100 switchxxxxxx# IPv6 Unicast Forwarding: enabled IPv6 Multicast Protocol: MLD Proxy vlan 200 IPv6 Status: enabled hop-threshold: 100 MLD Protocol: MLDv2 MLD Proxy: disabled Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 728: Ipv6 Prefix List Commands

    The hit count is automatically cleared for all IPv6 prefix lists. Command Mode Privileged EXEC mode User Guidelines The hit count is a value indicating the number of matches to a specific prefix list entry. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 729: Ipv6 Prefix-List

    0 to 128. The zero prefix-length may be used only with ipv6-prefix the zero (::). • text description —Text that can be up to 80 characters in length. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 730 A prefix length of less than, or equal to, a value is configured with the le keyword. A Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 731 - is not defined The prefix cP/cL matches the prefix-list entry if PrefixIsEqual(cP,P,L) && cL == L Case 2. An prefix-list entry is: • P - prefix address Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 732 2002::/16 Example 3. The following example shows how to specify a group of prefixes to accept any prefixes from prefix 5F00::/48 up to and including prefix 5F00::/64: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 733: Show Ipv6 Prefix-List

    IPv6 prefix list or IPv6 prefix list entries. Syntax list-name list-name show ipv6 prefix-list [detail [ ] | summary [ list-name ipv6-prefix prefix-length show ipv6 prefix-list [longer | first-match] Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 734 Examples Example 1. The following example shows the output of this command with the detail keyword: switchxxxxxx# ipv6 prefix-list detail ipv6 prefix-list aggregate: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 735 Example 3. The following example shows the output of the show ipv6 prefix-list command with the seq keyword: switchxxxxxx# show ipv6 prefix-list bgp-in seq 15 seq 15 deny ::/1 (hit count: 0) Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 736 IPv6 Prefix List Commands Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 737: Iscsi Qos Commands

    If an ACL is bounded on an interface and a frame matches both to the iSCLI and the ACL rules then only the iSCSI rules are applied to this frame. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 738: Iscsi Flow

    Two iSCSI IPv4 flows with well-known TCP ports 3260 and 860. Command Mode Global Configuration mode User Guidelines Each iscsi flow command defines an iSCSI flow including the following two sub-flows: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 739: Iscsi Qos

    To define the quality of service profile applying to iSCSI flows, use the iscsi qos command in Global Configuration mode. To restore the default configuration, use the no form of the command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 740 Note. At least one parameter is mandatory Example The following example configures the default quality of service profile applying to iSCSI flows: switchxxxxxx(config)# iscsi qos vpt 6 queue 8 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 741: Show Iscsi

    DSCP is 18 iSCSI Queue is 7 (default) iSCSI Flows: Target IP Port Address --------- --------------- 0.0.0.0 default 3260 0.0.0.0 default Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 742 QoS Commands 9876 0.0.0.0 20002 192.111.220.110 20002 192.1.3.230 25555 0.0.0.0 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 743: Ipv6 Tunnel Commands

    —Specifies the tunnel number. Default Configuration Command Mode Global Configuration mode Example The following example enters the Interface Configuration (Tunnel) mode. switchxxxxxx(config)# interface tunnel 1 switchxxxxxx(config-if)# tunnel source auto switchxxxxxx(config-if)# exit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 744: Tunnel Isatap Solicitation-Interval

    To configure the number of router solicitation refresh messages that the device sends, use the tunnel isatap robustness command in Global Configuration mode. To restore the default configuration, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 745: Tunnel Isatap Router

    Interface (Tunnel) Configuration mode. To remove this router name and restore the default configuration, use the no form of this command. Syntax tunnel isatap router router-name no tunnel isatap router Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 746: Tunnel Mode Ipv6Ip

    To configure a static IPv6 tunnel interface, use the tunnel mode ipv6ip command in Interface (Tunnel) Configuration mode. To remove an IPv6 tunnel interface, use the no form of this command. Syntax tunnel mode ipv6ip isatap no tunnel mode ipv6ip Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 747 Only the ipv6 address eui-64 command can be used to configured a global unicast IPv6 on an ISATAP tunnel. Examples Example 1—The following example configures an ISATAP tunnel: switchxxxxxx(config)# interface vlan 1 switchxxxxxx(config-if)# ip address 1.1.1.1 255.255.255.0 switchxxxxxx(config-if)# exit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 748: Tunnel Source

    IPv4 is used as the tunnel local IPv4 address until it is defined. A new IPv4 interface is only chosen in the following cases: • After reboot. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 749: Show Ipv6 Tunnel

    Examples Example 1. The following example displays information on the ISATAP tunnel, when the all keyword is not configured: switchxxxxxx# show ipv6 tunnel Tunnel 2 Tunnel type : ISATAP Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 750 : auto Tunnel Local Ipv4 address : 192.1.3.4 Router DNS name : ISATAP Router IPv4 addresses 1.1.1.1 Detected 100.1.1.1 Detected 14.1.100.1 Not Detected Router Solicitation interval : 10 seconds Robustness Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 751: Line Commands

    Enter key twice. The device detects the baud rate automatically. Note that if characters other than Enter are typed, wrong speed might be detected. Example The following example enables autobaud. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 752: Exec-Timeout

    20 10 34.3 line To identify a specific line for configuration and enter the Line Configuration command mode, use the line Global Configuration mode command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 753: Speed

    To restore the default configuration, use the no form of this command. Syntax speed no speed Parameters bps—Specifies the baud rate in bits per second (bps). Possible values are 9600, 19200, 38400, 57600, and 115200. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 754: Show Line

    Displays the Telnet configuration. • ssh—(Optional) Displays the SSH configuration. Default Configuration If the line is not specified, all line configuration parameters are displayed. Command Mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 755 Parity: none Stopbits: 1 Telnet configuration: Telnet is enabled. Interactive timeout: 10 minutes 10 seconds History: 10 SSH configuration: SSH is enabled. Interactive timeout: 10 minutes 10 seconds History: 10 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 756: Link Aggregation Control Protocol (Lacp) Commands

    Default Configuration The default port priority is 1. Command Mode Interface (Ethernet) Configuration mode Example The following example sets the priority of switchxxxxxx(config)# interface gi16 switchxxxxxx(config-if)# lacp port-priority 247 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 757: Lacp System-Priority

    Interface (Ethernet) Configuration mode command. To restore the default configuration, use the no form of this command. Syntax {long | short} lacp timeout no lacp timeout Parameters • long—Specifies the long timeout value. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 758: Show Lacp

    ID. The interface ID must be an Ethernet port • parameters—(Optional) Displays parameters only. • statistics—(Optional) Displays statistics only. • protocol-state—(Optional) Displays protocol state only. Command Mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 759 Oper number: port Admin priority: port Oper priority: port Admin timeout: LONG port Oper timeout: LONG LACP Activity: PASSIVE Aggregation: AGGREGATABLE synchronization: FALSE collecting: FALSE distributing: FALSE expired: FALSE Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 760: Show Lacp Port-Channel

    To display LACP information for a port-channel, use the show lacp port-channel Privileged EXEC mode command. Syntax [port_channel_number] show lacp port-channel Parameters port_channel_number—(Optional) Specifies the port-channel number. Command Mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 761 The following example displays LACP information about port-channel 1. switchxxxxxx# show lacp port-channel 1 Port-Channel 1:Port Type 1000 Ethernet Actor System Priority: 000285:0E1C00 MAC Address: Admin Key: Oper Key: Partner System Priority: 00:00:00:00:00:00 MAC Address: Oper Key: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 762: Link Layer Discovery Protocol (Lldp) Commands

