Cisco SPS2024 Reference Manual

Cisco SPS2024 Reference Manual

Cisco systems ethernet switch reference guide
Hide thumbs Also See for SPS2024:
Table of Contents

Advertisement

REFERENCE GUIDE
Cisco Small Business Pro
SPS208G/SPS224G4/SPS2024 Ethernet Switches
Command Line Interface

Advertisement

Table of Contents
loading

Summary of Contents for Cisco SPS2024

  • Page 1 REFERENCE GUIDE Cisco Small Business Pro SPS208G/SPS224G4/SPS2024 Ethernet Switches Command Line Interface...
  • Page 2 © 2008 Cisco Systems, Inc. All rights reserved. OL-18485-01...
  • Page 3: Table Of Contents

    Chapter 1: Introduction Chapter 2: AAA Commands Chapter 3: ACL Commands SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Overview CLI Command Modes Accessing the Command Line Interface Editing Features aaa authentication login aaa authentication enable login authentication enable authentication ip http authentication...
  • Page 4 Chapter 4: ARP Inspection Commands Chapter 5: Address Table Commands SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide show interfaces access-lists ip arp inspection ip arp inspection vlan ip arp inspection trust ip arp inspection validate ip arp inspection list create ip mac...
  • Page 5 Chapter 6: Clock Commands Chapter 7: Configuration and Image File Commands SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide show bridge multicast address-table static show bridge multicast filtering show ports security show ports security addresses clock set clock source clock timezone clock summer-time...
  • Page 6 Chapter 8: DHCP Commands Chapter 9: DHCP Relay Commands Chapter 10: DHCP Option 82 Commands Chapter 11: DHCP Auto-configuration SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide show startup-config ip dhcp snooping ip dhcp snooping vlan ip dhcp snooping trust ip dhcp information option allowed-untrusted...
  • Page 7 Chapter 12: Ethernet Configuration Commands SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface ethernet interface range ethernet shutdown description speed duplex negotiation port jumbo-frame show system flowcontrol flowcontrol mdix back-pressure port jumbo-frame sfp speed clear counters set interface active show interfaces configuration...
  • Page 8 Chapter 13: GVRP Commands Chapter 14: IGMP Snooping Commands Chapter 15: IP Address Commands SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide gvrp enable (Global) gvrp enable (Interface) garp timer gvrp vlan-creation-forbid gvrp registration-forbid clear gvrp statistics show gvrp configuration show gvrp statistics...
  • Page 9 Chapter 16: IP Source Guard Commands Chapter 17: LACP Commands SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide renew dhcp ip default-gateway show ip interface arp timeout clear arp-cache show arp ip domain-lookup ip domain-name ip name-server ip host clear host clear host dhcp...
  • Page 10 Chapter 18: Line Commands Chapter 19: Management ACL Commands Chapter 20: PHY Diagnostics Commands Chapter 21: Port Channel Commands Chapter 22: Port Monitor Commands SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide line speed exec-timeout show line management access-list management access-class permit (management)
  • Page 11 Chapter 23: QoS Commands SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide show qos class-map show class-map match policy-map class show policy-map trust police qos aggregate-policer show qos aggregate-policer police aggregate wrr-queue bandwidth wrr-queue cos-map priority-queue out num-of-queues traffic-shape rate-limit (Ethernet) show qos interface...
  • Page 12 Chapter 24: RADIUS Commands Chapter 25: RMON Commands Chapter 26: SNMP Commands SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide qos map dscp-mutation show qos map radius-server host radius-server key radius-server retransmit radius-server source-ip radius-server timeout radius-server deadtime show radius-servers show rmon statistics...
  • Page 13 Chapter 27: RSA and Certificate Commands Chapter 28: Spanning Tree Commands SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide snmp-server filter snmp-server host snmp-server v3-host snmp-server engineID local snmp-server enable traps snmp-server trap authentication snmp-server contact snmp-server location snmp-server set show snmp...
  • Page 14 Chapter 29: SSH Commands SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide spanning-tree port-priority spanning-tree portfast spanning-tree link-type spanning-tree pathcost method spanning-tree bpdu spanning-tree guard root clear spanning-tree detected-protocols spanning-tree mst priority spanning-tree mst max-hops spanning-tree mst port-priority spanning-tree mst cost spanning-tree mst configuration...
  • Page 15 Chapter 30: Syslog Commands Chapter 31: System Management Commands SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide show crypto key mypubkey crypto certificate request crypto certificate import crypto certificate export show crypto certificate mycertificate logging on logging logging console logging buffered logging buffered size...
  • Page 16 Chapter 32: TACACS+ Commands Chapter 33: User Interface Commands SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide show cpu utilization show users show sessions show system show version show system tcam utilization tacacs-server host tacacs-server key tacacs-server timeout tacacs-server source-ip show tacacs...
  • Page 17 Chapter 34: VLAN Commands SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide switchport protected switchport protected-port switchport protected-port fastethernet vlan database vlan default-vlan vlan interface vlan interface range vlan name switchport mode switchport protected switchport access vlan switchport access multicast-tv vlan switchport trunk allowed vlan...
  • Page 18 Chapter 35: Web Server Commands Chapter 36: 802.1x Commands SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide ip http server ip http port ip http exec-timeout ip https server ip https port ip https exec-timeout ip https certificate show ip http show ip https...
  • Page 19 Appendix A: Alias Names Appendix B: Where to Go From Here Appendix C: Additional Information Appendix D: Support Contacts SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide dot1x radius-attributes vlan dot1x single-host-violation dot1x bpdu show dot1x bpdu dot1x guest-vlan dot1x guest-vlan enable...
  • Page 20: Chapter 1: Introduction

    Overview This document describes the Command Line Interface (CLI) used to manage the Linksys SPS208G, SPS224G4, and SPS2024 switches. Unless noted otherwise, all of the CLI commands in this document apply to all three switches. This chapter describes the CLI command modes, how to access the CLI, and the CLI command editing features.
  • Page 21: User Exec Mode

    “ tasks that do not change the configuration, such as performing basic tests and listing system information. The user-level prompt consists of the Switch host name followed by the angle bracket >: Console> The default host name is Console unless it is changed via the hostname command in Global Configuration mode.
  • Page 22: Global Configuration Mode

    Use any of the following commands to return from Global Configuration mode to the Privileged EXEC mode: exit Ctrl+Z The following example shows how to access Global Configuration mode and return to Privileged EXEC mode: Console# Console# configure Console(config)# exit Console# SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 23: Interface Configuration Mode

    To return from any Interface Configuration mode to the Global Configuration mode, use the exit command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Line Interface — Contains commands used to configure the management connections. These include commands such as line timeout settings, etc.
  • Page 24: Accessing The Command Line Interface

    The Switch’s RS-232 serial console port provides a direct connection to a computer’s serial port using a standard DB-9 null-modem or crossover cable. Once the computer and Switch are connected, run a terminal application such as HyperTerminal to access the Command Line Interface.
  • Page 25 Enter a name for this connection. Select an icon for the application, then click OK. STEP 3 Figure 2 HyperTerminal Connection Description Screen Select a port to communicate with the switch. Select COM1 or COM2. STEP 4 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 26 Figure 3 HyperTerminal Connect To Screen Set the serial port settings as follows, then click OK. STEP 5 • • • • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Bits per Second: 38400 Databits: 8 Parity: one Stop bits: 1 Flow control: None...
  • Page 27 STEP 6 and press Enter. Figure 5 Command Line User Name Prompt The console# prompt is displayed. This prompt is where you enter CLI commands. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Command Line Interface appears, enter admin at the User Name...
  • Page 28 Accessing the Command Line Interface Figure 6 Command Line You can now enter CLI commands to manage the Switch. For detailed information on CLI commands, refer to the appropriate chapter(s) of this Reference Guide. Using Telnet over an Ethernet Interface Telnet provides a method of connecting to the Command Line Interface using TCP/ IP over a standard Ethernet connection.
  • Page 29 The console# prompt is displayed. This prompt is where you enter CLI commands. STEP 4 Figure 10 Command Line You can now enter CLI commands to manage the Switch. For detailed information on CLI commands, refer to the appropriate chapter(s) of this Reference Guide. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Command Line Interface will be displayed.
  • Page 30: Editing Features

    • • • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide ethernet is an argument that specifies the interface type, and Keyword lookup — The character ? is entered in place of a command. A list of all valid commands and corresponding help messages are is displayed.
  • Page 31: Terminal Command Buffer

    This Reference Guide provides a description of the negation effect for each CLI command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description Recalls commands in the history buffer, beginning with the most recent command.
  • Page 32: Command Completion

    For example, g1-3 stands for Gigabit Ethernet ports 1, 2, and 3, and g1,5 stands for Gigabit Ethernet ports 1 and 5. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide 10/100 Ethernet Gigabit Ethernet...
  • Page 33: Keyboard Shortcuts

    When entering commands there are certain command entry standards that apply to all commands. The following table describes the command conventions. Convention parameter SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description Recalls commands from the history buffer, beginning with the most recent command. Repeat the key sequence to recall successively older commands.
  • Page 34: Copying And Pasting Text

    When copying and pasting commands from a configuration file, make sure that the following conditions exist: • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description Names of keys to be pressed are shown in bold. Keys separated by the + character are to be...
  • Page 35: Chapter 2: Aaa Commands

    SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide list-name default — Uses the listed authentication methods that follow this argument as the default list of methods when a user logs in. list-name — Character string used to name the list of authentication methods activated when a user logs in.
  • Page 36: Default Configuration

    Example The following example configures the authentication login: Console(config)# aaa authentication login default radius tacacs enable line local none SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description Uses the list of all TACACS+ servers for authentication. list-name local.
  • Page 37: Aaa Authentication Enable

    If the default list is not set, only the enable password is checked. This has the same effect as the command aaa authentication enable default enable. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide list-name default — Uses the listed authentication methods that follow this argument as the default list of methods, when using higher privilege levels.
  • Page 38: Login Authentication

    Syntax login authentication {default | no login authentication SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide default requests sent by the device to a RADIUS or list-name...
  • Page 39: Enable Authentication

    Telnet or console. To restore the default configuration specified by the aaa authentication enable command, use the no form of this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide default — Uses the default list created with the aaa authentication login command.
  • Page 40 The following example specifies the default authentication method when accessing a higher privilege level from a console. Console(config)# line console Console(config-line)# enable authentication default SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide list-name default — Uses the default list created with the aaa authentication enable command.
  • Page 41: Ip Http Authentication

    Default Configuration The local user database is checked. This has the same effect as the command ip http authentication Command Mode Global Configuration mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide method1 method2... method1 method2... ] — Specify at least one method from the following list:...
  • Page 42: Ip Https Authentication

    Parameters • Keyword local none radius tacacs SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide method1 method2... method1 method2... ] — Specify at least one method from the following list: Description Uses the local username database for authentication.
  • Page 43: Show Authentication Methods

    Console(config)# ip https authentication radius tacacs local none show authentication methods The show authentication methods Privileged EXEC mode command displays information about the authentication methods. Syntax show authentication methods Default Configuration This command has no default configuration. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide local...
  • Page 44 Login Authentication Method Lists --------------------------------- Default: Radius, Local, Line Enable Authentication Method Lists ---------------------------------- Default: Radius, Enable Console_Enable: Enable, None LineLogin Method ListEnable Method List ----------------------------------------------- ConsoleConsole_LoginConsole_Login TelnetDefaultDefault SSHDefaultDefault http: Radius, Local https: Radius, Local dot1x: Radius SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 45: Password

    Example The following example specifies the password called ‘secret’ on a console. Console(config)# line console Console(config-line)# password secret SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide password [encrypted] password — Password for this level. (Range: 1-159 characters) encrypted — Encrypted password to be entered, copied from another...
  • Page 46: Enable Password

    There are no user guidelines for this command. Example The following example sets a local level 15 password called ‘secret’ to control access to user and privilege levels. Console(config)# enable password secret level 15 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide level password level] password —...
  • Page 47: Username

    Default Configuration No user is defined. Command Mode Global Configuration mode User Guidelines User account can be created without a password. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide name [password password name name — The name of the user. (Range: 1-20 characters) password —...
  • Page 48: Show Users Accounts

    No default configuration for this command. Command Mode Privileged EXEC mode User Guidelines User account can be created without a password. Example The following example displays information about the users local database. Console# show users accounts SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 49: Show Privilege

    Syntax show privilege Parameters This command has no arguments or key words Default Configuration This command has no default configuration. Command Mode EXEC Example Console# show privilege Current privilege level is 15 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Privilege ---------...
  • Page 50: Chapter 3: Acl Commands

    The default for all ACLs is deny-all. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide access-list-name access-list-name — Specifies the name of the ACL. (Range: 0-32 characters) Use “” for empty string.
  • Page 51: Permit (Ip)

    {any | { destination-wildcard ip-precedence permit-udp {any | { destination-wildcard ip-precedence Parameters • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide protocol } {any | { source source-wildcard }} [dscp dscp-number source source-wildcard icmp-type icmp-code }} {ny | } {any |...
  • Page 52 Reservation Protocol General Routing Encapsulation Encapsulating Security Payload (50) Authentication Header ICMP for IPv6 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide destination — Specifies the destination IP address of the packet. Specify any to indicate IP address 0.0.0.0 and mask 255.255.255.255. destination-wildcard —...
  • Page 53 • • • • • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide dscp — Indicates matching the (Range: 0-63) ip-precedence — Indicates matching the packet ip-precedence value. (Range: 0-7) icmp-type — Specifies an ICMP message type for filtering ICMP packets.
  • Page 54: Deny (Ip)

    The deny IP-Access List Configuration mode command denies traffic if the conditions defined in the deny statement match. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide fin. The flags are concatenated into one string. For example: +fin-ack. To define more than 1 flag - enter additional flags one after another without a...
  • Page 55 [disable-port] {any | { destination destination-wildcard precedence Parameters • • • • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide protocol } {any | { }} [dscp source source-wildcard icmp-type }} {ny | number source source-wildcard igmp-type }} {any |...
  • Page 56 IP-within-IP Encapsulation Protocol Protocol Independent Multicast Layer Two Tunneling Protocol SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide protocol — Specifies the abbreviated name or number of an IP protocol. (Range: 0-255). The following table lists the protocols that can be specified:...
  • Page 57 Console(config)# ip access-list ip-acl1 Console(config-ip-al)# deny rsvp 192.1.1.1 0.0.0.255 any SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide in-port port-num — (Optional) Specifies the input port of the device. In case of egress classification this port will be the device input port.
  • Page 58: Mac Access-List

    There are no user guidelines for this command. Example The following example shows how to create a MAC ACL. Console(config)# mac access-list macl-acl1 Console(config-mac-al)# SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide name name name — Specifies the name of the ACL. (Range: 0-32 characters) Use “” for...
  • Page 59: Permit (Mac)

    • • • Default Configuration No MAC ACL is defined. Command Mode MAC-Access List Configuration mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide source source-wildcard vlan-id cos cos-wildcard ] [cos source — Specifies the source MAC address of the packet. source-wildcard —...
  • Page 60: Deny (Mac)

    [disable-port] {any | { wildcard [cos Parameters • • • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide source source-wildcard vlan-id }}[vlan cos cos-wildcard eth-type ] [ethtype disable-port — Indicates that the port is disabled if the statement is deny.
  • Page 61 The following example shows how to create a MAC ACL with deny rules on a device. Console(config)# mac access-list macl1 Console (config-mac-acl)# deny 00:00:00:00:10:00 any SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide destination-wildcard — (Optional for the first type) Specifies wildcard bits by placing 1’s in bit positions to be ignored.
  • Page 62: Service-Policy

    To control access to an interface, use the service-acl command in interface configuration mode. To remove the access control, use the no form of this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide input — Use input policy-map-name to apply the specified policy-map to the input interface.
  • Page 63: Show Access-Lists

    [ Parameters • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Two ACLs of the same type can’t be added to a port. An ACL can’t be added to a port that is already bounded to an ACL, without first removing the current ACL and binding the two ACLs together.
  • Page 64: Show Interfaces Access-Lists

    The show interfaces access-lists Privileged EXEC mode command displays access lists applied on interfaces. Syntax show interfaces access-lists [ethernet interface | port-channel port-channel- number] Parameters • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface — Valid Ethernet port. port-channel-number — Valid port-channel number.
  • Page 65 Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays ACLs applied to the interfaces of a device: Console# show interfaces access-lists Interface --------- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Input ----- ACL1 ACL3...
  • Page 66: Chapter 4: Arp Inspection Commands

    The default configuration is set to disabled. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example globally enables ARP inspection. Console(config)# ip arp inspection SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 67: Ip Arp Inspection Vlan

    The ip arp inspection list assign Global Configuration mode command enables static ARP inspection. Example The following example enables ARP inspection on a VLAN based on the DHCP snooping database. Console(config)# ip arp inspection vlan SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-id vlan-id vlan-id — Specifies a VLAN ID.
  • Page 68: Ip Arp Inspection Trust

    Command Mode Interface Configuration (Ethernet, Port-channel) mode. User Guidelines The switch does not check ARP packets, which are received on the trusted interface; it simply forwards the packets. For untrusted interfaces, the switch intercepts all ARP requests and responses. It...
  • Page 69: Ip Arp Inspection Validate

    The following are performed: • • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Source MAC: Compare the source MAC address in the Ethernet header against the sender MAC address in the ARP body. This check is performed on both ARP requests and responses.
  • Page 70: Ip Arp Inspection List Create

