Page 1: Cli Reference Guide
Dell™ PowerConnect™ PCM6220, PCM6348, PCM8024 CLI Reference Guide Model PCM6220, PCM6348, PCM8024 w w w . d e l l . c o m | s u p p o r t . d e l l . c o m...
Page 2 Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden. Trademarks used in this text: Dell, the DELL logo, PowerEdge, PowerConnect, and OpenManage are trademarks of Dell Inc.; Microsoft and Windows are either trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries; sFlow is a registered trademark of InMon Corporation.
Page 3: Table Of Contents
Contents Command Groups Introduction ........Command Groups .
Page 4 enable password ....... . ip http authentication ......ip https authentication .
Page 5 bridge multicast forbidden forward-unregistered ....bridge multicast forward-all ......bridge multicast forward-unregistered .
Page 6 show isdp neighbors ......show isdp traffic ....... . . DHCP Layer 2 Relay Commands dhcp l2relay (Interface Configuration) .
Page 7 ip arp inspection filter ......ip arp inspection limit ......ip arp inspection trust .
Page 8 shutdown ........speed ........storm-control broadcast .
Page 9 ip igmp snooping maxresponse ......ip igmp snooping mcrtrexpiretime ..... . 15 IGMP Snooping Querier Commands ip igmp snooping querier election participate .
Page 10 show ip interface out-of-band ......17 IPv6 Access List Commands ipv6 access-list ....... . . ipv6 access-list rename .
Page 11 show lacp ethernet ......show lacp port-channel ......21 Link Dependency Commands no link-dependency group .
Page 12 show lldp ........show lldp interface .
Page 13 hashing-mode ....... . . no hashing-mode ....... . show interfaces port-channel .
Page 14 match dstip6 ........match dstl4port ....... . . match ethertype .
Page 15 show policy-map interface ......show service-policy ......traffic-shape .
Page 16 28 Spanning Tree Commands exit (mst) ........instance (mst) .
Page 17 spanning-tree port-priority ......spanning-tree priority ......spanning-tree tcnguard .
Page 18 show vlan ........show vlan association mac .
Page 19 32 802.1X Commands dot1x max-req ....... . . dot1x max-users .
Page 20 arp dynamicrenew ....... . arp purge ........arp resptime .
Page 21 show ipv6 dhcp pool ......show ipv6 dhcp statistics ......37 DVMRP Commands ip dvmrp metric .
Page 22 ip igmp router-alert-optional ......39 IGMP Proxy Commands ip igmp-proxy reset-status ......ip igmp-proxy unsolicited-report-interval .
Page 23 show ip interface ....... show ip protocols ....... show ip route .
Page 24 ipv6 pimsm rp-candidate ......ipv6 pimsm spt-threshold ......ipv6 pimsm ssm .
Page 25 ipv6 nd ns-interval ....... ipv6 nd other-config-flag ......ipv6 nd prefix .
Page 26 show ipv6 route preferences ......show ipv6 route summary ......show ipv6 traffic .
Page 27 show ip mcast interface ......show ip mcast mroute ......show ip mcast mroute group .
Page 28 auto-cost ........bandwidth ........capability opaque .
Page 29 show ip ospf ........show ip ospf abr .
Page 30 area stub no-summary ......area virtual-link ....... . . area virtual-link dead-interval .
Page 31 show ipv6 ospf ....... . . show ipv6 ospf abr .
Page 32 show ip pimsm rphash ......51 Router Discovery Protocol Commands ip irdp address .
Page 33 53 Tunnel Interface Commands show interfaces tunnel ......tunnel destination ....... tunnel mode ipv6ip .
Page 34 57 Captive Portal Commands authentication timeout ......captive-portal ........enable .
Page 35 show captive-portal user ......user group ........user name .
Page 36 clock summer-time recurring ......clock summer-time date ......no clock summer-time .
Page 37 dos-control tcpflag ....... dos-control tcpfrag ....... ip icmp echo-reply .
Page 38 passwords min-length ......show passwords configuration ......64 PHY Diagnostics Commands show copper-ports tdr .
Page 39 debug ip igmp 1014 ....... . . debug ip mcache 1015 .
Page 40 show sflow polling 1034 ......show sflow sampling 1035 ......68 SNMP Commands show snmp engineID 1039...
Page 41 ip ssh port 1064 ........ip ssh pubkey-auth 1064 .
Page 42 71 System Management Commands asset-tag 1088 ........banner motd 1089 .
Page 43 show version 1120 ........stack 1121 ........stack-port 1122 .
Page 44 ip https certificate 1144 ....... ip https port 1144 ........ip https server 1145 .
Page 45: Command Groups
Command Groups Introduction The Command Line Interface (CLI) is a network management application operated through an ASCII terminal without the use of a Graphic User Interface (GUI) driven software application. By directly entering commands, the user has greater configuration flexibility. The CLI is a basic command-line interpreter similar to the UNIX C shell.
Page 46: Layer 3 Commands
(continued) Table 1-1. System Command Groups Command Group Description DHCP Snooping Configures DHCP snooping and whether an interface is trusted for filtering. Dynamic ARP Inspection Configures for rejection of invalid and malicious ARP packets. Ethernet Configuration Configures all port configuration options for example ports, storm control, port speed and auto-negotiation.
Page 47: Utility Commands
(continued) Table 1-1. System Command Groups Command Group Description DHCPv6 Configures IPv6 DHCP functions. DVMRP (Mcast) Configures DVMRP operations. IGMP (Mcast) Configures IGMP operations. IGMP Proxy (Mcast) Manages IGMP Proxy on the system. IP Helper Configures relay of UDP packets. IP Routing (IPv4) Configures IP routing and addressing.
Page 48 (continued) Table 1-1. System Command Groups Command Group Description PHY Diagnostics Diagnoses and displays the interface status. RMON Can be configured through the CLI and displays RMON information. Serviceability Tracing Controls display of debug output to serial port or telnet console. sFlow Configures sFlow monitoring.
Page 49 Mode Types The tables on the following pages use these abbreviations for Command Mode names. • ARPA — ARP ACL Configuration • CC — Crypto Configuration • CP — Captive Portal Configuration • CPI — Captive Portal Instance • CMC — Class-Map Configuration •...
Page 50: Layer 2 Commands
• UE — User EXEC • VLAN — VLAN Configuration • v6ACL — IPv6 Access List Configuration • v6CMC • v6DP — IPv6 DHCP Pool Configuration Layer 2 Commands Command Description Mode* aaa authentication dot1x Specifies one or more authentication, authorization and accounting (AAA) methods for use on interfaces running IEEE 802.1X.
Page 51: Deny|Permit
Command Description Mode* access-list Creates an Access Control List (ACL) that is identified by accesslistnumber. the parameter deny|permit The deny command denies traffic if the conditions defined in the deny statement are matched. The permit command allows traffic if the conditions defined in the permit statement are matched.
Page 52: Address Table Commands
Address Table Command Description Mode* bridge address Adds a static MAC-layer station source address to the bridge table. bridge aging-time Sets the address table aging time. bridge multicast address Registers MAC-layer Multicast addresses to the bridge table, and adds static ports to the group. bridge multicast filtering Enables filtering of Multicast addresses.
Page 53: Switchport Voice Detect Auto
Command Description Mode* switchport voice detect auto Enables the VoIP Profile on all the interfaces of the switch. GC/IC *NOTE: For the meaning of each Mode abbreviation, see "Mode Types" on page 49. CDP Interoperability Command Description Mode* clear isdp counters Clears the ISDP counters.
Page 54 DHCP Snooping Command Description Mode* clear ip dhcp snooping binding Clears all DHCP Snooping entries. clear ip dhcp snooping statistics clears all DHCP Snooping statistics. ip dhcp snooping Enables DHCP snooping globally or on a specific VLAN. GC/IC ip dhcp snooping binding Configures a static DHCP Snooping binding.
Page 55 Command Description Mode* ip arp inspection trust Configures an interface as trusted for Dynamic ARP Inspection. ip arp inspection validate Enables additional validation checks like source MAC address validation, destination MAC address validation or IP address validation on the received ARP packets. ip arp inspection vlan Enables Dynamic ARP Inspection on a single VLAN or a range of VLANs.
Page 56: Shutdown
Command Description Mode* show interfaces configuration Displays the configuration for all configured interfaces. show interfaces counters Displays traffic seen by the physical interface. show interfaces description Displays the description for all configured interfaces. show interfaces status Displays the status for all configured interfaces. show statistics ethernet Displays statistics for one port or for the entire switch.
Page 57: Ip Igmp Snooping (Interface)
IGMP Snooping Command Description Mode* ip igmp snooping (Global) In Global Config mode, Enables Internet Group Management Protocol (IGMP) snooping. ip igmp snooping (Interface) Enables Internet Group Management Protocol (IGMP) snooping on a specific VLAN. ip igmp snooping host-time-out Configures the host-time-out. ip igmp snooping leave-time-out Configures the leave-time-out.
Page 58: Ip Igmp Snooping Querier Timer Expiry
Command Description Mode* ip igmp snooping querier timer Sets the IGMP Querier timer expiration period. expiry ip igmp snooping querier version Sets the IGMP version of the query that the snooping switch is going to send periodically. show igmp snooping querier Displays IGMP Snooping Querier information.
Page 59: Show Ip Interface Out-Of-Band
Command Description Mode* show ip interface out-of-band Disables DHCP/BOOTP on the OOB port. *NOTE: For the meaning of each Mode abbreviation, see "Mode Types" on page 49. IPv6 ACL Command Description Mode* {deny | permit} Creates a new rule for the current IPv6 access list. v6ACL ipv6 access-list Creates an IPv6 Access Control List (ACL) consisting of...
Page 60: Ipv6 Mld Snooping Querier (Vlan Mode)
IPv6 MLD Snooping Querier Command Description Mode* ipv6 mld snooping querier Enables MLD Snooping Querier on the system or on a VLAN. VLAN ipv6 mld snooping querier address Sets the global MLD Snooping Querier address on the system or on a VLAN. VLAN ipv6 mld snooping querier election Enables the Snooping Querier to participate in the Querier...
Page 61: Add Port-Channel
Command Description Mode* no add ethernet Removes member Ethernet port(s) from the Link Dependency dependency list. add port-channel Adds member port-channels to the dependency Link Dependency list. no add port-channel Removes member port-channels from the Link Dependency dependency list. depends-on ethernet Adds the dependent Ethernet ports list.
Page 62: Show Lldp Med
Command Description Mode* show lldp statistics Displays the current LLDP traffic statistics. lldp med Enables/disables LLDP-MED on an interface. lldp med transmit-tlv Spwcifies which optional TLVs in the LLDP MED set are transmitted in the LLDPDUs. lldp med faststartrepeatcount Sets the value of the fast start repeat count. lldp med confignotification Enables sending the topology change notifications.
Page 63: Speed
Command Description Mode* speed Configures the speed of all member ports in the aggregator group/zone. For the meaning of each Mode abbreviation, see "Mode Types" on page 49. Port Channel Command Description Mode* channel-group Associates a port with a port-channel. interface port-channel Enters the interface configuration mode of a specific port-channel.
Page 64 Command Description Mode* match-all match-any, class-map Defines a new DiffServ class of type match-access-group match-all . For now, only is available in the CLI. class-map rename Changes the name of a DiffServ class. classofservice dotlp-mapping Maps an 802.1p priority to an internal traffic class for a GC and switch.
Page 65 Command Description Mode* match dstl4port Adds to the specified class definition a match condition based on the destination layer 4 port of a packet using a single keyword, or a numeric notation. match ethertype Adds to the specified class definition a match condition based on the value of the ethertype.
Page 66 Command Description Mode* show class-map Displays all configuration information for the specified class. show classofservice dotlp-mapping Displays the current Dot1p (802.1p) priority mapping to internal traffic classes for a specific interface. show classofservice ip-dscp- Displays the current IP DSCP mapping to internal traffic mapping classes for a specific interface.
Page 67 Command Description Mode* Sets the authentication and encryption key for all RADIUS communications between the switch and the RADIUS daemon msgauth Enables the message authenticator attribute to be used for the RADIUS Authenticating server being configured. name Assigns a name to a RADIUS server. primary Specifies that a configured server should be the primary server in the group of authentication servers which have the...
Page 68 Spanning Tree Command Description Mode* clear spanning-tree detected- Restarts the protocol migration process on all interfaces or protocols on the specified interface. exit (mst) Exits the MST configuration mode and applies configuration changes. instance (mst) Maps VLANs to an MST instance. name (mst) Defines the MST configuration name.
Page 69: Port
Command Description Mode* spanning-tree mst cost Configures the path cost for multiple spanning tree (MST) calculations. spanning-tree mst port-priority Configures port priority. spanning-tree mst priority Configures the switch priority for the specified spanning tree instance. spanning-tree pathcost method Configures the spanning tree default pathcost method spanning-tree portfast Enables PortFast mode.
Page 70: Interface Vlan
VLAN Command Description Mode* dvlan-tunnel ethertype Configures the EtherType for the interface. interface vlan Enters the interface configuration (VLAN) mode. interface range vlan Enters the interface configuration mode to configure multiple VLANs. mode dvlan-tunnel Enables Double VLAN tunneling on the specified interface IC name Configures a name to a VLAN.
Page 71: Switchport Mode
Command Description Mode* switchport mode Configures the VLAN membership mode of a port. switchport protected Sets the port to Protected mode. switchport protected name Configures a name for a protected group switchport trunk allowed vlan Adds or removes VLANs from a port in general mode. vlan Creates a VLAN.
Page 72 Command Description Mode* dot1x max-users Sets the maximum number of clients supported on the port when MAC-based 802.1X authentication is enabled on the port. dot1x port-control Enables manual control of the authorization state of the port. dot1x re-authenticate Manually initiates a re-authentication of all 802.1X-enabled ports or a specified 802.1X enabled port.
Page 73: Layer 3 Commands
Command Description Mode* *NOTE: For the meaning of each Mode abbreviation, see "Mode Types" on page 49. Layer 3 Commands ARP (IPv4) Command Description Mode* Creates an Address Resolution Protocol (ARP) entry. arp cachesize Configures the maximum number of entries in the ARP cache.
Page 74: Dns-Server
Command Description Mode* *NOTE: For the meaning of each Mode abbreviation, see "Mode Types" on page 49. DHCPv6 Command Description Mode* clear ipv6 dhcp Clears DHCPv6 statistics for all interfaces or for a specific interface. dns-server Sets the ipv6 DNS server address which is provided to a v6DP DHCPv6 client by the DHCPv6 server.
Page 75 Command Description Mode* show ip dvmrp Displays the system-wide information for DVMRP. show ip dvmrp interface Displays the interface information for DVMRP on the specified interface. show ip dvmrp neighbor Displays the neighbor information for DVMRP. isplays the next hop information on outgoing show ip dvmrp nexthop interfaces for routing multicast datagrams.
Page 76: Ip Igmp Router-Alert-Optional
Command Description Mode* show ip igmp interface Displays the IGMP information for the specified interface. PE show ip igmp interface membership Displays the list of interfaces that have registered in the multicast group. show ip igmp interface stats Displays the IGMP statistical information for the interface.
Page 77: Ip Helper-Address (Global Configuration)
IP Helper Command Description Mode* clear ip helper statistics Resets (to 0) the statistics displayed in show ip helper statistics. ip helper-address (global Configures the relay of certain UDP broadcast packets configuration) received on any interface. ip helper-address (interface Configures the relay of certain UDP broadcast packets configuration) received on a specific interface.
Page 78: Show Ip Route Summary
Command Description Mode* show ip route summary Shows the number of all routes, including best and non- best routes. show ip stats Displays IP statistical information show ip vlan Displays the VLAN routing information for all VLANs with routing enabled. *NOTE: For the meaning of each Mode abbreviation, see "Mode Types"...
Page 79 Command Description Mode* show ipv6 pimsm interface Displays interface config parameters. show ipv6 pimsm neighbor Displays IPv6 PIMSM neighbors learned on the routing interfaces. show ipv6 pimsm rphash Displays which rendezvous point (RP) is being selected for a specified group. show ipv6 pimsm rp mapping Displays all group-to-RP mappings of which the router is aware (either configured or learned from the BSR).
Page 80: Ipv6 Nd Ns-Interval
Command Description Mode* ipv6 mld query-max-response-time Sets MLD querier's maximum response time for the interface. ipv6 mld router Enables MLD in the router in global configuration mode and for a specific interface in interface configuration mode. ipv6 mtu Sets the maximum transmission unit (MTU) size, in bytes, of IPv6 packets on an interface.
Page 81: Show Ipv6 Brief
Command Description Mode* show ipv6 brief Displays the IPv6 status of forwarding mode and IPv6 unicast routing mode. show ipv6 interface Shows the usability status of IPv6 interfaces. show ipv6 mld groups Displays information about multicast groups that MLD reported. show ipv6 mld interface Displays MLD related information for an interface.
Page 82: Loopback Interface
Loopback Interface Command Description Mode* interface loopback Enters the Interface Loopback configuration mode. show interface loopback Displays information about configured loopback interfaces. PE *NOTE: For the meaning of each Mode abbreviation, see "Mode Types" on page 49. Multicast Command Description Mode* ip mcast boundary Adds an administrative scope multicast boundary.
Page 83 Command Description Mode* show bridge multicast Displays statistical information about the entries in the address-table count multicast address table. show ip mcast Displays the system-wide multicast information. show ip mcast boundary Displays the system-wide multicast information. show ip mcast interface Displays the multicast information for the specified interface.
Page 84 Command Description Mode* area range Creates a specified area range for a specified NSSA. ROSPF area stub Creates a stub area for the specified area ID. ROSPF area stub no-summary Prevents Summary LSAs from being advertised into the ROSPF NSSA. area virtual-link Creates the OSPF virtual interface for the specified area-id ROSPF...
Page 85: Show Ip Ospf
Command Description Mode* ip ospf authentication Sets the OSPF Authentication Type and Key for the specified interface. ip ospf cost Configures the cost on an OSPF interface. ip ospf dead-interval Sets the OSPF dead interval for the specified interface. ip ospf hello-interval Sets the OSPF hello interval for the specified interface.
Page 86: Show Ip Ospf Interface
Command Description Mode* show ip ospf database database- Displays the number of each type of LSA in the database for summary each area and for the router. show ip ospf interface Displays the information for the IFO object or virtual interface tables.
Page 87: Area Nssa Translator-Stab-Intv
Command Description Mode* area nssa translator-stab-intv Configures the translator stability interval of the NSSA. ROSV3 area range Creates an area range for a specified NSSA. ROSV3 area stub Creates a stub area for the specified area ID. ROSV3 area stub no-summary Disables the import of Summary LSAs for the stub area ROSV3 areaid.
Page 88 Command Description Mode* ipv6 ospf retransmit-interval Sets the OSPF retransmit interval for the specified interface. ipv6 ospf transmit-delay Sets the OSPF Transmit Delay for the specified interface. ipv6 router ospf Enters Router OSPFv3 Configuration mode. maximum-paths Sets the number of paths that OSPF can report for a given ROSV3 destination.