    To configure the source of the chassis ID of the port, use the lldp chassis-id Global Configuration mode command. To restore the chassis ID source to default, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 763: Lldp Hold-Multiplier

    To specify how long the receiving device holds a LLDP packet before discarding it, use the lldp hold-multiplier Global Configuration mode command. To restore the default configuration, use the no form of this command. Syntax lldp hold-multiplier number no lldp hold-multiplier Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 764: Lldp Lldpdu

    To define LLDP packet handling when LLDP is globally disabled, use the lldp lldpdu Global Configuration mode command. To restore the default configuration, use the no form of this command. Syntax lldp lldpdu { filtering flooding no lldp lldpdu Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 765 STP state is Forwarding. • LLDP packets are sent as untagged. Example The following example sets the LLDP packet handling mode to Flooding when LLDP is globally disabled. switchxxxxxx(config)# lldp lldpdu flooding Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 766: Lldp Management-Address

    IP address, that address is not included because the address is associated with the VLAN. Default Configuration No IP address is advertised. The default advertisement is automatic. Command Mode Interface (Ethernet) Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 767: Lldp Med

    Network-Policy, Location, and POE-PSE, Inventory. The Capabilities TLV is always included if LLDP-MED is enabled. • disable—Disable LLDP MED on the port Default Configuration Enabled with network-policy TLV Command Mode Interface (Ethernet) Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 768: Lldp Med Notifications Topology-Change

    Disable is the default. Command Mode Interface (Ethernet) Configuration mode Example The following example enables sending LLDP MED topology change notifications switchxxxxxx(config)# interface gi12 switchxxxxxx(config-if)# lldp med notifications topology-change enable Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 769: Lldp Med Fast-Start Repeat-Count

    To delete location information for a port, use the no form of this command. Syntax {{coordinate data} | {civic-address data} | {ecs-elin data}} lldp med location {coordinate | civic-address | ecs-elin} no lldp med location Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 770: Lldp Med Network-Policy (Global)

    The lldp med network-policy command creates the network policy, which is attached to a port by lldp med network-policy (interface). The network policy defines how LLDP packets are constructed. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 771 —(Optional) User Priority (Layer 2 priority) to be used for the specified application. • value dscp —(Optional) DSCP value to be used for the specified application. Default Configuration No network policy is defined. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 772: Lldp Med Network-Policy (Interface)

    —Attaches/removes the specified network policy to the interface. • number—Specifies the network policy sequential number. The range is 1-32 Default Configuration No network policy is attached to the interface. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 773: Lldp Med Network-Policy Voice Auto

    To disable this mode, use the no form of this command. The network policy is attached automatically to the voice VLAN. Syntax lldp med network-policy voice auto no lldp med network-policy voice auto Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 774: Lldp Notifications

    Syntax {enable | disable} lldp notifications no lldp notifications Parameters • enable—Enables sending LLDP notifications. • disable—Disables sending LLDP notifications. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 775: Lldp Notifications Interval

    —The device does not send more than a single notification in the indicated period (range: 5–3600). Default Configuration 5 seconds Command Mode Global Configuration mode Example switchxxxxxx(config)# lldp notifications interval 10 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 776: Lldp Optional-Tlv

    • sys-cap Command Mode Interface (Ethernet) Configuration mode Example The following example specifies that the port description TLV is transmitted on gi12. switchxxxxxx(config)# interface gi12 switchxxxxxx(config-if)# lldp optional-tlv port-desc Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 777: Lldp Optional-Tlv 802.1

    {stp | rstp | mstp | pause | 802.1x | lacp | gvrp} add/remove —Add specifies to advertise the specified protocols; remove specifies not to advertise the specified protocol. Default Configuration The following 802.1 TLV is transmitted: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 778: Lldp Run

    To enable receiving LLDP on an interface, use the lldp receive Interface (Ethernet) Configuration mode command. To stop receiving LLDP on an Interface (Ethernet) Configuration mode interface, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 779: Lldp Reinit

    Global Configuration mode command. To revert to the default setting, use the no form of this command. Syntax seconds lldp reinit no lldp reinit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 780: Lldp Timer

    Parameters seconds timer —Specifies, in seconds, how often the software sends LLDP updates (range: 5-32768 seconds). Default Configuration 30 seconds. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 781: Lldp Transmit

    LLDP operation on a port is not dependent on the STP state of a port. I.e. LLDP frames are sent on blocked ports. If a port is controlled by 802.1x, LLDP operates only if the port is authorized. Example switchxxxxxx(config)# interface gi11 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 782: Lldp Tx-Delay

    It is recommended that the tx-delay be less than 25% of the LLDP timer interval. Example The following example sets the LLDP transmission delay to 10 seconds. switchxxxxxx(config)# lldp tx-delay 10 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 783: Show Lldp Configuration

    Notifications interval: 5 seconds LLDP packets handling: Filtering Port State Optional TLVs Address Notifications -------- ----- -------------- ----------- ------------ gi11 RX,TX PD, SN, SD, SC , 4W 172.16.1.1 Disabled Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 784 The amount of time (as a multiple of the timer interval) that the receiving device holds a LLDP packet before discarding it. Reinit timer The minimum time interval an LLDP port waits before re-initializing an LLDP transmission. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 785: Show Lldp Local

    Parameters Interface-id—(Optional) Specifies a port ID. Default Configuration If no port ID is entered, the command displays information for all ports. Command Mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 786 Power Source: Primary Power Source Power Priority: Unknown PD Requested Power Value: 30 4-Pair POE supported: Yes Spare Pair Detection/Classification required: Yes PD Spare Pair Desired State: Enabled 802.3 EEE Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 787 Coordinates: 54:53:c1:f7:51:57:50:ba:5b:97:27:80:00:00:67:01 Hardware Revision: B1 Firmware Revision: A1 Software Revision: 3.8 Serial number: 7978399 Manufacturer name: Manufacturer Model name: Model 1 Asset ID: Asset 123 switchxxxxxx# show lldp local gi12 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 788: Show Lldp Local Tlvs-Overloading

    TLVs Group Bytes Status ------------ ------ -------------- Mandatory Transmitted LLDP-MED Capabilities Transmitted LLDP-MED Location Transmitted 802.1 1360 Overloading Total: 1600 bytes Left: 100 bytes Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 789: Show Lldp Med Configuration

    Fast Start Repeat Count: 4. lldp med network-policy voice: manual Network policy 1 ------------------- Application type: voiceSignaling VLAN ID: 1 untagged Layer 2 priority: 0 DSCP: 0 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 790: Show Lldp Neighbors

    Parameters interface-id—(Optional) Specifies a port ID. Default Configuration If no port ID is entered, the command displays information for all ports. Command Mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 791 Example 2 - The following example displays information about neighboring devices discovered using LLDP on port 1. switchxxxxxx# show lldp neighbors gi11 Device ID: 00:00:00:11:11:11 Port ID: gi11 System Name: ts-7800-2 Capabilities: B System description: Port description: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 792 Aggregation capability: Capable of being aggregated Aggregation status: Not currently in aggregation Aggregation port ID: 1 802.3 Maximum Frame Size: 1522 802.3 EEE Remote Tx: 25 usec Remote Rx: 30 usec Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 793 Power value: 9.6 Watts Hardware revision: 2.1 Firmware revision: 2.3 Software revision: 2.7.1 Serial number: LM759846587 Manufacturer name: VP Model name: TR12 Asset ID: 9 LLDP-MED Location Coordinates: 54:53:c1:f7:51:57:50:ba:5b:97:27:80:00:00:67:01 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 794 The active status of auto-negotiation on the status port. (enabled or disabled) Auto-negotiation The port speed/duplex/flow-control Advertised capabilities advertised by the Capabilities auto-negotiation. Operational MAU The port MAU type. type Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 795 The possible values are: Primary power source and Backup power source. A PD device advertises its power source. The possible values are: Primary power, Local power, Primary and Local power. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 796: Show Lldp Statistics