    Default Configuration No static ARP binding list exists. Command Mode Global Configuration mode User Guidelines This command enables static ARP inspection on a VLAN. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide name name name — Specifies the list name. (Range: 1-32 characters)
  • Page 71: Ip Mac

    No binding is defined. Command Mode ARP-list Configuration mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide mac-address ip-address mac-address ip-address — Specifies the IP address to be entered to the list.
  • Page 72: Ip Arp Inspection List Assign

    Default Configuration No static ARP binding list assignment exists. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-id name vlan vlan-id — Specifies the VLAN ID. name —...
  • Page 73: Ip Arp Inspection Logging Interval

    Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide seconds seconds — Specifies the minimal interval between successive ARP SYSLOG messages. A 0 value means that a system message is immediately generated.
  • Page 74: Show Ip Arp Inspection

    Default Configuration This command has no default configuration. Command Mode EXEC User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface interface — Specifies an Ethernet port. port-channel-number — Specifies a port-channel number.
  • Page 75: Show Ip Arp Inspection List

    The show ip arp inspection list Privileged EXEC mode command displays the static ARP binding list. Syntax show ip arp inspection list Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 76 Example The following example displays the static ARP binding list. Console# show ip arp inspection list List name: servers Assigned to VLANs: 1,2 ---------- 172.16.1.1 172.16.1.2 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide -------------- 0060.704C.7321 0060.704C.7322...
  • Page 77: Chapter 5: Address Table Commands

    • • • • • • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide mac-address — A valid MAC address. interface— A valid Ethernet port. port-channel-number — A valid port-channel number. permanent — The address can only be deleted by the no bridge address command.
  • Page 78: Bridge Multicast Filtering

    The bridge multicast filtering Global Configuration mode command enables filtering Multicast addresses. To disable filtering Multicast addresses, use the no form of this command. Syntax bridge multicast filtering no bridge multicast filtering SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 79: Bridge Multicast Address

    To unregister the MAC address, use the no form of this command. Syntax bridge multicast address { bridge multicast address { remove] {ethernet no bridge multicast address { SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide mac-multicast-address mac-multicast-address interface-list port-channel-number-list | port-channel mac-multicast-address...
  • Page 80 The following example registers the MAC address: Console(config)# interface vlan 8 Console(config-if)# bridge multicast address 01:00:5e:02:02:03 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide add — Adds ports to the group. If no option is specified, this is the default option. remove — Removes ports from the group.
  • Page 81: Bridge Multicast Forbidden Address

    • • • • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface-list } [add | remove] {ethernet add — Adds ports to the group. If no option is specified, this is the default option. remove — Removes ports from the group.
  • Page 82: Bridge Multicast Forward-All

    Multicast packets on a port. Use the no form of this command to restore the default configuration. Syntax bridge multicast forward-all {add | remove} {ethernet port-channel-number-list no bridge multicast forward-all SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface-list | port-channel...
  • Page 83 In this example, all Multicast packets on port e8 are forwarded. Console(config)# interface vlan 2 Console(config-if)# bridge multicast forward-all add ethernet e8 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide add — Force forwarding all Multicast packets. remove — Do not force forwarding all Multicast packets.
  • Page 84: Bridge Multicast Forbidden Forward-All

    Multicast packets are forwarded to it unconditionally. This command prevents a port from becoming a Multicast device port. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide port-channel-number-list add — Forbids forwarding all Multicast packets. remove — Does not forbid forwarding all Multicast packets.
  • Page 85: Bridge Aging Time

    Parameters • Default Configuration The default setting is 300 seconds. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide seconds seconds — Time in seconds. (Range: 10-630 seconds)
  • Page 86: Clear Bridge

    This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example In the following example, the bridge tables are cleared. Console# clear bridge SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 87: Port Security

    Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide forward — Forwards packets with unlearned source addresses, but does not learn the address. discard — Discards packets with unlearned source addresses. This is the default if no option is indicated.
  • Page 88: Port Security Mode

    This setting is disabled. Command Mode Interface Configuration (Ethernet, port-channel) mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide lock — Saves the current dynamic MAC addresses associated with the port and disables learning, relearning and aging. mac-addresses — Deletes the current dynamic MAC addresses associated with the port and learns up to the maximum number addresses allowed on the port.
  • Page 89: Port Security Max

    Parameters • Default Configuration The default configuration is 128. Command Mode Interface Configuration (Ethernet, port-channel) mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide max-addr max-addr — Maximum number of addresses that can be learned on the port. The range is 1-128.
  • Page 90: Show Bridge Address-Table

    Parameters • • • • Default Configuration This command has no default configuration. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan mac-address | address vlan — Specifies a valid VLAN, such as VLAN 1. interface — A valid Ethernet port.
  • Page 91: Show Bridge Address-Table Static

    The show bridge address-table static Privileged EXEC mode command displays statically created entries in the bridge-forwarding database. Syntax show bridge address-table static [vlan vlan] [ethernet interface | port-channel port-channel-number] SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide mac address Port ---- 00:60:70:4C:73:FF...
  • Page 92 In this example, all static entries in the bridge-forwarding database are displayed. Console# show bridge address-table static Aging time is 300 sec vlan ---- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan — Specifies a valid VLAN, such as VLAN 1. interface — A valid Ethernet port.
  • Page 93: Show Bridge Address-Table Count

    In this example, the number of addresses present in all VLANs are displayed. Console# show bridge address-table count Capacity: 8192 Free: 8083 Used: 109 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide port-channel-number vlan — Specifies a valid VLAN, such as VLAN 1. interface —...
  • Page 94: Show Bridge Multicast Address-Table

    Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-id — Indicates the VLAN ID. This has to be a valid VLAN ID value. mac-multicast-address — A valid MAC Multicast address.
  • Page 95 ---- Forbidden ports for multicast addresses: Vlan ---- Console# show bridge multicast address-table format ip Vlan ---- Forbidden ports for multicast addresses: Vlan ---- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide MAC Address Type -------------- ------- 01:00:5e:02:02:03 static 01:00:5e:02:02:08 static 00:00:5e:02:02:08...
  • Page 96: Show Bridge Multicast Address-Table Static

    Privileged EXEC mode User Guidelines A MAC address can be displayed in IP format only if it is in the range 0100.5e00.0000 through 0100.5e7f.ffff. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide ip-multicast-address ip-address vlan-id — Indicates the VLAN ID. This has to be a valid VLAN ID value.
  • Page 97: Show Bridge Multicast Filtering

    Parameters • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide MAC Address -------------- 0100.9923.8787 MAC Address -------------- vlan-id vlan-id —...
  • Page 98: Show Ports Security

    Syntax show ports security [ethernet Parameters • • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Static Status --------- --------- Filter Filter Filter interface interface — A valid Ethernet port.
  • Page 99 Console# show ports security Port ---- The following table describes the fields shown above. Field Port Status Learning Action Maximum Traps Frequency SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Status Learning Action ------ -------- ------ Locked Dynamic Unlocked Dynamic Locked Disabled Discard,...
  • Page 100: Show Ports Security Addresses

    There are no user guidelines for this command. Example This example displays dynamic addresses in all currently locked ports. Console# show ports security addresses Port ---- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface — A valid Ethernet port. port-channel-number — A valid port-channel number Status...
  • Page 101 This example displays dynamic addresses in the currently locked port e1. Console# show ports security addresses ethernet e1 Port ---- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Port is a member in port-channel ch1 Disabled Lock Enabled...
  • Page 102: Chapter 6: Clock Commands

    • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide hh:mm:ss day month year hh:mm:ss month day year hh:mm:ss — Current time in hours (military format), minutes, and seconds. (hh: 0-23, mm: 0-59, ss: 0-59) —...
  • Page 103: Clock Source

    Syntax clock source {sntp} no clock source Parameters • Default Configuration No external clock source Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide sntp — SNTP servers...
  • Page 104: Clock Timezone

    • Default Configuration Offset is 0. Acronym is empty. Command Mode Global Configuration mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide hours-offset [minutes hours-offset — Hours difference from UTC. (Range: -12 hours to +13 hours) minutes-offset — Minutes difference from UTC. (Range: 0-59) acronym —...
  • Page 105: Clock Summer-Time

    Console(config)# clock timezone -6 zone CST clock summer-time The clock summer-time Global Configuration mode command configures the system to automatically switch to summer time (daylight saving time). Use the no form of this command to configure the software not to automatically switch to summer time.
  • Page 106 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide eu — The summer time rules are the European Union rules. week — Week of the month. (Range: 1-5, first, last) —...
  • Page 107: Sntp Authentication-Key

    Syntax sntp authentication-key no sntp authentication-key Parameters • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Start: Second Sunday in March End: First Sunday in November Time: 2 am local time Start: Last Sunday in March End: Last Sunday in October Time: 1.00 am (01:00)
  • Page 108: Sntp Authenticate

    Simple Network Time Protocol (SNTP) traffic from servers. Use the no form of this command to disable the feature. Syntax sntp authenticate no sntp authenticate Default Configuration No authentication Command Mode Global Configuration mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 109: Sntp Port

    Syntax sntp port port-number no sntp port Parameters • Default Configuration Command Mode Global configuration SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide port-number — Port number for use by SNTP. Range: 1 - 65535...
  • Page 110: Sntp Trusted-Key

    No keys are trusted. Command Mode Global Configuration mode User Guidelines The command is relevant for both received Unicast and Broadcast. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide key-number key-number key-number — Key number of authentication key to be trusted. (Range: 1-...
  • Page 111: Sntp Client Poll Timer

    Parameters • Default Configuration Polling interval is 1024 seconds. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide seconds seconds — Polling interval in seconds. (Range: 60-86400)
  • Page 112: Sntp Broadcast Client Enable

    User Guidelines Use the sntp client enable (Interface) Interface Configuration mode command to enable the SNTP client on a specific interface. Example The following example enables the SNTP Broadcast clients. Console(config)# sntp broadcast client enable SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 113: Sntp Anycast Client Enable

    Polling time is determined by the sntp client poll timer Global Configuration mode command. Use the sntp client enable (Interface) Interface Configuration mode command to enable the SNTP client on a specific interface. Example The following example enables SNTP Anycast clients. console(config)# sntp anycast client enable SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 114: Sntp Client Enable

    Use the sntp broadcast client enable Global Configuration mode command to enable Broadcast clients globally. Use the sntp anycast client enable Global Configuration mode command to enable Anycast clients globally. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-id } [ethernet interface| port-channel port-channel- vlan-id } [ethernet interface | port-channel port-channel- vlan-id —...
  • Page 115: Sntp Client Enable (Interface)

    Interface Configuration (Ethernet, port-channel, VLAN) mode User Guidelines Use the sntp broadcast client enable Global Configuration mode command to enable Broadcast clients globally. Use the sntp anycast client enable Global Configuration mode command to enable Anycast clients globally. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 116: Sntp Unicast Client Enable

    Use the sntp server Global Configuration mode command to define SNTP servers. Example The following example enables the device to use the Simple Network Time Protocol (SNTP) to request and accept SNTP traffic from servers. Console(config)# sntp unicast client enable SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 117: Sntp Unicast Client Poll

    Global Configuration mode User Guidelines Polling time is determined by the sntp client poll timer Global Configuration mode command. Example The following example enables polling for SNTP predefined Unicast clients. Console(config)# sntp unicast client poll SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 118: Sntp Server

    Global Configuration mode User Guidelines Up to 8 SNTP servers can be defined. Use the sntp unicast client enable Global Configuration mode command to enable predefined Unicast clients globally. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide ip-address hostname } [oll] [key ip-address —...
  • Page 119: Show Clock

    The show clock Privileged EXEC mode command displays the time and date from the system clock. Syntax show clock [detail] Parameters • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide detail — Shows time zone and summertime configuration.
  • Page 120 Recurring every year. Begins at first Sunday of April at 2:00. Ends at last Sunday of October at 2:00. Offset is 60 minutes. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description Time is not authoritative. Time is authoritative. Time is authoritative, but SNTP is not...
  • Page 121: Show Sntp Configuration

    Polling interval: 1024 seconds MD5 Authentication keys: 8, 9 Authentication is required for synchronization. Trusted Keys: 8, 9 Unicast Clients Polling: Enabled Server ------------ 176.1.1.8 176.1.8.179 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Polling Encryption Key ------- -------------- Enabled Disabled Disabled...
  • Page 122: Show Sntp Status

    There are no user guidelines for this command. Example The following example shows the status of the SNTP. Console# show sntp status Clock is synchronized, stratum 4, reference is 176.1.1.8, unicast Reference time is AFE2525E.70597B34 (00:10:22.438 PDT Jul 5 1993) SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 123: Clock Commands

    ---------- --------- ------ ------------------------------------ 176.1.11.8 VLAN 118 Up Broadcast: Interface --------- vlan 1 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Status Last response ---------------------------------- ------ 19:58:22.289 PDT Feb 19 2005 7.33 12:17.17.987 PDT Feb 19 2005 8.98 Interface Status Last response 9:53:21.789 PDT Feb 19 2005 7.19 119.89...
  • Page 124: Chapter 7: Configuration And Image File Commands

    The following table displays keywords and URL prefixes. Keyword running-config startup-config image SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide source-url destination-url [snmp] source-url — The source file location URL or reserved keyword of the source file to be copied. (Range: 1-160 characters) destination-url —...
  • Page 125 Specifically, you cannot copy if one of these conditions exists: • • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Source or Destination Boot file. Source or destination URL for a TFTP network server. The syntax for this alias is...
  • Page 126 Saving the Running Configuration to the Startup Configuration — To copy the running configuration to the startup configuration file, enter the copy running- config startup-config command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description For network transfers, indicates that the copy process is taking place.
  • Page 127: Delete Startup-Config

    Syntax delete startup-config This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide There are no user guidelines for this command.
  • Page 128: Show Running-Config

    2 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide show running-config does not show all the port configurations under the port. Although the device is already configured with some default parameters, ‘show running config’ on an empty device is empty.
  • Page 129: Show Startup-Config

    The show startup-config Privileged EXEC mode command displays the contents of the startup configuration file. Syntax show startup-config Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide 10.6.1.36...
  • Page 130 The following example displays the contents of the running configuration file. Console# show startup-config hostname device interface ethernet e1 ip address 176.242.100.100 255.255.255.0 duplex full speed 1000 interface ethernet e2 ip address 176.243.100.100 255.255.255.0 duplex full speed 1000 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 131: Chapter 8: Dhcp Commands

    DHCP snooping is not active until you enable snooping on a VLAN by using the ip dhcp snooping vlan Global Configuration mode command. Example The following example enables DHCP snooping. Console(config)# ip dhcp snooping SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 132: Ip Dhcp Snooping Vlan

    DHCP snooping must first be globally enable before enabling DHCP snooping on a VLAN. Example The following example enables DHCP snooping on a VLAN. Console(config)# ip dhcp snooping vlan SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-id vlan-id vlan-id — Specifies the VLAN ID.
  • Page 133: Ip Dhcp Snooping Trust

    Configure as untrusted ports: Ports that are connected to DHCP clients. Example The following example configures a port as trusted for DHCP snooping purposes. Console(config)# interface ethernet 1 Console(config-if)# ip dhcp snooping trust SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 134: Ip Dhcp Information Option Allowed-Untrusted

    The ip dhcp information option allowed-untrusted Global Configuration mode command on a switch configures it to accept DHCP packets with option-82 information from an untrusted port. Use the no form of this command to configure the switch to drop these packets from an untrusted port.
  • Page 135: Ip Dhcp Snooping Verify

    The ip dhcp snooping verify Global Configuration mode command configures the switch to verify, on an untrusted port, that the source MAC address in a DHCP packet matches the client hardware address. Use the no form of this command to configure the switch to not verify the MAC addresses.
  • Page 136: Ip Dhcp Snooping Database

    To ensure that the lease time in the database is accurate and the Simple Network Time Protocol (SNTP) is enabled and configured. The switch writes binding changes to the binding file only when the switch system clock is synchronized with SNTP.
  • Page 137: Ip Dhcp Snooping Database Update-Freq

    Example The following example configures the update frequency of the DHCP snooping binding file. Console(config)# ip dhcp snooping database update-freq 600 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide seconds — Specifies, in seconds, the update frequency. (Range: 600 – 86400) seconds...
  • Page 138: Ip Dhcp Snooping Binding

    After entering this command an entry is added to the DHCP snooping database. If DHCP snooping binding file exists, the entry is added to that file also. The entry is displayed in the show commands as a “DHCP Snooping entry”. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide mac-address vlan-id ip-address port-channel-number...
  • Page 139: Clear Ip Dhcp Snooping Database

    This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example clears the DHCP binding database. Console(enable)# clear ip dhcp snooping binding SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 140: Show Ip Dhcp Snooping

    DHCP snooping is configured on following VLANs: 2, 7-18 DHCP snooping database: enabled Option 82 on untrusted port is allowed Relay agent information option 82 is enabled. Verification of hwaddr field is enabled SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface interface — Specifies the Ethernet port. port-channel-number —...
  • Page 141: Show Ip Dhcp Snooping Binding

    Parameters • • • • • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Trusted ---------------- vlan-id interface ] [vlan ] [ethernet mac-address — Specifies a MAC address. ip-address —...
  • Page 142 Console# show ip dhcp snooping binding Update frequency: 1200 Total number of binding: 3 Mac Address ----------- 0060.704C.73FF 10060.704C.7BC1 10.1.8.2 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide IP Address Lease Type (sec) ---------- -------- ---------- ---- ---------- 10.1.8.1 7983 snooping...
  • Page 143: Chapter 9: Dhcp Relay Commands