Page 89 Command Description Mode* show ipv6 ospf virtual-link brief Displays the OSPFV3 Virtual Interface information for all areas in the system. trapflags Enables OSPF traps ROSV3 *NOTE: For the meaning of each Mode abbreviation, see "Mode Types" on page 49. PIM-DM Command Description Mode*...
Page 90 Command Description Mode* ip pimsm query-interval Configures the transmission frequency of hello messages in seconds between PIM enabled neighbors. ip pimsm register-rate-limit Sets the Register Threshold rate for the RP (Rendezvous Point) router to switch to the shortest path. ip pimsm spt-threshold Configures the threshold rate for the RP router to switch to the shortest path.
Page 91: Tunnel Interface Commands
Routing Information Protocol Command Description Mode* auto-summary Enables the RIP auto-summarization mode. default-information originate Controls the advertisement of default routes. default-metric Sets a default for the metric of distributed routes. distance rip Sets the route preference value of RIP in the router. distribute-list out Specifies the access list to filter routes received from the source protocol.
Page 92: Tunnel Mode Ipv6Ip
Command Description Mode* tunnel mode ipv6ip Specifies the mode of the tunnel. tunnel source Specifies the source transport address of the tunnel, either explicitly or by reference to an interface. *NOTE: For the meaning of each Mode abbreviation, see "Mode Types" on page 49. Virtual Router Redundancy Command Description...
Page 93: Utility Commands
Utility Commands Auto Config Command Description Mode* boot host auto-save Enables/disables automatically saving the downloaded configuration on the switch. boot host dhcp Enables/disables Auto Config on the switch. boot host retry-count Set the number of attempts to download a configuration. show boot Displays the current status of the Auto Config process.
Page 94: Session-Timeout
Command Description Mode* redirect-url Configures the redirect URL for a captive portal configuration, session-timeout Configures the session timeout for a captive portal configuration. verification Configures the verification mode for a captive portal configuration. captive-portal client Deauthenticates a specific captive portal client. deauthenticate show captive-portal client status Displays client connection details or a connection summary...
Page 95: User Group Name
Command Description Mode* user group moveusers Moves a group's users to a different group. user group name Configures a group name. *NOTE: For the meaning of each Mode abbreviation, see "Mode Types" on page 49. Clock Command Description Mode* show clock Displays the time and date of the system clock.
Page 96 Command Description Mode* clear config Restores switch to default configuration copy Copies files from a source to a destination. delete backup-image Deletes a file from a flash memory. delete backup-config Deletes the backup configuration file delete startup-config Deletes the startup configuration file. filedescr Adds a description to a file.
Page 97: History
Command Description Mode* ip icmp echo-reply Enables or disables the generation of ICMP Echo Reply messages. ip icmp error-interval Limits the rate at which IPv4 ICMP error messages are sent. GC ip icmp unreachables Enables the generation of ICMP Destination Unreachable messages.
Page 98: Password Management
Command Description Mode* *NOTE: For the meaning of each Mode abbreviation, see "Mode Types" on page 49. Password Management Command Description Mode* passwords aging Implements aging on the passwords such that users are required to change passwords when they expire. passwords history Enables the administrator to set the number of previous passwords that are stored to ensure that users do not reuse...
Page 99 Command Description Mode* rmon collection history Enables a Remote Monitoring (RMON) MIB history statistics group on an interface. rmon event Configures an RMON event. show rmon alarm Displays alarm configurations. show rmon alarm-table Displays the alarms summary table. the requested group of statistics. show rmon collection history Displays show rmon events...
Page 100 Command Description Mode* debug ipv6 pimdm Traces PIMDMv6 packet reception and transmission. debug ipv6 pimsm Traces PIMSMv6 packet reception and transmission. debug isdp Traces ISDP packet reception and transmission. debug lacp Traces of LACP packets received and transmitted by the switch.
Page 101 Command Description Mode* show sflow sampling Displays the sFlow sampling instances created on the switch. *NOTE: For the meaning of each Mode abbreviation, see "Mode Types" on page 49. SNMP Command Description Mode* show snmp Displays the SNMP status. show snmp engineID Displays the SNMP engine ID.
Page 102 Command Description Mode* crypto key generate dsa Generates DSA key pairs for the switch. crypto key generate rsa Generates RSA key pairs for the switch. crypto key pubkey-chain ssh Enters SSH Public Key-chain configuration mode. ip ssh port Specifies the port to be used by the SSH server. ip ssh pubkey-auth Enables public key authentication for incoming SSH sessions.
Page 103 Command Description Mode* port Specifies the port number of syslog messages. show logging Displays the state of logging and the syslog messages stored in the internal buffer. show logging file Displays the state of logging and the syslog messages stored in the logging file.
Page 104: Show Version
Command Description Mode* show stack-port diag Displays front panel stacking diagnostics for each port. show stack-standby Shows the Standby configured in the stack. show supported switchtype Displays information about all supported switch types. show switch Displays information about the switch status. show switch chassis mgmt Shows the chassis slot of the IOMs in a stack show system...
Page 105: User Interface Commands
User Interface Command Description Mode* enable Enters the privileged EXEC mode. Gets the CLI user control back to the privileged execution mode or user execution mode. exit(configuration) Exits any configuration mode to the previously highest (All) mode in the CLI mode hierarchy. exit(EXEC) Closes an active terminal session by logging off the switch.
Page 106 Command Description Mode* show ip http Displays the HTTP server configuration. show ip https Displays the HTTPS server configuration. state Specifies the state or province name. *NOTE: For the meaning of each Mode abbreviation, see "Mode Types" on page 49. Usage Guidelines The commands in this document are supported across the PCM6220, PCM6348, and PCM8024 switches.
Page 107 Using the CLI Introduction This chapter describes the basics of entering and editing the Dell PowerConnect 62xx Series Command Line Interface (CLI) commands and defines the command hierarchy. It also explains how to activate the CLI and implement its major functions.
Page 108 • Show Command • Command Completion • Short Form Commands • Keyboard Shortcuts • Operating on Multiple Objects (Range) • Command Scripting • CLI Command Notation Conventions • Interface Naming Conventions History Buffer Every time a command is entered in the CLI, it is recorded in an internally managed Command First In First Out History buffer.
Page 109 Command Completion CLI can complete partially entered commands when the user presses the <tab> or <space> key. If a command entered is not complete, is not valid, or if some parameters of the command are not valid or missing, an error message is displayed to assist in entering the correct command. By pressing the <tab>...
Page 110 Keyboard Key Description <Ctrl>+<S> Disables serial flow <Ctrl>+<Z> Return to root command prompt <Tab, SPACE> Command-line completion Return to the root command prompt exit Go to next lower command prompt <?> List choices Operating on Multiple Objects (Range) The CLI allows the user to operate on the set of objects at the same time. The guidelines are as follows for range operation: •...
Page 111 Command Scripting The CLI can be used as a programmable management interface. To facilitate this function, any characters entered after the <!> character are treated as a comment and ignored by the CLI. Also, the CLI allows the user to disable session timeouts. CLI Command Notation Conventions When entering commands there are certain command-entry notations which apply to all commands.
Page 112 CLI Command Modes Since the set of CLI commands is very large, the CLI is structured as a command-tree hierarchy, where related command sets are assigned to command modes for easier access. At each level, only the commands related to that level are available to the user and only those commands are shown in the context sensitive help for that level.
Page 113 User EXEC Mode After logging into the switch, the user is automatically in the User EXEC command mode unless the user is defined as a privileged user. In general, the User EXEC commands allow the user to perform basic tests, and list system information. The user-level prompt consists of the switch host name followed by the angle bracket (>).
Page 114 • Router OSPFv3 Configuration — Global configuration mode command ipv6 router ospf is used to enter into the Router OSPFv3 Configuration mode. • IPv6 DHCP Pool Mode — Global configuration mode command ipv6 dhcp pool is used to enter into the IPv6 DHCP Pool mode. •...
Page 115 TACACS — Configures the parameters for the TACACS server. • • Radius — Configures the parameters for the RADIUS server. • SNMP Host Configuration — Configures the parameters for the SNMP server host. • SNMP v3 Host Configuration — Configures the parameters for the SNMP v3 server host. •...
Page 116 Command Mode Access Method Command Prompt Exit or Access Previous Mode Privileged EXEC Use the enable Use the exit console# command to enter into command, or press this mode. This mode is <Ctrl>+<Z> to password protected. return to the User EXEC mode.
Page 117 Command Mode Access Method Command Prompt Exit or Access Previous Mode MAC Access List From Global To exit to Global console(config-mac- Configuration mode, Configuration access-list)# use the mac access-list mode, use the exit command. command, or press <Ctrl>+<Z> to Privileged EXEC mode.
Page 118 Command Mode Access Method Command Prompt Exit or Access Previous Mode SNMP Host From Global To exit to Global console(config- Configuration Configuration mode, Configuration snmp)# use the snmp-server mode, use the exit command. command, or press <Ctrl>+<Z> to Privileged EXEC mode.
Page 119 Command Mode Access Method Command Prompt Exit or Access Previous Mode Logging From Global To exit to Global console(config- Configuration mode, Configuration logging)# use the logging mode, use the exit command. command, or press <Ctrl>+<Z> to Privileged EXEC mode. From Global To exit to Global console(config- Configuration mode,...
Page 120 Command Mode Access Method Command Prompt Exit or Access Previous Mode IPv6 DHCP Pool Mode From Global To exit to Global console(config- Configuration mode, Configuration dhcp6s-pool)# use the ipv6 dhcp pool mode, use the exit command. command, or press <Ctrl>+<Z> to Privileged EXEC mode Interface Configuration Modes...
Page 121 Web, CLI and the remote Dell Network Manager. After initial setup, the user may enter to the system to set up more advanced configurations.
Page 122 By default the switch is shipped from the factory with a default IP address of DHCP in order for Auto Config to be used, but the Easy Setup Wizard provides the opportunity to customize the IP address. If the user desires to use Auto Config to configure the switch, do not use the Easy Setup Wizard.
Page 123 Since a switch may be powered on in the field without a serial connection, the switch waits 60 seconds for the user to respond to the setup wizard question in instances where no configuration files exist. If there is no response, the switch continues normal operation using the default factory configuration.
Page 124: Example Session
Figure 2-1. Easy Setup Wizard for PCM6348 Example Session Did the user Transfer to CLI mode previously save a startup configuration? Auto Config will attempt to download a configuration. Transfer to CLI mode. Does the user want to use setup wizard? Request SNMP Is SNMP Management Community String &...
Page 125 The following example contains the sequence of prompts and responses associated with running an example Dell Easy Setup Wizard session, using the input values listed above. Note in this case a static IP address for the management interface is being set up. However it may be requested that the system automatically retrieve an IP address via DHCP.
Page 126 Step 1: The system is not setup for SNMP management by default. To manage the switch using SNMP (required for Dell Network Manager) you can Set up the initial SNMP version 2 account now. Return later and setup other SNMP accounts. (For more information on setting up an SNMP version 1 or 3 account, see the user documentation).
Page 127 If the information is incorrect, select (N) to discard configuration and restart the wizard: [Y/N] y Thank you for using Dell Easy Set up Wizard. You will now enter CLI mode. Applying Interface configuration, please wait...
Page 128 File System Commands All files are stored in a flat file system. The following commands are used to perform operations on these files. Command Description file delete Deletes file. filedescr file description Adds a description to a file (up to 20 characters can be used).
Page 129 startup-config — This file refers to the special configuration image stored in flash memory • which is loaded when the system next reboots. The user may copy a particular configuration file (remote or local) to this special file name and reboot the system to force it to use a particular configuration.
Page 130 When Radius is used, the field returns the access level for the user. Two vendor specific options are supported. These are CISCO-AV-Pairs(Shell:priv- lvl=x) and Dell Radius VSA (user-group=x). TACACS+ provides the appropriate level of access. The following rules and specifications apply: •...
Page 131 • Even if the user configures the CLI to fail login when the remote authentication servers are down, the CLI allows the user to log in to the serial interface authenticated by locally managed account data. Syslogs The CLI uses syslog support to send logging messages to a remote syslog server. The user configures the switch to generate all logging messages to a remote log server.
Page 132 Management ACL In addition to user access control, the system also manages the access level for particular management interfaces. The system allows individual hosts or subnets to access only specific management protocols. The user defines a management profile, which identifies management protocols such as the following: •...
Page 133 CPU Card ID: 0x508548 CFI Probe: Found 2x16 devices in x16 mode volume descriptor ptr (pVolDesc): 0x39160a0 XBD device block I/O handle: 0x10001 auto disk check on mount: NOT ENABLED volume write mode: copyback (DOS_WRITE) max # of simultaneously open files: file descriptors in use: # of different files in use: # of descriptors for deleted files:...
Page 134 - # of sectors per root: - max # of entries in root: FAT handler information: ------------------------ - allocation group size: 4 clusters - free space on volume: 44,380,160 bytes Boot Menu Version: 12 May 2009 Select an option. If no selection in 10 seconds then operational code will start.
Page 135 WDB Comm Type: WDB_COMM_END WDB: Ready. remLib: Not initialized. remLib: Not initialized. CFI Probe: Found 2x16 devices in x16 mode volume descriptor ptr (pVolDesc): 0x7016510 XBD device block I/O handle: 0x10001 auto disk check on mount: NOT ENABLED volume write mode: copyback (DOS_WRITE) max # of simultaneously open files: file descriptors in use:...
Page 136 - directory structure: VFAT - file name format: 8-bit (extended-ASCII) - root dir start sector: - # of sectors per root: - max # of entries in root: FAT handler information: ------------------------ - allocation group size: 4 clusters - free space on volume: 44,380,160 bytes PCI unit 0: Dev 0xb624, Rev 0x12, Chip BCM56624_B1, Driver BCM56624_B0...
Page 137 Applying Global configuration, please wait ... Applying Interface configuration, please wait ... console> console>show switch Management Standby Preconfig Plugged-in Switch Code Status Status Model ID Model ID Status Version --- ---------- --------- ------------- ------------- ------------- -------- Unassigned PCM6348 Not Present 0.0.0.0 Mgmt Sw PCM6348...
Page 138 Flash Size : 2000000 (32 MB) Flash Org : x16 Write Buf Size : 32 words Erase Regions : 2 Erase Region : 1 Num Blocks : 255 Block Size : 20000 (128 KB) First Block : 0 Last Block : 254 Start Adrs : fe000000 End Adrs : fffdffff...
Page 139 max # of simultaneously open files: 52 file descriptors in use: # of different files in use: # of descriptors for deleted files: 0 # of obsolete descriptors: current volume configuration: - volume label: NO LABEL ; (in boot sector: - volume Id: 0x1ce - total number of sectors: 61,076...
Page 140 operational code will start. 1 - Start operational code. 2 - Start Boot Menu. Select (1, 2): Boot Menu Version: 3 Mar 2009 Options available 1 - Start operational code 2 - Change baud rate 3 - Retrieve event log using XMODEM 4 - Load new operational code using XMODEM 5 - Display operational code vital product data 6 - Run flash diagnostics...
Page 141 4 - 9600 5 - 19200 6 - 38400 7 - 57600 8 - 115200 0 - no change The above setting takes effect immediately • Option to retrieve event log using XMODEM (64KB). [Boot Menu] 3 Sending event log, start XMODEM receive..•...
Page 142 (8665140) Boot Code FLASH flag......0 Boot Code CRC........0x3CC4 VPD - rel 6 ver 24 maint_lvl 19 build_num 23 Timestamp - Wed Jun 24 19:31:23 2009 File - Dell-Ent-esw-campbell-pct.85xx-V6R-CSxw- 6IQHSr6v24m19b23.opr [Boot Menu] • Option to Update Boot Code. [Boot Menu] 7...
Page 143 [Boot Menu] 8 Are you SURE you want to delete backup code : image2 ? (y/n): • Option to Clear All Flash and Reset the System to Default Setting. User action will be confirmed with a Y/N question before executing the command. Given here is the procedure to reset the system through Boot Menu: [Boot Menu] 9 Are you SURE you want to reset the system? (y/n):y...
Page 144 [Boot Menu] 12 During the bootup sequence, if a user is connected using the serial interface, the system provides an escape key sequence to interrupt the bootup process and bring up a boot utility menu. The menu provides the users with the following: The boot key sequence is 2 and may be typed only during the initial bootup sequence.
Page 145 - Display operational code vital product data - Run flash diagnostics - Update boot code - Delete backup image - Reset the system 10 - Restore configuration to factory defaults (delete config files) 11 - Activate Backup Image 12 - Password Recovery Procedure [Boot Menu] 30 Monitoring Traps from CLI It is possible to connect to the CLI session and monitor the events or faults that are being sent...
Page 147 Layer 2 Commands Introduction The chapters that follow describe commands that conform to the OSI model data link layer (Layer 2). Layer 2 commands provide a logical organization for transmitting data bits on a particular medium. This layer defines the framing, addressing, and checksum functions for Ethernet packets.
Page 148 • Port Channel Commands • Port Monitor Commands • QoS Commands • RADIUS Commands • Spanning Tree Commands • TACACS+ Commands • VLAN Commands • Voice VLAN Commands • 802.1X Commands...
Page 149 AAA Commands This chapter explains the following commands: • aaa authentication dot1x • aaa authentication enable • aaa authentication login • aaa authorization network default radius • enable authentication • enable password • ip http authentication • ip https authentication •...
Page 150 aaa authentication dot1x Use the aaa authentication dot1x command in Global Configuration mode to create an authentication login list. Syntax method1 aaa authentication dot1x default no aaa authentication dot1x default method1 — At least one from the following table: • Keyword Description radius...
Page 151 default — Uses the listed authentication methods that follow this argument as the default • list of methods, when using higher privilege levels. list-name — Character string used to name the list of authentication methods activated, • when using access higher privilege levels. (Range: 1-12 characters) method1 [ method2 ...] —...
Page 152 console(config)# aaa authentication enable default enable aaa authentication login Use the aaa authentication login command in Global Configuration mode to set authentication at login. To return to the default configuration, use the no form of this command. Syntax list-name method1 method2...
Page 153 User Guidelines The default and optional list names created with the aaa authentication login command are used with the login authentication command. Create a list by entering the aaa authentication list-name method list-name login command for a particular protocol, where is any character method string used to name this list.
Page 154 Example The following example enables RADIUS-assigned VLANs. console(config)#aaa authorization network default radius enable authentication Use the enable authentication command in Line Configuration mode to specify the authentication method list when accessing a higher privilege level from a remote telnet or console.
Page 155 Syntax password enable password [encrypted] no enable password password — Password for this level (Range: 8- 64 characters). • • encrypted — Encrypted password entered, copied from another switch configuration. Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
Page 156 Default Configuration The local user database is checked. This action has the same effect as the command ip http authentication local. Command Mode Global Configuration mode User Guidelines The additional methods of authentication are used only if the previous method returns an error, not if it fails.
Page 157 Command Mode Global Configuration mode User Guidelines The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error, specify none as the final method in the command line. If none is specified as an authentication method after radius, no authentication is used if the RADIUS server is down.