    If no port ID is entered, the command displays information for all ports. If detailed is not used, only present ports are displayed. Command Mode User EXEC mode Example switchxxxxxx# show lldp statistics Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 797 T - Telephone D - DOCSIS cable device H - Host r - Repeater O - Other System description The neighbor device’s system description. Port description The neighbor device’s port description. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 798 The DSCP value used for the specified application. LLDP MED - Power Over Ethernet Power type The device power type. The possible values are: Power Sourcing Entity (PSE) or Power Device (PD). Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 799 PSE device, or the total power a PSE device is capable of sourcing over a maximum length cable based on its current configuration. LLDP MED - Location Coordinates, Civic The location information raw data. address, ECS ELIN. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 800: Loopback Detection Commands

    This command enables the Loopback Detection feature globally. Use the loopback-detection enable Interface Configuration mode command to enable Loopback Detection on an interface. Example The following example enables the Loopback Detection feature on the device. switchxxxxxx(config)# loopback-detection enable Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 801: Loopback-Detection Enable (Interface)

    37.3 loopback-detection interval To set the time interval between LBD packets, use the loopback-detection interval Global Configuration mode command. To restore the default configuration, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 802: Show Loopback-Detection

    If this is not set, the default is to display all present ports. Default Configuration All ports are displayed. If detailed is not used, only present ports are displayed. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 803 LBD packets interval: 30 Seconds Loopback Detection Loopback Detection Interface Admin State Operational State --------- ------------------ ------------------ gi11 Enabled Active gi12 Enabled LoopDetected gi13 Enabled Inactive gi14 Disabled Inactive Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 804: Macro Commands

    User Guidelines A macro is a script that contains CLI commands and is assigned a name by the user. It can contain up to 3000 characters and 200 lines. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 805 A keyword must be prefixed with '$'. #macro keywords - This instruction enables the device to display the keywords as part of the CLI help. It accepts up to 3 keywords. The Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 806 Example 1 -The following example shows how to create a macro that configures the duplex mode of a port. switchxxxxxx(config)# macro name dup Enter macro commands one per line. End with the character ‘@’. #macro description dup duplex full negotiation Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 807: Macro

    $DUPLEX full $SPEED ? WORD<1-32> Second parameter value switchxxxxxx(config-if)# macro apply duplex $DUPLEX full $SPEED 100 38.2 macro Use the macro apply/trace Interface Configuration command to either: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 808 You can use the macro apply macro-name with a '?' to display the help string for the macro keywords (if you have defined these with the #macro keywords preprocessor command). Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 809 $DUPLEX full $SPEED 100 switchxxxxxx(config-if)# Example 3 - The following is an example of an incorrect macro being applied. switchxxxxxx(config)# interface gi11 switchxxxxxx(config-if)# macro trace dup Applying command...'duplex full' Applying command...'speed auto' Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 810: Macro Description

    To verify the settings created by this command, run the show parser macro command. Example switchxxxxxx(config)# interface gi12 switchxxxxxx(config-if)# macro apply dup Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 811: Macro Global

    | dup | duplex -------------------------------------------------------------- 38.4 macro global Use the macro global Global Configuration command to apply a macro to a switch (with or without the trace option). Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 812 As a result, the macro name is appended to the global macro history. Use show parser macro to display the global macro history. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 813: Macro Global Description

    Parameters • text —Description text. The text can contain up to 160 characters. Default Configuration The command has no default setting. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 814: Show Parser Macro

    Default Configuration Display description of all macros on present ports. If the detailed keyword is not used, only present ports are displayed. Command Mode User EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 815 Macro name : standard-switch10 Macro type : customizable macro description standard-switch10 # Trust QoS settings on VOIP packets auto qos voip trust # Allow port channels to be automatically formed Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 816: Interface Command

    Example 5 - This is an example of output from the show parser macro description interface command. switchxxxxxx# show parser macro description interface gi12 Interface Macro Description -------------------------------------------------------------- gi12 this is test macro -------------------------------------------------------------- Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 817: Management Acl Commands

    IPv4 address prefix. The prefix length must be preceded by a forward slash (/). The parameter is relevant only to IPv4 addresses. (Range: 0–32) Default Configuration No rules are configured. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 818: Permit (Management)

    IPv6 address prefix length. The prefix length must be preceded by a forward slash (/). The parameter is optional. • mask mask — Specifies the source IPv4 address network mask. This parameter is relevant only to IPv4 addresses. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 819: Management Access-List

    Configuration mode command. To delete an ACL, use the no form of this command. Syntax name management access-list no management access-list name Parameters name—Specifies the ACL name. (Length: 1–32 characters) Default Configuration Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 820 ‘mlist’, configures all interfaces to be management interfaces except gi11 and gi19, and makes the new access list the active list. switchxxxxxx(config)# management access-list mlist deny gi11 switchxxxxxx(config-macl)# deny gi19 switchxxxxxx(config-macl)# Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 821: Management Access-Class

    The default configuration is no management connection restrictions. Command Mode Global Configuration mode Example The following example defines an access list called mlist as the active management access list. switchxxxxxx(config)# management access-class mlist Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 822: Show Management Access-List

    ! (Note: all other access implicitly denied) console(config-macl)# 39.6 show management access-class To display information about the active management access list (ACLs), use the show management access-class Privileged EXEC mode command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 823 This command has no arguments or keywords. Command Mode Privileged EXEC mode Example The following example displays the active management ACL information. switchxxxxxx# show management access-class Management access-class is enabled, using access list mlist Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 824: Mld Commands

    Example The following example clears the counters for VLAN 100: switchxxxxxx# clear ipv6 mld counters vlan 100 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 825: Ipv6 Mld Last-Member-Query-Count

    Use the ipv6 mld robustness command to change the MLD last member query counter. Example The following example changes a value of the MLD last member query counter to switchxxxxxx(config)# interface vlan 1 ipv6 mld last-member-query-count 3 exit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 826: Ipv6 Mld Last-Member-Query-Interval

    1500 switchxxxxxx(config-if)# exit 40.4 ipv6 mld query-interval To configure the frequency at which the switch sends Multicast Listener Discovery (MLD) host-query messages, use the ipv6 mld query-interval command in Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 827: Ipv6 Mld Query-Max-Response-Time

    180 switchxxxxxx(config-if)# exit 40.5 ipv6 mld query-max-response-time To configure the maximum response time advertised in Multicast Listener Discovery (MLD) queries, use the ipv6 mld query-max-response-time command in Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 828 Therefore, the hosts must know to respond faster than 10 seconds (or the value you configure). Example The following example configures a maximum response time of 8 seconds: switchxxxxxx(config)# interface vlan 100 switchxxxxxx(config-if)# ipv6 mld query-max-response-time 8 switchxxxxxx(config-if)# exit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 829: Ipv6 Mld Robustness