    Global (Interface) Configuration mode User Guidelines This command is only functional if the device is in Router mode. Example The following example enables DHCP services on the DHCP Server. Console(config)# ip dhcp relay enable SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 144: Ip Dhcp Relay Enable (Interface)

    For a switch: Interface Configuration (VLAN) mode User Guidelines DHCP relay must be enabled before enabling DHCP snooping on an interface. Example The following example enables DHCP services on the DHCP Server. Console(config-if)# ip dhcp relay enable SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 145: Ip Dhcp Relay Address

    Example The following example defines the DHCP server with address 172. 1 6. 1 . 1 to be available for DHCP relay. Console(config-if)# ip dhcp relay address 172.16.1.1 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide ip-address ip-address ip-address — DHCP server IP address. Up to 8 servers can be defined.
  • Page 146: Show Ip Dhcp Relay

    User Guidelines This command is only functional if the device is in Router mode. Example The following example displays DHCP relay server addresses. Console# show ip dhcp relay DHCP relay is enabled. Servers: 172.16.1.11, 172.16.8.11 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 147: Chapter 10: Dhcp Option 82 Commands

    Global Configuration mode. User Guidelines DHCP option 82 is enabled when DHCP snooping is enabled on VLANs. Example The following example configures the update frequency of the DHCP snooping binding file. Console(config)# ip dhcp information option SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 148: Show Ip Dhcp Information Option

    DHCP option 82 is enabled when DHCP snooping is enabled on VLANs. Example The following example configures the update frequency of the DHCP snooping binding file. Console# show ip dhcp information option Relay agent information option 82 is enabled SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 149: Chapter 11: Dhcp Auto-Configuration

    The DHCP server should be provisioned with the configuration file URL in a TFTP server. The configuration data is set to the device upon IP renewal (for example, reboot) and once loaded the device would reset itself. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 150: Ip Dhcp Autoconfig File

    DHCP server to prevent the auto-configuration procedure. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide filename filename...
  • Page 151: Show Ip Dhcp Autoconfig

    To show the status of the IP DHCP autoconfig mode use the show ip dhcp autoconfig EXEC command. Syntax show ip dhcp autoconfig Command Mode EXEC Example Device# show ip dhcp autoconfig DHCP autoconfig enabled Ip dhcp autoconfig filename /config/configfile1.txt SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 152: Chapter 12: Ethernet Configuration Commands

    Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enables configuring Ethernet port e18. Console(config)# interface ethernet e18 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface interface — Valid Ethernet port.
  • Page 153: Interface Range Ethernet

    The following example shows how ports e18 to e20 and e1 to e12 are grouped to receive the same command. Console(config)# interface range ethernet e18-e20,e1-e12 Console(config-if)# SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide port-list | all} port-list — List of valid ports. Where more than one port is listed, separate...
  • Page 154: Shutdown

    There are no user guidelines for this command. Example The following example disables Ethernet port e5 operations. Console(config)# interface ethernet e5 Console(config-if)# shutdown The following example restarts the disabled Ethernet port. Console(config)# interface ethernet e5 Console(config-if)# no shutdown SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 155: Description

    The following example adds a description to Ethernet port e5. Console(config)# interface ethernet e5 Console(config-if)# description “RD SW#3” SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide string string — A comment or a description of the port to allow the user to...
  • Page 156: Speed

    Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide 10 — Forces 10 Mbps operation. 100 — Forces 100 Mbps operation. 1000 — Forces 1000 Mbps operation.
  • Page 157: Duplex

    {half | full} no duplex Parameters • • Default Configuration The interface is set to full duplex. Command Mode Interface Configuration (Ethernet) mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide half — Forces half-duplex operation full — Forces full-duplex operation...
  • Page 158: Negotiation

    The configuration does not apply when an SFP is plugged to the port. Syntax negotiation [ no negotiation Parameters • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide capability1 capability2 capability — Specifies the capabilities to advertise. (Possible values: 10h, 10f, 100h,100f, 1000f) capability5 …...
  • Page 159: Port Jumbo-Frame

    Use port jumbo-frame command to enable jumbo frames for the device. To disable it, use the no form of this command. Syntax port jumbo-frame no port jumbo-frame Parameters This command has no arguments or keywords. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 160: Show System Flowcontrol

    The command would be effective only after reset. Command Mode Global configuration Examples Console(config)# port jumbo-frame show system flowcontrol The command is for SPS2024 only. Use the show system flowcontrol command to display the cascade ports flowcontrol state. Syntax show system flowcontrol Parameters This command has no arguments or keywords.
  • Page 161: Flowcontrol

    Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines Negotiation should be enabled for flow control auto. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide auto — Indicates auto-negotiation on — Enables flow control off — Disables flow control rx — Enables receiving pause frames only...
  • Page 162: Mdix

    {on | auto} no mdix Parameters • • Default Configuration The default setting is auto. Command Mode Interface Configuration (Ethernet) mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide on — Manual mdix is enabled. auto — Automatic mdi/mdix is enabled.
  • Page 163: Back-Pressure

    (SPS224G4 combo ports) This command applies when the copper port is used. NOTE The configuration does not apply when an SFP is plugged to the port. Syntax back-pressure no back-pressure Default Configuration Back pressure is disabled. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 164: Port Jumbo-Frame

    Syntax port jumbo-frame no port jumbo-frame Parameters This command has no arguments or keywords. Default Configuration Usage Guidelines The command would be effective only after reset. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 165: Sfp Speed

    Interface Configuration (Ethernet) mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide 100 — 100 Mbps 1000 — 1000 Mbps auto — Detects the SFP capabilities, and determines the speed as follows: When multi speed SFP is supported, the highest speed is selected.
  • Page 166: Clear Counters

    Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface | port-channel interface — Valid Ethernet port. port-channel-number — Valid port-channel number.
  • Page 167: Set Interface Active

    Privileged EXEC mode User Guidelines This command is used to activate interfaces that were configured to be active, but were shutdown by the system for some reason (e.g., port security). SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface interface — Valid Ethernet port.
  • Page 168: Show Interfaces Configuration

    Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface — Valid Ethernet port. port-channel-number — Valid port-channel number. interface...
  • Page 169: Show Interfaces Status

    The show interfaces status Privileged EXEC mode command displays the status of all configured interfaces. Syntax show interfaces status [ethernet Parameters • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Duplex Speed Neg 100M-Copper Full 100 100M-Copper Full 100 100M-Copper Full 100 100M-Copper Full 100 100M-Copper Full 100...
  • Page 170 Example The following example displays the status of all configured interfaces. Console# show interfaces status Port Type ---- ---------- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Duplex Speed Neg ----------- ------- ---- ----- -------- ---- 100M-Copper -- 100M-Copper -- 100M-Copper --...
  • Page 171: Show Interfaces Advertise

    There are no user guidelines for this command. Example The following example displays auto-negotiation information. Console# show interfaces advertise Port Type ---- ----------- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface — Valid Ethernet port. port-channel-number — Valid port-channel number. -------...
  • Page 172: Show Interfaces Description

    Parameters • • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide 100M-Copper Enabled 100M-Copper Enabled 100M-Copper Enabled 100M-Copper Enabled...
  • Page 173: Show Interfaces Counters

    Syntax show interfaces counters [ethernet Parameters • • Default Configuration This command has no default configuration. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description ----------- interface — A valid Ethernet port. port-channel-number — A valid port-channel number. interface...
  • Page 174 There are no user guidelines for this command. Example The following example displays traffic seen by the physical interface. Console# show interfaces counters Port Port SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide InOctets InUcastPkts InMcastPkts -------- ----------- ----------- 183892 123899 OutOctets OutUcastPkts OutMcastPkts OutBcastPkts...
  • Page 175 Field InOctets InUcastPkts InMcastPkts InBcastPkts OutOctets OutUcastPkts OutMcastPkts OutBcastPkts FCS Errors SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide InOctets InUcastPkts 183892 OutOctets OutUcastPkts OutMcastPkts OutBcastPkts 9188 Description Counted received octets. Counted received Unicast packets. Counted received Multicast packets. Counted received Broadcast packets.
  • Page 176: Show Ports Jumbo-Frame

    Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description Counted frames that are involved in a single collision, and are subsequently transmitted successfully. Number of times that a collision is detected later than one slotTime into the transmission of a packet.
  • Page 177: Port Storm-Control Broadcast Enable

    Default Configuration Broadcast storm control is disabled. Command Mode Interface Configuration (Ethernet) mode User Guidelines Use the port storm-control broadcast rate Interface Configuration (Ethernet) mode command, to set the maximum allowable Broadcast rate. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 178: Port Storm-Control Broadcast Rate

    — Maximum kilobits per second of Broadcast and Multicast traffic on a port. (Range for GE ports: 3500 K–100 M, range for FE ports: 70 K – 100 M, range for SPS2024 devices: 3.5 M - 1 G)
  • Page 179: Port Storm-Control Include-Multicast

    Default Configuration Multicast packets are disabled. Command Mode Interface Configuration mode User Guidelines To control Multicasts storms, use the port storm-control broadcast enable and port storm-control broadcast rate commands. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 180: Port Storm-Control Unknown-Unicast Fastethernet Enable

    Use the port storm-control unknown-unicast fastethernet rate Global Configuration mode command to the set the maximum rate. The control for GE ports is per port and described in the port storm-control include-multicast interface configuration command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 181: Port Storm-Control Unknown-Unicast Fastethernet Rate

    Use the port storm-control unknown-unicast fastethernet enable Global Configuration mode command to enable unknown-unicast storm control for FE ports. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide rate — Maximum of kilobits per second of broadcast traffic on a port. (Range 3.5M - 100M)
  • Page 182: Show Ports Storm-Control

    [ Parameters • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface interface — A valid Ethernet port.
  • Page 183 Ethernet Configuration Commands show ports storm-control Example The following example displays the storm control configuration. Console# show ports storm-control Port ---- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide State Rate [Kbits/Sec] ----- ---------------- Disabled 3500 Disabled 3500 Disabled 3500 Disabled 3500...
  • Page 184: Chapter 13: Gvrp Commands

    Use the no form of this command to disable GVRP on the device. Syntax gvrp enable no gvrp enable Default Configuration GVRP is globally disabled. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 185: Gvrp Enable (Interface)

    An access port does not dynamically join a VLAN because it is always a member in only one VLAN. Membership in an untagged VLAN is propagated in the same way as in a tagged VLAN. That is, the PVID is manually defined as the untagged VLAN VID. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 186: Garp Timer

    • • • Command Mode Interface Configuration (Ethernet, port-channel) mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide timer_value {join | leave | leaveall} — Indicates the type of timer. timer_value — Timer values in milliseconds in multiples of 10. (Range: 10- 2147483640) Join timer —...
  • Page 187: Gvrp Vlan-Creation-Forbid

    VLAN creation or modification. Use the no form of this command to enable dynamic VLAN creation or modification. Syntax gvrp vlan-creation-forbid no gvrp vlan-creation-forbid Default Configuration Dynamic VLAN creation or modification is enabled. Command Mode Interface Configuration (Ethernet, port-channel) mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 188: Gvrp Registration-Forbid

    Syntax gvrp registration-forbid no gvrp registration-forbid Default Configuration Dynamic registration of VLANs on the port is allowed. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 189: Clear Gvrp Statistics

    This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface interface — A valid Ethernet port. port-channel-number — A valid port-channel number.
  • Page 190: Show Gvrp Configuration

    This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface interface — A valid Ethernet port. port-channel-number — A valid port-channel number.
  • Page 191: Show Gvrp Statistics

    • • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Registration Dynamic VLAN Join Leave Leave All ------------ ------------ ---- ----- --------- Enabled Normal Enabled Normal interface interface —...
  • Page 192: Show Gvrp Error-Statistics

    Syntax show gvrp error-statistics [ethernet Parameters • • Default Configuration This command has no default configuration. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Join Empty Received Empty Received Leave Empty Received Join Empty Sent Empty Sent Leave Empty Sent interface —...
  • Page 193 Console# show gvrp error-statistics GVRP Error Statistics Legend: INVPROT : Invalid Protocol Id INVATYP : Invalid Attribute Type INVAVAL : Invalid Attribute Value Port INVPROT INVATYP INVAVAL INVALEN INVEVENT SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide INVALEN : Invalid Attribute Length INVEVENT: Invalid Event...
  • Page 194: Chapter 14: Igmp Snooping Commands

    User Guidelines IGMP snooping can only be enabled on static VLANs. It must not be enabled on Private VLANs or their community VLANs. Example The following example enables IGMP snooping. Console(config)# ip igmp snooping SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 195: Ip Igmp Snooping (Interface)

    IGMP snooping can only be enabled on static VLANs. It must not be enabled on Private VLANs or their community VLANs. Example The following example enables IGMP snooping on VLAN 2. Console(config)# interface vlan 2 Console(config-if)# ip igmp snooping SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 196: Ip Igmp Snooping Mrouter

    Multicast device ports can be configured statically using the bridge multicast forward-all Interface Configuration (VLAN) mode command. Example The following example enables automatic learning of Multicast device ports on VLAN 2. Console(config)# interface vlan 2 Console(config-if)# ip igmp snooping mrouter learn-pim-dvmrp SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 197: Ip Igmp Snooping Querier Enable

    IGMP snooping querier can be enabled on a VLAN only if IGMP snooping is enabled for that VLAN. No more then one switch can be configured as an IGMP Querier for a VLAN. When IGMP Snooping Querier is enabled, it starts after host-time-out/2 with no IGMP traffic detected from a multicast router.
  • Page 198: Ip Igmp Snooping Host-Time-Out

    Example The following example configures the host timeout to 300 seconds. Console(config)# interface vlan 2 Console(config-if)# ip igmp snooping host-time-out 300 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide time-out time-out — Specifies the host timeout in seconds. (Range: 60 - 2147483647)
  • Page 199: Ip Igmp Snooping Mrouter-Time-Out

    Example The following example configures the Multicast device timeout to 200 seconds. Console(config)# interface vlan 2 Console(config-if)# ip igmp snooping mrouter-time-out 200 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide time-out — Specifies the host timeout in seconds. (Range: 60 - 2147483647)
  • Page 200: Ip Igmp Snooping Leave-Time-Out

    The leave timeout should be set greater than the maximum time that a host is allowed to respond to an IGMP query. Use immediate leave only where there is just one host connected to a port. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide time-out time-out —...
  • Page 201: Ip Igmp Snooping Multicast-Tv

    • • Default Configuration The default configuration has no Multicast IP address associated with it. Command Mode Global Configuration mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-id number vlan-id — Specifies the VLAN ID of the Multicast-TV VLAN. ip-multicast-address — Specifies an IP address to associate with the Multicast-TV VLAN.
  • Page 202: Ip Igmp Snooping Map Cpe Vlan

    Parameters • • Default Configuration No mapping exists. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-id vlan-id cpe vlan vlan-id — Specifies the CPE VLAN. vlan-id — multicast-tv vlan Specifies the Multicast VLAN.
  • Page 203: Show Ip Igmp Snooping Mrouter

    The show ip igmp snooping mrouter Privileged EXEC mode command displays information on dynamically learned Multicast device interfaces. Syntax show ip igmp snooping mrouter [interface Parameters • Default Configuration This command has no default configuration. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-id — Specifies the VLAN number. vlan-id...
  • Page 204: Show Ip Igmp Snooping Interface

    The show ip igmp snooping interface Privileged EXEC mode command displays IGMP snooping configuration. Syntax show ip igmp snooping interface Parameters • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-id vlan-id — Specifies the VLAN number. Ports ----- Ports...
  • Page 205: Show Ip Igmp Snooping Groups

    IGMP mrouter timeout is 300 sec show ip igmp snooping groups The show ip igmp snooping groups Privileged EXEC mode command displays Multicast groups learned by IGMP snooping. Syntax show ip igmp snooping groups [vlan SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-id ip-multicast-address ] [address...
  • Page 206 The following example shows IGMP snooping information on Multicast groups. Console# show ip igmp snooping groups Vlan IGMP Reporters that are forbidden statically: Vlan ---- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-id — Specifies the VLAN number ip-multicast-address — Specifies the IP Multicast address Group...
  • Page 207: Show Ip Igmp Snooping Multicast-Tv

    The following example displays the IP addresses associated with Multicast TV VLANs. Console # show ip igmp snooping multicast-tv VLAN ------ 1000 1000 1000 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-id — Specifies the VLAN ID value. ip-multicast-address — Specifies the IP Multicast address. vlan-id IP address ------------- 239.255.0.1...
  • Page 208: Show Ip Igmp Snooping Cpe Vlans

    Parameters • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines No user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-id — CPE VLAN ID value. 239.255.0.4 239.255.0.5 239.255.0.6 239.255.0.7 239.255.0.0...
  • Page 209 Example The following example displays the CPE VLANs to Multicast TV VLAN mappings. Console # show ip igmp snooping cpe vlans CPE VLAN -------- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Multicast-TV VLAN ------------- 1118 1119...
  • Page 210: Chapter 15: Ip Address Commands

    • • • • Default Configuration No IP address is defined for interfaces. Command Mode Interface Configuration (VLAN) mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide ip-address mask prefix-length ip-address ip-address — Specifies the valid IP address mask — Specifies the valid network mask of the IP address.
  • Page 211: Ip Address Dhcp

    User Guidelines An IP address cannot be configured for a range of interfaces (range context). This command is only functional if the device is in Switch mode. Example The following example configures VLAN 1 with IP address 131. 1 08. 1 .27 and subnet mask 255.255.255.0.
  • Page 212 Command Mode Interface Configuration (VLAN) mode User Guidelines This command is only functional if the device is in Switch mode. The ip address dhcp command allows any interface to dynamically learn its IP address by using the DHCP protocol. Some DHCP servers require that the DHCPDISCOVER message have a specific host name.
  • Page 213: Renew Dhcp