Page 158 password (Line Configuration) Use the password command in Line Configuration mode to specify a password on a line. To remove the password, use the no form of this command. Syntax password password [encrypted] no password password — Password for this level. (Range: 8- 64 characters) •...
Page 159 User Guidelines This command has no user guidelines. Example The following example shows the prompt sequence for executing the password command. console>password Enter old password:******** Enter new password:******** Confirm new password:******** show authentication methods Use the show authentication methods command in Privileged EXEC mode to display information about the authentication methods.
Page 160 Enable Authentication Method Lists ---------------------------------- enableList local Line Login Method List Enable Method List ------- ----------------- ------------------ Console defaultList enableList Telnet defaultList enableList defaultList enableList HTTPS :local HTTP :local DOT1X :none show users accounts Use the show users accounts command in Privileged EXEC mode to display information about the local user database.
Page 161 UserName Privilege Password Password Lockout Aging Expiry date ------------------- --------- -------- ------------ ------- admin False guest False show users login-history Use the show users login-history command in Global Configuration mode to display information about the login history of users. Syntax show users login-history [long] •...
Page 162: Username
username Use the username command in Global Configuration mode to add a new user to the local users database. To remove a user name use the no form of this command. Syntax name password level username password [level ] [encrypted] name no username name —...
Page 163 ACL Commands This chapter explains the following commands: • access-list • deny | permit • ip access-group • ip access-group <name> out • mac access-group • mac access-list extended • mac access-list extended rename • show ip access-lists • show mac access-list...
Page 164 access-list Use the access-list command in Global Configuration mode to create an Access Control List list-name (ACL) that is identified by the parameter Syntax std-list-num srcip srcmask queue-id access-list {deny | permit} { | every} [log] [assign-queue interface interface [redirect | mirror ext-list-num access-list...
Page 165 Command Mode Global Configuration mode User Guidelines Users are permitted to add rules, but if a packet does not match any user-specified rules, the packet is dropped by the implicit “deny all” rule. Examples The following examples create an ACL to discard any HTTP traffic from 192.168.77.171, but allow all other traffic from 192.168.77.171: console(config)#access-list alpha deny 192.168.77.171 0.0.0.0 0.0.0.0 255.255.255.255 eq http...
Page 166 • cos — Class of service. (Range 0-7) • log — Specifies that this rule is to be logged. • assign-queue — Specifies particular hardware queue for handling traffic that matches the rule. queue-id — 0-6, where n is number of user configurable queues available for that hardware •...
Page 167 name — Access list name. (Range: Valid IP access-list name up to 31 characters in length) • direction — Direction of the ACL. (Range: In or out. Default is in .) • seqnum — Precedence for this interface and direction. A lower sequence number has higher •...
Page 168 User Guidelines NOTE: LAG and VLAN interfaces are only supported by PCM6220. This command has no user guidelines. Examples • Bind the IP ACL named myipacl to the physical interface 1/g1 in the outbound direction. console(config-if-1/g1)#ip access-group myipacl out • Bind the IP ACL named myipacl to the LAG interface 1 in the outbound direction.
Page 169 currently attached access list using that sequence number. If the sequence number is not specified for this command, a sequence number is selected that is one greater than the highest sequence number currently in use for this interface and direction. This command specified in Interface Configuration mode only affects a single interface.
Page 170 mac access-list extended rename Use the mac access-list extended rename command in Global Configuration mode to rename the existing MAC Access Control List (ACL). Syntax name newname mac access-list extended rename name — Existing name of the access list. (Range: 1-31 characters) •...
Page 171 User Guidelines There are no user guidelines for this command. Examples The following example displays IP ACLs configured on a device. console#show ip access-lists Current number of ACLs: 2 Maximum number of ACLs: 100 ACL Name Rules Interface(s) Vlan(s) ------------------------------------------------------------------ ACL40 ACL41 show mac access-list...
Page 172 Fields Description MAC ACL Name The name of the MAC access list. Rules The number of user-configured rules defined for the MAC ACL. The implicit 'deny all' rule defined at the end of every MAC ACL is not included. Interfaces Displays the list of interfaces (unit/port) to which the MAC ACL is attached in a given direction.
Page 173 Address Table Commands This chapter explains the following commands: • bridge address • bridge aging-time • bridge multicast address • bridge multicast filtering • bridge multicast forbidden address • bridge multicast forbidden forward-unregistered • bridge multicast forward-all • bridge multicast forward-unregistered •...
Page 174 bridge address Use the bridge address command in Interface Configuration mode to add a static MAC-layer station source address to the bridge table. To delete the MAC address, use the no form of the bridge address command (using the no form of the command without specifying a MAC address deletes all static MAC addresses belonging to this VLAN).
Page 175 seconds — Time is the number of seconds. (Range: 10–1000000 seconds) • Default Configuration 300 seconds Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example In this example the bridge aging time is set to 400. console(config)#bridge aging-time 400 bridge multicast address Use the bridge multicast address command in Interface Configuration mode to register MAC-...
Page 176 Command Mode Interface Configuration (VLAN) mode User Guidelines If the command is executed without add or remove, the command registers only the group in the bridge database. Static Multicast addresses can be defined only on static VLANs. Examples The following example registers the MAC address. console(config)#interface vlan 8 console(config-if-vlan8)#bridge multicast address 0100.5e02.0203 The following example registers the MAC address and adds ports statically.
Page 177: Bridge Multicast Forbidden Address
If switches exist on the VLAN and IGMP snooping is not enabled, use the bridge multicast forward-all command to enable forwarding all Multicast packets to the Multicast routers. Example In this example, bridge Multicast filtering is enabled. console(config)#bridge multicast filtering bridge multicast forbidden address Use the bridge multicast forbidden address command in Interface Configuration mode to forbid adding a specific Multicast address to specific ports.
Page 178 console(config)#interface vlan 8 console(config-if-vlan8)#bridge multicast address 01:00:5e:02:02:03 console(config-if-vlan8)#bridge multicast forbidden address 01:00:5e:02:02:03 add ethernet 2/g9 bridge multicast forbidden forward-unregistered Use the bridge multicast forbidden forward-unregistered command in Interface Configuration mode to forbid Forwarding-unregistered-multicast-addresses. Use the no form of this command to return to the default.
Page 179 Default Configuration Forward-unregistered Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example In this example all VLAN1 Multicast packets are forwarded. console(config-if-vlan1)#bridge multicast forward-all bridge multicast forward-unregistered Use the bridge multicast forward-unregistered command in Interface Configuration mode to enable the forwarding of unregistered multicast addresses.
Page 180 clear bridge Use the clear bridge command in Privileged EXEC mode to remove any learned entries from the forwarding database. Syntax clear bridge Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example In this example, the bridge tables are cleared.
Page 181 Command Mode Interface Configuration (Ethernet, Port-channel) mode User Guidelines When port security is enabled on an interface, all dynamic entries learned up to that point are flushed, and new entries can be learned only to the limit set by the port security max command. The default limit is 100 dynamic MAC addresses.
Page 182 show bridge address-table Use the show bridge address-table command in Privileged EXEC mode to display all entries in the bridge-forwarding database. Syntax vlan interface | port-channel-number show bridge address-table [vlan ] [ethernet port-channel vlan — Specific valid VLAN, such as VLAN 1. •...
Page 183 Syntax vlan interface-number show bridge address-table count [vlan |ethernet |port-channel port-channel-number vlan — Specifies a valid VLAN, such as VLAN 1 • interface — Specifies a valid Ethernet port • port-channel-number — Specifies a valid port-channel-number • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 184 port-channel-number — A valid port-channel number. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example In this example, all static entries in the bridge-forwarding database are displayed. console#show bridge address-table static Vlan Mac Address...
Page 185 User Guidelines A MAC address can be displayed in IP format only if it is in the range 01:00:5e:00:00:00 through 01:00:5e:7f:ff:ff. Example In this example, Multicast MAC address table information is displayed. console#show bridge multicast address-table Vlan MAC Address Type Ports ------- -------------------...
Page 186 User Guidelines This command has no user guidelines. Example In this example, the Multicast configuration for VLAN 1 is displayed. console#show bridge multicast filtering 1 Filtering: Disabled VLAN: 1 Mode: Forward-Unregistered show ports security Use the show ports security command in Privileged EXEC mode to display the port-lock status. Syntax show ports security [ethernet interface...
Page 187 ---- ------ ----------------- -------- ------- ------- 1/g1 Locked Discard Enable 1/g2 Unlocked - 1/g3 Locked Discard, Shutdown Disable The following table describes the fields in this example. Field Description Port The port number. Status The status can be one of the following: Locked or Unlocked.
Page 188 Examples The following example displays dynamic addresses for port channel number 1/g1. console#show ports security addresses ethernet 1/g1 Dynamic addresses: 83 Maximum addresses: 100 Learned addresses ------- ---------...
Page 189 Auto-VoIP Commands This chapter explains the following commands: • show switchport voice • switchport voice detect auto show switchport voice Use the show switchport voice command to show the status of Auto-VoIP on an interface or all interfaces. Syntax interface index show switchport voice [interface {ethernet | port-channel...
Page 190 1/g3 Enabled 1/g4 Enabled 1/g5 Enabled 1/g6 Enabled 1/g7 Enabled 1/g8 Enabled 1/g9 Enabled 1/g10 Enabled 1/g11 Enabled 1/g12 Enabled 1/g13 Enabled 1/g14 Enabled 1/g15 Enabled 1/g16 Enabled 1/g17 Enabled 1/g18 Enabled 1/g19 Enabled 1/g20 Enabled --More-- or (q)uit console#show switchport voice ethernet 1/g1 Interface Auto VoIP Mode Traffic Class --------- -------------- ------------- 1/g1...
Page 191 Interface Auto VoIP Mode Traffic Class --------- -------------- ------------- Disabled The command output provides the following information: • AutoVoIP Mode—The Auto VoIP mode on the interface. • Traffic Class—The Cos Queue or Traffic Class to which all VoIP traffic is mapped. This is not configurable and defaults to the highest COS queue available in the system for data traffic.
Page 193 CDP Interoperability Commands This chapter explains the following commands: • clear isdp counters • clear isdp table • isdp advertise-v2 • isdp enable • isdp holdtime • isdp timer • show isdp • show isdp entry • show isdp interface •...
Page 194 clear isdp counters The clear isdp counters command clears the ISDP counters. Syntax clear isdp counters Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#clear isdp counters clear isdp table...
Page 195 isdp advertise-v2 The isdp advertise-v2 command enables the sending of ISDP version 2 packets from the device. Use the “no” form of this command to disable sending ISDP version 2 packets. Syntax isdp advertise-v2 no isdp advertise-v2 Default Configuration ISDP sends version 2 packets by default. Command Mode Global Configuration mode User Guidelines...
Page 196 User Guidelines There are no user guidelines for this command. Example The following example enables isdp on interface 1/g1. console(config)#interface ethernet 1/g1 console(config-if-1/g1)#isdp enable isdp holdtime The isdp holdtime command configures the hold time for ISDP packets that the switch transmits.
Page 197: Show Isdp
Syntax time isdp timer no isdp timer time • The time in seconds (range: 5–254 seconds). — Default Configuration The default timer is 30 seconds. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example sets the isdp timer value to 40 seconds.
Page 198 Timer.......... 30 Hold Time........180 Version 2 Advertisements....... Enabled Neighbors table last time changed....35 Device ID........1114728 Device id format capability....Serial Number Device id format....... Serial Number show isdp entry The show isdp entry command displays ISDP entries. If a device id specified, then only the entry about that device is displayed.
Page 199 Capability Router IGMP Platform cisco WS-C4948 Interface 1/g1 Port ID GigabitEthernet1/1 Holdtime Advertisement Version Entry last changed time 0 days 00:13:50 Version : Cisco IOS Software, Catalyst 4000 L3 Switch Software (cat4000 I9K91S-M), Version 12.2(25)EWA9, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc.
Page 200 Interface Mode --------------- ---------- 1/g1 Enabled 1/g2 Enabled 1/g3 Enabled 1/g4 Enabled 1/g5 Enabled 1/g6 Enabled 1/g7 Enabled 1/g8 Enabled 1/g9 Enabled 1/g10 Enabled 1/g11 Enabled 1/g12 Enabled 1/g13 Enabled 1/g14 Enabled 1/g15 Enabled 1/g16 Enabled 1/g17 Enabled 1/g18 Enabled 1/g19 Enabled 1/g20...
Page 201: Show Isdp Neighbors
Interface Mode --------------- ---------- 1/g1 Enabled show isdp neighbors The show isdp neighbors command displays the list of neighboring devices. Syntax interface show isdp neighbors { ethernet | detail } interface — Specifies a valid interface. The full syntax is unit/port. •...
Page 202: Show Isdp Traffic
Device ID Switch Address(es): IP Address: 172.20.1.18 IP Address: 172.20.1.18 Capability Router IGMP Platform cisco WS-C4948 Interface 1/g1 Port ID GigabitEthernet1/1 Holdtime Advertisement Version Entry last changed time 0 days 00:55:20 Version : Cisco IOS Software, Catalyst 4000 L3 Switch Software (cat4000-I9K91S-M), Version 12.2(25)EWA9, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc.
Page 203 Example console#show isdp traffic ISDP Packets Received......4253 ISDP Packets Transmitted....... 127 ISDPv1 Packets Received......0 ISDPv1 Packets Transmitted..... 0 ISDPv2 Packets Received......4253 ISDPv2 Packets Transmitted..... 4351 ISDP Bad Header........ 0 ISDP Checksum Error......0 ISDP Transmission Failure...... 0 ISDP Invalid Format......
Page 205: Dhcp Layer 2 Relay Commands
DHCP Layer 2 Relay Commands This chapter explains the following commands: • dhcp l2relay (Global Configuration) (Global Configuration) • dhcp l2relay (Interface Configuration) (Interface Configuration) • dhcp l2relay circuit-id • dhcp l2relay remote-id • dhcp l2relay trust • dhcp l2relay vlan...
Page 206: Dhcp L2Relay (Interface Configuration)
dhcp l2relay (Global Configuration) Use the dhcp l2relay command to enable layer 2 DHCP relay functionality. The subsequent commands mentioned in this section can only be used when the L2-DHCP relay is enabled. Use the "no" form of this command to disable L2-DHCP relay. Syntax dhcp l2relay no dhcp l2relay...
Page 207: Dhcp L2Relay Circuit-Id
Example console(config-if-1/g1)#dhcp l2relay dhcp l2relay circuit-id Use the dhcp l2relay circuit-id command to enable setting the DHCP Option 82 Circuit ID for a VLAN. When enabled, the interface number is added as the Circuit ID in DHCP option 82. Use the "no" form of this command to disable setting the DHCP Option 82 Circuit ID. Syntax vlan-range dhcp l2relay circuit-id vlan...
Page 208: Dhcp L2Relay Trust
Default Configuration Setting the DHCP Option 82 Remote ID is disabled by default. Command Mode Global Configuration. User Guidelines There are no user guidelines for this command. Example console(config)#dhcp l2relay remote-id dslforum vlan 10,20-30 dhcp l2relay trust Use the dhcp l2relay trust command to configure an interface to mandate Option-82 on receiving DHCP packets.
Page 209 Syntax vlan-range dhcp l2relay vlan vlan-range no dhcp l2relay vlan • vlan-range - The list of VLAN IDs. Default Configuration DHCP L2 Relay is disabled on all VLANs by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#dhcp l2relay vlan 10,340-345...
Page 211: Dhcp Snooping Commands
DHCP Snooping Commands This chapter explains the following commands: • clear ip dhcp snooping statistics • ip dhcp snooping • ip dhcp snooping binding • ip dhcp snooping database • ip dhcp snooping database write-delay • ip dhcp snooping limit •...
Page 212: Ip Dhcp Snooping
clear ip dhcp snooping statistics Use the clear ip dhcp snooping statistics command to clear all DHCP Snooping statistics. Syntax clear ip dhcp snooping statistics Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command.
Page 213: Ip Dhcp Snooping Binding
Example console(config)#ip dhcp snooping console(config-if-vlan1,2,3)#ip dhcp snooping ip dhcp snooping binding Use the ip dhcp snooping binding command to configure a static DHCP Snooping binding. Use the “no” form of this command to remove a static binding. Syntax mac-address vlan-id ip-address interface ip dhcp snooping binding vlan...
Page 214: Ip Dhcp Snooping Database Write-Delay
hostIP — The IP address of the remote host. • filename — The name of the file for the database on the remote host. • Default Configuration The database is stored locally by default. Configuration Mode Global Configuration mode. User Guidelines There are no user guidelines for this command.
Page 215: Ip Dhcp Snooping Limit
User Guidelines There are no user guidelines for this command. Example console(config)#ip dhcp snooping database write-delay 500 ip dhcp snooping limit Use the ip dhcp snooping limit command to control the maximum rate of DHCP messages. Use the “no” form of this command to reset the limit to the default. Syntax seconds ip dhcp snooping limit { none | rate...
Page 216: Ip Dhcp Snooping Trust
Syntax ip dhcp snooping log-invalid no ip dhcp snooping log-invalid Default Configuration Logging of filtered messages is disabled by default. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. Example console(config-if-1/g1)#ip dhcp snooping log-invalid console(config-if-1/g1)#no ip dhcp snooping log-invalid ip dhcp snooping trust Use the ip dhcp snooping trust command to configure a port as trusted.
Page 217: Ip Dhcp Snooping Verify Mac-Address
Example console(config-if-1/g1)#ip dhcp snooping trust console(config-if-1/g1)#no ip dhcp snooping trust ip dhcp snooping verify mac-address Use the ip dhcp snooping verify mac-address command to enable the verification of the source MAC address with the client MAC address in the received DHCP message. Use the “no” form of this command to disable verification of the source MAC address.
Page 218: Show Ip Dhcp Snooping Binding
Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show ip dhcp snooping DHCP snooping is Disabled DHCP snooping source MAC verification is enabled DHCP snooping is enabled on the following VLANs: 11 - 30, 40 Interface Trusted Log Invalid Pkts...
Page 219: Show Ip Dhcp Snooping Database
Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show ip dhcp snooping binding Total number of bindings: 2 MAC Address IP Address VLAN Interface Lease time(Secs)
Page 220: Show Ip Dhcp Snooping Interfaces
Example console#show ip dhcp snooping database agent url: /10.131.13.79:/sai1.txt write-delay: 5000 show ip dhcp snooping interfaces Use the show ip dhcp snooping interfaces command to show the DHCP Snooping status of the interfaces. Syntax show ip dhcp snooping interfaces interface •...
Page 221: Show Ip Dhcp Snooping Statistics
1/g3 console#show ip dhcp snooping interfaces ethernet 1/g15 Interface Trust State Rate Limit Burst Interval (pps) (seconds) ---------- ------------- ------------- --------------- 1/g15 show ip dhcp snooping statistics Use the show ip dhcp snooping statistics command to display the DHCP snooping filtration statistics.