    To configure which version of Multicast Listener Discovery Protocol (MLD) the router uses, use the ipv6 mld version command in Interface Configuration mode. To restore the default value, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 830: Show Ipv6 Mld Counters

    To display the Multicast Listener Discovery (MLD) traffic counters, use the show ipv6 mld counters command in User EXEC mode. Syntax interface-id show ipv6 mld counters [ Parameters • interface-id —(Optional) Interface Identifier. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 831: Show Ipv6 Mld Groups

    Multicast Listener Discovery (MLD), use the show ipv6 mld groups command in User EXEC mode. Syntax group-name group-address interface-id show ipv6 mld groups [link-local | [detail] Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 832 MLD Connected Group Membership Expires: never - switch itself has joined the group Group Address Interface Expires FF02::2 VLAN 100 never FF02::1:FF00:1 VLAN 00:10:27 FF02::1:FFAF:2C39 VLAN 100 00:09:11 FF06:7777::1 VLAN 100 00:00:26 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 833: Show Ipv6 Mld Groups Summary

    To display the number of (*, G) and (S, G) membership reports present in the Multicast Listener Discovery (MLD) cache, use the show ipv6 mld groups summary command in User EXEC mode. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 834: Show Ipv6 Mld Interface

    No. of (S,G) routes = 0—Displays the number of include and exclude mode sources present in the MLD cache. 40.11 show ipv6 mld interface To display multicast-related information about an interface, use the show ipv6 mld interface command in User EXEC mode. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 835 Administrative MLD max query response time is 10 seconds Operational MLD max query response time is 10 seconds Administrative Last member query response interval is 1000 milliseconds Operational Last member query response interval is 1000 milliseconds Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 836: Mld Proxy Commands

    Examples Example 1. The following example adds a downstream interface to a MLD Proxy process with vlan 200 as its Upstream interface: switchxxxxxx(config)# interface vlan 100 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 837: Ipv6 Mld-Proxy Downstream Protected

    This command has no arguments or keywords. Default Configuration Forwarding from downstream interfaces is allowed. Command Mode Global Configuration mode User Guidelines Use the pv6 mld-proxy downstream protected command to block forwarding from downstream interfaces. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 838: Ipv6 Mld-Proxy Downstream Protected Interface

    Use the ipv6 mld-proxy downstream protected interface disabled command to block forwarding from the given downstream interface. Use the ipv6 mld-proxy downstream protected interface enabled command to allow forwarding from the given downstream interface. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 839: Ipv6 Mld-Proxy Ssm

    —Specifies the standard IPv6 access list name defining the SSM range. Default Configuration The command is disabled. Command Mode Global Configuration mode User Guidelines A new ipv6 mld-proxyssm command overrides the previous ipv6 mld-proxy ssm command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 840: Show Ipv6 Mld-Proxy Interface

    MLD Proxy is enabled or to display the MLD Proxy configuration for a given interface. Examples Example 1. The following example displays MLD Proxy status on all interfaces where the MLD Proxy is enabled: switchxxxxxx# show ip mld-proxy interface Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 841 IPv6 Multicast Routing is enabled MLD Proxy is enabled Global Downdtream interfaces protection is disabled SSM Access List Name: vlan 100 is a Upstream interface Downstream interfaces: *vlan 102, *vlan 110, vlan 113 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 842 IGMP Proxy is disabled: switchxxxxxx# show ipv6 mld-proxy interface vlan 1 IPv6 Forwarding is enabled IPv6 Multicast Routing is enabled MLD Proxy is disabled Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 843: Mld Snooping Commands

    To enable MLD snooping on a specific VLAN, use the ipv6 mld snooping vlan command in Global Configuration mode. To return to the default, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 844: Ipv6 Mld Snooping Querier

    Global Configuration mode. To disable the MLD Snooping querier globally, use the no form of this command. Syntax ipv6 mld snooping querier no ipv6 mld snooping querier Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 845: Ipv6 Mld Snooping Vlan Querier

    Syntax vlan-id ipv6 mld snooping vlan querier vlan-id no ipv6 mld snooping vlan querier Parameters • vlan-id —Specifies the VLAN. Default Configuration Disabled Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 846: Ipv6 Mld Snooping Vlan Querier Election

    Command Mode Global Configuration mode User Guidelines Use the no form of the ipv6 mld snooping vlan querier election command to disable MLD Querier election mechanism on a VLAN. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 847: Ipv6 Mld Snooping Vlan Querier Version

    {1 no ipv6 mld snooping vlan vlan-id querier version Parameters • vlan-id —Specifies the VLAN. • querier version {1 2}—Specifies the MLD version. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 848: Ipv6 Mld Snooping Vlan Mrouter

    Command Mode Global Configuration mode User Guidelines Multicast router ports can be configured statically with the bridge multicast forward-all command. You can execute the command before the VLAN is created. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 849: Ipv6 Mld Snooping Vlan Mrouter Interface

    You can execute the command before the VLAN is created and for a range of ports as shown in the example. Example switchxxxxxx(config)# interface gi11 switchxxxxxx(config-if)# ipv6 mld snooping vlan 1 mrouter interface gi11-4 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 850: Ipv6 Mld Snooping Vlan Forbidden Mrouter

    Multicast router ports. You can execute the command before the VLAN is created. Example switchxxxxxx(config)# ipv6 mld snooping vlan 1 forbidden mrouter interface Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 851: Ipv6 Mld Snooping Vlan Static

    You can register an entry without specifying an interface. Using the no command without a port-list removes the entry. Example switchxxxxxx(config)# ipv6 mld snooping vlan 1 static FF12::3 gi1 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 852: Ipv6 Mld Snooping Vlan Immediate-Leave

    42.12 show ipv6 mld snooping groups To display the multicast groups learned by the MLD snooping, use the show ipv6 mld snooping groups EXEC mode command in User EXEC mode. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 853 Exclude reports were received on the same port for the same group but for different sources, the port will not be in the Exclude list but rather in the Include list Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 854: Show Ipv6 Mld Snooping Interface

    EXEC mode command in User EXEC mode. Syntax vlan-id show ipv6 mld snooping interface Parameters • vlan-id —Specifies the VLAN ID. Default Configuration Display information for all VLANs. Command Mode User EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 855: Show Ipv6 Mld Snooping Mrouter

    VLANs or for a specific VLAN, use the show ipv6 mld snooping mrouter EXEC mode command in User EXEC mode. Syntax vlan-id show ipv6 mld snooping mrouter [interface Parameters • vlan-id interface —(Optional) Specifies the VLAN ID. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 856 The following example displays information on dynamically learned Multicast router interfaces for VLAN 1000: switchxxxxxx# show ipv6 mld snooping mrouter interface 1000 VLAN Dynamic Static Forbidden ---- --------- --------- ---------- 1000 gi11 gi12 gi13-4 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 857: Network Management Protocol (Snmp) Commands

    IP address. If unspecified, it defaults to 255.255.255.255. The command returns an error if the mask is specified without an IPv4 address. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 858 (read-view and notify-view always, and for rw for write-view also), Example Defines a password for administrator access to the management station at IP address 1.1.1.121 and mask 255.0.0.0. switchxxxxxx(config)# snmp-server community abcd su 1.1.1.121 mask 255.0.0.0 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 859: Snmp-Server Community-Group

    IPv4 address prefix. If unspecified, it defaults to 32. The command returns an error if the prefix-length is specified without an IPv4 address. Default Configuration No community is defined Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 860: Snmp-Server Server