    The following example renews an IP address acquired from a DHCP server for specific interface. Console# renew dhcp SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide force-autoconfig — If the DHCP server holds a DHCP option 67 record for the assigned IP address, the file would overwrite the existing device...
  • Page 214: Ip Default-Gateway

    This command is only operational in Switch mode. Example The following example defines default gateway 192. 1 68. 1 . 1 . Console(config)# ip default-gateway 192.168.1.1 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide ip-address ip-address — Specifies the valid IP address of the currently defined default...
  • Page 215: Show Ip Interface

    The following example the displays the configured IP interfaces and their types. Console# show ip interface Proxy ARP is disabled IP addressI/F ----------- 10.7.1.192/241 10.7.2.192/242 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-id vlan-id — Specifies a valid VLAN number. Type Direct Broadcast -------...
  • Page 216: Arp

    The software uses ARP cache entries to translate 32-bit IP addresses into 48-bit hardware addresses. Because most hosts support dynamic resolution, static ARP cache entries do not generally have to be specified. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide ip_addr hw_addr vlan-id...
  • Page 217: Arp Timeout

    Command Mode Global Configuration mode User Guidelines It is recommended not to set the timeout value to less than 3600. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide seconds seconds — Time (in seconds) that an entry remains in the ARP cache.
  • Page 218: Clear Arp-Cache

    This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example deletes all dynamic entries from the ARP cache. Console# clear arp-cache SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 219: Show Arp

    VLAN field is empty. Example The following example displays entries in the ARP table. Console# show arp ARP timeout: 80000 Seconds SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide ip-address ] [mac-address ip-address — Displays the ARP entry of a specific IP address mac-address —...
  • Page 220: Ip Domain-Lookup

    User Guidelines There are no user guidelines for this command. Example The following example enables IP Domain Naming System (DNS)-based host name-to-address translation. Console(config)# ip domain-lookup SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide IP Address ----------- 10.7.1.102 10.7.1.135 HW AddressStatus ----------------------...
  • Page 221: Ip Domain-Name

    There are no user guidelines for this command. Example The following example defines default domain name www.LinkSys.com. Console(config)# ip domain-name www.LinkSys.com SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide name name — Specifies the default domain name used to complete unqualified host names. Do not include the initial period that separates an unqualified...
  • Page 222: Ip Name-Server

    Up to 8 servers can be defined using one command or using multiple commands. Example The following example sets the available name server. Console(config)# ip name-server 176.16.1.18 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide server-address server-address2 server-address1 server-address — Specifies IP addresses of the name server.
  • Page 223: Ip Host

    There are no user guidelines for this command. Example The following example defines a static host name-to-address mapping in the host cache. Console(config)# ip host accounting.LinkSys.com 176.10.23.1 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide name address name name — Specifies the name of the host. (Range: 1-158 characters) address —...
  • Page 224: Clear Host

    There are no user guidelines for this command. Example The following example deletes all entries from the host name-to-address cache. Console# clear host * SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide name | *} name — Specifies the host entry to be removed. (Range: 1-158 characters)
  • Page 225: Clear Host Dhcp

    IP address. Example The following example deletes all entries from the host name-to-address mapping. Console# clear host dhcp * SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide name | *} name — Specifies the host entry to be removed. (Range: 1-158 characters)
  • Page 226: Show Hosts

    The following example displays host information. Console# show hosts System name: Device Default domain is gm.com, sales.gm.com, usa.sales.gm.com(DHCP) Name/address lookup is enabled Name servers (Preference order): 176.16.1.18 176.16.1.19 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide name name — Specifies the host name. (Range: 1-158 characters)
  • Page 227 IP Address Commands show hosts Configured host name-to-address mapping: Host ---- accounting.gm.com Cache Host ---- www.stanford.edu SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Addresses --------- 176.16.8.8 176.16.8.9 (DHCP) TTL(Hours) Total Elapsed Type ----- ------- ---- Addresses --------- 171.64.14.203...
  • Page 228: Chapter 16: Ip Source Guard Commands

    Default Configuration IP source guard is disabled. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enables the IP source guard. Console(config)# ip source-guard SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 229: Ip Source-Guard (Interface)

    IP source guard is effective only on DHCP snooping untrusted interface, although it can be enabled (as a shadow configuration) on a trusted interface. Example The following example enables IP source guard on an interface. Console(config)# interface ethernet 1 Console(config-if)# ip source-guard SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 230: Ip Source-Guard Binding

    IP Source Guard Commands ip source-guard binding ip source-guard binding The ip source-guard binding Global Configuration mode command configures the static IP source bindings on the switch. Use the no form of this command to delete static bindings. Syntax ip source-guard binding...
  • Page 231: Ip Source-Guard Tcam Retries-Freq

    IP Source Guard Commands ip source-guard tcam retries-freq Example The following example configures the static IP source bindings on the switch. Console(config)# ip source-guard binding 00:01:01:02:02:02 1 192.168.2.10 ethernet e2 ip source-guard tcam retries-freq The ip source-guard tcam retries-freq Global Configuration mode command configures the frequency of retries for TCAM resources for inactive IP source guard addresses.
  • Page 232: Show Ip Source-Guard Configuration

    IP source guard configuration. Syntax show ip source-guard configuration [ethernet channel-number Parameters • • Default Configuration This command has no default configuration. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface— Specify Ethernet port. port-channel-number— Specify Port-channel number. interface port- | port-channel...
  • Page 233: Show Ip Source-Guard Status

    The show ip source-guard status Privileged EXEC mode command displays the IP source guard status. Syntax show ip source-guard status [mac-address [vlan port-channel SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide State Enabled Enabled Enabled Enabled Enabled Enabled...
  • Page 234 Example. Console# show ip source-guard status IP source guard is globally disabled. Console# show ip source-guard status Interface Filter Status --------- ------ ------ SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide mac-address— Specifies a MAC address. ip-address— Specifies an IP address. vlan-id—...
  • Page 235: Show Ip Source-Guard Inactive

    TCAM space. This command displays the inactive IP source guard addresses. Example The following example displays the IP source guard inactive addresses. Console# show ip source-guard inactive TCAM resources search frequency: 10 minutes SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 236 IP Source Guard Commands show ip source-guard inactive Interface Filter IP Address MAC Address --------- ------ ---------- ---------- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide 10.1.8.32 0060.704C.83FF 3 VLAN Type Reason ---- ----- ------ 3DHCP Resource Problem...
  • Page 237: Chapter 17: Lacp Commands

    Parameters • Default Configuration The default system priority is 1. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide value value — Specifies system priority value. (Range: 1-65535)
  • Page 238: Lacp Port-Priority

    Parameters • Default Configuration The default port priority is 1. Command Mode Interface Configuration (Ethernet) mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide value value — Specifies port priority. (Range: 1-65535)
  • Page 239: Lacp Timeout

    The default port timeout value is long. Command Mode Interface Configuration (Ethernet) mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide long — Specifies the long timeout value. short — Specifies the short timeout value.
  • Page 240: Show Lacp Ethernet

    This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface [parameters | statistics | protocol-state] interface — Valid Ethernet port. parameters — Link aggregation parameter information.
  • Page 241 Example The following example display LACP information for Ethernet port e1. Console# show lacp ethernet e1 e1 LACP parameters: SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Actor system priority: system mac addr: port Admin key: port Oper key:...
  • Page 242: Show Lacp Port-Channel

    The show lacp port-channel Privileged EXEC mode command displays LACP information for a port-channel. Syntax show lacp port-channel [ Parameters • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide LACP State Machines: Receive FSM: Mux FSM: Periodic Tx FSM: Control Variables: BEGIN:...
  • Page 243 There are no user guidelines for this command. Example The following example displays LACP information about port-channel 1. Console# show lacp port-channel 1 Port-Channel ch1 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Port Type Gigabit Ethernet Attached Lag id: Actor System Priority:...
  • Page 244: Chapter 18: Line Commands

    Global Configuration mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide console — Console terminal line. telnet — Virtual terminal for remote console access (Telnet). ssh — Virtual terminal for secured remote console access (SSH).
  • Page 245: Speed

    This command is available only on the line console. This configuration applies only to the current session. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide — Baud rate in bits per second (bps). Possible values are 2400, 4800, 9600, 19200, 38400, 57600 and 115200.
  • Page 246: Exec-Timeout

    The default configuration is 10 minutes. Command Mode Line Configuration mode User Guidelines To specify no timeout, enter the exec-timeout 0 command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide minutes seconds minutes — Specifies the number of minutes for the timeout. (Range: 0-...
  • Page 247: Show Line

    Privileged EXEC mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide console — Console terminal line. telnet — Virtual terminal for remote console access (Telnet). ssh — Virtual terminal for secured remote console access (SSH).
  • Page 248 Example The following example displays the line configuration. Console# show line Console configuration: Telnet configuration: SSH configuration: SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Interactive timeout: Disabled History: 10 Baudrate: 9600 Databits: 8 Parity: none Stopbits: 1 Interactive timeout: 10 minutes 10 seconds...
  • Page 249: Chapter 19: Management Acl Commands

    Use this command to configure a management Access List. This command converts the device to Access-List Configuration mode, where the denied or permitted access conditions with the deny and permit commands must be defined. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide name name name—...
  • Page 250: Management Access-Class

    The management access-class Global Configuration mode command restricts management connections by defining the active management access list. Use the no form of this command to delete an Access List. Syntax management access-class {console-only | no management access-class SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide name...
  • Page 251: Permit (Management)

    The permit Management Access-List Configuration mode command defines a permit rule. Syntax permit ip-source SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide name— Specifies the Access List name. (Range: 1-32 characters) console-only—Indicates that the device can be managed only from the console.
  • Page 252 Example The following example permits all ports in the access list called ‘mlist’. Console(config)# management access-list mlist Console(config-macl)# permit ip-source 172.16.15.3 ethernet e3 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide ip-address — A valid source IP address. mask — A valid network mask of the source IP address.
  • Page 253: Deny (Management)

    Default Configuration This command has no default configuration. Command Mode Management Access-list Configuration mode User Guidelines The system supports up to 128 management access rules. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide ip-address [mask mask ip-address — A valid source IP address.
  • Page 254: Show Management Access-List

    There are no user guidelines for this command. Example The following example displays the ‘mlist’ management access list. Console# show management access-list mlist ! (Note: all other access implicitly denied) SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide permit ethernet e1 permit ethernet e9...
  • Page 255: Show Management Access-Class

    User Guidelines There are no user guidelines for this command. Example The following example displays information about the active management access list. Console# show management access-class Management access-class is enabled, using access list mlist SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 256: Chapter 20: Phy Diagnostics Commands

    The port to be tested should be shut down during the test, unless it is a combination port with fiber port active. The maximum length of cable for the TDR test is 120 meters. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface interface...
  • Page 257: Show Copper-Ports Tdr

    Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines The maximum length of cable for the TDR test is 120 meters. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface interface — A valid Ethernet port.
  • Page 258: Show Copper-Ports Cable-Length

    Syntax show copper-ports cable-length [ Parameters • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Result Length (meters) ------ --------------- Short Test has not been performed Open Fiber...
  • Page 259: Show Fiber-Ports Optical-Transceiver

    Syntax show fiber-ports optical-transceiver [ Parameters • • Default Configuration This command has no default configuration. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Length (meters) ------------------ < 50 Copper not active 110-140 Fiber interface — A valid Ethernet port.
  • Page 260 LOS – Loss of signal Console# show fiber-ports optical-transceiver detailed Port ---- Temp – Internally measured transceiver temperature. Voltage - Internally measured supply voltage. Current – Measured TX bias current. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Power Temp Voltage Current ---- -------...
  • Page 261 PHY Diagnostics Commands show fiber-ports optical-transceiver Output Power – Measured TX output power in milliWatts Input Power – Measured RX received power milliWatts Tx Fault – Transmitter fault LOS – Loss of signal SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 262: Chapter 21: Port Channel Commands

    Global Configuration mode User Guidelines Eight aggregated links can be defined with up to eight member ports per port- channel. The aggregated links’ valid IDs are 1-8. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide port channel-number port-channel-number — A valid port-channel number. (Range: 1-64)
  • Page 263: Interface Range Port-Channel

    Global Configuration mode User Guidelines Commands under the interface range context are executed independently on each interface in the range. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide port-channel-range port-channel-range — List of valid port-channels to add. Separate nonconsecutive port-channels with a comma and no spaces. A hyphen designates a range of port-channels.
  • Page 264: Channel-Group

    Command Mode Interface Configuration (Ethernet) mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide port-channel-number port-channel-number — Specifies the number of the valid port-channel for the current port to join. (Range: 1-64) on —...
  • Page 265: Show Interfaces Port-Channel

    [ Parameters • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide port-channel-number port-channel-number — Valid port-channel number.
  • Page 266 Port Channel Commands show interfaces port-channel Example The following example displays information on all port-channels. Console# show interfaces port-channel Channel ------- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Ports --------------------------------- Active: e1, e2 Active: e10, e15 Inactive: e17 Active: e19, e24...
  • Page 267: Chapter 22: Port Monitor Commands

    • • • Default Configuration Monitors both received and transmitted packets. Command Mode Interface Configuration (Ethernet) mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide src-interface [rx | tx] src-interface src-interface — Valid Ethernet port. rx — Monitors received packets only. tx — Monitors transmitted packets only.
  • Page 268: Show Ports Monitor

    The show ports monitor Privileged EXEC mode command displays the port monitoring status. Syntax show ports monitor SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide The port cannot be already configured as a destination port. Maximum number of source ports can be up to eight.
  • Page 269 There are no user guidelines for this command. Example The following example shows how the port monitoring status is displayed. Console# show ports monitor Source Port Destination Port Type ----------- ---------------- ----- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide RX,TX Status ------ Active...
  • Page 270: Chapter 23: Qos Commands

    Global Configuration mode User Guidelines In advanced mode the VPT of the frame might be changed to egress_queue*2. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide basic — QoS basic mode. advanced — QoS advanced mode, which enables the full range of QoS...
  • Page 271: Show Qos

    Trust mode is displayed if QoS is enabled in basic mode. Example The following example displays QoS attributes when QoS is enabled in basic mode on the device. Console# show qos Qos: basic Basic trust: vpt SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 272: Class-Map

    The class-map Global Configuration mode command is used to define packet classification, marking and aggregate policing as part of a globally named service policy applied on a per-interface basis. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide class-map-name [match-all | match-any] class-map-name class-map-name —...
  • Page 273: Show Class-Map

    Console(config)# class-map class1 match-all Console(config-cmap)# show class-map The show class-map Privileged EXEC mode command displays all class maps. Syntax show class-map [ Parameters • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide class-map-name class-map-name — Specifies the name of the class map to be displayed.
  • Page 274: Match

    Use the no form of this command to delete the match criteria. Syntax match access-group no match access-group Parameters • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide acl-name acl-name acl-name — Specifies the name of an IP or MAC ACL. (Range: 0-32 characters) Use “” for empty string...
  • Page 275: Policy-Map

    Policy-map Configuration mode. Use the no form of this command to delete a policy map. Syntax policy-map no policy-map Parameters • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide policy-map-name policy-map-name policy-map-name — Specifies the name of the policy map (Range: 0-32 characters).
  • Page 276: Class

    The class Policy-map Configuration mode command defines a traffic classification and enters the Policy-map Class Configuration mode. Use the no form of this command to remove a class map from the policy map. Syntax class no class SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide class-map-name [access-group class-map-name acl-name...
  • Page 277 ‘enterprise’. The class is in a policy map called policy1. Console(config)# policy-map policy1 Console (config-pmap)# class class1 access-group enterprise SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide lass-map-name — Specifies the name of an existing class map. If the class map does not exist, a new class map will be created under the specified name (Range: 0-32 characters).
  • Page 278: Show Policy-Map

    Example The following example displays all policy maps. Console# show policy-map Policy Map policy1 class class1 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide policy-map-name policy-map-name — Specifies the name of the policy map to be displayed. class-name — Specifies the name of the class whose QoS policies are to be displayed.
  • Page 279: Trust

    Default Configuration Not trusted Command Mode Policy-map Class Configuration mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide police 96000 4800 exceed-action drop police 124000 96000 exceed-action policed-dscp-transmit cos—QoS set the queue according to CoS to Queue Map. dscp—QoS derives the internal DSCP value by using the DSCP value from the ingress packet.
  • Page 280 Console (config)# policy-map policy1 Console (config-pmap)# class class1 Console (config-pmap-c)# trust cos dscp SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Use this command to distinguish the quality of service (QoS) trust behavior for certain traffic from others. For example, incoming traffic with certain DSCP values can be trusted.
  • Page 281: Set

    Command Mode Policy-map Class Configuration mode User Guidelines This command is mutually exclusive with the trust Policy-map Class Configuration command within the same policy map. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide new-dscp | queue queue-id new-dscp — Specifies a new DSCP value for the classified traffic. (Range:...
  • Page 282: Police

    Parameters • • • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide committed-rate-bps committed-burst-byte committed-rate-bps — Specifies the average traffic rate (CIR) in bits per second (bps). committed-burst-byte — Specifies normal burst size (CBS) in bytes. drop — Indicates that when the rate is exceeded, the packet is dropped.
  • Page 283: Qos Aggregate-Policer