Page 222 Example console#show ip dhcp snooping statistics Interface MAC Verify Client Ifc DHCP Server Failures Mismatch Msgs Rec'd ----------- ---------- ---------- ----------- 1/g2 1/g3 1/g4 1/g5 1/g6 1/g7 1/g8 1/g9 1/g10 1/g11 1/g12 1/g13 1/g14 1/g15 1/g16 1/g17 1/g18 1/g19 1/g20...
Page 223: Dynamic Arp Inspection Commands
Dynamic ARP Inspection Commands This chapter explains the following commands: • arp access-list • clear counters ip arp inspection • ip arp inspection filter • ip arp inspection limit • ip arp inspection trust • ip arp inspection validate • ip arp inspection vlan •...
Page 224: Clear Counters Ip Arp Inspection
arp access-list Use the arp access-list command to create an ARP ACL. It will place the user in ARP ACL Configuration mode. Use the “no” form of this command to delete an ARP ACL. Syntax acl-name arp access-list acl-name no arp access-list acl-name —...
Page 225: Ip Arp Inspection Filter
Example console#clear counters ip arp inspection ip arp inspection filter Use the ip arp inspection filter command to configure the ARP ACL to be used for a single VLAN or a range of VLANs to filter invalid ARP packets. If the static keyword is given, packets that do not match a permit statement are dropped without consulting the DHCP snooping bindings.
Page 226: Ip Arp Inspection Trust
Syntax seconds ip arp inspection limit { none | rate [ burst interval no ip arp inspection limit • none — To set no rate limit. pps — The number of packets per second (Range: 0–300). • • seconds — The number of seconds (Range: 1–15). Default Configuration The default rate limit is 15 packets per second.
Page 227: Ip Arp Inspection Validate
User Guidelines There are no user guidelines for this command. Example console(config-if-1/g3)#ip arp inspection trust ip arp inspection validate Use the ip arp inspection validate command to enable additional validation checks like source MAC address validation, destination MAC address validation or IP address validation on the received ARP packets.
Page 228: Ip Arp Inspection Vlan
ip arp inspection vlan Use the ip arp inspection vlan command to enable Dynamic ARP Inspection on a single VLAN or a range of VLANs. Use the “no” form of this command to disable Dynamic ARP Inspection on a single VLAN or a range of VLANs. Syntax vlan-range ip arp inspection vlan...
Page 229: Show Arp Access-List
Default Configuration There are no ARP ACL rules created by default. Command Mode ARP Access-list Configuration mode User Guidelines There are no user guidelines for this command. Example console(Config-arp-access-list)#permit ip host 1.1.1.1 mac host 00:01:02:03:04:05 show arp access-list Use the show arp access-list command to display the configured ARP ACLs with the rules. Giving an ARP ACL name as the argument would display only the rules in that ARP ACL.
Page 230: Show Ip Arp Inspection Ethernet
ARP access list H4 permit ip host 2.1.1.2 mac host 00:03:04:05:06:08 show ip arp inspection ethernet Use the show ip arp inspection ethernet command to display the Dynamic ARP Inspection configuration on all the DAI enabled interfaces. Giving an interface argument, it displays the values for that interface.
Page 231: Show Ip Arp Inspection Statistics
show ip arp inspection statistics Use the show ip arp inspection statistics command to display the statistics of the ARP packets processed by Dynamic ARP Inspection. Given vlan-range argument, it displays the statistics on all DAI enabled Vlans in that range. In the case of no argument, it lists the summary of the forwarded and dropped ARP packets.
Page 232: Show Ip Arp Inspection Vlan
---- --------- ------- console#show ip arp inspection statistics vlan 10,20 VLAN DHCP DHCP Bad Src Bad Dest Invalid Drops Drops Permits Permits ---- ---------- ---------- ---------- ---------- ---------- ------ ---- --------- show ip arp inspection vlan Use the show ip arp inspection vlan command to display the Dynamic ARP Inspection configuration on all the VLANs in the given VLAN range.
Page 233 User Guidelines The following global parameters are displayed: Source Mac Validation If Source Mac validation of ARP frame is enabled. Destination Mac Validation If Destination Mac validation of ARP Response frame is enabled. IP Address Validation If IP address validation of ARP frame is enabled. The following fields are displayed for each VLAN: Vlan The Vlan-Id for each displayed row.
Page 235: Ethernet Configuration Commands
Ethernet Configuration Commands This chapter explains the following commands: • clear counters • description • duplex • flowcontrol • interface ethernet • interface range ethernet • • negotiation • show interfaces advertise • show interfaces configuration • show interfaces counters •...
Page 236: Description
clear counters Use the clear counters command in Privileged EXEC mode to clear statistics on an interface. Syntax interface port-channel-number clear counters [ethernet | port-channel interface — Valid Ethernet port. The full syntax is: unit/port • port-channel-number — Valid port-channel index. •...
Page 237: Duplex
Command Mode Interface Configuration (Ethernet, Port-Channel) mode User Guidelines This command has no user guidelines. Example The following example adds a description to the Ethernet port 5. console(config)#interface ethernet 1/g5 console(config-if-1/g5)# description RD_SW#3 duplex Use the duplex command in Interface Configuration mode to configure the full/half duplex operation of a given Ethernet interface when not using auto-negotiation.
Page 238: Flowcontrol
flowcontrol Use the flowcontrol command in Global Configuration mode to configure the flow control. To disable flow control, use the no form of this command. Syntax flowcontrol no flowcontrol Default Configuration Flow Control is enabled. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
Page 239: Interface Range Ethernet
Example The following example enables port 5/g18 for configuration. console(config)# interface ethernet 5/g18 interface range ethernet Use the interface range ethernet command in Global Configuration mode to execute a command on multiple ports at the same time. Syntax port-range interface range ethernet { | all} port-range —...
Page 240: Negotiation
Syntax bytes no mtu bytes — Number of bytes (Range: 1518-9216) • Default Configuration The default number of bytes is 1518 (1522 bytes of VLAN-tagged frames). Command Mode Interface Configuration (Ethernet) mode User Guidelines The value set allows an additional four bytes for the VLAN tag. Example The following example of the mtu command increases maximum packet size to 9216 bytes.
Page 241: Show Interfaces Advertise
User Guidelines Entering the command negotiation with no parameters enables all capabilities. Note that if you have previously entered negotiation with capabilities, this action overwrites the previous configuration so that all capabilities are enabled. Example The following example enables auto negotiations on gigabit Ethernet port 5 of unit 1. console(config)#interface ethernet 1/g5 console(config-if-1/g5)#negotiation show interfaces advertise...
Page 242: Show Interfaces Configuration
console# show interfaces advertise ethernet 1/g1 Port: Ethernet 1/g1 Type: 1G-Copper Link state: Up Auto negotiation: enabled 10h 10f 100h 100f 1000f Admin Local Link ------ ------ ------ ------ ------ Advertisement yes show interfaces configuration Use the show interfaces configuration command in User EXEC mode to display the configuration for all configured interfaces.
Page 243 1/g1 Gigabit - Level Full Auto 1/g2 Gigabit - Level Unknown Auto 1/g3 Gigabit - Level Unknown Auto 1/g4 Gigabit - Level Unknown Auto 1/g5 Gigabit - Level Unknown Auto 1/g6 Gigabit - Level Unknown Auto 1/g7 Gigabit - Level Unknown Auto 1/g8...
Page 244: Show Interfaces Counters
show interfaces counters Use the show interfaces counters command in User EXEC mode to display traffic seen by the interface. Syntax interface port-channel-number show interfaces counters [ethernet | port-channel interface — A valid Ethernet port. • port-channel-number — A valid port-channel index. •...
Page 245 Field Description Multiple Collision Frames A count of frames that are involved in a multiple collision, and are subsequently transmitted successfully Deferred A count of frames for which the first transmission attempt is delayed because the medium is busy Transmissions Late Collisions Counted times that a collision is detected later than one slot time into the transmission of a packet.
Page 246 ---- ---------- --------- 27889 OutOctets OutUcastPkts ---- ---------- --------- 23739 Example #2 The following example displays counters for Ethernet port 1/g1. console#show interfaces counters ethernet 1/g1 Port InOctets InUcastPkts ---- ---------- --------- 1/g1 183892 1289 Port OutOctets OutUcastPkts ---- ---------- --------- 1/g1 9188...
Page 247: Show Interfaces Description
show interfaces description Use the show interfaces description command in User EXEC mode to display the description for all configured interfaces. Syntax interface port-channel-number show interfaces description [ethernet | port-channel interface — Valid Ethernet port. • port-channel-number — A valid port-channel index. •...
Page 248: Show Interfaces Detail
show interfaces detail Use the show interfaces detail command in User EXEC mode to display, in a single command, VLAN information, STP information, and port status information. This command combines the output of the following commands: • show interfaces configuration [ethernet interface | port-channel port-channel-number] •...
Page 249 ---- ----------------------------------------------------- 1/xg1 ExampleName VLAN Info: --------- VLAN Membership mode: General Operating parameters: PVID: 1 (default) Ingress Filtering: Enabled Acceptable Frame Type: All GVRP status: Enabled Protected: Enabled Port 1/xg1 is member in: VLAN Name Egress rule Type ---- --------- ----------- ----- default untagged System...
Page 250: Show Interfaces Status
---- --------- ----------- default untagged VLAN0011 tagged IPv6 VLAN untagged VLAN0072 untagged Forbidden VLANS: VLAN Name ---- --------- Spanning Tree Info ------------------ Port 1 (1/xg1) enabled State: Forwarding Role: Root Port id: 128.1 Port cost: 20000 Port Fast: No (configured:no) Designated bridge Priority: 32768 Address: 00:01:42:97:e0:00 Designated port id: 128.25 Designated path cost: 0 BPDU: sent 2, received 120638...
Page 251: Default Configuration
Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the status for all configured interfaces. console#show interfaces status Port Type Duplex Speed Link Flow Control State Status -----...
Page 252 1/g21 Gigabit - Level Unknown Auto Down Inactive 1/g22 Gigabit - Level Unknown Auto Down Inactive 1/g23 Gigabit - Level Full 1000 Auto Up Inactive 1/g24 Gigabit - Level Unknown Auto Down Inactive 1/xg1 10G - Level Unknown Auto Down Inactive 1/xg2 10G - Level...
Page 253 ch24 Link Aggregate Down ch25 Link Aggregate Down ch26 Link Aggregate Down ch27 Link Aggregate Down ch28 Link Aggregate Down ch29 Link Aggregate Down ch30 Link Aggregate Down ch31 Link Aggregate Down ch32 Link Aggregate Down --More-- or (q)uit ch33 Link Aggregate Down ch34 Link Aggregate Down...
Page 254: Show Statistics Ethernet
Duplex Displays the port Duplex status. Speed Refers to the port speed. Describes the Auto-negotiation status. Link State Displays the Link Aggregation status. show statistics ethernet Use the show statistics ethernet command in Privileged EXEC mode to display detailed statistics for a specific port or for the entire switch. Syntax unit port-type...
Page 255 Packets Received 1024-1518 Octets....479543 Packets Received > 1522 Octets....0 Packets RX and TX 64 Octets....94516 Packets RX and TX 65-127 Octets....483312 Packets RX and TX 128-255 Octets....101329 Packets RX and TX 256-511 Octets....163696 Packets RX and TX 512-1023 Octets....4982 Packets RX and TX 1024-1518 Octets.....
Page 256 Packets Transmitted 64 Octets....45566 Packets Transmitted 65-127 Octets....886 Packets Transmitted 128-255 Octets..... 245 --More-- or (q)uit Packets Transmitted 256-511 Octets..... 25 Packets Transmitted 512-1023 Octets.... 158 Packets Transmitted 1024-1518 Octets... 302 Max Frame Size......... 1518 Total Packets Transmitted Successfully..47182 Unicast Packets Transmitted....
Page 257 Total Packets Received (Octets)....16877295 Unicast Packets Received....... 1608 Multicast Packets Received..... 48339 Broadcast Packets Received..... 69535 Receive Packets Discarded...... 0 Octets Transmitted......6451988 Packets Transmitted Without Errors..... 91652 Unicast Packets Transmitted....2746 Multicast Packets Transmitted....88892 Broadcast Packets Transmitted....14 Transmit Packets Discarded.....
Page 258: Show Storm-Control
show storm-control Use the show storm-control command in Privileged EXEC mode to display the configuration of storm control. Syntax interface show storm-control [all | interface — Valid Ethernet port. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Page 259 shutdown Use the shutdown command in Interface Configuration mode to disable an interface. To restart a disabled interface, use the no form of this command. Syntax shutdown no shutdown Default Configuration The interface is enabled. Command Mode Interface Configuration (Ethernet, Port-Channel, Tunnel, Loopback) mode User Guidelines This command has no user guidelines.
Page 260: Speed
speed Use the speed command in Interface Configuration mode to configure the speed of a given Ethernet interface when not using auto-negotiation. To restore the default, use the no form of this command. Syntax speed [10 | 100 ] no speed •...
Page 261 no storm-control broadcast rate — Percentage of port bandwidth to allow. (Range: 0-100) • Default Configuration The default value is 5. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example console(config-if-1/g1)#storm-control broadcast level 5 storm-control multicast Use the storm-control multicast command in Interface Configuration mode to enable multicast storm recovery mode for an interface.
Page 262 Example console(config-if-1/g1)#storm-control multicast level 5 storm-control unicast Use the storm-control unicast command in Interface Configuration mode to enable unknown unicast storm control for an interface. If the mode is enabled, unicast storm recovery is active, and if the rate of unknown L2 unicast (destination lookup failure) traffic ingressing on an interface increases beyond the configured threshold, the traffic will be dropped.
Page 263 GVRP Commands This chapter explains the following commands: • clear gvrp statistics • garp timer • gvrp enable (global) • gvrp enable (interface) • gvrp registration-forbid • gvrp vlan-creation-forbid • show gvrp configuration • show gvrp error-statistics • show gvrp statistics...
Page 264 clear gvrp statistics Use the clear gvrp statistics command in Privileged EXEC mode to clear all the GVRP statistics information. Syntax interface port-channel-number clear gvrp statistics [ethernet | port-channel interface — A valid Ethernet interface. • port-channel-number — A valid port-channel index. •...
Page 265: Gvrp Enable (Global)
timer_value — Timer values in centiseconds. The range is 10-100 for join, 20-600 for leave, • and 200-6000 for leaveall. Default Configuration The default timer values are as follows: • Join timer — 20 centiseconds • Leave timer — 60 centiseconds •...
Page 266: Gvrp Enable (Interface)
Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example globally enables GVRP on the device. console(config)#gvrp enable gvrp enable (interface) Use the gvrp enable command in Interface Configuration mode to enable GVRP on an interface.
Page 267 gvrp registration-forbid Use the gvrp registration-forbid command in Interface Configuration mode to deregister all VLANs on a port and prevent any dynamic registration on the port. To allow dynamic registering for VLANs on a port, use the no form of this command. Syntax gvrp registration-forbid no gvrp registration-forbid...
Page 268 User Guidelines This command has no user guidelines. Example The following example disables dynamic VLAN creation on port 1/g8. console(config)#interface ethernet 1/g8 console(config-if-1/g8)#gvrp vlan-creation-forbid show gvrp configuration Use the show gvrp configuration command in Privileged EXEC mode to display GVRP configuration information.
Page 269 (centisecs) (centisecs) (centisecs) Forbid Forbid ----------- ----------- ----------- ----------- ----------- ------ -- ---- 1/g1 1000 Disabled 1/g2 1000 Disabled 1/g3 1000 Disabled 1/g4 1000 Disabled 1/g5 1000 Disabled 1/g6 1000 Disabled 1/g7 1000 Disabled 1/g8 1000 Disabled 1/g9 1000 Disabled 1/g10 1000 Disabled...
Page 270 User Guidelines This command has no user guidelines. Example The following example displays GVRP error statistics information. console>show gvrp error-statistics GVRP error statistics: ---------------- Legend: INVPROT: Invalid Protocol Id INVATYP: Invalid Attribute Type INVALEN: Invalid Attribute Length INVAVAL: Invalid Attribute Value INVEVENT: Invalid Event Port INVPROT INVATYP...
Page 271 Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example This example shows output of the show gvrp statistics command. console>show gvrp statistics GVRP statistics: ------------------------------ Legend: : Join Empty Received rJIn : Join In Received rEmp : Empty Received rLIn : Leave In Received : Leave Empty Received...
Page 273 IGMP Snooping Commands This chapter explains the following commands: • ip igmp snooping (global) • ip igmp snooping (interface) • ip igmp snooping host-time-out • ip igmp snooping leave-time-out • ip igmp snooping mrouter-time-out • show ip igmp snooping groups •...
Page 274: Ip Igmp Snooping (Interface)
ip igmp snooping (global) Use the ip igmp snooping command in Global Configuration mode to globally enable Internet Group Management Protocol (IGMP) snooping. Use the no form of this command to disable IGMP snooping globally. Syntax ip igmp snooping no ip igmp snooping Default Configuration IGMP snooping is disabled.
Page 275 User Guidelines IGMP snooping can be enabled on Ethernet interfaces. Example The following example enables IGMP snooping. console(config-if-1/g1)#ip igmp snooping ip igmp snooping host-time-out Use the ip igmp snooping host-time-out command in Interface Configuration mode to configure the host-time-out. If an IGMP report for a Multicast group is not received for a host time-out period from a specific port, this port is deleted from the member list of that Multicast group.
Page 276 Syntax time-out ip igmp snooping leave-time-out [ | immediate-leave] no ip igmp snooping leave-time-out time-out — Specifies the leave-time-out in seconds. (Range: 1 - 3174) • • immediate-leave — Specifies that the port should be removed immediately from the members list after receiving IGMP Leave.
Page 277 User Guidelines This command has no user guidelines. Example The following example configures the mrouter timeout to 200 seconds. console(config-if-1/g1)#ip igmp snooping mrouter-time-out 200 show ip igmp snooping groups Use the show ip igmp snooping groups command in User EXEC mode to display the Multicast groups learned by IGMP snooping.
Page 278 --------------------------------------------- Vlan IP Address Ports ---- ------------------ ------------------- 224-239.130|2.2.3 1/g19 show ip igmp snooping interface Use the show ip igmp snooping interface command in Privileged EXEC mode to display the IGMP snooping configuration. Syntax interface interface port-channel-number show ip igmp snooping interface {ethernet | port-channel interface —...
Page 279: Ip Igmp Snooping (Vlan)
show ip igmp snooping mrouter Use the show ip igmp snooping mrouter command in Privileged EXEC mode to display information on dynamically learned Multicast router interfaces. Syntax show ip igmp snooping mrouter Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 280 User Guidelines This command has no user guidelines. Example The following example enables IGMP snooping on VLAN 2. console(config-vlan)#ip igmp snooping 2 ip igmp snooping fast-leave This command enables or disables IGMP Snooping fast-leave mode on a selected VLAN. Enabling fast- leave allows the switch to immediately remove the layer 2 LAN interface from its forwarding table entry upon receiving an IGMP leave message for that multicast group without first sending out MAC-based general queries to the interface.