    Syntax snmp-server server no snmp-server server Parameters This command has no arguments or keywords. Default Configuration Enabled Command Mode Global Configuration mode Example switchxxxxxx(config)# snmp-server server Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 861: Snmp-Server Source-Interface

    If there is no available IPv4 source address, a SYSLOG message is issued when attempting to send an SNMP trap or inform. Use the no snmp-server source-interface traps command to remove the source interface for SNMP traps. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 862: Snmp-Server Source-Interface-Ipv6

    The IPv6 source address is the IPv6 address of the outgoing interface and selected in accordance with RFC6724. If no parameters are specified in no snmp-server source-interface, the default is both traps and informs. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 863: Snmp-Server View

    Parameters • view-name—Specifies the name for the view that is being created or updated. (Length: 1–30 characters) • included—Specifies that the view type is included. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 864 MIB-II interface group (this format is specified on the parameters specified in ifEntry). switchxxxxxx(config)# snmp-server view user-view system included switchxxxxxx(config)# snmp-server view user-view system.7 excluded switchxxxxxx(config)# snmp-server view user-view ifEntry.*.1 included Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 865: Snmp-Server Group

    —(Optional) Specifies the view name that enables viewing only. (Length: 1–30 characters) • writeview write —(Optional) Specifies the view name that enables configuring the agent. (Length: 1–30 characters) Default Configuration No group entry exists. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 866: Show Snmp Views

    43.8 show snmp views To display SNMP views, use the show snmp views Privileged EXEC mode command. Syntax viewname show snmp views [ Parameters viewname—(Optional) Specifies the view name. (Length: 1–30 characters) Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 867: Show Snmp Groups

    To display the configured SNMP groups, use the show snmp groups Privileged EXEC mode command. Syntax show snmp groups [ groupname Parameters groupname—(Optional) Specifies the group name. (Length: 1–30 characters) Default Configuration Display all groups. Command Mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 868: Snmp-Server User

    To enter the authentication and privacy passwords in encrypted form (see SSD), use the encrypted form of this command. Syntax username groupname {v1 | v2c | [ host] v3[ {md5 | sha} snmp-server user remote auth auth-password [priv priv-password] ]} Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 869 - DES). Range: Up to 64 characters. • encrypted-priv-password—(Optional) Specifies the privacy password in encrypted format. Default Configuration No group entry exists. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 870 SNMP v1 and v2c. The default abcd is assigned as the engineID. User is assigned to group using SNMP v1 and v2c switchxxxxxx(config)# snmp-server user tom acbd v1 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 871: Show Snmp Users

    User name :u1rem Group name :group1 Authentication Algorithm : None Privacy Algorithm : None Remote :11223344556677 Auth Password Priv Password User name : qqq Group name : www Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 872 Auth Password (encrypted) Priv Password (encrypted) User name : u1OnlyAuth Group name : group1 Authentication Algorithm : SHA Privacy Algorithm : None Remote Auth Password (encrypted): 8nPzy2hzuba9pG3iiC/q0451RynUn7kq94L9WORFrRM= Priv Password (encrypted) : Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 873: Snmp-Server Filter

    This command can be entered multiple times for the same filter. If an object identifier is included in two or more lines, later lines take precedence. The command's logical key is the pair (filter-name, oid-tree). Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 874: Show Snmp Filters

    The following example displays the configured SNMP filters. switchxxxxxx# show snmp filters user-filter Name OID Tree Type ------------ --------------------- --------- user-filter 1.3.6.1.2.1.1 Included user-filter 1.3.6.1.2.1.1.7 Excluded user-filter 1.3.6.1.2.1.2.2.1.*.1 Included Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 875: Snmp-Server Host

    (Range: 1–20 characters). For v1 and v2, any community string can be entered here. For v3, the community string must match the user name defined in snmp-server user (ISCLI) command for v3. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 876 For SNMPv3 the software does not automatically create a user or a notify view. , use the commands snmp-server user (ISCLI) and snmp-server group to create a user or a group. Example The following defines a host at the IP address displayed. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 877: Snmp-Server Engineid Local

    To use SNMPv3, an engine ID must be specified for the device. Any ID can be specified or the default string, which is generated using the device MAC address, can be used. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 878: Snmp-Server Engineid Remote

    ID is a concatenated hexadecimal string. Each byte in hexadecimal character strings is two hexadecimal digits. Each byte can be separated by a period or colon. If the user enters an odd number of hexadecimal digits, Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 879: Show Snmp Engineid

    To display the local SNMP engine ID, use the show snmp engineID Privileged EXEC mode command. Syntax show snmp engineID Parameters This command has no arguments or keywords. Default Configuration None Command Mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 880: Snmp-Server Enable Traps

    Example The following example enables SNMP traps except for SNMP failure traps. switchxxxxxx(config)# snmp-server enable traps no snmp-server trap authentication switchxxxxxx(config)# Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 881: Snmp-Server Trap Authentication

    To set the value of the system contact (sysContact) string, use the snmp-server contact Global Configuration mode command. To remove the system contact information, use the no form of the command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 882: Snmp-Server Location

    Configuration mode command. To remove the location string, use the no form of this command. Syntax text snmp-server location no snmp-server location Parameters text—Specifies the system location information. (Length: 1–160 characters) Default Configuration None Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 883: Snmp-Server Set

    SNMP user sets a MIB variable that does not have an equivalent CLI command. To generate configuration files that support those situations, the system uses snmp-server set. This command is not intended for the end user. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 884: Snmp Trap Link-Status

    The following example disables generation of SNMP link-status traps. switchxxxxxx(config)# interface gi11 switchxxxxxx(config-if)# # no snmp trap link-status 43.24 show snmp To display the SNMP status, use the show snmp Privileged EXEC mode command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 885 Default 172.16.1.1/10 private DefaultSuper 172.16.1.1 Community-string Group name IP Address Mask Type ---------------- ---------- ---------- ------ public user-group Router Traps are enabled. Authentication trap is enabled. Version 1,2 notifications Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 886 — read-write, super access. IP Address The management station IP Address. Target Address The IP address of the targeted recipient. Version The SNMP version for the sent trap. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 887: Phy Diagnostics Commands

    The maximum length of cable for the TDR test is 120 meters. Examples - Test the copper cables attached to port gi11 (a copper port). Example 1 switchxxxxxx# test cable-diagnostics tdr interface gi1 Cable is open at 64 meters Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 888: Show Cable-Diagnostics Tdr

    The following example displays information on the last TDR test performed on all copper ports. show cable-diagnostics tdr switchxxxxxx# Port Result Length Date [meters] ---- -------- ------------------ ------------ Short 13:32:00 23 July 2010 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 889: Show Cable-Diagnostics Cable-Length

    The following example displays the estimated copper cable length attached to all ports. switchxxxxxx# show cable-diagnostics cable-length Port Length [meters] ---- ----------------- gi11 < 50 gi12 Copper not active gi13 110-140 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 890: Show Fiber-Ports Optical-Transceiver

    - Internally measured supply voltage Current - Measured TX bias current Output Power - Measured TX output power in milliWatts Input Power - Measured RX received power in milliWatts - Loss of signal Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 891 PHY Diagnostics Commands N/A - Not Available, N/S - Not Supported, W - Warning, E - Error Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 892: Power Over Ethernet (Poe) Commands

    (Range: 1–32 characters) Default Configuration The default configuration is set to auto. Command Mode Interface (Ethernet) Configuration mode User Guidelines The never parameter cannot be used with a time range. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 893: Power Inline Inrush Test Disable