    Use the no form of this command to remove an existing aggregate policer. Syntax qos aggregate-policer burst-byte no qos aggregate-policer SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide aggregate-policer-name committed-rate-bps excess- exceed-action {drop | policed-dscp-transmit} [dscp dscp...
  • Page 284 Define an aggregate policer if the policer is shared with multiple classes. Policers in one port cannot be shared with other policers in another device; traffic from two different ports can be aggregated for policing purposes. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide aggregate-policer-name — Specifies the name of the aggregate policer.
  • Page 285: Show Qos Aggregate-Policer

    • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide aggregate-policer-name aggregate-policer-name — Specifies the name of the aggregate policer to be displayed.
  • Page 286: Police Aggregate

    Policy-map Class Configuration mode User Guidelines An aggregate policer can be applied to multiple classes in the same policy map; An aggregate policer cannot be applied across multiple policy maps or interfaces. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide aggregate-policer-name aggregate-policer-name aggregate-policer-name...
  • Page 287: Wrr-Queue Bandwidth

    The default WRR weight is 1/4 the ratio for all queues (each weight set to 1). Command Mode Global Configuration mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide weight1 weight2 ... weight_n — Sets the ratio of the frequency in which the WRR...
  • Page 288: Wrr-Queue Cos-Map

    Syntax wrr-queue cos-map no wrr-queue cos-map [ Parameters • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide queue-id cos1...cos8 queue-id queue-id — Specifies the queue number to which the CoS values are mapped. cos1...cos8 — Specifies CoS values to be mapped to a specific queue.
  • Page 289 VPTs to a single queue. Use the priority-queue out Interface Configuration (Ethernet, Port-channel) mode command to enable expedite queues. Example The following example maps CoS 7 to queue 2. Console(config)# wrr-queue cos-map 2 7 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 290: Priority-Queue Out Num-Of-Queues

    (WRR) weight ratio because fewer queues participate in the WRR. Example The following example configures the number of expedite queues as 0. Console(config)# priority-queue out num-of-queues 0 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide number-of-queues number-of-queues — Specifies the number of expedite queues. Expedite...
  • Page 291: Traffic-Shape

    Then run this command without the queue-id parameter. The CIR and the CBS will be applied to the specified port. To activate the shaper for specific queue, run this command with the queue-id parameter. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide committed-rate excess-burst queue-id committed-rate —...
  • Page 292: Rate-Limit (Ethernet)

    SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide kbps kbps — Maximum of kilobits per second of ingress traffic on a port. (Range: 3.5M - 1G for SPS2024 and 62-100000 for SPS2xx)
  • Page 293: Show Qos Interface

    [buffers | queuing | policers | shapers | rate-limit] [Ethernet interface-number Parameters • • • • • • • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide | vlan vlan-id | port-channel interface-number — ethernet vlan-id — VLAN number. number — port-channel Valid port-channel number.
  • Page 294 If no interface is specified, QoS information about all interfaces is displayed. Example The following example displays the buffer settings for queues on Ethernet port e1. Console# show qos interface ethernet e1 buffers Ethernet e1 Notify Q Depth SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Size...
  • Page 295: Qos Wrr-Queue Threshold

    Syntax qos wrr-queue threshold gigabitethernet threshold-percentage1 threshold-percentage2 no qos wrr-queue threshold gigabitethernet qos wrr-queue threshold tengigabitethernet threshold-percentage1 threshold-percentage2 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Max Prob Min Max Prob Min DP0 DP0 DP1 DP1 N/A N/A N/A N/A N/A N/A...
  • Page 296 The following example assigns a threshold of 80 percent to WRR queue 1. Console (config)# qos wrr-queue threshold gigabitethernet 1 80 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide gigabitethernet — Indicates that the thresholds are to be applied to Gigabit Ethernet ports.
  • Page 297: Qos Map Policed-Dscp

    The following example marks down incoming DSCP value 3 as DSCP value 43 on the policed-DSCP map. Console(config)# qos map policed-dscp 3 to 43 Reserved DSCP. DSCP 3 was not configured. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide dscp-list dscp- list — Specifies up to 8 DSCP values separated by a space. (Range:...
  • Page 298: Qos Map Dscp-Queue

    Queue-ID Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide dscp-list queue-id dscp-list — Specifies up to 8 DSCP values separated by a space. (Range: 0 - 63) queue-id —...
  • Page 299: Qos Map Dscp-Dp

    • In Cheetah based products • Default Configuration All the DSCPs are mapped to Drop Precedence 0. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide dscp-list dscp-list dscp-list — Specifies up to 8 DSCP values, with each value separated by space. (Range: 0-63) —...
  • Page 300: Qos Trust (Global)

    • Default Configuration CoS is the default trust mode. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide cos — Indicates that ingress packets are classified with packet CoS values. Untagged packets are classified with the default port CoS value. dscp — Indicates that ingress packets are classified with packet DSCP...
  • Page 301: Qos Trust (Interface)

    Packets entering a quality of service (QoS) domain are classified at the edge of the QoS domain. When packets are classified at the edge, the switch port within the QoS domain can be configured to one of the trusted states because there is no need to classify the packets at every device in the domain.
  • Page 302: Qos Cos

    CoS value of a port. Use the no form of this command to restore the default configuration. Syntax qos cos no qos cos Parameters • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide default-cos default-cos — Specifies the default CoS value of the port. (Range: 0-7)
  • Page 303: Qos Dscp-Mutation

    Mutation map to a system DSCP trusted port. Use the no form of this command to restore the trust state with no DSCP mutation. Syntax qos dscp-mutation no qos dscp-mutation Default Configuration This command has no default configuration. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 304: Qos Map Dscp-Mutation

    The qos map dscp-mutation Global Configuration mode command modifies the DSCP to DSCP mutation map. Use the no form of this command to restore the default DSCP to DSCP mutation map. Syntax qos map dscp-mutation no qos map dscp-mutation SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide in-dscp out-dscp...
  • Page 305: Show Qos Map

    The show qos map Global Configuration mode command displays the QoS mapping information. Syntax show qos map [dscp-queue | dscp-dp | policed-dscp | dscp-mutation SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide in-dscp — Specifies up to 8 DSCP values separated by spaces. (Range: 0- out-dscp —...
  • Page 306 The following example displays the QoS mapping information. Console> show qos map Dscp-queue map: SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide dscp-queue — Displays the DSCP to queue map. dscp-dp — Displays the DSCP to Drop Precedence map. policed-dscp — Displays the DSCP to DSCP remark table.
  • Page 307: Qos Commands

    QoS Commands show qos map Dscp-DP map: Dscp-dscp mutation map: SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 308: Chapter 24: Radius Commands

    [key no radius-server host { Parameters • • • • • • • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide ip-address hostname acct-port-number timeout ] [timeout key-string source ] [source ] [priority ip-address ip-address — IP address of the RADIUS server host.
  • Page 309 192. 1 68. 1 0. 1 , authentication request port number 20 and a 20-second timeout period. Console(config)# radius-server host 192.168.10.1 auth-port 20 timeout 20 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide key must match the encryption used on the RADIUS daemon. To specify an empty string, enter “”. (Range: 0-128 characters) source —...
  • Page 310: Radius-Server Key

    The following example defines the authentication and encryption key for all RADIUS communications between the device and the RADIUS daemon. Console(config)# radius-server key enterprise-server SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide key-string key-string — Specifies the authentication and encryption key for all RADIUS communications between the device and the RADIUS server.
  • Page 311: Radius-Server Retransmit

    There are no user guidelines for this command. Example The following example configures the number of times the software searches all RADIUS server hosts to 5 times. console(config)# radius-server retransmit 5 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide retries retries — Specifies the retransmit value. (Range: 1-10)
  • Page 312: Radius-Server Source-Ip

    Example The following example configures the source IP address used for communication with all RADIUS servers to 10. 1 . 1 . 1 . console(config)# radius-server source-ip 10.1.1.1 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide source source source — Specifies a valid source IP address.
  • Page 313: Radius-Server Timeout

    There are no user guidelines for this command. Example The following example configures the timeout interval on all RADIUS servers to 5 seconds. Console(config)# radius-server timeout 5 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide timeout timeout — Specifies the timeout value in seconds. (Range: 1-30)
  • Page 314: Radius-Server Deadtime

    There are no user guidelines for this command. Example The following example sets all RADIUS server deadtimes to 10 minutes. Console(config)# radius-server deadtime 10 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide deadtime deadtime — Length of time in minutes during which a RADIUS server is...
  • Page 315: Show Radius-Servers

    IP address Port TimeOut RetransmitDeadTimeSource IPPriority Usage ---------- ---- ------- ----------------- --------- -------- ----- 172.16.1.1 1645 Global Global 172.16.1.2 1645 11 Global values ------------- TimeOut: 3 Retransmit: 3 Deadtime: 0 Source IP: 172.16.8.1 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Auth Global Global Global...
  • Page 316: Chapter 25: Rmon Commands

    This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface number interface number — Valid Ethernet port. port-channel-number — Valid port-channel number.
  • Page 317 The following table describes the significant fields shown in the display. Field Dropped Octets Packets Broadcast Multicast CRC Align Errors SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Packets: 978 Multicast: 1 Collisions: 0 Oversize Pkts: 0 Jabbers: 0 65 to 127 Octets: 0 256 to 511 Octets: 0...
  • Page 318 256 to 511 Octets 512 to 1023 Octets 1024 Octets to SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description The best estimate of the total number of collisions on this Ethernet segment. The total number of packets received, less than 64 octets long (excluding framing bits, but including FCS octets) and otherwise well formed.
  • Page 319: Rmon Collection History

    Number of buckets specified for the RMON collection history statistics group is 50. Number of seconds in each polling cycle is 1800. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines Cannot be configured for a range of interfaces (Range context). SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide index [owner seconds index index —...
  • Page 320: Show Rmon Collection History

    Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface — Valid Ethernet port. port-channel-number — Valid port-channel number. interface...
  • Page 321: Show Rmon History

    The show rmon history Privileged EXEC mode command displays RMON Ethernet history statistics. Syntax show rmon history Parameters • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Samples 1800 Description An index that uniquely identifies the entry. The sampled Ethernet interface The interval in seconds between samples.
  • Page 322 Jan 18 2005 21:57:00 303595962 357568 Jan 18 2005 21:57:30 287696304 275686 Console# show rmon history 1 errors SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide throughput — Indicates throughput counters. errors — Indicates error counters. other — Indicates drop and collision counters.
  • Page 323 ------------------- Jan 18 2005 21:57:00 3 Jan 18 2005 21:57:30 3 Field Time Octets Packets Broadcast Multicast SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Owner: Me Interval: 1800 CRC Align Undersize Oversize Fragments Jabbers Dropped Collisions ------- ---------- Description Date and Time the entry is recorded.
  • Page 324 Undersize Oversize Fragments Jabbers Dropped SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description The best estimate of the mean physical layer network utilization on this interface during this sampling interval, in hundredths of a percent. The number of packets received during this...
  • Page 325: Rmon Alarm

    • • • • • • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description The best estimate of the total number of collisions on this Ethernet segment during this sampling interval. index variable interval rthreshold fthreshold revent fevent direction name...
  • Page 326 Example The following example configures the following alarm conditions: • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide type — Specifies the method used for sampling the selected variable and calculating the value to be compared against the thresholds. Possible values are absolute and delta.
  • Page 327: Show Rmon Alarm-Table

    There are no user guidelines for this command. Example The following example displays the alarms table. Console# show rmon alarm-table SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Sample interval — 360000 seconds Rising threshold — 1000000 Falling threshold — 1000000 Rising threshold event index — 10...
  • Page 328: Show Rmon Alarm

    Syntax show rmon alarm Parameters • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide ---------------- 1.3.6.1.2.1.2.2.1.10.1 1.3.6.1.2.1.2.2.1.10.1 1.3.6.1.2.1.2.2.1.10.9 Description An index that uniquely identifies the entry. Monitored variable OID.
  • Page 329 Rising Event1 Falling Event1 Owner Field Alarm Last Sample Value Interval SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Value 1.3.6.1.2.1.2.2.1.10.1 Description Alarm index. Monitored variable OID. The statistic value during the last sampling period. For example, if the sample type is delta, this value is the difference between the samples at the beginning and end of the period.
  • Page 330 Rising Threshold Falling Threshold Rising Event Falling Event Owner SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description The method of sampling the variable and calculating the value compared against the thresholds. If the value is absolute, the value of the variable is compared directly with the thresholds at the end of the sampling interval.
  • Page 331: Rmon Event

    If log is specified as the notification type, an entry is made in the log table for each event. If trap is specified, an SNMP trap is sent to one or more management stations. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide index type [community...
  • Page 332: Show Rmon Events

    Example The following example displays the RMON event table. Console# show rmon events Index Description ----- ------------------- --------- ------- -------------- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Type Community Owner Errors High BroadcastLog-Trapdevice Manager Jan 18 2006 23:59:48 Last time sent...
  • Page 333: Show Rmon Log

    [ Parameters • Default Configuration This command has no default configuration. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description An index that uniquely identifies the event. A comment describing this event. The type of notification that the device generates about this event.
  • Page 334 Maximum table size: 500 (800 after reset) Event -------- -------------- The following table describes the significant fields shown in the display: Field Event Description Type SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description Time -------------- ---------- Errors Jan 18 2006 23:48:19 Errors...
  • Page 335: Rmon Table-Size

    The configured table size takes effect after the device is rebooted. Example The following example configures the maximum RMON history table sizes to 100 entries. Console(config)# rmon table-size history 100 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide entries | log entries history —...
  • Page 336: Chapter 26: Snmp Commands

    • • • • • • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide community ][type router | oob] community group-name community community — Community string that acts like a password and permits access to the SNMP protocol. (Range: 1-20 characters) ro —...
  • Page 337 The internal security name for SNMPv1 and SNMPv2 security models is mapped to the group name. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide type router — Specifies that SNMP requests for duplicate tables configure the router tables. This is the default.
  • Page 338: Snmp-Server View

    • • • • Default Configuration ‘Default’ and ‘DefaultSuper’ views exists. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide view-name oid-tree view-name oid-tree view-name — Specifies the label for the view record that is being created or updated. The name is used to reference the record. (Range: 1-30...
  • Page 339: Snmp-Server Group

    SNMP views. Use the no form of this command to remove a specified SNMP group. Syntax snmp-server group [read no snmp-server group SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide groupname {v1 | 2 | v3 {noauth | auth | priv} [notify readview writeview ] [write...
  • Page 340 Default Configuration No group entry exists. Command Mode Global Configuration mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide groupname— Specifies the name of the group (Range: 1-30 characters). v1 — Indicates the SNMP Version 1 security model. v2 — Indicates the SNMP Version 2 security model.
  • Page 341: Snmp-Server User

    Parameters • • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide username groupname password | auth-sha | auth-md5-key username [remote username — Specifies the name of the user on the host that connects to the agent.
  • Page 342 When a show running-config Privileged EXEC mode command is entered, a line for this user will not be displayed. To see if this user has been added to the configuration, type the show snmp users Privileged EXEC mode command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide password — auth-md5 Indicates the HMAC-MD5-96 authentication level.
  • Page 343: Snmp-Server Filter

    Parameters • • • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide filter-name oid-tree filter-name oid-tree filter-name — Specifies the label for the filter record that is being updated or created. The name is used to reference the record. (Range: 1-30...
  • Page 344: Snmp-Server Host

    Simple Network Management Protocol Version 1 or Version 2 notifications. Use the no form of this command to remove the specified host. Syntax snmp-server host { [udp-port no snmp-server host { SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide ip-address hostname port filtername ] [filter...
  • Page 345 Default Configuration This command has no default configuration. Command Mode Global Configuration mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide ip-address — Specifies the IP address of the host (targeted recipient). hostname — Specifies the name of the host. (Range:1-158 characters) community-string —...
  • Page 346: Snmp-Server V3-Host

    { auth | priv} [udp-port no snmp-server v3-host { Parameters • • • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide ip-address hostname port filtername ] [filter ip-address ip-address — Specifies the IP address of the host (targeted recipient).
  • Page 347 Example The following example configures an SNMPv3 host. Console(config)# snmp-server v3-host 192.168.0.20 john noauth SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide informs — Indicates that SNMP informs are sent to this host. noauth — Indicates no authentication of a packet. auth — Indicates authentication of a packet without encrypting it.
  • Page 348: Snmp-Server Engineid Local

    • • • Command Mode Global Configuration mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide engineid-string engineid-string — Specifies a character string that identifies the engine ID. (Range: 5-32 characters) default — The engine ID is created automatically based on the device MAC address.
  • Page 349 Global Configuration mode command. Example The following example enables SNMPv3 on the device and sets the local engine ID of the device to the default value. Console(config) # snmp-server engineID local default SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 350: Snmp-Server Enable Traps

    Default Configuration SNMP traps are enabled. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enables SNMP traps. Console(config)# snmp-server enable traps SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 351: Snmp-Server Trap Authentication

    SNMP failed authentication traps are enabled. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enables SNMP failed authentication traps. Console(config)# snmp-server trap authentication SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 352: Snmp-Server Contact

    Do not include spaces in the text string or place text that includes spaces inside quotation marks. Example The following example configures the system contact point called LinkSys_Technical_Support console(config)# snmp-server contact LinkSys_Technical_Support SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide text text — Specifies the string that describes system contact information. (Range: 1-160 characters)
  • Page 353: Snmp-Server Location

    Do not include spaces in the text string or place text that includes spaces inside quotation marks. Example The following example defines the device location as New York. Console(config)# snmp-server location New_York SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide text text — Specifies a string that describes system location information. (Range: 1-160 characters)
  • Page 354: Snmp-Server Set