Page 281: Ip Igmp Snooping Groupmembership-Interval
ip igmp snooping groupmembership-interval This command sets the IGMP Group Membership Interval time on a VLAN. The Group Membership Interval time is the amount of time in seconds that a switch waits for a report from a particular group on a particular interface before deleting the interface from the entry.
Page 282 ip igmp snooping maxresponse This command sets the IGMP Maximum Response time on a particular VLAN. The Maximum Response time is the amount of time in seconds that a switch will wait after sending a query on an interface because it did not receive a report for a particular group in that interface. This value must be less than the IGMP Query Interval time value.
Page 283 ip igmp snooping mcrtrexpiretime This command sets the Multicast Router Present Expiration time. The time is set on a particular VLAN. This is the amount of time in seconds that a switch waits for a query to be received on an interface before the interface is removed from the list of interfaces with multicast routers attached.
Page 285 IGMP Snooping Querier Commands This chapter explains the following commands: • ip igmp snooping querier • ip igmp snooping querier election participate • ip igmp snooping querier query-interval • ip igmp snooping querier timer expiry • ip igmp snooping querier version •...
Page 286: Ip Igmp Snooping Querier
ip igmp snooping querier This command enables or disables IGMP Snooping Querier on the system (Global Configuration mode) or on a VLAN. Using this command, you can specify the IP address that the snooping querier switch should use as the source address when generating periodic queries. The no form of this command disables IGMP Snooping Querier on the system.
Page 287 ip igmp snooping querier election participate This command enables the Snooping Querier to participate in the Querier Election process when it discovers the presence of another Querier in the VLAN. When this mode is enabled, if the Snooping Querier finds that the other Querier source address is more than the Snooping Querier address, it stops sending periodic queries.
Page 288 Default Configuration The query interval default is 60 seconds. Command Mode Global Configuration mode User Guidelines The value of this parameter should be larger than the IGMP Snooping Max Response Time. Example The following example sets the query interval to 1800: console(config)#ip igmp snooping querier query_interval 1800 ip igmp snooping querier timer expiry This command sets the IGMP Querier timer expiration period which is the time period that the...
Page 289 ip igmp snooping querier version This command sets the IGMP version of the query that the snooping switch is going to send periodically. The no form of this command sets the IGMP Querier Version to its default value. Syntax number ip igmp snooping querier version no ip igmp snooping querier version number —...
Page 290 vlan_id When you specify a value for , the following information appears: • VLAN Admin Mode — Indicates whether IGMP Snooping Querier is active on the VLAN. • VLAN Operational State — Indicates whether IGMP Snooping Querier is in the Querier or Non-Querier state.
Page 291 Vlan 2 : IGMP Snooping querier status ---------------------------------------------- IGMP Snooping Querier Vlan Mode....Disable Querier Election Participate Mode....Disable Querier Vlan Address......0.0.0.0 Operational State......Disabled Operational version......2...
Page 293 IP Addressing Commands This chapter explains the following commands: • clear host • interface out-of-band • ip address • ip address vlan • ip default-gateway • ip domain-lookup • ip domain-name • ip host • ip name-server • ipv6 address •...
Page 294 clear host Use the clear host command in Privileged EXEC mode to delete entries from the host name-to- address cache. Syntax name clear host { name — Host name to be deleted from the host name-to-address cache. (Range: 1-255 • characters) * —...
Page 295 Example console(config)#interface out-of-band console(config-if)# ip address Use the ip address command in Global Configuration mode to set an IP address. To remove an IP address, use the no form of this command. Syntax ip address {bootp|dhcp|none| <ipaddress> mask prefix-length no ip address •...
Page 296 console(config)#ip address 131.108.1.27 255.255.255.0 console(config)#ip address 131.108.1.27 /24 ip address Use the ip address command in Interface Configuration (out-of-band) mode to set a static out- of-band port IP address or to enable DHCP as the serviceport configuration protocol on the OOB port.
Page 297 console(config-if)#ip address 10.240.4.115 255.255.255.0 10.240.4.1 ip address vlan Use the ip address vlan command in Global Configuration mode to set the management VLAN. Syntax vlanid ip address vlan no ip address vlan vlanid — vlan identification. (Range 1–4093) • Default Configuration The default configuration value is 1.
Page 298 User Guidelines A static IP address must be configured using the ip address command before setting the default gateway. The default gateway should reside on the subnet defined by the ip address command. NOTE: For management traffic forwarding decisions, a default-route configured on the switch (CLI, Web, SNMP, or learned via routing protocol such as OSPF), takes precedence over the ip default-gateway setting.
Page 299 Global Configuration mode User Guidelines This command has no user guidelines. Example The following example defines a default domain name of dell.com. console(config)#ip domain-name dell.com ip host Use the ip host command in Global Configuration mode to define static host name-to-address mapping in the host cache.
Page 300 This command has no user guidelines. Example The following example defines a static host name-to-address mapping in the host cache. console(config)#ip host accounting.dell.com 176.10.23.1 ip name-server Use the ip name-server command in Global Configuration mode to define available IPv4 or IPv6 name servers.
Page 301: Ipv6 Address
ipv6 address Use the ipv6 address command to set the IPv6 address of the management interface. Use the "no" form of this command to reset the IPv6 address to the default. Syntax prefix/prefix-length ipv6 address { [eui64] | autoconfig | dhcp } no ipv6 address prefix —...
Page 302: Ipv6 Enable
console(config)#no ipv6 address dhcp console(config)#no ipv6 address autoconfig console(config)#no ipv6 address 2003::6/64 console(config)#no ipv6 address 2001::/64 eui64 console(config)#no ipv6 address ipv6 enable Use the ipv6 enable command to enable IPv6 on the management interface. Use the "no" form of this command to disable IPv6 on the management interface. Syntax ipv6 enable no ipv6 enable...
Page 303 Syntax gateway-address ipv6 gateway no ipv6 gateway gateway-address —The gateway address in IPv6 global or link-local address format. Default Configuration There is no IPv6 gateway configured by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 gateway 2003::1 console(config)#no ipv6 gateway...
Page 304 Example The following example displays ARP table information. console#show arp switch MAC Address IP Address Interface ------------------- ---------------- ------------ 0016.9CE1.D800 10.27.6.1 1/g37 show hosts Use the show hosts command in User EXEC mode to display the default domain name, a list of name server hosts, and the static and cached list of host names and addresses.
Page 305: Show Ip Helper-Address
Cache: TTL (Hours) Host Total Elapsed Type Addresses ---------------- ----- ------- ------- ------------- www.stanford.edu 171.64.14.203 show ip helper-address Use the show ip helper-address command in Privileged EXEC mode to display IP helper addresses configuration. Syntax intf-address show ip helper-address [ intf-address —...
Page 306: Show Ip Interface Management
show ip interface management Use the show ip interface management command to display the management interface configuration. Syntax show ip interface management Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the management interface configuration.
Page 307 Default Configuration This command has no default configuration. Command Mode Privileged EXEC User Guidelines No specific guidelines. Example console#show ip interface out-of-band IP Address......10.240.4.115 Subnet Mask......255.255.255.0 Default Gateway....... 10.240.4.1 IPv6 Prefix is ....... FE80::20A:1EFF:FE11:1100/64 ServPort Configured Protocol Current...None Burned In MAC Address....0006.2932.814C...
Page 309 IPv6 Access List Commands This chapter explains the following commands: • {deny | permit} • ipv6 access-list • ipv6 access-list rename • ipv6 traffic-filter • show ipv6 access-lists...
Page 310 {deny | permit} This command creates a new rule for the current IPv6 access list. Each rule is appended to the list of configured rules for the list. A rule may either deny or permit traffic according to the specified classification fields. At a minimum, either the 'every' keyword or the protocol, source address, and destination address values must be specified.
Page 311 mirror interface — Allows the traffic matching this rule to be copied to the specified • interface. redirect interface — This parameter allows the traffic matching this rule to be forwarded to • the specified interface. Default Configuration This command has no default configuration. Command Mode Ipv6-Access-List Configuration mode User Guidelines...
Page 312 name — Alphanumeric string of 1 to 31 characters uniquely identifying the IPv6 access list. • Default Configuration There is no default configuration for this command. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example creates an IPv6 ACL named “DELL_IP6”...
Page 313 Example console(Config)#ipv6 access-list rename DELL_IP6 DELL_IP6_NEW_NAME ipv6 traffic-filter The ipv6 traffic-filter command either attaches a specific IPv6 Access Control List (ACL) to an interface or associates it with a VLAN ID in a given direction. An optional sequence number may be specified to indicate the order of this access list relative to other IPv6 access lists already assigned to this interface and direction.
Page 314 console(config-if-1/g1)#ipv6 traffic-filter DELL_IP6 in • Bind the IPv6 ACL named myipv6acl to the physical interface 1/g1 in the outbound direction. console(config-if-1/g1)#ipv6 traffic-filter myipv6acl out • Bind the IPv6 ACL named myipv6acl to the LAG interface 1 in the outbound direction. console(config-if-ch1)#ipv6 traffic-filter myipv6acl out •...
Page 315 ACL Name: STOP_HTTP Inbound Interface(s): 1/g1 Rule Number: 1 Action......... deny Protocol........255(ipv6) Source IP Address......2001:DB8::/32 Destination L4 Port Keyword....80(www/http) Rule Number: 2 Action......... permit Protocol........255(ipv6) Source IP Address......2001:DB8::/32 The command output provides the following information: Field Description Rule Number...
Page 316 Redirect Interface Displays the interface to which packets matching this rule are forwarded.
Page 317 IPv6 MLD Snooping Querier Commands This chapter explains the following commands: • ipv6 mld snooping querier • ipv6 mld snooping querier (VLAN mode) • ipv6 mld snooping querier address • ipv6 mld snooping querier election participate • ipv6 mld snooping querier query-interval •...
Page 318 ipv6 mld snooping querier Use the ipv6 mld snooping querier command to enable MLD Snooping Querier on the system. Use the "no" form of this command to disable MLD Snooping Querier. Syntax ipv6 mld snooping querier no ipv6 mld snooping querier Default Configuration MLD Snooping Querier is disabled by default.
Page 319 Example console(config-vlan)#ipv6 mld snooping querier 10 ipv6 mld snooping querier address Use the ipv6 mld snooping querier address command to set the global MLD Snooping Querier address. Use the "no" form of this command to reset the global MLD Snooping Querier address to the default.
Page 320 vlan-id no ipv6 mld snooping querier election participate vlan-id — A valid VLAN ID. (Range: 1 - 4093) • Default Configuration Election participation is disabled by default. Command Mode VLAN Database mode User Guidelines There are no user guidelines for this command. Example console(config-vlan)#ipv6 mld snooping querier election participate 10...
Page 321 Example console(config)#ipv6 mld snooping querier 120 ipv6 mld snooping querier timer expiry Use the ipv6 mld snooping querier timer expiry command to set the MLD Querier timer expiration period. It is the time period that the switch remains in Non-Querier mode once it has discovered that there is a Multicast Querier in the network.
Page 322 Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines When the optional argument vlan vlan-id is not used, the command shows the following information: MLD Snooping Querier Mode Indicates whether or not MLD Snooping Querier is active on the switch.
Page 323 When the optional argument detail is used, the command shows the global information and the information for all Querier enabled VLANs as well as the following information: Last Querier Address Indicates the IP address of the most recent Querier from which a Query was received.
Page 325 IP Source Guard Commands IP Source Guard commands are supported by PCM6348 and PCM8024. This chapter explains the following commands: • ip verify source • ip verify source port-security • ip verify binding • show ip verify interface • show ip verify source interface •...
Page 326 ip verify source port-security Use the ip verify source port-security command in Interface Configuration mode to enable filtering of IP packets matching the source IP address and the source MAC address. Syntax ip verify source port-security Default Configuration By default, IPSG is disabled on all interfaces. Command Mode Interface Configuration mode User Guidelines...
Page 327 show ip verify interface Use the show ip verify interface command in Privileged EXEC mode to display the IPSG interface configuration. Syntax show ip verify interface Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Page 328 show ip source binding Use the show ip source binding command in Privileged EXEC mode to display all bindings (static and dynamic). Syntax show ip source binding Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Page 329 LACP Commands This chapter explains the following commands: • lacp port-priority • lacp system-priority • lacp timeout • show lacp ethernet • show lacp port-channel...
Page 330 lacp port-priority Use the lacp port-priority command in Interface Configuration mode to configure the priority value for physical ports. To reset to default priority value, use the no form of this command. Syntax value lacp port-priority no lacp port-priority value — Port priority value. (Range: 1–65535) •...
Page 331 Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example configures the system priority to 120. console(config)#lacp system-priority 120 lacp timeout Use the lacp timeout command in Interface Configuration mode to assign an administrative LACP timeout.
Page 332 show lacp ethernet Use the show lacp ethernet command in Privileged EXEC mode to display LACP information for Ethernet ports. Syntax interface show lacp ethernet [parameters|statistics] Interface — Ethernet interface. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Page 333 distributing: FALSE expired: FALSE Partner system priority: system mac addr: 00:00:00:00:00:00 port Admin key: port Oper key: port Admin priority: port Oper priority: port Oper timeout: LONG LACP Activity: ASSIVE Aggregation: AGGREGATABLE synchronization: FALSE collecting: FALSE distributing: FALSE expired: FALSE Port 1/g1 LACP Statistics: LACP PDUs sent: LACP PDUs received:...
Page 334 Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example shows how to display LACP port-channel information. console#show lacp port-channel 1 Port-Channel 1:Port Type 1000 Ethernet Actor System Priority: AC Address: 000285:0E1C00 Admin Key: Oper Key: Partner System Priority:...
Page 335 Link Dependency Commands This chapter explains the following commands: • link-dependency group • no link-dependency group • add ethernet • add port-channel • add port-channel • no add port-channel • depends-on ethernet • no depends-on ethernet • depends-on port-channel • no depends-on port-channel •...
Page 336 link-dependency group Use the link-dependency group command to enter the link-dependency mode to configure a link- dependency group Syntax GroupId link-dependency group GroupId — Link dependency group identifier. (Range: 1–72) • Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines No specific guidelines...
Page 337: Add Ethernet
Example console(config)#no link-dependency group 1 add ethernet Use the add ethernet command to add member Ethernet port(s) to the dependency list. Syntax intf-list add ethernet intf-list — List of Ethernet interfaces. Separate nonconsecutive ports with a comma and no spaces. •...
Page 338 User Guidelines No specific guidelines Example console(config-linkDep-group-1)#add port-channel 2 no add port-channel Use the no add port-channel command to remove member port-channels from the dependency list. Syntax port channel list no add port-channel port-channel-list — List of port-channel interfaces. Separate nonconsecutive ports with a comma and •...
Page 339 Command Mode Link Dependency mode User Guidelines No specific guidelines Example console(config-linkDep-group-1)#depends-on ethernet 1/g10 no depends-on ethernet Use the no depends-on ethernet command to remove the dependent Ethernet ports list. Syntax intf-list no depends-on ethernet intf-list — List of Ethernet interfaces. Separate nonconsecutive ports with a comma and no spaces. •...
Page 340 Default Configuration This command has no default configuration. Command Mode Link Dependency mode User Guidelines No specific guidelines Example console(config-linkDep-group-1)#depends-on port-channel 6 no depends-on port-channel Use the no depends-on port-channel command to remove the dependent port-channels list. Syntax port-channel-list no depends-on port-channel port-channel-list —...
Page 341 Syntax GroupId show link-dependency [group GroupId — Link dependency group identifier. (Range: Valid Group Id, 1–16) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines No specific guidelines Example The following command shows link dependencies for all groups. console#show link-dependency GroupId Member Ports...
Page 343 LLDP Commands This chapter explains the following commands: • clear lldp remote-data • clear lldp statistics • lldp med • lldp med confignotification • lldp med faststartrepeatcount • lldp med transmit-tlv • lldp notification • lldp notification-interval • lldp receive •...
Page 344 clear lldp remote-data Use the clear lldp remote-data command in Privileged EXEC mode to delete all LLDP information from the remote data table. Syntax clear lldp remote-data Default Configuration By default, data is removed only on system reset. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Page 345 console#clear lldp statistics lldp med This command is used to enable/disable LLDP-MED on an interface. By enabling MED, the transmit and receive functions of LLDP are effectively enabled. Syntax Description lldp med no lldp med Parameter Ranges Not applicable Command Mode Interface (Ethernet) Configuration Default Value LLDP-MED is disabled on all supported interfaces.
Page 346 Command Mode Interface (Ethernet) Configuration Default Value By default, notifications are disabled on all supported interfaces. Usage Guidelines No specific guidelines. Example console(config)#lldp med confignotification lldp med faststartrepeatcount This command is used to set the value of the fast start repeat count. Syntax Description count lldp med faststartrepeatcount...
Page 347 lldp med transmit-tlv This command is used to specify which optional TLVs in the LLDP MED set are transmitted in the LLDPDUs. There are certain conditions that have to be met for this port to be MED compliant. These conditions are explained in the normative section of the specification. For example, the MED TLV 'capabilities' is mandatory.
Page 348 Syntax lldp notification no lldp notification Default Configuration By default, notifications are disabled on all supported interfaces. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example The following example displays how to enable remote data change notifications. console(config-if-1/g3)#lldp notification lldp notification-interval Use the lldp notification-interval command in Global Configuration mode to limit how...
Page 349 Example The following example displays how to set the interval value to 10 seconds. console(config)#lldp notification-interval 10 lldp receive Use the lldp receive command in Interface Configuration mode to enable the LLDP receive capability. To disable reception of LLDPDUs, use the no form of this command. Syntax lldp receive no lldp receive...
Page 350 hold-multiplier — Multiplier on the transmit interval used to set the TTL in local data • LLDPDUs. (Range: 2–10) reinit-delay — The delay in seconds before re-initialization. (Range: 1–10 seconds) • Default Configuration The default transmit interval is 30 seconds. The default hold-multiplier is 4.
Page 351 User Guidelines This command has no user guidelines. Example The following example displays how enable the transmission of local data. console(config-if-1/g3)#lldp transmit lldp transmit-mgmt Use the lldp transmit-mgmt command in Interface Configuration mode to include transmission of the local system management address information in the LLDPDUs. To cancel inclusion of the management information, use the no form of this command.
Page 352 • sys-name — Transmits the system name TLV • sys-desc — Transmits the system description TLV • sys-cap — Transmits the system capabilities TLV • port desc — Transmits the port description TLV Default Configuration By default, no optional TLVs are included. Command Mode Interface Configuration (Ethernet) mode User Guidelines...
Page 353 Global Configurations: Transmit Interval: 30 seconds Transmit TTL Value: 120 seconds Reinit Delay: 2 seconds Notification Interval: limited to every 5 seconds console#show lldp LLDP transmit and receive disabled on all interfaces show lldp interface Use the show lldp interface command in Privileged EXEC mode to display the current LLDP interface state.