    Parameters N/A. Default Configuration Inrush test is enabled. Command Mode Global Configuration mode Example The following example disable inrush test. switchxxxxxx(config)# power inline inrush test disable Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 894: Power Inline Legacy Support Disable

    To add a description of the device type, use the power inline powered-device Interface Configuration mode command. To remove the description, use the no form of this command. Syntax power inline powered-device pd-type no power inline powered-device Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 895: Power Inline Priority

    • high—Specifies that the device operation is high priority. • low—Specifies that the device operation is low priority. Default Configuration The default configuration is set to low priority. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 896: Power Inline Usage-Threshold

    The default threshold is 95 percent. Command Mode Global Configuration mode Example The following example configures the threshold for initiating inline power usage alarms to 90 percent. switchxxxxxx(config)# power inline usage-threshold 90 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 897: Power Inline Traps Enable

    Syntax power power inline limit no power inline limit Parameters power—States the port power consumption limit in Milliwatts, Range is 0-60000. Default Configuration The default value is 30W Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 898: Power Inline Limit-Mode

    • port—The power limit of a port is fixed regardless of the class of the discovered PD. Default Configuration The default value is class Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 899: Power Inline Four-Pair Forced

    The command is used to force the spare pair to supply power, this allows the usage of 60 Watts PoE. CDP/LLDP will reflect power allocated of 60W regardless of power requested. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 900: Powered Device Forced

    PSE, this allows the usage of 60 Watts PoE without the usage of negotiation protocol. CDP/LLDP will reflect power requested and power consumption of 60W. Use the no command to return to dynamic detection (hardware or protocol based) of PSE uplink ports. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 901: Show Power Inline

    Example 1—The following example displays information about the inline power for all ports (port power based). switchxxxxxx(config)# show power inline Port limit mode: Enabled Usage threshhold: 95% Trap: Enabled Legacy Mode: Disabled Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 902 ------- ---------- -------- ------------------- Auto Critical IP Phone Model A Port status: Port is on - Valid PD resistor signature detected Port standard: 802.3AT Admin power limit: 30.0 watts Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 903 Critical, High or Low. Status Power operational state. The possible values are On, Off, Test-Fail, Testing, Searching or Fault. Class Power consumption classification of the device. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 904 Indicates if the port is enabled to provide power. The possible values are Auto or Never. Oper Power operational state. The possible values are On, Off, Test-Fail, Testing, Searching or Fault. Power Power consumed in watts. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 905 Port is on - Forced 4 pairs. Port is off - Main supply voltage is high. Port is off - Main supply voltage is low. Port is off - Hardware pin disables all ports. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 906: Show Power Inline Savings

    45.13 show power inline savings To display information about the device inline power saving, use the show power inline savings privileged EXEC mode command. Syntax show power inline savings Parameters Default Configuration Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 907: Clear Power Inline Counters

    Specifies an interface ID. The interface ID must be an Ethernet port type. If interface ID is not specified - counters for all interfaces are cleared. Default Configuration All interface counters are cleared. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 908: Clear Power Inline Monitor Consumption

    Ethernet port type. If interface ID is not specified - consumption information for all interfaces is cleared. Default Configuration All monitored interface info are cleared. Command Mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 909: Show Power Inline Monitor Consumption

    —Average Weekly Consumption. Displays the last 52 samples, sampled every 7 days (midnight Saturday to midnight Saturday according to system time). Default Configuration This command has no default settings. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 910 * time stamp represents end of sampling period Example 2: The following example displays the average weekly power consumption for the past 52 weeks gathered for entire device. switchxxxxxx# show power inline monitor consumption weeks Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 911: Show Powered-Device

    Syntax [interface-id] show powered-device Parameters Interface-id—Specifies an interface ID. The interface ID must be an Ethernet port. Default Configuration Show information for all ports. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 912 N/A. If CDP/LLDP negotiation is activated than this represent the maximum request power level. If no negotiation is activated this value is derived from the PD standard. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 913 In case the power negotiation is not completed or has failed to negotiate power the value of "Unknown" is displayed. If no negotiation is activated this value is derived from the PSE standard. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 914: Port Channel Commands

    LACP operation. Default Configuration The port is not assigned to a port-channel. Command Mode Interface (Ethernet) Configuration mode Default mode is on. User Guidelines LACP starts to manage port joining. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 915: Port-Channel Load-Balance

    MAC and IP addresses. Default Configuration src-dst-mac is the default option. Command Mode Global Configuration mode Example switchxxxxxx(config)# port-channel load-balance src-dst-mac Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 916: Show Interfaces Port-Channel

    Examples The following example displays information on all port-channels. switchxxxxxx# show interfaces port-channel Load balancing: src-dst-mac. Gathering information... Channel Ports ------- ----- Active: 1,Inactive: gi12-3 Active: 5 Inactive: gi14 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 917: Quality Of Service (Qos) Commands

    Use the qos advanced-mode trust command to specify the trust mode. Default Configuration QoS basic mode Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 918: Qos Advanced-Mode Trust

    • cos-dscp—Classifies ingress packets with the packet DSCP values for IP packets. For other packet types, use the packet CoS values. Default Configuration cos-dscp Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 919: Show Qos

    Parameters Default Configuration Disabled Command Mode Command Mode Privileged EXEC mode User Guidelines Trust mode is displayed if QoS is enabled in basic mode. Examples switchxxxxxx(config)# show qos Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 920: Class-Map

    OR of the criteria of the ACLs belonging to this class map. Only a single match criteria in this class map must be matched. Default Configuration No class map. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 921: Show Class-Map

    47.5 show class-map The show class-map Privileged EXEC mode mode command displays all class maps when QoS is in advanced mode. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 922: Match

    Syntax acl-name match access-group acl-name no match access-group Parameters acl-name—Specifies the MAC, IP ACL name, or IPv6 ACL name. (Length: 1–32 characters) Default Configuration No match criterion is supported. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 923: Policy-Map

    Parameters policy-map-name—Specifies the policy map name. (Length: 1–32 characters) Default Configuration Command Mode Global Configuration mode User Guidelines This command is only available when QoS is in advanced mode. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 924: Class

    • class-map-name—Specifies the name of an existing class map. If the class map does not exist, a new class map is created under the specified name. (Length: 1–32 characters) Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 925: Show Policy-Map

    Use the show policy-map Privileged EXEC mode command to display all policy maps or a specific policy map. This command is only available when QoS is in advanced mode. Syntax policy-map-name show policy-map [ Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 926: Trust

    Use the trust Policy-map Class Configuration mode. command to configure the trust state. Use the no form of this command to return to the default trust state. Syntax trust no trust Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 927 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 928: Set

    To return to the Configuration mode, use the exit command. To return to the Privileged EXEC mode, use the end command. The queue keyword is not supported into egress policies. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 929: Redirect

    —Specifies an Ethernet port or port channel to which the flow is redirected. Command Mode Policy-map Class Configuration mode. User Guidelines Use the redirect command to redirect a frame into the VLAN the frame was assigned to. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 930: Mirror

    Ethernet port. Syntax session_number mirror no mirror Parameters • session_number —Specify the session number identified with the SPAN or RSPAN session. Only a value of 1 is allowed. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 931 2 switchxxxxxx(config-pmap-c)# exit switchxxxxxx(config-pmap)# exit switchxxxxxx(config)# Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 932: Police