    This command is case-sensitive. Example The following example configures the scalar MIB sysName with the value LinkSys. Console(config)# snmp-server set sysName sysname LinkSys SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide variable-name name1 value1 variable-name — MIB variable name (Range 1-160 characters).
  • Page 355: Show Snmp

    The following example displays the SNMP communications status. Console# show snmp Community- String ---------- public private private Community-string Group name ---------------- ----------- public SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Community- View name Access ----------- --------- read only user-view read write Default DefaultSuper 172.16.1.1...
  • Page 356 Field Community-string Community- access IP Address Trap-Rec-Address Trap-Rec- Community Version SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Community Version UDP --------- ------- ---- ------ --- ------- Public Username Security UDP Filter TO Level ---------------- ---- ------ --- ------- Priv Description Community access string to permit access to the SNMP protocol.
  • Page 357: Show Snmp Engineid

    The following example displays the SNMP engine ID. Console# show snmp engineID Local SNMP engineID: 08009009020C0B099C075878 show snmp views The show snmp views Privileged EXEC mode command displays the configuration of views. Syntax show snmp views [ SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide viewname...
  • Page 358: Show Snmp Groups

    The show snmp groups Privileged EXEC mode command displays the configuration of groups. Syntax show snmp groups [ SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide viewname — Specifies the name of the view. (Range: 1-30) OID Tree 1.3.6.1.2.1.1 1.3.6.1.2.1.1.7...
  • Page 359 The following table describes significant fields shown above. Field Name Security Mode Security Level SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide groupname— Specifies the name of the group. (Range: 1-30) Security Model Level Read ----- ----- ---- priv...
  • Page 360: Show Snmp Filters

    This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description Read Name of the view that enables only viewing the contents of the agent. If unspecified, all...
  • Page 361: Show Snmp Users

    • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide OID Tree 1.3.6.1.2.1.1 1.3.6.1.2.1.1.7 1.3.6.1.2.1.2.2.1.*.1 Included username username— Specifies the name of the user. (Range: 1-30)
  • Page 362 SNMP Commands show snmp users Example The following example displays the configuration of users. Console# show snmp users Name ------ John John SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Group name Auth Method ------------ ----------- user-group user-group Remote --------------------- 08009009020C0B099C075879...
  • Page 363: Chapter 27: Rsa And Certificate Commands

    • • • • • • • • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide number ] generate [key-generate organization ] [or number — Specifies the certificate number. (Range: 1-2) key-generate — Regenerate the SSL RSA key. length — Specifies the SSL RSA key length. (Range: 512-2048) common- name —...
  • Page 364 Use this command to generate a self-signed certificate for the device. If the RSA keys do not exist, parameter key-generate must be used. Example The following example regenerates an HTTPS certificate. Console(config)# crypto certificate 1 generate key-generate SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 365: Crypto Key Generate Dsa

    This command may take a considerable period of time to execute. Example The following example generates DSA key pairs. Console(config)# crypto key generate dsa SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 366: Crypto Key Generate Rsa

    This command may take a considerable period of time to execute. Example The following example generates RSA key pairs. Console(config)# crypto key generate rsa SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 367: Chapter 28: Spanning Tree Commands

    Syntax spanning-tree no spanning-tree Default Configuration Spanning-tree is enabled. Command Modes Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enables spanning-tree functionality. Console(config)# spanning-tree SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 368: Spanning-Tree Mode

    In MSTP mode, the device uses RSTP when the neighbor device uses RSTP and uses STP when the neighbor device uses STP. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide stp — Indicates that the Spanning Tree Protocol (STP) is enabled. rstp — Indicates that the Rapid Spanning Tree Protocol (RSTP) is enabled.
  • Page 369: Spanning-Tree Forward-Time

    The default forwarding time for the IEEE Spanning Tree Protocol (STP) is 15 seconds. Command Mode Global Configuration mode User Guidelines When configuring the forwarding time, the following relationship should be kept: 2*(Forward-Time - 1) >= Max-Age SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide seconds seconds — Time in seconds. (Range: 4-30)
  • Page 370: Spanning-Tree Hello-Time

    The default hello time for IEEE Spanning Tree Protocol (STP) is 2 seconds. Command Mode Global Configuration mode User Guidelines When configuring the hello time, the following relationship should be kept: Max-Age >= 2*(Hello-Time + 1) SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide seconds seconds — Time in seconds. (Range: 1-10)
  • Page 371: Spanning-Tree Max-Age

    Global Configuration mode User Guidelines When configuring the maximum age, the following relationships should be kept: 2*(Forward-Time - 1) >= Max-Age Max-Age >= 2*(Hello-Time + 1) SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide seconds seconds — Time in seconds. (Range: 6-40)
  • Page 372: Spanning-Tree Priority

    The default bridge priority for IEEE Spanning Tree Protocol (STP) is 32768. Command Modes Global Configuration mode User Guidelines The bridge with the lowest priority is elected as the root bridge. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide priority priority — Priority of the bridge. (Range: 0-61440 in steps of 4096)
  • Page 373: Spanning-Tree Disable

    Command Modes Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. Example The following example disables spanning-tree on Ethernet port e5. Console(config)# interface ethernet e5 Console(config-if)# spanning-tree disable SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 374: Spanning-Tree Cost

    Command Modes Interface Configuration (Ethernet, port-channel) mode User Guidelines The path cost method is configured using the spanning-tree pathcost method Global Configuration mode command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide cost cost — Path cost of the port (Range: 1-200,000,000) Long...
  • Page 375: Spanning-Tree Port-Priority

    The default port priority for IEEE Spanning TreeProtocol (STP) is 128. Command Modes Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide priorit priority — The priority of the port. (Range: 0-240 in multiples of 16)
  • Page 376: Spanning-Tree Portfast

    PortFast mode is enabled. Command Modes Interface Configuration (Ethernet, port-channel) mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide auto — Specifies that the software waits for 3 seconds (With no BPDUs received on the interface) before putting the interface into the PortFast...
  • Page 377: Spanning-Tree Link-Type

    The device derives the port link type from the duplex mode. A full-duplex port is considered a point-to-point link and a half-duplex port is considered a shared link. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide point-to-point —Indicates that the port link type is point-to-point.
  • Page 378: Spanning-Tree Pathcost Method

    Parameters • • Default Configuration Short path cost method. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide long — Specifies port path costs with a range of 1-200,000,000. short — Specifies port path costs with a range of 0-65,535.
  • Page 379: Spanning-Tree Bpdu

    Parameters • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide filtering — Filter BPDU packets when the spanning tree is disabled on an interface. flooding — Flood BPDU packets when the spanning tree is disabled on an interface.
  • Page 380: Spanning-Tree Guard Root

    Syntax spanning-tree guard root no spanning-tree guard root SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide bridging — Bridge BPDU packets when spanning tree is disabled globally, untagged or tagged frames are flooded and are subject to ingress and egress VLAN rules...
  • Page 381: Clear Spanning-Tree Detected-Protocols

    The clear spanning-tree detected-protocols Privileged EXEC mode command restarts the protocol migration process (forces renegotiation with neighboring devices) on all interfaces or on a specified interface. Syntax clear spanning-tree detected-protocols [ethernet channel-number SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface port- | port-channel...
  • Page 382: Spanning-Tree Mst Priority

    Use the no form of this command to restore the default configuration. Syntax spanning-tree mst no spanning-tree mst SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface — A valid Ethernet port. port-channel-number — A valid port-channel number.
  • Page 383: Spanning-Tree Mst Max-Hops

    Use the no form of this command to restore the default configuration. Syntax spanning-tree mst max-hops no spanning-tree mst max-hops SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide instance-id— ID of the spanning-tree instance (Range: 1-7). priority— Device priority for the specified spanning-tree instance (Range: 0- 61440 in multiples of 4096).
  • Page 384: Spanning-Tree Mst Port-Priority

    MST instance. Use the no form of this command to restore the default configuration. Syntax spanning-tree mst no spanning-tree mst SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide hop-coun t—Number of hops in an MST region before the BDPU is discarded. (Range: 1-40) instance-id...
  • Page 385: Spanning-Tree Mst Cost

    Use the no form of this command to restore the default configuration. Syntax spanning-tree mst no spanning-tree mst SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide instance-ID— ID of the spanning tree instance. (Range: 1-7) priority— The port priority. (Range: 0-240 in multiples of 16)
  • Page 386: Command Modes

    The following example configures the MSTP instance 1 path cost for Ethernet port e9 to 4. Console(config) # interface ethernet e9 Console(config-if) # spanning-tree mst 1 cost 4 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide instance-ID— ID of the spanning-tree instance (Range: 1-7). cost—...
  • Page 387: Spanning-Tree Mst Configuration

    Global Configuration mode User Guidelines All devices in an MST region must have the same VLAN mapping, configuration revision number and name. Example The following example configures an MST region. Console(config)# spanning-tree mst configuration Console(config-mst)# SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 388: Instance (Mst)

    CIST. For two or more devices to be in the same MST region, they must have the same VLAN mapping, the same configuration revision number, and the same name. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide instance-id {add | remove} vlan instance-ID—...
  • Page 389: Name (Mst)

    The default name is a radlan_guest. Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide string string — MST configuration name. The name is case-sensitive. (Range: 1-32 characters)
  • Page 390: Revision (Mst)

    Parameters • Default Configuration The default configuration revision number is 0. Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide value value — Configuration revision number (Range: 0-65535).
  • Page 391: Show (Mst)

    This command has no default configuration. Command Mode MST Configuration mode User Guidelines The pending MST region configuration takes effect only after exiting the MST Configuration mode. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide current—Indicates the current region configuration. pending—Indicates the pending region configuration.
  • Page 392: Exit (Mst)

    Syntax exit Default Configuration This command has no default configuration. Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide State 1-9,21-4094 Enabled 10-20 Enabled...
  • Page 393: Abort (Mst)

    Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command. Example The following example exits the MST Configuration mode without saving changes. Console(config) # spanning-tree mst configuration Console(config-mst) # abort SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 394: Show Spanning-Tree

    Default Configuration This command has no default configuration. Command Modes Privileged EXEC mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface -number instance-id ] [instance interface -number — A valid Ethernet port.
  • Page 395 Name State ---- ------- -------- ----- --- ---- -------- ---------- Console# show spanning-tree Spanning tree enabled mode RSTP Default port cost method: long Root ID Interfaces SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Priority 32768 Address 00:01:42:97:e0:00 Path Cost 20000 Root Port...
  • Page 396: Spanning Tree Commands

    Name State ---- ------- -------- ----- --- Console# show spanning-tree active Spanning tree enabled mode RSTP Default port cost method: long SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Prio.Nbr Cost Enabled 128.1 20000 FWD Desg No Enabled 128.2 20000 FWD Desg No Disabled 128.3...
  • Page 397 Bridge ID Priority Interfaces Name State ---- ------- -------- ----- --- Console# show spanning-tree detail Spanning tree enabled mode RSTP Default port cost method: long SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Priority 32768 Address 00:01:42:97:e0:00 Path Cost 20000 Root Port...
  • Page 398 Type: N/A (configured: auto) Port Fast: N/A (configured:no) Designated bridge Priority: N/AAddress: N/A Designated port id: N/A Number of transitions to forwarding state: N/A BPDU: sent N/A, received N/A SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Priority 32768 Address 00:01:42:97:e0:00 Path Cost...
  • Page 399 BPDU: sent 2, received 120638 Console# show spanning-tree mst-configuration Name: Region1 Revision: 1 Instance Vlans mapped -------- ------------ Console# show spanning-tree SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Role: Alternate Port cost: 20000 Role: N/A Port cost: 20000 Designated path cost: N/A Role: Root...
  • Page 400 CST Root ID Priority Bridge ID Interfaces Name State ---- ------- -------- ----- --- ---- -------- ---------- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Address Path Cost Root Port Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Address This switch is the IST master.
  • Page 401 Type: Shared (configured: auto) Boundary STPPort Fast: No (configured:no) Designated bridge Priority: 32768Address: 00:02:4b:29:7a:00 Designated port id: 128.2 Designated path cost: 20000 Number of transitions to forwarding state: 1 BPDU: sent 2, received 170638 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide 32768 Address 00:01:42:97:e0:00 Path Cost 20000...
  • Page 402 Root ID Bridge ID Priority Port 1 (e1) enabled State: Forwarding Port id: 128.1 Type: P2p (configured: auto) Boundary RSTPPort Fast: No SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Role: Designated Port cost: 20000 Role: Designated Port cost: 20000 Priority 24576...
  • Page 403 Designated bridge Priority: 32768Address: 00:02:4b:29:7a:00 Designated port id: 128.2 Designated path cost: 20000 Number of transitions to forwarding state: 1 BPDU: sent 2, received 170638 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Role: Designated Port cost: 20000 Role: Alternate Port cost: 20000...
  • Page 404 IST Master ID Priority Bridge ID Console# show spanning-tree Spanning tree enabled mode MSTP Default port cost method: long ###### MST 0 Vlans Mapped: 1-9, 21-4094 CST Root IDPriority SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Priority 32768 Address 00:01:42:97:e0:00 Path Cost 20000...
  • Page 405: Chapter 29: Ssh Commands

    The default port number is 22. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide port-number port-number — Port number for use by the SSH server (Range: 1-65535).
  • Page 406: Ip Ssh Server

    To generate SSH server keys, use the crypto key generate dsa, and crypto key generate rsa Global Configuration mode commands. Example The following example enables configuring the device from a SSH server. Console(config)# ip ssh server SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 407: Ip Ssh Pubkey-Auth

    Public Key authentication to incoming SSH sessions is disabled. Command Mode Global Configuration mode User Guidelines AAA authentication is independent. Example The following example enables public key authentication for incoming SSH sessions. Console(config)# ip ssh pubkey-auth SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 408: Crypto Key Pubkey-Chain Ssh

    The following example enters the SSH Public Key-chain Configuration mode and manually configures the RSA key pair for SSH public key-chain bob. Console(config)# crypto key pubkey-chain ssh Console(config-pubkey-chain)# user-key bob Console(config-pubkey-key)# key-string rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCvTnRwPWl Al4kpqIw9GBRonZQZxjHKcqKL6rMlQ+ ZNXfZSkvHG+QusIZ/76ILmFT34v7u7ChFAE+ Vu4GRfpSwoQUvV35LqJJk67IOU/zfwOl1g kTwml75QR9gHujS6KwGN2QWXgh3ub8gDjTSq muSn/Wd05iDX2IExQWu08licglk02LYciz +Z4TrEU/9FJxwPiVQOjc+KBXuR0juNg5nFYsY SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 409: User-Key

    • • Default Configuration No SSH public keys exist. Command Mode SSH Public Key-string Configuration mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide username {rsa | dsa} username username — Specifies the username of the remote SSH client. (Range: 1-48 characters) rsa —...
  • Page 410: Key-String

    Parameters • • Default Configuration No keys exist. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide key-string row — Indicates the SSH public key row by row. key-string — Specifies the key in UU-encoded DER format; UU-encoded DER format is the same format in the authorized_keys file used by...
  • Page 411 Console(config-pubkey-chain)# user-key bob rsa Console(config-pubkey-key)# key-string AAAAB3NzaC1yc2EAAAADAQABAAABAQCvTnRwPWl Al4kpqIw9GBRonZQZxjHKcqKL6rMlQ+ ZNXfZSkvHG+QusIZ/76ILmFT34v7u7ChFAE+ Vu4GRfpSwoQUvV35LqJJk67IOU/zfwOl1g kTwml75QR9gHujS6KwGN2QWXgh3ub8gDjTSq muSn/Wd05iDX2IExQWu08licglk02LYciz +Z4TrEU/9FJxwPiVQOjc+KBXuR0juNg5nFYsY 0ZCk0N/W9a/tnkm1shRE7Di71+w3fNiOA 6w9o44t6+AINEICBCCA4YcF6zMzaT1wefWwX6f+ Rmt5nhhqdAtN/4oJfce166DqVX1gWmN zNR4DYDvSzg0lDnwCAC8Qh Fingerprint: a4:16:46:23:5a:8d:1d:b5:37:59:eb:44:13:b9:33:e9 Console(config)# crypto key pubkey-chain ssh Console(config-pubkey-chain)# user-key bob rsa Console(config-pubkey-key)# key-string row AAAAB3Nza Console(config-pubkey-key)# key-string row C1yc2 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 412: Show Ip Ssh

    DSA (DSS) key was generated. SSH Public Key Authentication is enabled. Active incoming sessions: IP AddressSSH Username 172.16.0.1John Brown The following table describes the significant fields shown in the display. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Version CipherAuth Code 2.0 3 DESHMAC-SHA1...
  • Page 413: Show Crypto Key Pubkey-Chain Ssh

    • • • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description Client address User name SSH version number Encryption type (3DES, Blowfish, RC4) Authentication Code (HMAC-MD5, HMAC-SHA1) username —...
  • Page 414: Show Crypto Key Mypubkey

    To view the SSH public keys of your device, use the show crypto key mypubkey Privileged EXEC command. Syntax show crypto key mypubkey [rsa | dsa] Parameters • • Default Configuration This command has no default setting. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide 9A:CC:01:C5:78:39:27:86:79:CC:23:C5:98:59:F1:86 98:F7:6E:28:F2:79:87:C8:18:F8:88:CC:F8:89:87:C8 rsa — RSA key dsa — DSA key...
  • Page 415: Crypto Certificate Request