Page 354 TLV Codes: 0 – Port Description, 1 – System Name, 2 – System Description, 3 – System Capability console# show lldp interface 1/g1 Interface Link Transmit Receive Notify TLVs Mgmt --------- ---- -------- -------- -------- ------- ---- 1/g1 Enabled Enabled Enabled 0,1,2,3 TLV Codes: 0 –...
Page 355 1/g1 00:62:48:00:00:02 console# show lldp local-device detail 1/g1 LLDP Local Device Detail Interface: 1/g1 Chassis ID Subtype: MAC Address Chassis ID: 00:62:48:00:00:00 Port ID Subtype: MAC Address Port ID: 00:62:48:00:00:02 System Name: System Description: Routing Port Description: System Capabilities Supported: bridge, router System Capabilities Enabled: bridge Management Address: Type: IPv4...
Page 356 Usage Guidelines No specific guidelines. Example console(config)#show lldp med LLDP MED Global Configuration Fast Start Repeat Count: 3 Device Class: Network Connectivity show lldp med interface This command displays a summary of the current LLDP MED configuration for a specific interface.
Page 357 --------- ------ -------- -------- -------- ------- 1/g1 Down Disabled Disabled Disabled 1/g2 Down Disabled Disabled Disabled console #show lldp med interface 1/g1 LLDP MED Interface Configuration Interface Link configMED operMED ConfigNotify TLVsTx --------- ------ -------- -------- -------- ------- 1/g1 Enabled Enabled Disabled TLV Codes: 0- Capabilities,...
Page 358 Example Console#show lldp med local-device detail 1/g1 LLDP MED Local Device Detail Interface: 1/0/8 Network Policies Media Policy Application Type : voice Vlan ID: 10 Priority: 5 DSCP: 1 Unknown: False Tagged: True Media Policy Application Type : streamingvideo Vlan ID: 20 Priority: 1 DSCP: 2 Unknown: False...
Page 359 Location Subtype: elin Info: xxx xxx xxx Extended POE Device Type: pseDevice Extended POE PSE Available: 0.3 watts Source: primary Priority: critical Extended POE PD Required: 0.2 watts Source: local Priority: low show lldp med remote-device This command displays the current LLDP MED remote data. This command can display summary information or detail for each interface.
Page 360 Command Mode Privileged EXEC Default Value Not applicable Example Console#show lldp med remote-device all LLDP MED Remote Device Summary Local InterfaceDevice Class --------------------- 1/g1Class I 1/g2 Not Defined 1/g3Class II 1/g4Class III 1/g5Network Con Console#show lldp med remote-device detail 1/g1 LLDP MED Remote Device Detail Local Interface: 1/g1 Capabilities...
Page 361 Network Policies Media Policy Application Type : voice Vlan ID: 10 Priority: 5 DSCP: 1 Unknown: False Tagged: True Media Policy Application Type : streamingvideo Vlan ID: 20 Priority: 1 DSCP: 2 Unknown: False Tagged: True Inventory Hardware Rev: xxx xxx xxx Firmware Rev: xxx xxx xxx Software Rev: xxx xxx xxx Serial Num: xxx xxx xxx...
Page 362 Device Type: pseDevice Extended POE PSE Available: 0.3 Watts Source: primary Priority: critical Extended POE PD Required: 0.2 Watts Source: local Priority: low show lldp remote-device Use the lldp remote-device command in Privileged EXEC mode to display the current LLDP remote data.
Page 363 Local Remote Interface Device ID Port ID TTL --------- ----------------- ----------------- ---------- 1/g1 01:23:45:67:89:AB 01:23:45:67:89:AC 60 seconds 1/g2 01:23:45:67:89:CD 01:23:45:67:89:CE 120 seconds 1/g3 01:23:45:67:89:EF 01:23:45:67:89:FG 80 seconds console# show lldp remote-device detail 1/g1 Ethernet1/g1, Remote ID: 01:23:45:67:89:AB System Name: system-1 System Description: System Capabilities: Bridge Port ID: 01:23:45:67:89:AC...
Page 364 User Guidelines This command has no user guidelines. Examples The following examples shows an example of the display of current LLDP traffic statistics. console#show lldp statistics all LLDP Device Statistics Last Update........0 days 22:58:29 Total Inserts........ 1 Total Deletes........ 0 Total Drops........
Page 365 Parameter Description Total Drops Number of times a complete set of information advertised by a remote device could not be inserted due to insufficient resources. Total Ageouts Number of times any remote data entry has been deleted due to time-to-live (TTL) expiration. Transmit Total Total number of LLDP frames transmitted on the indicated port.
Page 367: Add Ethernet
Port Aggregator Commands This chapter explains the following commands: • add ethernet • duplex • lacp auto • lacp off • lacp static • lacp auto • mtu disable • negotiation • no lacp • port-aggregator group • show bridge address-table •...
Page 368: Duplex
User Guidelines This command has no user guidelines. Example console(config)#port-aggregator group 1 console(config-aggregator-1)#add ethernet 1/g1 console(config-aggregator-1)# duplex Use the duplex command in port aggregator configuration mode to configure the full/half duplex operation of all member ports in the aggregator group/zone. To restore the default, use the no form of this command.
Page 369 lacp auto Use the lacp auto command to set the LACP (Link Aggregation) mode to dynamic for that Aggregator Group. This means that when more than one uplink port is in the Group, those uplink ports will be enabled automatically with dynamic LACP . Syntax lacp auto Default Configuration...
Page 370 User Guidelines This command has no user guidelines. Example console(config)#port-aggregator group 2 console(config-aggregator-2)#lacp off console(config-aggregator-2)# lacp static Use the lacp static command to set the LACP (Link Aggregation) mode to static for that Aggregator Group. This means that when more than one uplink port is in the Group, those uplink ports will be enabled automatically with static LACP.
Page 371 otherwise, all the internal ports in the Group will be brought down. By default, the minimum active uplinks for a Group is 1, which means at least one uplink port should be active for the Aggregator Group to be active. Syntax <number of uplinks>...
Page 372: Negotiation
User Guidelines This command has no user guidelines. Example console(config)#port-aggregator group 1 console(config-aggregator-1)#mtu disable console(config-aggregator-1)# negotiation Use the negotiation command in port aggregator mode to enable auto-negotiation of all member ports in the aggregator group/zone. To disable negotiation, use the no form of this command. Syntax negotiation no negotiation...
Page 373 Default Configuration This command has no default configuration. Command Mode Port Aggregator mode User Guidelines This command has no user guidelines. Example console(config)#port-aggregator group 2 console(config-aggregator-2)#no lacp console(config-aggregator-2)# port-aggregator group Use the port-aggregator group <GroupId> command to enter the Port Aggregator mode to configure aggregator group attributes.
Page 374: Show Bridge Address-Table
show bridge address-table Use the show bridge address-table command to show the MAC address table for a particular aggregator [port-aggregator group <Group id> group. is an optional parameter in the command, and if not specified, it shows all the MAC entries in all the Groups. Syntax [port-aggregator group <...
Page 375 10 — Configures the port to 10 Mbps operation. • 100 — Configures the port to 100 Mbps operation. • Default Configuration This command has no default configuration. Command Mode Port Aggregator mode User Guidelines This command has no user guidelines. Example console(config)#port-aggregator group 1 console(config-aggregator-1)#speed 100...
Page 377 Port Channel Commands This chapter explains the following commands: • channel-group • interface port-channel • interface range port-channel • hashing-mode • no hashing-mode • show interfaces port-channel • show statistics port-channel...
Page 378 channel-group Use the channel-group command in Interface Configuration mode to configure a port-to-port channel. To remove the channel-group configuration from the interface, use the no form of this command. Syntax port-channel-number channel-group mode {on|auto} no channel-group port-channel-number — Number of a valid port-channel for the current port to join. •...
Page 379 Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example enters the context of port-channel number 1. console(config)# interface port-channel 1 console(config-if-ch1)# interface range port-channel Use the interface range port-channel command in Global Configuration mode to execute a command on multiple port channels at the same time.
Page 380: Hashing-Mode
Example The following example shows how port-channels 1, 2 and 8 are grouped to receive the same command. console(config)# interface range port-channel 1-2,8 console(config-if)# hashing-mode Use the hashing-mode command to set the hashing algorithm on trunk ports. Syntax mode hashing-mode mode —...
Page 381: No Hashing-Mode
no hashing-mode Use the no hashing-mode command to set the hashing algorithm on Trunk ports to the default (3). Syntax Description no hashing-mode Default Configuration This command has no default configuration. Command Mode Interface Configuration (port-channel) User Guidelines No specific guidelines. Example console(config)#interface port-channel 1 console(config-if-ch1)#no hashing mode...
Page 382 Example Console#show interfaces port-channel Channel Ports Hashing-mode ------- --------------------------------------- ------------ Active: 1/e1, 2/e2 Active: 2/e2, 2/e7 Inactive: 3/e1 Active: 3/e3, 3/e8 3 <default> No Configured Ports No Configured Ports No Configured Ports No Configured Ports 3 <default> No Configured Ports 3 <default>...
Page 383: Show Statistics Port-Channel
show statistics port-channel Use the show statistics port-channel command in Privileged EXEC mode to display statistics about a specific port-channel. Syntax port-channel-number show statistics port-channel port-channel-number — Valid port-channel number channel to display. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 384 Unicast Packets Received....... 0 Multicast Packets Received..... 0 Broadcast Packets Received..... 0 Total Packets Received with MAC Errors..0 Jabbers Received....... 0 Fragments/Undersize Received....0 Alignment Errors....... 0 --More-- or (q)uit FCS Errors........0 Overruns........0 Total Received Packets Not Forwarded... 0 Local Traffic Frames......
Page 385 Underrun Errors........ 0 Total Transmit Packets Discarded....0 Single Collision Frames......0 Multiple Collision Frames...... 0 Excessive Collision Frames..... 0 Port Membership Discards....... 0 802.3x Pause Frames Transmitted....0 GVRP PDUs received......0 GVRP PDUs Transmitted......0 GVRP Failed Registrations...... 0 Time Since Counters Last Cleared....
Page 387: Port Monitor Commands
Port Monitor Commands This chapter explains the following commands: • monitor session • show monitor session...
Page 388: Monitor Session
monitor session Use the monitor session command in Global Configuration mode to configure a probe port and a monitored port for monitor session (port monitoring). Use the src-interface parameter to specify the interface to monitor. Use rx to monitor only ingress packets, or use tx to monitor only egress packets.
Page 389: Show Monitor Session
show monitor session Use the show monitor session command in Privileged EXEC mode to display status of port monitoring. Syntax session-id show monitor session session id — Session identification number. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Page 391: Qos Commands
QoS Commands This chapter explains the following commands: • assign-queue • class • class-map • class-map rename • classofservice dot1p-mapping • classofservice ip-dscp-mapping • classofservice trust • conform-color • cos-queue min-bandwidth • cos-queue strict • diffserv • drop • mark cos •...
Page 392 • match protocol • match source-address mac • match srcip • match srcip6 • match srcl4port • match vlan • mirror • police-simple • policy-map • redirect • service-policy • show class-map • show classofservice dot1p-mapping • show classofservice ip-dscp-mapping •...
Page 393: Class
assign-queue Use the assign-queue command in Policy-Class-Map Configuration mode to modify the queue ID to which the associated traffic stream is assigned. Syntax queueid assign-queue < > queueid — Specifies a valid queue ID. (Range: integer from 0–6.) • Default Configuration This command has no default configuration.
Page 394: Class-Map
Default Configuration The class-map defaults to ipv4. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example creates a class-map named “DELL” which requires all ACE’s to be matched. console(config)#class-map DELL console(config-cmap)#...
Page 395: Class-Map Rename
Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example displays how to change the name of a DiffServ class from “DELL ” to “DELL1.” console(config)#class-map rename DELL DELL1 console(config)# classofservice dot1p-mapping Use the classofservice dot1p-mapping command in Global Configuration mode to map an 802.1p priority to an internal traffic class.
Page 396: Classofservice Ip-Dscp-Mapping
Default Configuration This command has no default configuration. Command Mode Global Configuration or Interface Configuration (Ethernet, Port-channel) mode User Guidelines None Example The following example configures mapping for user priority 1 and traffic class 2. console(config)#classofservice dot1p-mapping 1 2 classofservice ip-dscp-mapping Use the classofservice ip-dscp-mapping command in Global Configuration mode to map an IP DSCP value to an internal traffic class.
Page 397: Classofservice Trust
classofservice trust Use the classofservice trust command in either Global Configuration mode or Interface Configuration mode to set the class of service trust mode of an interface. To set the interface mode to untrusted, use the no form of this command. Syntax classofservice trust {dot1p|untrusted|ip-dscp} no classofservice trust...
Page 398: Cos-Queue Min-Bandwidth
Syntax conform-color Default Configuration This command has no default configuration. Command Mode Policy-Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example displays how to specify the conform-color command. console(config-policy-classmap)#conform-color test_class (test_class is <class-map-name> cos-queue min-bandwidth Use the cos-queue min-bandwidth command in either Global Configuration mode or Interface Configuration mode to specify the minimum transmission bandwidth for each interface queue.
Page 399: Cos-Queue Strict
User Guidelines The maximum number of queues supported per interface is seven. Example The following example displays how to specify the minimum transmission bandwidth for seven interfaces. console(config)#cos-queue min-bandwidth 0 0 5 5 10 10 10 cos-queue strict Use the cos-queue strict command in either Global Configuration mode or Interface Configuration mode to activate the strict priority scheduler mode for each specified queue.
Page 400: Diffserv
diffserv Use the diffserv command in Global Configuration mode to set the DiffServ operational mode to active. While disabled, the DiffServ configuration is retained and can be changed, but it is not activated. When enabled, DiffServ services are activated. To set the DiffServ operational mode to inactive, use the no form of this command.
Page 401: Mark Cos
User Guidelines This command has no user guidelines. Example The following example displays how to specify that matching packets are to be dropped at ingress. console(config-policy-classmap)#drop mark cos Use the mark cos command in Policy-Class-Map Configuration mode to mark all packets for the associated traffic stream with the specified class of service value in the priority field of the 802.1p header.
Page 402: Mark Ip-Precedence
dscpval — Specifies a DSCP value (10, 12, 14, 18, 20, 22, 26, 28, 30, 34, 36, 38, 0, 8, 16, 24, 32, • 40, 48, 56, 46) or a DSCP keyword (af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, be, cs0, cs1, cs2, cs3, cs4, cs5, cs6, cs7, ef).
Page 403: Match Class-Map
console(config-policy-map)#class c1 console(config-policy-classmap)#mark ip-precedence 2 console(config-policy-classmap)# match class-map Use the match class-map command to add to the specified class definition the set of match conditions defined for another class. Use the no form of this command to remove from the specified class definition the set of match conditions defined for another class.
Page 404: Match Cos
Example The following example adds match conditions defined for the Dell class to the class currently being configured. console(config-classmap)#match class-map Dell The following example deletes the match conditions defined for the Dell class from the class currently being configured. console(config-classmap)#no match class-map Dell...
Page 405: Match Destination-Address Mac
match destination-address mac Use the match destination-address mac command in Class-Map Configuration mode to add to the specified class definition a match condition based on the destination MAC address of a packet. Syntax macaddr macmask match destination-address mac macaddr — Specifies any valid layer 2 MAC address formatted as six two-digit hexadecimal •...
Page 406: Match Dstip6
Default Configuration This command has no default configuration. Command Mode Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example displays adding a match condition using the specified IP address and bit mask. console(config-classmap)#match dstip 10.240.1.1 10.240.0.0 match dstip6 The match dstip6 command adds to the specified class definition a match condition based on the destination IPv6 address of a packet.
Page 407: Match Dstl4Port
match dstl4port Use the match dstl4port command in Class-Map Configuration mode to add to the specified class definition a match condition based on the destination layer 4 port of a packet using a single keyword or a numeric notation. Syntax portkey port-number match dstl4port {...
Page 408: Match Ip6Flowlbl
Default Configuration This command has no default configuration. Command Mode Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example displays how to add a match condition based on ethertype. console(config-classmap)#match ethertype arp match ip6flowlbl The match ip6flowlbl command adds to the specified class definition a match condition based on the IPv6 flow label of a packet.
Page 409: Match Ip Dscp
match ip dscp Use the match ip dscp command in Class-Map Configuration mode to add to the specified class definition a match condition based on the value of the IP DiffServ Code Point (DSCP) field in a packet. This field is defined as the high-order six bits of the Service Type octet in the IP header.
Page 410: Match Ip Tos
Default Configuration This command has no default configuration. Command Mode Class-Map Configuration mode User Guidelines The ip dscp, ip precedence, and ip tos match conditions are alternative ways to specify a match criterion for the same Service Type field in the IP header but with a slightly different user notation.
Page 411: Match Protocol
User Guidelines The ip dscp, ip precedence, and ip tos match conditions are alternative ways to specify a match criterion for the same Service Type field in the IP header but with a slightly different user notation. free form This specification is the version of the IP DSCP/Precedence/TOS match specification in that you have complete control of specifying which bits of the IP Service Type field are checked.
Page 412: Match Source-Address Mac
match source-address mac Use the match source-address mac command in Class-Map Configuration mode to add to the specified class definition a match condition based on the source MAC address of the packet. Syntax address macmask match source-address mac macaddr — Specifies any valid layer 2 MAC address formatted as six two-digit hexadecimal •...
Page 413: Match Srcip6
Default Configuration This command has no default configuration. Command Mode Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example displays adding a match condition for the specified IP address and address bit mask. console(config-classmap)#match srcip 10.240.1.1 10.240.0.0 match srcip6 The match srcip6 command adds to the specified class definition a match condition based on the source IPv6 address of a packet.
Page 414: Match Srcl4Port
match srcl4port Use the match srcl4port command in Class-Map Configuration mode to add to the specified class definition a match condition based on the source layer 4 port of a packet using a single keyword or a numeric notation. Syntax portkey port-number match srcl4port {...
Page 415: Mirror
Command Mode Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example displays adding a match condition for the VLAN ID “2.” console(config-classmap)#match vlan 2 mirror Use the mirror command in Policy-Class-Map Configuration mode to mirror all the data that matches the class defined to the destination port specified.
Page 416: Police-Simple
police-simple Use the police-simple command in Policy-Class-Map Configuration mode to establish the traffic policing style for the specified class. The simple form of the police command uses a single data rate and burst size, resulting in two outcomes: conform and nonconform. Syntax datarate burstsize...
Page 417: Policy-Map
The CLI mode is changed to Policy-Class-Map Configuration when this command is successfully executed. The policy type dictates which of the individual policy attribute commands are valid within the policy definition. Example The following example shows how to establish a new DiffServ policy named “DELL.” console(config)#policy-map DELL console(config-policy-classmap)#...
Page 418: Redirect
redirect Use the redirect command in Policy-Class-Map Configuration mode to specify that all incoming packets for the associated traffic stream are redirected to a specific egress interface (physical port or port-channel). Syntax interface redirect interface — Specifies any valid interface. Interface is Ethernet port or port-channel (Range: •...