    DSCP of IP traffic. The DSCP remarking is configured by the qos map policed-dscp command with the violation keyword for the violation action and without this Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 933 The class is called class1 and is in a policy map called policy1. policy1 switchxxxxxx(config)# policy-map cls1 switchxxxxxx(config-pmap)# class switchxxxxxx(config-pmap-c)# police 124000 9600 exceed-action policed-dscp-transmit peak 200000 19200 violate-action policed-dscp-transmit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 934: Service-Policy

    Interface (Ethernet, Port Channel) Configuration mode Default Policy map is not bound. User Guidelines This command is only available in QoS advanced mode. Only one policy map per interface per direction is supported. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 935: Qos Aggregate-Policer

    Use the qos aggregate-policer Global Configuration mode command to define the policer parameters that can be applied to multiple traffic classes. Use the no form of this command to remove an existing aggregate policer. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 936 DSCP remarking is configured by the qos map policed-dscp command with the violation keyword for the violation action and without this keyword for the exceed action. DSCP remarking will have effect only if the mode is trust dscp. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 937 Three-color policer called policer2 that can be applied to multiple classes in the same policy map. When the average traffic rate exceeds 124,000 kbps or the normal burst size exceeds 9600 bytes, the packet is remarked. When the average Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 938: Show Qos Aggregate-Policer

    Example 1. The following example displays the parameters of the aggregate policer called Policer1. switchxxxxxx# policer1 show qos aggregate-policer aggregate-policer policer1 96000 4800 exceed-action drop not used by any policy map Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 939: Police Aggregate

    An aggregate policer cannot be applied across multiple policy maps or interfaces. Use the exit command to return to the Configuration mode. Use the end command to return to the Privileged EXEC mode. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 940: Wrr-Queue Cos-Map

    8 CoS values to map to the specified queue number. (Range: 0–7) Default Configuration The default CoS value mapping to 8 queues is as follows: Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 941: Wrr-Queue Bandwidth

    Use the no form of this command to restore the default configuration. Syntax weight1 weight2 weighting wrr-queue bandwidth no wrr-queue bandwidth Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 942: Priority-Queue Out Num-Of-Queues

    47.21 priority-queue out num-of-queues Use the priority-queue out num-of-queues Global Configuration mode command to configure the number of expedite queues. Use the no form of this command to restore the default configuration. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 943: Traffic-Shape

    47.22 traffic-shape Use the traffic-shape Interface (Ethernet, Port Channel) Configuration mode command to configure the egress port shaper. Use the no form of this command to disable the shaper. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 944: Traffic-Shape Queue

    Use the traffic-shape queue Interface (Ethernet, Port Channel) Configuration mode command to configure the egress queue shaper. Use the no form of this command to disable the shaper. Syntax queue-id committed-rate committed-burst traffic-shape queue Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 945: Qos Wrr-Queue Wrtd

    Use the qos wrr-queue wrtd Global Configuration mode command to enable Weighted Random Tail Drop (WRTD). Use the no form of this command to disable WRTD. Syntax qos wrr-queue wrtd Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 946: Show Qos Wrr-Queue Wrtd

    47.25 show qos wrr-queue wrtd Use the show qos wrr-queue wrtd Privileged EXEC mode command to display the Weighted Random Tail Drop (WRTD) configuration. Syntax show qos wrr-queue wrtd Parameters Default Configuration Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 947: Show Qos Interface

    • interface-id —Specifies an interface ID. The interface ID can be one of the following types: Ethernet port, or Port-channel. Default Configuration Command Mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 948 EF priority: qid-weights Ef - Priority 1 - N/A ena- 1 2 - N/A ena- 2 3 - N/A ena- 3 4 - N/A ena- 4 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 949 Example 3 —The following an example of the output from the show qos interface buffers command for 8 queues switchxxxxxx(config)# gi11 show qos interface buffers gi11 Notify Q depth: gi11 buffers gi11 Ethernet thresh0 thresh1 thresh2 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 950 Port shaper: enable Committed rate: 64 kbps Committed burst: 9600 bytes Target Target Status Committed Committed Rate [kbps] Burst [bytes] Enable 17000 Disable Enable Disable Disable Disable Enable Enable Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 951: Qos Map Policed-Dscp

    [violation] [ Parameters • violation—Specifies the DSCP remapping in the violate action. If the keyword is not configured the the command specifies the DSCP remapping in the exceed action. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 952: Qos Map Dscp-Queue

    DSCP to queue map. Use the no form of this command to restore the default configuration. Syntax qos map dscp-queue dscp-list queue-id dscp-list no qos map dscp-queue [ Parameters • dscp-list—Specifies up to 8 DSCP values, separated by spaces. (Range: 0– Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 953: Qos Trust (Global)

    Specifies that ingress packets are classified with packet CoS values. Untagged packets are classified with the default port CoS value. • dscp—Specifies that ingress packets are classified with packet DSCP values. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 954: Qos Trust (Interface)

    QoS mode. Use the no form of this command to disable the trust state on each port. Syntax qos trust Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 955: Qos Cos

    CoS value (VPT value) of the port. If the port is trusted and the packet is untagged, then the default CoS value become the CoS value. (Range: 0–7) Default Configuration The default CoS value of a port is 0. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 956: Qos Dscp-Mutation

    Global Configuration mode User Guidelines Apply the DSCP-to-DSCP-mutation map to a port at the boundary of a Quality of Service (QoS) administrative domain. If two QoS domains have different DSCP Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 957: Qos Map Dscp-Mutation

    8 DSCP mapped values, separated by spaces. (Range: 0–63) Default Configuration The default map is the Null map, which means that each incoming DSCP value is mapped to the same DSCP value. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 958: Show Qos Map

    DSCP to Drop Precedence map. • policed-dscp—Displays the DSCP to DSCP remark table. • dscp-mutation—Displays the DSCP-DSCP mutation table. Default Configuration Display all maps. Command Mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 959 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 21 21 Policed-dscp map (violate): d1 : d2 0 ------------------------------------ Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 960: Clear Qos Statistics

    Use the clear qos statistics Privileged EXEC mode command to clear the QoS statistics counters. Syntax clear qos statistics Parameters Default Configuration Command Mode Privileged EXEC mode Example The following example clears the QoS statistics counters. switchxxxxxx(config)# clear qos statistics Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 961: Qos Statistics Policer

    47.37 qos statistics aggregate-policer Use the qos statistics aggregate-policer Global Configuration mode command to enable counting in-profile and out-of-profile. Use the no form of this command to disable counting. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 962: Qos Statistics Queues

    | all} {dp | all} {interface | all} no qos statistics queues Parameters • set—Specifies the counter set number. • interface—Specifies the Ethernet port. • queue—Specifies the output queue number. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 963: Show Qos Statistics

    47.39 show qos statistics Use the show qos statistics Privileged EXEC mode command to display Quality of Service statistical information. Syntax show qos statistics Parameters Default Configuration Command Mode Privileged EXEC mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 964 Class2 8759 gi12 Policy1 Class1 75457 gi12 Policy1 Class2 5326 Aggregate Policers ------------------- Name In-Profile Peak Violate Bytes Bytes Bytes ---------- --------- -------- --------- Policer 756457 5427 Output Queues Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 965 Quality of Service (QoS) Commands ------------- Interface Queue Total Packets Packets ---------------- ---------- ---------- --------- -------- gi11 High 756457 1.2% gi12 High 8759 0.2% Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 966: Radius Commands

    0. If unspecified, the port number defaults to 1813. • timeout timeout —Specifies the timeout value in seconds. (Range: 1–30) Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 967 If key-string is not specified, the global value (set in the radius-server key command) is used. If the usage keyword is not specified, the all argument is applied. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 968: Radius-Server Key