    [loc location] [st state] [cu country] Parameters • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide number — Specifies the certificate number. Range: 1 - 2 digits common- name — Specifies the fully qualified URL or IP address of the device. Range: 1 - 64 characters...
  • Page 416 Console# crypto certificate 1 request -----BEGIN CERTIFICATE REQUEST----- MIwTCCASoCAQAwYjELMAkGA1UEBhMCUFAxCzAJBgNVBAgTAkNDMQswCQYDVQQH EwRDEMMAoGA1UEChMDZGxkMQwwCgYDVQQLEwNkbGQxCzAJBgNVBAMTAmxkMRAw SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide ou organization-unit — Specifies the organization-unit or department name. Range: 1 - 64 characters or organization — Specifies the organization name. Range: 1 - 64 characters loc location —...
  • Page 417: Crypto Certificate Import

    Syntax crypto certificate number import Parameters • Default Configuration There is no default configuration for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide number — Specifies the certificate number. Range: 1 - 2 digits...
  • Page 418 Examples Console(config)# crypto certificate 1 import -----BEGIN CERTIFICATE----- dHmUgUm9vdCBDZXJ0aWZpZXIwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAp4HS nnH/xQSGA2ffkRBwU2XIxb7n8VPsTm1xyJ1t11a1GaqchfMqqe0kmfhcoHSWr yf1FpD0MWOTgDAwIDAQABo4IBojCCAZ4wEwYJKwYBBAGCNxQCBAYeBABDAEEw CwR0PBAQDAgFGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFAf4MT9BRD47 ZvKBAEL9Ggp+6MIIBNgYDVR0fBIIBLTCCASkwgdKggc+ggcyGgclsZGFwOi8v L0VByb3h5JTIwU29mdHdhcmUlMjBSb290JTIwQ2VydGlmaWVyLENOPXNlcnZl -----END CERTIFICATE----- Certificate imported successfully. Issued to: router.gm.com Issued by: www.verisign.com Valid from: 8/9/2003 to 8/9/2004 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 419: Crypto Certificate Export

    RSA key pair. The passphrase for the exporting is determined when the key is generated. Examples Console# crypto certificate 1 export SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide number — Specifies the certificate number. Range: 1 - 2 digits...
  • Page 420: Show Crypto Certificate Mycertificate

    This command has no default setting. Command Mode Privileged EXEC Example Console# show crypto certificate mycertificate 1 -----BEGIN CERTIFICATE----- dHmUgUm9vdCBDZXJ0aWZpZXIwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAp4HS nnH/xQSGA2ffkRBwU2XIxb7n8VPsTm1xyJ1t11a1GaqchfMqqe0kmfhcoHSWr yf1FpD0MWOTgDAwIDAQABo4IBojCCAZ4wEwYJKwYBBAGCNxQCBAYeBABDAEEw CwR0PBAQDAgFGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFAf4MT9BRD47 ZvKBAEL9Ggp+6MIIBNgYDVR0fBIIBLTCCASkwgdKggc+ggcyGgclsZGFwOi8v L0VByb3h5JTIwU29mdHdhcmUlMjBSb290JTIwQ2VydGlmaWVyLENOPXNlcnZl -----END CERTIFICATE----- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide number — Specifies the certificate number. Range: 1, product specific...
  • Page 421 SSH Commands show crypto certificate mycertificate Issued by: www.verisign.com Valid from: 8/9/2003 to 8/9/2004 Subject: CN= router.gm.com, 0= General Motors, C= US Finger print: DC789788 DC88A988 127897BC BB789788 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 422: Chapter 30: Syslog Commands

    Global Configuration mode commands. However, if the logging on command is disabled, no messages are sent to these destinations. Only the console receives messages. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 423: Logging

    • • • • • Default Configuration The default port number is 514. The default logging message level is informational. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide ip-address hostname } [port text ip-address hostname ip-address — IP address of the host to be used as a syslog server.
  • Page 424: Logging Console

    Syntax logging console no logging console Parameters • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide level level — Specifies the severity level of logged messages displayed on the console. The possible values are: emergencies, alerts, critical, errors, warnings, notifications, informational, debugging.
  • Page 425: Logging Buffered

    Syntax logging buffered no logging buffered Parameters • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide level level — Specifies the severity level of messages logged in the buffer. The possible values are: emergencies, alerts, critical, errors, warnings, notifications, informational, debugging.
  • Page 426: Logging Buffered Size

    Syntax logging buffered size no logging buffered size Parameters • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide number number — Specifies the maximum number of messages stored in the history table. (Range: 1 - 400)
  • Page 427: Clear Logging

    Console(config)# logging buffered size 300 clear logging The clear logging Privileged EXEC mode command clears messages from the internal logging buffer. Syntax clear logging Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 428: Logging File

    Default Configuration The default severity level is errors. Command Mode Global Configuration mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide level level — Specifies the severity level of syslog messages sent to the logging file. Possible values are: emergencies, alerts, critical, errors, warnings,...
  • Page 429: Clear Logging File

    The clear logging file Privileged EXEC mode command clears messages from the logging file. Syntax clear logging file Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 430: Aaa Logging

    Command Mode Global Configuration mode User Guidelines Other types of AAA events are not subject to this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide login — Indicates logging messages related to successful login events, unsuccessful login events and other login-related events.
  • Page 431: File-System Logging

    Enabled Command Mode Global Configuration User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide copy — Log messages related to file copy operations. delete-rename — Log messages related to file deletion and renaming.
  • Page 432: Management Logging

    Other types of management ACL events are not subject to this command. Example The following example enables logging messages related to deny actions of management ACLs. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide deny — Indicates logging messages related to deny actions of management ACLs.
  • Page 433: Show Logging

    File logging: level notifications. File Messages: 0 Dropped (severity). Syslog server 192.180.2.27 logging: errors. Messages: 6 Dropped (severity). Syslog server 192.180.2.28 logging: errors. Messages: 6 Dropped (severity). 2 messages were not logged (resources) Application Filtering Control SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 434: Show Logging File

    The show logging file Privileged EXEC mode command displays the state of logging and the syslog messages stored in the logging file. Syntax show logging file SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Event Status ------ ------- Login...
  • Page 435 Management ACL Deny Buffer log: 11-Aug-2004 15:41:43: %LINK-3-UPDOWN: Interface FastEthernet0/ 0, changed state to up 11-Aug-2004 15:41:43: %LINK-3-UPDOWN: Interface Ethernet1/0, changed state to up 11-Aug-2004 15:41:43: %LINK-3-UPDOWN: Interface Ethernet1/1, SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Event Status ----- ------- Login Enabled...
  • Page 436: Show Syslog-Servers

    Interface Ethernet1/3, changed state to down show syslog-servers The show syslog-servers Privileged EXEC mode command displays the settings of the syslog servers. Syntax show syslog-servers Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 437 Example The following example displays the settings of the syslog servers. Console# show syslog-servers Device Configuration IP address ----------- 192.180.2.27 514 192.180.2.27 514 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Port Severity Facility Description ---- ------------- -------- ----------- Informational local7 Warning...
  • Page 438: Chapter 31: System Management Commands

    • • • Default Configuration Default packet size is 56 bytes. Default number of packets to send is. Default timeout value is 2000 milliseconds. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide ip-address hostname packet_size }[size ip-address — IP address to ping.
  • Page 439 64 bytes from 10.1.1.1: icmp_seq=1. time=8 ms 64 bytes from 10.1.1.1: icmp_seq=2. time=8 ms 64 bytes from 10.1.1.1: icmp_seq=3. time=7 ms SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Destination does not respond. If the host does not respond, a “no answer from host” appears in ten seconds.
  • Page 440: Traceroute

    Parameters • • • • • • • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide destination-ip-address time-out ] [timeout ] [source destination-ip-address — IP address of the destination host. hostname — Host name of the destination host. (Range: 1-158 characters) packet-size —...
  • Page 441 TTL is exceeded or when the user interrupts the trace by pressing Esc. Example The following example discovers the routes that packets will actually take when traveling to their destination. Console> traceroute umaxp1.physics.lsa.umich.edu SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 442 Field gateway.stanford.e 192.68. 1 91.83 1 msec 1 msec 1 msec SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description Indicates the sequence number of the device in the path to the host. Host name of this device. IP address of this device.
  • Page 443: Telnet

    Telnet. Syntax telnet { Parameters • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description The probe timed out. Unknown packet type. Administratively unreachable. Usually, this output indicates that an access list is blocking traffic. Fragmentation is required and DF is set.
  • Page 444 Telnet sequence Ctrl-Shift-6 ? at the system prompt. A sample of this list follows. Note that the Ctrl-Shift-6 sequence appears as ^^ on the screen. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide port — A decimal TCP port number, or one of the keywords listed in the Ports table in the User Guidelines.
  • Page 445 Keywords Table Options /echo /quiet /source-interface /stream Ctrl-Shift-6 x SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description Enables local echo. Prevents onscreen display of all messages from the software. Specifies the source interface. Turns on stream processing, which enables a raw TCP stream with no Telnet control sequences.
  • Page 446 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description Border Gateway Protocol Character generator Remote commands Daytime Discard Domain Name Service Echo Exec Finger File Transfer Protocol FTP data connections...
  • Page 447: Resume

    Esc U sends telnet EL resume The resume User EXEC mode command enables switching to another open Telnet session. Syntax resume [ Parameters • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description Syslog TAC Access Control System Talk Telnet Time Unix-to-Unix Copy Program...
  • Page 448: Reload

    The following command switches to open Telnet session number 1. Console> resume 1 reload The reload Privileged EXEC mode command reloads the operating system. Syntax reload Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 449: Hostname

    (i.e., restore the default hostname “Console”). Syntax hostname no hostname Parameters • Default Configuration This command has no default configuration. Command Mode Global Configuration mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide name name — The host name of the device. (Range: 1-160 characters)
  • Page 450: Service Cpu-Utilization

    CPU utilization. Use the no form of the command to restore the default configuration. Syntax service cpu-utilization no service cpu-utilization Default Configuration Enabled. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 451: Show Cpu Utilization

    Use the service cpu-utilization Global Configuration command to enable measuring CPU utilization. Example This example shows how to display CPU utilization information. Console# show cpu-utilization CPU utilization service is on. CPU utilization -------------------------- five seconds: 5%; one minute: 3%; five minutes: 3% SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 452: Show Users

    There are no user guidelines for this command. Example The following example displays information about the active users. Console# show users Username -------- John Robert Betty SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Protocol Location ---------- ----------- Serial 172.16.0.1 HTTP 172.16.0.8 Telnet 172.16.1.7...
  • Page 453: Show Sessions

    This command will not show telnet sessions to remote hosts opened by other telnet sessions to the local device. Example The following example lists open Telnet sessions. Console# show sessions Connection ---------- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Host Address ------------- --------- Remote device 172.16.1.1 172.16.1.2...
  • Page 454: Show System

    • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description Connection number Remote host to which the device is connected through a Telnet session. IP address of the remote host.
  • Page 455 System Up Time (days,hour:min:sec):1,22:38:21 System Contact: System Name: System location: System MAC Address: Temperature Sensors: Unit -------- Unit -------- Unit -------- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Corporate 0010.B5F4.0001 Sensor Temperature (Celsius) ---------- ---------- Power supply Source ------------ --------- Main...
  • Page 456: Show Version

    The following example displays system version information (only for demonstration purposes). console# show version SW version Boot version HW version SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide unit unit— Specifies the number of the unit. 1.0.2 ( date 1.0.2 ( date 00.00.01...
  • Page 457: Show System Tcam Utilization

    This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays information on features control. Console> show system tcam utilization TCAM utilization: 58% SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide unit...
  • Page 458: Chapter 32: Tacacs+ Commands

    Syntax tacacs-server host { [timeout no tacacs-server host { Parameters • • • • • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide ip-address hostname timeout key-string ] [key ] [source ip-address ip-address — IP address of the TACACS+ server. hostname —...
  • Page 459 Example The following example specifies a TACACS+ host. Console(config)# tacacs-server host 172.16.1.1 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide source — Specifies the source IP address to use for the communication. 0.0.0.0 indicates a request to use the IP address of the outgoing IP interface.
  • Page 460: Tacacs-Server Key

    Example The following example sets the authentication encryption key for all TACACS+ servers. Console(config)# tacacs-server key enterprise SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide key-string key-string — Specifies the authentication and encryption key for all TACACS+ communications between the device and the TACACS+ server.
  • Page 461: Tacacs-Server Timeout

    There are no user guidelines for this command. Example The following example sets the timeout value to 30 for all TACACS+ servers. Console(config)# tacacs-server timeout 30 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide timeout timeout — Specifies the timeout value in seconds. (Range: 1-30)
  • Page 462: Tacacs-Server Source-Ip

    There are no user guidelines for this command. Example The following example specifies the source IP address for all TACACS+ servers. Console(config)# tacacs-server source-ip 172.16.8.1 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide source source source — Specifies the source IP address.
  • Page 463: Show Tacacs

    Device Configuration -------------------- IP address Status ---------- --------- ---- ----------------- ------- --------- -------- 172.16.1.1 Connected 48 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide ip-address ip-address — Name or IP address of the TACACS+ server. Port Single Connection TimeOut Source IP Priority...
  • Page 464 TACACS+ Commands show tacacs Global values ------------- TimeOut: 3 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 465: Chapter 33: User Interface Commands

    Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example enters Privileged EXEC mode and logs in with username admin. Console> login User Name:admin Password:***** Console# SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 466: Configure

    There are no user guidelines for this command. Example The following example enters Global Configuration mode. Console# configure Console(config)# exit (configuration) The exit command exits from any configuration mode to the next highest mode in the CLI mode hierarchy. Syntax exit SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 467: Exit(Exec)

    The exit Privileged/User EXEC mode command closes an active terminal session by logging off the device. Syntax exit Default Configuration This command has no default configuration. Command Mode Privileged and User EXEC modes SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 468: End

    This command has no default configuration. Command Mode All configuration modes. User Guidelines There are no user guidelines for this command. Example The following example changes from Global Configuration mode to Privileged EXEC mode. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 469: Help

    If the request is within a command, enter backspace and erase the entered characters to a point where the request results in a display. Help is provided when: SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 470: History

    This command enables the command history function for a specified line. Use the terminal history user EXEC mode command to enable or disable the command history function for the current terminal session. Example The following example enables the command history function for Telnet. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 471: History Size

    This command configures the command history buffer size for a particular line. To configure the command history buffer size for the current terminal session, use the terminal history size User EXEC mode command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide number-of-commands number-of-commands—...
  • Page 472: Terminal History

    The command enables the command history for the current session. The default is determined by the history line configuration command. Example The following example disables the command history function for the current terminal session. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 473: Terminal History Size

    To change the default size of the command history buffer, use the history line configuration command. The maximum number of commands in all buffers is 256. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide number-of-commands number-of-commands —...
  • Page 474: Terminal Datadump

    Pressing the Enter key displays the next line; pressing the Spacebar displays the next screen of output. The datadump command enables dumping all output immediately after entering the show command. This command is relevant only for the current session. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 475: Debug-Mode

    This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example enables the debug command interface. console(config)# console# debug >debug Enter DEBUG Password: ***** DEBUG> SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 476: Show History

    The following example displays all the commands entered while in the current Privileged EXEC mode. Console# show version SW version 3.131 (date 23-Jul-2005 time 17:34:19) HW version 1.0.0 Console# show clock 15:29:03 Jun 17 2005 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 477 Parameters • Default Configuration This command has no default configuration. Command Mode All Configuration modes User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide command — The EXEC command to be executed.
  • Page 478 User Interface Commands Example The following example shows to display current privilege level. Console (Config)# do show vlan VLAN ------- ---------- ---------- --------- ------------- 3978 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Name Ports default e1-e2 e9-e12 VLAN0010 e3-e4 VLAN0011 e1-e2...
  • Page 479: Chapter 34: Vlan Commands

    Switchport protected is disabled. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide port — Specifies the uplink Ethernet port. port-channel-number — Specifies the uplink port-channel. Private VLAN Edge (PVE) only operates on interfaces that do not have an IP...
  • Page 480: Switchport Protected-Port

    Use the switchport protected-port interface configuration command to isolate unicast, multicast, and broadcast traffic at Layer 2 from other protected ports on the same switch. Use the no form of this command to disable protection on the port. NOTE The SPS208G and SPS224G4 do not support this command.
  • Page 481: Switchport Protected-Port Fastethernet

    FE ports as protected ports. Use the no form of this command to set the FE ports as unprotected ports. This command is supported in SPS2xx devices. NOTE Syntax switchport protected-port fastethernet no switchport protected-port fastethernet Parameters This command has no arguments or keywords. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 482: Vlan Database

    The vlan database Global Configuration mode command enters the VLAN Configuration mode. Syntax vlan database Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 483: Vlan

    This command has no default configuration. Command Mode VLAN Database mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-range vlan-range vlan-range — Specifies a list of VLAN IDs to be added. Separate nonconsecutive VLAN IDs with a comma and no spaces;...
  • Page 484: Default-Vlan Vlan

    Parameters • Default Configuration The default configuration is disabled. Command Mode VLAN Configuration User Guidelines No user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-id vlan-id — VLAN ID of the default VLAN.
  • Page 485: Interface Vlan

    VLAN context. The commands that are supported for VLAN that do not exist are: 1. IGMP snooping control 2. Bridge Multicast configuration SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-id vlan-id — Specifies an existing VLAN ID.
  • Page 486: Interface Range Vlan

    If the command returns an error on one of the interfaces, an error message is displayed and execution of the command continues on the other interfaces. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-range | all} vlan-range —...
  • Page 487: Name