Page 419: Show Class-Map
Example The following example shows how to attach a service policy named “DELL” to all interfaces. console(config)#service-policy DELL show class-map Use the show class-map command in Privileged EXEC mode to display all configuration information for the specified class.
Page 420 Example The following example displays all the configuration information for the class named “Dell”. console#show class-map Class L3 Class Name Type Proto Reference Class Name ------------------------------- ----- ----- ---------------------- ------- ipv4 ipv4 ipv6 ipv6 stop_http_class ipv6 match_icmp6 ipv6 console#show class-map ipv4 Class Name........
Page 421: Show Classofservice Dot1P-Mapping
Match Criteria Values ---------------------------- ------------------------------------- Source IP Address 2001:DB8::/32 Source Layer 4 Port 80(http/www) show classofservice dot1p-mapping Use the show classofservice dot1p-mapping command in Privileged EXEC mode to display the current Dot1p (802.1p) priority mapping to internal traffic classes for a specific interface. Syntax unit>/<port-type><port>...
Page 422: Show Classofservice Ip-Dscp-Mapping
The following table lists the parameters in the example and gives a description of each. Parameter Description User Priority The 802.1p user priority value. Traffic Class The traffic class internal queue identifier to which the user priority value is mapped. show classofservice ip-dscp-mapping Use the show classofservice ip-dscp-mapping command in Privileged EXEC mode to display the current IP DSCP mapping to internal traffic classes for a specific interface.
Page 423 ------------- ------------- 0(be/cs0 8(cs1) 10(af11) 12(af12) 14(af13) 16(cs2) 18(af21) --More-- or (q)uit 20(af22) 22(af23) 24(cs3) 26(af31)
Page 424 28(af32) 30(af33) 32(cs4) 34(af41) 36(af42) 38(af43) 40(cs5) --More-- or (q)uit 46(ef) 48(cs6)
Page 425: Show Classofservice Trust
56(cs7) console# show classofservice trust Use the show classofservice trust command in Privileged EXEC mode to display the current trust mode setting for a specific interface. Syntax unit>/<port-type><port> port-channel number show classofservice trust [< |port-channel <unit>/<port-type><port> — Specifies a valid unit/port combination: •...
Page 426: Show Diffserv
Example The following example displays the current trust mode settings for the specified port. console#show classofservice trust 1/g2 Class of Service Trust Mode: Dot1P show diffserv Use the show diffserv command in Privileged EXEC mode to display the DiffServ general information, which includes the current administrative mode setting as well as the current and maximum number of DiffServ components.
Page 427: Show Diffserv Service Interface Ethernet
show diffserv service interface ethernet Use the show diffserv service interface ethernet command in Privileged EXEC mode to display policy service information for the specified interface. Syntax <unit>/<port-type><port> show diffserv service interface ethernet {in|out} unit>/<port-type><port> — A valid < unit>/<port-type><port> in the system. •...
Page 428: Show Diffserv Service Brief
• out— Outbound direction. NOTE: Direction can be in or out for any switch other than PCM6220. Default Configuration This command has no default configuration. Command Mode Privileged EXEC User Guidelines Not applicable Example console#show diffserv service interface port-channel 1 in DiffServ Admin Mode......
Page 429: Show Interfaces Cos-Queue
Direction OperStatus Policy Name ----------- ----------- ------------ ------------------- 1/g1 Down DELL show interfaces cos-queue Use the show interfaces cos-queue command in Privileged EXEC mode to display the class-of-service queue configuration for the specified interface. Syntax unit>/<port-type><port> port-channel number show interfaces cos-queue [<...
Page 430 Global Configuration Interface Shaping Rate......0 Queue Id Min. Bandwidth Scheduler Type Queue Management Type -------- -------------- -------------- --------------------- Weighted Tail Drop Weighted Tail Drop Weighted Tail Drop Weighted Tail Drop Weighted Tail Drop Weighted Tail Drop Weighted Tail Drop This example displays the COS configuration for the specified interface 1/g1.
Page 431: Show Policy-Map
Parameter Description Interface The port of the interface. If displaying the global configuration, this output line is replaced with a global configuration indication. Intf Shaping Rate The maximum transmission bandwidth limit for the interface as a whole. It is independent of any per-queue maximum bandwidth values in effect for the interface.
Page 432: Show Policy-Map Interface
This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the statistics information for port 1/g1. console#show policy-map interface 1/g1 in Interface........1/g1 Operational Status......Down Policy Name........DELL...
Page 433: Show Service-Policy
Class Name........test In Discarded Packets......0 Class Name........DELL1 In Discarded Packets......0 Class Name........DELL In Discarded Packets......0 show service-policy Use the show service-policy command in Privileged EXEC mode to display a summary of policy-oriented statistics information for all interfaces.
Page 434: Traffic-Shape
------ ----- ------------------------------- 1/g1 Down DELL 1/g2 Down DELL 1/g3 Down DELL 1/g4 Down DELL 1/g5 Down DELL 1/g6 Down DELL 1/g7 Down DELL 1/g8 Down DELL 1/g9 Down DELL 1/g10 Down DELL traffic-shape Use the traffic-shape command in Global Configuration mode and Interface Configuration mode to specify the maximum transmission bandwidth limit for the interface as a whole.
Page 435 Example The following example displays the setting of traffic-shape to a maximum bandwidth of 1024 Kpbs. console(config-if-1/g1)#traffic-shape 1024 kbps...
Page 437: Radius Commands
RADIUS Commands This chapter explains the following commands: • aaa accounting network default start-stop group radius • acct-port • auth-port • deadtime • • msgauth • name • primary • priority • radius-server deadtime • radius-server host • radius-server key •...
Page 438: Acct-Port
aaa accounting network default start-stop group radius Use the aaa accounting network default start-stop group radius command to enable RADIUS accounting on the switch. Use the “no” form of this command to disable RADIUS accounting. Syntax aaa accounting network default start-stop group radius no aaa accounting network default start-stop group radius Default Configuration RADIUS accounting is disabled by default.
Page 439: Auth-Port
User Guidelines There are no user guidelines for this command. Example The following example sets port number 56 for accounting requests. console(config)#radius-server host acct 3.2.3.2 console(Config-acct-radius)#acct-port 56 auth-port Use the auth-port command in Radius mode to set the port number for authentication requests of the designated Radius server.
Page 440: Deadtime
deadtime Use the deadtime command in Radius mode to improve Radius response times when a server is unavailable by causing the unavailable server to be skipped. Syntax deadtime deadtime deadtime — The amount of time that the unavailable server is skipped over. (Range: 0-2000 •...
Page 441: Msgauth
User Guidelines There are no user guidelines for this command. Example lion-king The following example specifies an authentication and encryption key of “ ”. console(config)#radius-server host acct 3.2.3.2 console(Config-acct-radius)#key keyacct msgauth Use the msgauth command to enable the message authenticator attribute to be used for the RADIUS Authenticating server being configured.
Page 442: Name
name Use the name command to assign a name to a RADIUS server. Use the "no" form of this command to reset the name to the default. Syntax servername name no name servername — The name for the RADIUS server (Range: 1 - 32 characters). Default Configuration The default RADIUS server name is Default-RADIUS-Server.
Page 443: Priority
Command Mode Radius mode User Guidelines There are no user guidelines for this command. Example console(Config-auth-radius)#primary priority Use the priority command in Radius mode to specify the order in which the servers are to be used, with 0 being the highest priority. Syntax priority priority...
Page 444: Radius-Server Deadtime
radius-server deadtime Use the radius-server deadtime command in Global Configuration mode to improve Radius response times when servers are unavailable. The command is used to cause the unavailable servers to be skipped. To set the deadtime to 0, use the no form of this command. Syntax deadtime radius-server deadtime...
Page 445: Radius-Server Key
Default Configuration The default server type is authentication. The default server name is “Default RADIUS Server”. The default port number is 1812 for an authentication server and 1813 for an accounting server. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example specifies a Radius server host with the following characteristics: Server host IP address —...
Page 446: Radius-Server Retransmit
Example The following example sets the authentication and encryption key for all Radius .” communications between the device and the Radius server to “dell-server console(config)#radius-server key dell-server radius-server retransmit Use the radius-server retransmit command in Global Configuration mode to specify the number of times the Radius client will retransmit requests to the Radius server.
Page 447: Radius-Server Source-Ip
radius-server source-ip Use the radius-server source-ip command in Global Configuration mode to specify the source IP address used for communication with Radius servers. To return to the default, use the no form of this command. 0.0.0.0 is interpreted as a request to use the IP address of the outgoing IP interface.
Page 448: Retransmit
Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example sets the interval for which a switch waits for a server host to reply to 5 seconds. console(config)#radius-server timeout 5 retransmit Use the retransmit command in Radius mode to specify the number of times the Radius client retransmits requests to the Radius server.
Page 449: Show Radius-Servers
show radius-servers Use the show radius-servers command to display the list of configured RADIUS servers and the values configured for the global parameters of the RADIUS client. Syntax servername show radius-servers [ accounting | authentication ] [ name [ accounting — This optional parameter will cause accounting servers to be displayed. authentication —...
Page 450 Field Description RADIUS Attribute 4 Mode A Global parameter to indicate whether the NAS-IP-Address attribute has been enabled to use in RADIUS requests. RADIUS Attribute 4 Value A Global parameter that specifies the IP address to be used in NAS-IP- Address attribute to be used in RADIUS requests.
Page 451: Show Radius-Servers Statistics
Timeout........5 Deadtime........0 Port........... 1812 Source IP........0.0.0.0 Secret Configured......No Message Authenticator......Enable show radius-servers statistics Use the show radius-servers statistics command to show the statistics for an authentication or accounting server. Syntax ipaddress hostname show radius-servers statistics [ accounting | authentication ] { | name servername •...
Page 452 Field Description Retransmissions The number of RADIUS Accounting Request packets retransmitted to this RADIUS accounting server. Responses The number of RADIUS packets received on the accounting port from this server. Malformed Responses The number of malformed RADIUS Accounting Response packets received from this server.
Page 453 Field Description Bad Authenticators The number of RADIUS Access Response packets containing invalid authenticators or signature attributes received from this server. Pending Requests The number of RADIUS Access Request packets destined for this server that have not yet timed out or received a response. Timeouts The number of authentication timeouts to this server.
Page 454: Source-Ip
Access Rejects........ 0 Access Challenges......0 Malformed Access Responses....0 Bad Authenticators......0 Pending Requests......0 Timeouts........0 Unknown Types......... 0 Packets Dropped....... 0 source-ip Use the source-ip command in Radius mode to specify the source IP address to be used for communication with Radius servers.
Page 455: Usage
Syntax timeout timeout timeout — Timeout value in seconds for the specified server. (Range: 1-30 seconds.) • Default Configuration The default value is 15 seconds. Command Mode Radius mode User Guidelines User must enter the mode corresponding to a specific Radius server before executing this command.
Page 456 Example login The following example specifies usage type console(config)#radius-server host 192.143.120.123 console(config-radius)#usage login...
Page 457: Spanning Tree Commands
Spanning Tree Commands This chapter explains the following commands: • clear spanning-tree detected-protocols • exit (mst) • instance (mst) • name (mst) • revision (mst) • show spanning-tree • show spanning-tree summary • spanning-tree • spanning-tree auto-portfast • spanning-tree bpdu flooding •...
Page 458 • spanning-tree portfast default • spanning-tree port-priority • spanning-tree priority • spanning-tree tcnguard • spanning-tree transmit hold-count...
Page 459: Exit (Mst)
clear spanning-tree detected-protocols Use the clear spanning-tree detected-protocols command in Privileged EXEC mode to restart the protocol migration process (force the renegotiation with neighboring switches) on all interfaces or on the specified interface. Syntax interface port-channel- clear spanning-tree detected-protocols [ethernet | port-channel number interface —...
Page 460: Instance (Mst)
User Guidelines This command has no user guidelines. Example The following example shows how to exit the MST configuration mode and save changes. console(config)#spanning-tree mst configuration console(config-mst)#exit instance (mst) Use the instance command in MST mode to map VLANS to an MST instance. Syntax instance-id vlan-range...
Page 461: Name (Mst)
name (mst) Use the name command in MST mode to define the configuration name. To return to the default setting, use the no form of this command. Syntax string name string — Case sensitive MST configuration name. (Range: 1-32 characters) •...
Page 462: Show Spanning-Tree
User Guidelines This command has no user guidelines. Example The following example sets the configuration revision to 1. console(config)#spanning-tree mst configuration console(config-mst)#revision 1 show spanning-tree Use the show spanning-tree command in Privileged EXEC mode to display the spanning-tree configuration. Syntax interface-number port-channel-number show spanning-tree [ethernet...
Page 463 Examples The following examples display spanning-tree information. console#show spanning-tree Spanning tree Disabled BPDU Flooding disabled Portfast BPDU filtering Disabled mode rstp CST Regional Root: 80:00:00:FC:E3:90:00:5D Regional Root Path Cost: ROOT ID Address 80:00:00:FC:E3:90:00:5D This Switch is the Root. Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec TxHoldCount 6 Interfaces Name...
Page 464 1/g6 Enabled 128.6 Disb 1/g7 Enabled 128.7 Disb 1/g8 Enabled 128.8 Disb 1/g9 Enabled 128.9 Disb 1/g10 Enabled 128.10 Disb 1/g11 Enabled 128.11 Disb 1/g12 Enabled 128.12 Disb 1/g13 Enabled 128.13 Disb 1/g14 Enabled 128.14 Disb 1/g15 Enabled 128.15 Disb 1/g16 Enabled 128.16...
Page 465 Enabled 128.626 Disb Enabled 128.627 Disb Enabled 128.628 Disb Enabled 128.629 Disb Enabled 128.630 Disb Enabled 128.631 Disb Enabled 128.632 Disb --More-- or (q)uit /***************************************************************** ******************/ console(config)# console#show spanning-tree Spanning tree Enabled BPDU Flooding disabled Portfast BPDU filtering Disabled m ode rstp CST Regional Root: 80:00:00:FC:E3:90:00:5D...
Page 466 Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Interfaces Name State Prio.Nbr Cost Role PortFast Restricted ------ -------- --------- ---------- ---- ----- -------- ------- --More-- or (q)uit Name State Prio.Nbr Cost Role PortFast Restricted ------ -------- --------- ---------- ---- ----- -------- ------- 1/g1...
Page 467 Name State Prio.Nbr Cost Role PortFast Restricted ------ -------- --------- ---------- ---- ----- -------- ------- 1/g17 Enabled 128.17 Disb 1/g18 Enabled 128.18 Disb 1/g19 Enabled 128.19 Disb 1/g20 Enabled 128.20 Disb 1/g21 Enabled 128.21 Disb 1/g22 Enabled 128.22 Disb 1/g23 Enabled 128.23 Disb...
Page 468 Enabled 128.634 Disb ch10 Enabled 128.635 Disb ch11 Enabled 128.636 Disb ch12 Enabled 128.637 Disb ch13 Enabled 128.638 Disb ch14 Enabled 128.639 Disb ch15 Enabled 128.640 Disb ch16 Enabled 128.641 Disb ch17 Enabled 128.642 Disb ch18 Enabled 128.643 Disb ch19 Enabled 128.644 Disb...
Page 469 Bridge ID Priority 32768 Address 80:00:00:FC:E3:90:00:5D Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Interfaces Name State Prio.Nbr Cost Role PortFast RestrictedPort ------ -------- --------- ---------- ---- ----- -------- ------- --More-- or (q)uit Name State Prio.Nbr Cost Role PortFast RestrictedPort...
Page 470: Show Spanning-Tree Summary
###### MST 0 Vlan Mapped: 1, 3001 ROOT ID Address 40:00:00:FC:E3:90:06:0F Path Cost 20000 Root Port 1/g1 Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 Address 80:00:00:FC:E3:90:00:5D Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Interfaces Name State...
Page 471 Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines The following fields are displayed: Spanning Tree Admin Mode Enabled or disabled Spanning Tree Version Version of 802.1 currently supported (IEEE 802.1s, IEEE 802.1w, or IEEE 802.1d) based upon the mode parameter.
Page 472: Spanning-Tree Auto-Portfast
Configuration Format Selector..0 No MST instances to display. spanning-tree Use the spanning-tree command in Global Configuration mode to enable spanning-tree functionality. To disable spanning-tree functionality, use the no form of this command. Syntax spanning-tree no spanning-tree Default Configuration Spanning-tree is enabled. Command Mode Global Configuration mode User Guidelines...
Page 473: Spanning-Tree Bpdu Flooding
Command Mode Interface Configuration (Ethernet, Port Channel) mode Usage Guidelines There are no user guidelines for this command. Example The following example enables spanning-tree functionality on ethernet interface 4/g1. console#config console(config)#interface ethernet 4/g1 console(config-if-4/g1)#spanning-tree auto-portfast spanning-tree bpdu flooding The spanning-tree bpdu flooding command allows flooding of BPDUs received on non- spanning-tree ports to all other non-spanning-tree ports.
Page 474: Spanning-Tree Bpdu-Protection
spanning-tree bpdu-protection Use the spanning-tree bpdu-protection command in Global Configuration mode to enable BPDU protection on a switch. Use the no form of this command to resume the default status of BPDU protection function. For an access layer device, the access port is generally connected to the user terminal (such as a desktop computer) or file server directly and configured as an edge port to implement the fast transition.
Page 475: Spanning-Tree Disable
Syntax cost spanning-tree cost no spanning-tree cost cost — The port path cost. (Range: 0–200,000,000) • Default Configuration The default cost is 0, which signifies that the cost is automatically calculated based on port speed. • 10G Port path cost — 2000 •...
Page 476: Spanning-Tree Forward-Time
Command Mode Interface Configuration (Ethernet, Port-Channel) mode User Guidelines This command has no user guidelines. Example The following example disables spanning-tree on 1/g5. console(config)#interface ethernet 1/g5 console(config-if-1/g5)#spanning-tree disable spanning-tree forward-time Use the spanning-tree forward-time command in Global Configuration mode to configure the spanning-tree bridge forward time, which is the amount of time a port remains in the listening and learning states before entering the forwarding state.
Page 477: Spanning-Tree Guard
spanning-tree guard The spanning-tree guard command selects whether loop guard or root guard is enabled on an interface. If neither is enabled, the port operates in accordance with the multiple spanning tree protocol. Use the “no” form of this command to disable loop guard or root guard on the interface.
Page 478: Spanning-Tree Max-Age
Default Configuration Loop guard is disabled by default. Command Mode Global Configuration mode Usage Guidelines There are no usage guidelines for this command. Example The following example enables spanning-tree loopguard functionality on all ports. console(config)#spanning-tree loopguard default spanning-tree max-age Use the spanning-tree max-age command in Global Configuration mode to configure the spanning-tree bridge maximum age.
Page 479: Spanning-Tree Max-Hops
console(config)#spanning-tree max-age 10 spanning-tree max-hops Use the spanning-tree max-hops command to set the MSTP Max Hops parameter to a new value for the common and internal spanning tree. Use the “no” form of this command to reset the Max Hops to the default. Syntax spanning-tree max-hops hops...