    RADIUS daemon. (Range: 0–128 characters) • encrypted-key-string —Same as the key-string parameter, but the key is in encrypted form. Default Configuration The key-string is an empty string. Command Mode Global Configuration mode Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 969: Radius-Server Retransmit

    The software searches the list of RADIUS server hosts 3 times. Command Mode Global Configuration mode Example The following example configures the number of times the software searches all RADIUS server hosts as 5. switchxxxxxx(config)# radius-server retransmit Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 970: Radius-Server Host Source-Interface

    If there is no available IPv4 source address, a SYSLOG message is issued when attempting to communicate with an IPv4 RADIUS server. Example The following example configures the VLAN 10 as the source interface. switchxxxxxx(config)# vlan 100 radius-server host source-interface Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 971: Radius-Server Host Source-Interface-Ipv6

    If there is no available source IPv6 address, a SYSLOG message is issued when attempting to communicate with an IPv6 RADIUS server. Example The following example configures the VLAN 10 as the source interface. switchxxxxxx(config)# radius-server host source-interface-ipv6 vlan 100 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 972: Radius-Server Timeout

    RADIUS servers are skipped over by transaction requests. This improves RADIUS response time when servers are unavailable. Use the no form of this command to restore the default configuration. Syntax radius-server deadtime deadtime Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 973: Show Radius-Servers

    The following example displays RADIUS server settings: switchxxxxxx# show radius-servers IP address Port Port Time Dead Auth Acc Retransmision time Priority Usage ---------- ---- ---- ---- ------------- ------ -------- ----- Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 974: Show Radius-Servers Key

    Privileged EXEC mode Example The following example displays RADIUS server key settings switchxxxxxx# show radius-servers key IP address Key (Encrypted) ---------- --------- 172.16.1.1 Sharon123 172.16.1.2 Bruce123 Global key (Encrypted) -------------- Alice456 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 975 RADIUS Commands Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 976: Radius Server Commands

    Use the no form of the command, to return to the default. Example The following example assigns an periodical time interval: switchxxxxxx(config)# time-range connection-time switchxxxxxx(config-time-range)# periodic mon 12:00 to wed 12:00 switchxxxxxx(config-time-range)# exit switchxxxxxx(config)# radius server group developers Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 977: Clear Radius Server Accounting

    49.3 clear radius server rejected users To clear the Radius Rejected Users cache, use the clear radius server rejected users command in Privileged EXEC mode. Syntax clear radius server rejected users Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 978: Clear Radius Server Statistics

    Use the clear radius server statistics command without parameter to clear the all counters. Use the clear radius server statistics command with parameter to clear the counters of a given NAS. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 979: Privilege-Level

    Use the no form of the command, to return to the default. A value of privilege level is passed to a Radius client in the Access-Accept message in the Vendor-Specific(26) attribute. The attribute is only passed to login users. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 980: Radius Server Accounting-Port

    User Guidelines Use the radius server accounting-port command, to define an UDP port for accounting requests. Use the no radius server accounting-port command, to restore the default UDP accounting port. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 981: Radius Server Authentication-Port

    Use the no radius server authentication-port command, to restore the default UDP authentication port. Example The following example defines port 2083 as an authentication UDP port: switchxxxxxx(config)# authentication -port 2083 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 982: Radius Server Enable

    To enter into Radius Server Group Configuration mode and create this group if it does not exist, use the radius server group command in Global Configuration mode. To restore the default configuration, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 983: Radius Server Nas Secret

    49.10 radius server nas secret To create a secret key, use the radius server nas secret key command in Global Configuration mode. To delete the key, use the no form of this command. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 984 If a NAS is not defined by this command all messages received from this NAS will be dropped. The Radius server supports up to 50 NASs. Use the no radius server nas secret default command, to delete the default key. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 985: Radius Server Traps Accounting

    Global Configuration mode. To disable the traps, use the no form of this command. Syntax radius server traps accounting no radius server traps accounting Parameters Default Configuration Accounting traps are disabled. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 986: Radius Server Traps Authentication Failure

    Command Mode Global Configuration mode User Guidelines A rate limit is applied to the traps: not more than one trap of this type can be sent in 10 seconds. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 987: Radius Server Traps Authentication Success

    A rate limit is applied to the traps: not more than one trap of this type can be sent in 10 seconds. Example The following example enables sending traps when a user is successfully authorized: switchxxxxxx(config)# radius server traps authentication success Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 988: Radius Server User

    Use the no radius server user group command to delete users of the given group. Use the no radius server user command to delete all users. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 989: Show Radius Server Accounting

    Use the show radius server accounting command, to display accounting information of all users. Examples Example 1. The following example displays accounting information of all users: switchxxxxxx# show radius server accounting 29-Jun-14, 16:00, Stop User: Bob Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 990 NAS Address: 10.23.1.3 User Address: 160.134.7.8 *20-Feb-2008, 9:00, Reboot Example 2. The following example displays accounting information of one user Bob: switchxxxxxx# show radius server accounting username Bob: 29-Jun-14, 16:00, Stop Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 991: Show Radius Server Configuration

    Privileged EXEC mode. Syntax show radius server configuration Parameters Command Mode Privileged EXEC mode User Guidelines Use the show radius server configuration command, to display Radius server global configuration. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 992: Show Radius Server Group

    Use the show radius server group command, to display all groups. Example The following example displays radius server groups. switchxxxxxx# show radius server group Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 993: Show Radius Server Rejected Users

    The Radius server saves the last 1000 accounting logs in a cycle file on FLASH. user-name Use the show radius server rejected users command, to display one rejected user. Use the show radius server rejected users command, to display all rejected users. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 994 User Address: 00:67:67:96:ac:21 Reason: Not Supported EAP method 20-Feb-08 14:14 User Name: Alisa User Type: 802.1x NAS Address: 10.1.1.1 NAS Port: 2 User Address: 00:67:67:96:ac:21 Reason: Not allowed at this time Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 995: Show Radius Server Nas Secret

    IPv4, IPv6 or IPv6z address. Command Mode Privileged EXEC mode User Guidelines Use the show radius server nas secret default command, to display the default secret key. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 996 Example 3. The following example displays the secret key of one given NAS: switchxxxxxx# show radius server nas secret 10.1.35.3 NAS ID Secret Key’s MD5 ------------------------- -------------------------------- 10.1.35.3 1238af77aaca17568f1298cced165fec Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 997: Show Radius Server Statistics

    Number of incoming Access-Requests from unknown addresses: 0 Number of duplicate incoming Access-Requests: 3 Number of sent Access-Accepts: 100 Number of sent Access-Rejects: 17 Number of sent Access-Challenges: 0 Number of incoming malformed Access-Requests: 0 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...
  • Page 998 Number of incoming Authentication packets of unknown type: 0 Number of incoming packets on the accounting port: 80 Number of incoming Accounting-Requests from unknown addresses: 0 Number of incoming duplicate Accounting-Requests: 0 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 999: Show Radius Server User

    Use the show radius server user command, to display all users. Examples The following example displays one user bob: switchxxxxxx# show radius server user username bob User bob Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

  • Page 1000: Vlan

    Tunnel-Medium-Type(65) • Tunnel-Private-Group-ID(81) If a VLAN is not assigned these attributes are not included in the Access-Accept message. Use the no form of the command, to delete VLAN assignment. Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide...

Table of Contents