    No name is defined. Command Mode Interface Configuration (VLAN) mode. Cannot be configured for a range of interfaces (range context). SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide string string — Unique name to be associated with this VLAN. (Range: 1-32 characters)
  • Page 488: Switchport Mode

    Default Configuration All ports are in access mode, and belong to the default VLAN (whose VID=1). SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide access — Indicates an untagged layer 2 VLAN port. trunk — Indicates a trunking layer 2 VLAN port.
  • Page 489: Switchport Protected

    Use the no form of this command to disable overriding the FDB decision. Syntax switchport protected {ethernet port | port-channel port-channel-number} no switchport protected Parameters • • Default Configuration Switchport protected is disabled. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide port — Uplink Ethernet port. port-channel-number — Uplink port-channel.
  • Page 490: Switchport Access Vlan

    Syntax switchport access vlan { no switchport access vlan SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Private VLAN Edge (PVE) only operates on interfaces that do not have an IP address. PVE only operates on interfaces that do not belong to VLANs that have IP addresses.
  • Page 491: Switchport Access Multicast-Tv Vlan

    VLANs. Use the no form of this command to disable receiving Multicast transmissions. Syntax switchport access multicast-tv vlan no switchport access multicast-tv vlan SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-id — Specifies the ID of the VLAN to which the port is configured. vlan-id...
  • Page 492: Switchport Trunk Allowed Vlan

    VLANs to or from a trunk port. Syntax switchport trunk allowed vlan {add Parameters • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-id — Specifies the ID of the VLAN to which the port is configured. vlan-list — List of VLAN IDs to be added. Separate nonconsecutive VLAN IDs with a comma and no spaces.
  • Page 493: Switchport Trunk Native Vlan

    Syntax switchport trunk native vlan no switchport trunk native vlan Parameters • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-list — remove List of VLAN IDs to be removed. Separate nonconsecutive VLAN IDs with a comma and no spaces. A hyphen designates a range of IDs.
  • Page 494: Switchport General Allowed Vlan

    The switchport general allowed vlan Interface Configuration mode command adds or removes VLANs from a general port. Syntax switchport general allowed vlan add switchport general allowed vlan remove SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-list [tagged | untagged] vlan-list...
  • Page 495 Console(config-if)# switchport mode general Console(config-if)# switchport general allowed vlan add 2,5-6 tagged SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-list — Specifies the list of VLAN IDs to be added. Separate nonconsecutive VLAN IDs with a comma and no spaces. A hyphen designates a range of IDs.
  • Page 496: Switchport General Pvid

    The following example configures the PVID for Ethernet port 1, when the interface is in general mode. Console(config)# interface ethernet 1 Console(config-if)# switchport mode general Console(config-if)# switchport general pvid 234 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-id vlan-id — Specifies the PVID (Port VLAN ID).
  • Page 497: Switchport General Ingress-Filtering Disable

    User Guidelines There are no user guidelines for this command. Example The following example disables port ingress filtering on Ethernet port 1 Console(config)# interface ethernet 1 Console(config-if)# switchport mode general Console(config-if)# switchport general ingress-filtering disable SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 498: Switchport General Acceptable-Frame-Type Tagged-Only

    There are no user guidelines for this command. Example The following example configures Ethernet port 1 to discard untagged frames at ingress. Console(config)# interface ethernet 1 Console(config-if)# switchport mode general Console(config-if)# switchport general acceptable-frame-type tagged-only SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 499: Switchport Customer Vlan

    There are no user guidelines for this command. Example The following example configures Ethernet port 1 to discard untagged frames at ingress. Console(config)# interface ethernet 1 Console(config-if)# switchport customer vlan SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-id vlan-id — VLAN ID of the customer.
  • Page 500: Switchport Customer Multicast-Tv Vlan

    The following example configures port e1 to enable receiving Multicast transmissions from a VLAN that is not the customer port’s VLAN. Console (config-if)# switchport customer multicast-tv vlan add 3000 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-list — List of Multicast TV VLANs. vlan-list...
  • Page 501: Switchport Forbidden Vlan

    User Guidelines This command can be used to prevent GVRP from automatically making the specified VLANs active on the selected ports. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-list vlan-list — Specifies the list of VLAN IDs to be added. Separate nonconsecutive VLAN IDs with a comma and no spaces.
  • Page 502: Show Interfaces Protected-Ports

    Use the show interfaces protected-ports EXEC command to show protected ports configuration. This command is supported in SPS20xx devices. NOTE Syntax show interfaces protected-ports Default Configuration Defaults Command Mode EXEC Example Console> show interfaces protected Interface ---------- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide State ---------------- Unprotected...
  • Page 503: Show Protected-Ports Fastethernet

    This command is supported in SPS2xx devices. NOTE Syntax show protected-ports fastethernet Default Configuration Defaults Command Mode EXEC Example Console> show protected-ports fastethernet GE protected-ports state: FE protected-ports state: SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Protected Protected Protected Unprotected Protected...
  • Page 504: Show Vlan

    User Guidelines There are no user guidelines for this command. Example The following example displays all VLAN information. Console# show vlan VLAN ---- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide vlan-id vlan-name | name vlan-id — specifies a VLAN ID vlan-name —...
  • Page 505: Show Vlan Multicast-Tv

    No user guidelines for this command. Example The following example displays information on the source ports and receiver ports of Multicast-TV VLAN. Console # show vlan multicast-tv vlan 1000 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide VLAN0030 static VLAN0031 static VLAN0011...
  • Page 506: Show Interfaces Switchport

    This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Receiver Ports ---------------------- e1-e4, e12-e18, e22-e24 interface — A valid Ethernet port number.
  • Page 507 Protected: Enabled, Uplink is 2 Port is member in: Vlan ---- Forbidden VLANS: VLAN ---- Classification rules: Protocol-based VLANs: Group ID ---- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Name Egress rule Port Membership Type ------ ----------- -------- Untagged Static Tagged Static...
  • Page 508: Chapter 35: Web Server Commands

    Command Mode Global Configuration mode User Guidelines Only a user with access level 15 can use the Web server. Example The following example enables configuring the device from a browser. Console(config)# ip http server SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 509: Ip Http Port

    Usage Guidelines Specifying 0 as the port number effectively disables HTTP access to the device. Examples Console(config)# ip http port 100 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide port-number — Port number for use by the HTTP server. Range: 0 - 65534...
  • Page 510: Ip Http Exec-Timeout

    Example The following example sets the interval that the system waits to user input in http sessions before automatic logoff. Console(config)# ip http exec-timeout 10 [30] SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide minutes seconds minutes — Integer that specifies the number of minutes. Range: 1 - 65535.
  • Page 511: Ip Https Server

    Global Configuration mode User Guidelines Use the crypto certificate generate Global Configuration mode command to generate an HTTPS certificate. Example The following example enables configuring the device from a secured browser. Console(config)# ip https server SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 512: Ip Https Port

    Specifying 0 as the port number effectively disables HTTP access to the device. Example The following example configures the https port number to 100. Console(config)# ip https port 100 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide port-number port-number — Port number to be used by the HTTP server. Range: 0-...
  • Page 513: Ip Https Exec-Timeout

    Example The following example set the interval that the system waits to user input in https sessions before automatic logoff. Console(config)# ip https exec-timeout SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide minutes seconds minutes — Integer that specifies the number of minutes. Range: 1 - 65535.
  • Page 514: Ip Https Certificate

    Usage Guidelines You should use the crypto certificate generate command in order to generate an HTTPS certificate. Examples Console(config)# ip https certificate 1 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide number — Specifies the certificate number. Range: 1 digit, product specific...
  • Page 515: Show Ip Http

    Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the HTTP server configuration. Console# show ip http HTTP server enabled. Port: 80 Interactive timeout: 10 minutes SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 516: Show Ip Https

    Certificate 2 is active. Issued by : C= Valid From: Apr 30 22:16:01 2003 GMT SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide , ST= , L= , CN=10.6.41.138, O= , OU= , ST= , L= , CN=10.6.41.138, O= , OU= , ST= , L= , CN=10.6.41.138, O= , OU=...
  • Page 517 Web Server Commands show ip https Valid to: Apr 29 22:16:01 2004 GMT Subject: C= SHA1 Fingerprint: 3DBDF89B 6B3E46A2 4255D023 42A361F2 90ED7042 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide , ST= , L= , CN=10.6.41.138, O= , OU=...
  • Page 518: Chapter 36: 802.1X Commands

    RADIUS None Default Configuration No authentication method is defined. Command Mode Global Configuration mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide method1 method1 method2 ...] — Specify at least one method from the following list: Description Uses the list of all RADIUS servers for...
  • Page 519: Dot1X System-Auth-Control

    802. 1 x globally. Use the no form of this command to restore the default configuration. Syntax dot1x system-auth-control no dot1x system-auth-control Default Configuration 802. 1 x is disabled globally. Command Modes Global Configuration mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 520: Dot1X Port-Control

    • • • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide auto — Enables 802. 1 x authentication on the interface and causes the port to transition to the authorized or unauthorized state based on the 802. 1 x authentication exchange between the port and the client.
  • Page 521: Dot1X Re-Authentication

    The dot1x re-authentication Interface Configuration mode command enables periodic re-authentication of the client. Use the no form of this command to restore the default configuration. Syntax dot1x re-authentication no dot1x re-authentication Default Configuration Periodic re-authentication is disabled. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 522: Dot1X Timeout Re-Authperiod

    Syntax dot1x timeout re-authperiod no dot1x timeout re-authperiod Parameters • Default Configuration Re-authentication period is 3600 seconds. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide seconds seconds — Number of seconds between re-authentication attempts. (Range: 300-4294967295)
  • Page 523: Dot1X Re-Authenticate

    802. 1 x-enabled ports or the specified 802. 1 x-enabled port. Syntax dot1x re-authenticate [ethernet Parameters • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface interface — Valid Ethernet port.
  • Page 524: Dot1X Timeout Quiet-Period

    Default Configuration Quiet period is 60 seconds. Command Mode Interface Configuration (Ethernet) mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide seconds seconds — Specifies the time in seconds that the device remains in the quiet state following a failed authentication exchange with the client.
  • Page 525: Dot1X Timeout Tx-Period

    Syntax dot1x timeout tx-period no dot1x timeout tx-period Parameters • SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide seconds seconds — Specifies the time in seconds that the device waits for a response to an EAP-request/identity frame from the client before resending...
  • Page 526: Dot1X Max-Req

    (EAP)-request/identity frame (assuming that no response is received) to the client, before restarting the authentication process. Use the no form of this command to restore the default configuration. Syntax dot1x max-req no dot1x max-req SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide count...
  • Page 527: Dot1X Timeout Supp-Timeout

    Extensible Authentication Protocol (EAP)-request frame to the client. Use the no form of this command to restore the default configuration. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide count — Number of times that the device sends an EAP-request/identity...
  • Page 528 The following example sets the timeout period before retransmitting an EAP- request frame to the client to 3600 seconds. Console(config)# interface ethernet e16 Console(config-if)# dot1x timeout supp-timeout 3600 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide seconds seconds — Time in seconds that the device waits for a response to an EAP- request frame from the client before resending the request.
  • Page 529: Dot1X Timeout Server-Timeout

    The following example sets the time for the retransmission of packets to the authentication server to 3600 seconds. Console(config)# interface ethernet e16 Console(config-if)# dot1x timeout server-timeout 3600 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide seconds seconds — Time in seconds that the device waits for a response from the...
  • Page 530: Show Dot1X

    There are no user guidelines for this command. Example The following example displays the status of 802. 1 x-enabled Ethernet ports. Console# show dot1x 802.1x is enabled Port ---- SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface interface — Valid Ethernet port. Admin Mode Oper Mode ----------...
  • Page 531 Authenticator State Machine State: HELD Backend State Machine State: IDLE Authentication success: 9 Authentication fails: 1 The following table describes the significant fields shown in the display. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Auto Unauthorized Force-auth Authorized Force-auth Unauthorized* Admin Mode...
  • Page 532 Supplicant timeout Server timeout Session Time MAC address Authentication Method SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description The port number. The port admin mode. Possible values: Force- auth, Force-unauth, Auto. The port oper mode. Possible values: Authorized, Unauthorized or Down.
  • Page 533: Show Dot1X Users

    Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description The reason for the session termination. The current value of the Authenticator PAE state machine and of the Backend state machine.
  • Page 534: Show Dot1X Statistics

    Authentication Method show dot1x statistics The show dot1x statistics Privileged EXEC mode command displays 802. 1 x statistics for the specified interface. Syntax show dot1x statistics ethernet SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Session Username Time dva5 00:00:06 admin 00:04:04 Description The port number.
  • Page 535 EapolLogoffFramesRx: 1 EapolRespIdFramesRx: 3 EapolRespFramesRx: 6 EapolReqIdFramesTx: 3 EapolReqFramesTx: 6 InvalidEapolFramesRx: 0 EapLengthErrorFramesRx: 0 LastEapolFrameVersion: 1 LastEapolFrameSource: 00:08:78:32:98:78 The following table describes the significant fields shown in the display: SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface — Valid Ethernet port.
  • Page 536 EapolReqFramesTx InvalidEapolFramesRx EapLengthErrorFramesRx LastEapolFrameVersion LastEapolFrameSource SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Description The number of valid EAPOL frames of any type that have been received by this Authenticator. The number of EAPOL frames of any type that have been transmitted by this Authenticator.
  • Page 537: Advanced Features

    For a general port, the PVID can be an unauthenticated VLAN (although only tagged packets are accepted in the unauthorized state.) Example The following example enables access to the VLAN to unauthorized devices. Console(config)# interface vlan 5 Console(config-if)# dot1x auth-not-req SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 538: Dot1X Multiple-Hosts

    NOT encrypted, and after successful authentication, filtering is based on the source MAC address only. For unauthenticated VLANs, multiple hosts are always enabled. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide authentication — Specifies that each station should be 802. 1 x...
  • Page 539: Dot1X Radius-Attributes Vlan

    VLAN assignment. Use the no form of this command to disable user- based VLAN assignment. Syntax dot1x radius-attributes vlan no dot1x radius-attributes vlan Parameters This command has no arguments or keywords. Default Configuration Disabled. Command Mode Interface configuration (Ethernet) SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 540: Dot1X Single-Host-Violation

    Default Configuration Frames with source addresses that are not the supplicant address are discarded. No Traps. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide User-based VLAN assignment is supported only in 802. 1 x multiple sessions. The configuration of the parameter is allowed only when the port is Forced Authorized or Forced Unauthorized.
  • Page 541: Dot1X Bpdu

    Use the dot1x bpdu global configuration command to define 802. 1 x BPDU handling when 802. 1 x is globally disabled. Use the no form of this command to return to default. Syntax dot1x bpdu {filtering | bridging} no dot1x bpdu SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 542: Usage Guidelines

    802. 1 X but 802. 1 X is enabled globally, 802. 1 X BPDUs would always be discarded. Examples Console(config)# dot1x bpdu bridging SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide filtering — Specify that when 802. 1 x is globally disabled, 802. 1 x BPDU packets would be filtered.
  • Page 543: Show Dot1X Bpdu

    EXEC User Guidelines There are no user guidelines for this command. Examples Switch# show dot1x bpdu 802.1X BPDU packets are trapped for the 802.1X protocol. Switch# show dot1x bpdu 802.1X BPDU packets are filtered. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 544: Dot1X Guest-Vlan

    To be able to join or leave the guest VLAN, the port should not be a static member of the guest VLAN. Example The following example defines VLAN 2 as a guest VLAN. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 545: Dot1X Guest-Vlan Enable

    A device can have only one global guest VLAN. The guest VLAN is defined using the dot1x guest-vlan Interface Configuration mode command. Example The following example enables unauthorized users on Ethernet port e1 to access the guest VLAN. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 546: Dot1X Mac-Authentication

    Guest VLAN must be enabled, when MAC authentication is enabled. Static MAC addresses can’t be authorized. Do not change authenticated MAC address to static address. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide mac-only — Enable authentication based on the station’s MAC address only. 802. 1 X frames are ignored.
  • Page 547: Show Dot1X Advanced

    Syntax show dot1x advanced [ethernet Parameters • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide interface interface — Valid Ethernet port.
  • Page 548 Unauthenticated VLANs: 91,92 Interface --------- Console# show dot1x advanced ethernet e1 Guest VLAN: 2 Unauthenticated VLANs: 91,92 Interface --------- Trap: Enabled Trap frequency: 100 SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Multiple Guest Hosts VLAN --------- ------------ -------------- Disabled Enabled Enabled...
  • Page 549: Appendix A: Alias Names

    Input parameter variations and/or returned responses for commands launched with alias names are defined in the native command’s description in this guide. Alias names are supported by the SPS208G, SPS224G4, and SPS2024 switches. NOTE Native Command...
  • Page 550: Appendix B: Where To Go From Here

    Cisco Partner Central (requires partner registration and login) Cisco Small Medium Business Product Information Related Documentation For additional information about the Ethernet switches, see the SPS208G/ SPS224G4/SPS2024 Ethernet Switches Administration Guide. SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide Link www.cisco.com/web/partners/sell/smb/ www.cisco.com/go/smallbiz...
  • Page 551: Appendix C: Additional Information

    Warranty information that applies to this product is available on Cisco.com at the following location: www.cisco.com/go/smallbiz End User License Agreement (EULA) Licensing information that applies to this product is available on Cisco.com at the following location: www.cisco.com/go/smallbiz SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...
  • Page 552: Appendix D: Support Contacts

    Support Contacts Support contact information for this product is available on Cisco.com at the following location: www.cisco.com/go/smallbiz SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide...

This manual is also suitable for:

Sps224g4Sps208g

Table of Contents