Page 480: Spanning-Tree Mst 0 External-Cost
Default Configuration Rapid Spanning Tree Protocol (RSTP) is supported. Command Mode Global Configuration mode User Guidelines In RSTP mode the switch would use STP when the neighbor switch is using STP . In MSTP mode the switch would use RSTP when the neighbor switch is using RSTP and would use STP when the neighbor switch is using STP.
Page 481: Spanning-Tree Mst Configuration
User Guidelines There are no user guidelines for this command. Example The following example configures the spanning-tree mst 0 external-cost at 20000. console(config-if-4/g1)#spanning-tree mst 0 external-cost 20000 spanning-tree mst configuration Use the spanning-tree mst configuration command in Global Configuration mode to enable configuring an MST region by entering the multiple spanning-tree (MST) mode.
Page 482: Spanning-Tree Mst Port-Priority
Syntax instance-id cost spanning-tree mst cost instance-id no spanning-tree mst cost instance-ID — ID of the spanning -tree instance. (Range: 1-15) • cost — The port path cost. (Range: 0–200,000,000) • Default Configuration The default value is 0, which signifies that the cost will be automatically calculated based on port speed.
Page 483: Spanning-Tree Mst Priority
Default Configuration The default port-priority for IEEE MSTP is 128. Command Mode Interface Configuration (Ethernet, Port-Channel) mode User Guidelines This command has no user guidelines. Example The following example configures the port priority of port 1/g1 to 144. console(config)#interface ethernet 1/g1 console(config-if-1/g1)#spanning-tree mst 1 port-priority 144 spanning-tree mst priority Use the spanning-tree mst priority command in Global Configuration mode to set the switch...
Page 484: Spanning-Tree Portfast
Example The following example configures the spanning tree priority of instance 1 to 4096. console(config)#spanning-tree mst 1 priority 4096 spanning-tree portfast Use the spanning-tree portfast command in Interface Configuration mode to enable PortFast mode. In PortFast mode, the interface is immediately put into the forwarding state upon linkup, without waiting for the timer to expire.
Page 485: Spanning-Tree Portfast Default
Syntax spanning-tree portfast bpdufilter default no spanning-tree portfast bpdufilter default Default Configuration This feature is disabled by default. Command Mode Global Configuration mode Usage Guidelines There are no usage guidelines for this command. Example The following example discards BPDUs received on spanning-tree ports in portfast mode. console#spanning-tree portfast bpdufilter default spanning-tree portfast default Use the spanning-tree portfast default command to enable Portfast mode on all ports.
Page 486: Spanning-Tree Port-Priority
spanning-tree port-priority Use the spanning-tree port-priority command in Interface Configuration mode to configure port priority. To reset the default port priority, use the no form of this command. Syntax priority spanning-tree port-priority no spanning-tree port-priority priority — The port priority. (Range: 0–240) •...
Page 487 Command Mode Global Configuration mode User Guidelines The priority value must be a multiple of 4096. The switch with the lowest priority is the root of the spanning tree. Example The following example configures spanning-tree priority to 12288. console(config)#spanning-tree priority 12288 spanning-tree tcnguard Use the spanning-tree tcnguard command to prevent a port from propagating topology change notifications.
Page 488 spanning-tree transmit hold-count Use the spanning-tree transmit hold-count command to set the maximum number of BPDUs that a bridge is allowed to send within a hello time window (2 seconds). Use the “no” form of this command to reset the hold count to the default value. Syntax value spanning-tree transmit hold-count [...
Page 489 TACACS+ Commands This chapter explains the following commands: • • port • priority • show tacacs • tacacs-server host • tacacs-server key • tacacs-server timeout • timeout...
Page 490: Port
Use the key command in TACACS Configuration mode to specify the authentication and encryption key for all TACACS communications between the device and the TACACS server. This key must match the key used on the TACACS daemon. Syntax key [ key-string ] •...
Page 491: Priority
User Guidelines This command has no user guidelines. Example The following example displays how to specify server port number 1200. console(tacacs)#port 1200 priority Use the priority command in TACACS Configuration mode to specify the order in which servers are used, where 0 (zero) is the highest priority. Syntax priority [ priority ] priority —...
Page 492 Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Examples The following example displays TACACS+ server settings. console#show tacacs Global Timeout: 5 IP address Port Timeout Priority --------------- ----- ------- --------...
Page 493 TACACS+ daemon. (Range: 0–128 characters) Default Configuration The default is an empty string. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example sets the authentication encryption key. console(config)#tacacs-server key dell-s...
Page 494 tacacs-server timeout Use the tacacs-server timeout command in Global Configuration mode to set the interval during which a switch waits for a server host to reply. To restore the default, use the no form of this command. Syntax tacacs-server timeout [ timeout ] no tacacs-server timeout timeout —...
Page 495 User Guidelines This command has no user guidelines. Example This example shows how to specify the timeout value. console(config-tacacs)#timeout 23...
Page 497: Vlan Commands
VLAN Commands This chapter explains the following commands: • dvlan-tunnel ethertype • interface vlan • interface range vlan • mode dvlan-tunnel • name • protocol group • protocol vlan group • protocol vlan group all • show dvlan-tunnel • show dvlan-tunnel interface •...
Page 498 • vlan • vlan association mac • vlan association subnet • vlan database • vlan makestatic • vlan protocol group • vlan protocol group add protocol ethertype • vlan protocol group remove...
Page 499 dvlan-tunnel ethertype Use the dvlan-tunnel ethertype command in Global Configuration mode to configure the ethertype for the specified interface. To configure the EtherType on the specified interface to its default value, use the no form of this command. Syntax 0-65535 dvlan-tunnel ethertype {802.1Q | vman | custom <...
Page 500 Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example configures the VLAN 1 IP address of 131.108.1.27 and subnet mask 255.255.255.0. console(config)#interface vlan 1 console(config-vlan)#ip address 131.108.1.27 255.255.255.0 interface range vlan Use the interface range vlan command in Global Configuration mode to execute a command...
Page 501: Name
Example The following example groups VLAN 221 till 228 and VLAN 889 to receive the same command. console(config)#interface range vlan 221-228,889 console(config-if)# mode dvlan-tunnel Use the mode dvlan-tunnel command in Interface Configuration mode to enable Double VLAN Tunneling on the specified interface. To disable Double VLAN Tunneling on the specified interface, use the no form of this command.
Page 502 Default Configuration No name is defined. Command Mode Interface Configuration (VLAN) mode User Guidelines The VLAN name must be unique. Example The following example names VLAN number 19 with the name "Marketing." console(config)#interface vlan 19 console(config-if-vlan19)#name Marketing protocol group Use the protocol group command in VLAN Database mode to attach a VLAN ID to the groupid protocol-based group identified by .
Page 503 User Guidelines This command has no user guidelines. Example The following example displays how to attach the VLAN ID "100" to the protocol-based VLAN group "3." console#vlan database console(config-vlan)#protocol group 3 100 protocol vlan group Use the protocol vlan group command in Interface Configuration mode to add the physical groupid unit/port interface to the protocol-based group identified by .
Page 504 Example The following example displays how to add a physical port interface to the group ID of "2." console(config-if-1/g1)#protocol vlan group 2 protocol vlan group all Use the protocol vlan group all command in Global Configuration mode to add all physical groupid interfaces to the protocol-based group identified by .
Page 505 show dvlan-tunnel Use the show dvlan-tunnel command in Privileged EXEC mode to display all interfaces enabled for Double VLAN Tunneling. Syntax show dvlan-tunnel Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example shows how to display all interfaces for Double VLAN Tunneling.
Page 506 User Guidelines This command has no user guidelines. Example The following example displays detailed information for unit/port "1/g1." console#show dvlan-tunnel interface 1/g1 Interface Mode EtherType --------- ------- -------------- 1/g1 Enable vMAN The following table describes the significant fields shown in the example. Field Description Mode...
Page 507 User Guidelines This command has no user guidelines. Examples The following example displays switchport configuration individually for g1. console#show interface switchport ethernet 1/g1 Port 1/g1: VLAN Membership mode: General Operating parameters: PVID: 1 (default) Ingress Filtering: Enabled Acceptable Frame Type: All GVRP status: Enabled Protected: Enabled Port 1/g1 is member in:...
Page 508 IPv6 VLAN untagged VLAN0072 untagged Forbidden VLANS: VLAN Name ---- --------- The following example displays switchport configuration individually for 1/g2. console#show interface switchport ethernet 1/g2 Port 1/g2: VLAN Membership mode: General Operating parameters: PVID: 4095 (discard vlan) Ingress Filtering: Enabled Acceptable Frame Type: All Port 1/g1 is member in: VLAN...
Page 509 ---- --------- The following example displays switchport configuration individually for 2/g19. console#show interfaces switchport ethernet 2/g19 Port 2/g19: Operating parameters: PVID: 2922 Ingress Filtering: Enabled Acceptable Frame Type: Untagged GVRP status: Disabled Port 2/g19 is member in: VLAN Name Egress rule Type ---- ---------...
Page 510 Syntax groupid show port protocol { | all} groupid — The protocol-based VLAN group ID, which is automatically generated when you • create a protocol-based VLAN group with the vlan protocol group command. • all — Enter all to show all interfaces. Default Configuration This command has no default configuration.
Page 511 Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example identifies test as the protected group. console#show switchport protected 0 Name......... test show vlan Use the show vlan command in Privileged EXEC mode to display VLAN information. Syntax vlan-id vlan-name...
Page 512 VLAN0010 1/g3-1/g4 dynamic Required VLAN0011 1/g1-1/g2 static Required VLAN0020 1/g3-1/g4 static Required VLAN0021 static Required VLAN0030 static Required VLAN0031 static Required VLAN0011 1/g1-1/g2 static Not Required 3964 Guest VLAN 1/g17 Guest show vlan association mac Use the show vlan association mac command in Privileged EXEC mode to display the VLAN associated with a specific configured MAC address.
Page 513 console# show vlan association subnet Use the show vlan association subnet command in Privileged EXEC mode to display the VLAN associated with a specific configured IP-Address and netmask. If no IP Address and net mask are specified, the VLAN associations of all the configured IP-subnets are displayed. Syntax show vlan association subnet [ ip-address ip-mask...
Page 514 vlan-id — A valid VLAN ID of the VLAN to which the port is configured. • Default Configuration vlan-id The default value for the parameter is 1. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines The command automatically removes the port from the previous VLAN and adds it to the new VLAN.
Page 515 User Guidelines This command has no user guidelines. Example The following example forbids adding VLAN numbers 234 through 256 to port 1/g8. console(config)#interface ethernet 1/g8 console(config-if-1/g8)#switchport forbidden vlan add 234-256 switchport general acceptable-frame-type tagged-only Use the switchport general acceptable-frame-type tagged-only command in Interface Configuration mode to discard untagged frames at ingress.
Page 516 Syntax vlan-list switchport general allowed vlan add [tagged|untagged] vlan-list switchport general allowed vlan remove vlan-list — List of VLAN IDs to add. Separate nonconsecutive VLAN IDs with a comma • and no spaces. Use a hyphen to designate a range of IDs. vlan-list —...
Page 517 Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines This command has no user guidelines. Example The following example shows how to enables port ingress filtering on 1/g8. console(config)#interface ethernet 1/g8 console(config-if-1/g8)#switchport general ingress-filtering disable switchport general pvid Use the switchport general pvid command in Interface Configuration mode to configure the Port VLAN ID (PVID) when the interface is in general mode.
Page 518 console(config-if-1/g8)#switchport general pvid 234 switchport mode Use the switchport mode command in Interface Configuration mode to configure the VLAN membership mode of a port. To reset the mode to the appropriate default for the switch, use the no form of this command. Syntax switchport mode {access|trunk|general} no switchport mode...
Page 519 switchport protected Use the switchport protected command in Interface Configuration mode to configure a groupid protected port. The parameter identifies the set of protected ports to which this interface is assigned. You can only configure an interface as protected in one group. You are required to remove an interface from one group before adding it to another group.
Page 520 name — Name of the group. (Range: 0-32 characters) • Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example assigns the name "protected" to group 1. console(config-if-1/g1)#switchport protected 1 name protected switchport trunk allowed vlan Use the switchport trunk allowed vlan command in Interface Configuration mode to add...
Page 521 console(config-if-1/g8)#switchport trunk allowed vlan add 1,2,5-8 vlan Use the vlan command in VLAN Database mode to configure a VLAN. To delete a VLAN, use the no form of this command. Syntax vlan-range vlan no vlan vlan-range vlan-range — A list of valid VLAN IDs to be added. List separate, non-consecutive VLAN IDs •...
Page 522 vlanid — VLAN to associate with subnet. (Range: 1-4093) Default Configuration No assigned MAC address. Command Mode VLAN Database mode User Guidelines The maximum number of MAC-based VLAN associations is 256. Example The following example associates MAC address with VLAN ID 1. console(config-vlan)#vlan association mac 0001.0001.0001 1 vlan association subnet Use the vlan association subnet command in VLAN Database mode to associate a VLAN to a...
Page 523 console(config-vlan)#vlan association subnet 192.245.23.45 255.255.255.0 100 vlan database Use the vlan database command in Global Configuration mode to enter the VLAN database configuration mode. Syntax vlan database Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
Page 524 Command Mode VLAN Database Mode User Guidelines The dynamic VLAN (created via GRVP) should exist prior to executing this command. See the Type column in output from the show vlan command to determine that the VLAN is dynamic. Example The following changes vlan 3 to a static VLAN. console(config-vlan)#vlan makestatic 3 vlan protocol group Use the vlan protocol group <groupid>...
Page 525: Vlan Protocol Group Add Protocol Ethertype
vlan protocol group add protocol ethertype Use the vlan protocol group add protocol command in Global Configuration mode to add any groupid Ethertype protocol to the protocol-based VLAN groups identified by . A group may have more than one protocol associated with it. Each interface and protocol combination can be associated with one group only.
Page 526: Vlan Protocol Group Remove
Syntax <groupid> <groupName> vlan protocol group name <groupid> no vlan protocol group name groupid — The protocol-based VLAN group ID which is automatically generated when you • create a protocol-based VLAN group with the vlan protocol group command. To see the group ID associated with the name of a protocol group, use the show port protocol all command.
Page 527 User Guidelines This command has no user guidelines. Example The following example displays the removal of the protocol-based VLAN group identified as "2." console(config)#vlan protocol group remove 2...
Page 529: Voice Vlan Commands
Voice VLAN Commands This chapter explains the following commands: • voice vlan • voice vlan (Interface) • voice vlan data priority • show voice vlan...
Page 530: Voice Vlan (Interface)
voice vlan This command is used to enable the voice vlan capability on the switch. Syntax voice vlan no voice vlan Parameter Ranges Not applicable Command Mode Global Configuration Usage Guidelines Not applicable Default Value This feature is disabled by default. Example console(config)#voice vlan console(config)#no voice vlan...
Page 531: Voice Vlan Data Priority
• dscp The DSCP value (Range: 0–64). — Default Configuration The default DSCP value is 46. Command Mode Interface Configuration (Ethernet) mode. User Guidelines There are no user guidelines for this command. Example console(config-if-1/g1)#voice vlan 1 console(config-if-1/g1)#voice vlan dot1p 1 console(config-if-1/g1)#voice vlan none console(config-if-1/g1)#voice vlan untagged voice vlan data priority...
Page 532: Show Voice Vlan
console(config-if-1/g1)#voice vlan data priority trust show voice vlan unit/port show voice vlan [interface {< > |all}] Syntax When the interface parameter is not specified, only the global mode of the voice VLAN is displayed. When the interface parameter is specified: Voice VLAN ModeThe admin mode of the voice VLAN on the interface.
Page 533 802.1X Commands This chapter explains the following commands: • dot1x mac-auth-bypass • dot1x max-req • dot1x max-users • dot1x port-control • dot1x re-authenticate • dot1x re-authentication • dot1x system-auth-control • dot1x timeout quiet-period • dot1x timeout re-authperiod • dot1x timeout server-timeout •...
Page 534: Dot1X Max-Req
dot1x mac-auth-bypass Use the dot1x mab-enable command to enable MAB on an interface. Use the “no” form of this command to disable MAB on an interface. Syntax dot1x mac-auth-bypass no dot1x mac-auth-bypass Default Configuration MAC Authentication Bypass is disabled by default. Command Mode Interface Configuration (Ethernet) mode User Guidelines...
Page 535: Dot1X Max-Users
Command Mode Interface Configuration (Ethernet) mode User Guidelines Change the default value of this command only to adjust for unusual circumstances, such as unreliable links or specific behavioral problems with certain clients and authentication servers. Example The following example sets the number of times that the switch sends an EAP-request/identity frame to 6.
Page 536: Dot1X Port-Control
console(config-if-1/g2)#dot1x max-users 3 dot1x port-control Use the dot1x port-control command in Interface Configuration mode to enable the IEEE 802.1X operation on the port. Syntax dot1x port-control {force-authorized | force-unauthorized | auto | mac-based} no dot1x port-control • auto — Enables 802.1X authentication on the interface and causes the port to transition to the authorized or unauthorized state based on the 802.1X authentication exchange between the switch and the client.
Page 537: Dot1X Re-Authenticate
console(config-if-1/g2)# dot1x port-control mac-based dot1x re-authenticate Use the dot1x re-authenticate command in Privileged EXEC mode to enable manually initiating a re-authentication of all 802.1X-enabled ports or the specified 802.1X-enabled port. Syntax interface dot1x re-authenticate [ethernet interface — Specifies a valid interface number. The full syntax is unit/port . •...
Page 538: Dot1X System-Auth-Control
User Guidelines This command has no user guidelines. Example The following example enables periodic re-authentication of the client. console(config)# interface ethernet 1/g16 console(config-if-1/g16)# dot1x re-authentication dot1x system-auth-control Use the dot1x system-auth-control command in Global Configuration mode to enable 802.1X globally. To disable 802.1X globally, use the no form of this command. Syntax dot1x system-auth-control no dot1x system-auth-control...
Page 539: Dot1X Timeout Re-Authperiod
Syntax seconds dot1x timeout quiet-period no dot1x timeout quiet-period seconds — Time in seconds that the switch remains in the quiet state following a failed • authentication exchange with the client. (Range: 0–65535 seconds) Default Configuration The switch remains in the quiet state for 60 seconds. Command Mode Interface Configuration (Ethernet) mode User Guidelines...
Page 540: Dot1X Timeout Server-Timeout
Default Configuration Re-authentication period is 3600 seconds. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example The following example sets the number of seconds between re-authentication attempts to 300. console(config)# interface ethernet 1/g16 console(config-if-1/g16)# dot1x timeout re-authperiod 300 dot1x timeout server-timeout Use the dot1x timeout server-timeout command in Interface Configuration mode to set the time that the switch waits for a response from the authentication server.
Page 541: Dot1X Timeout Supp-Timeout
Example The following example sets the time for the retransmission to the authentication server to 3600 seconds. console(config-if-1/g1)# dot1x timeout server-timeout 3600 dot1x timeout supp-timeout Use the dot1x timeout supp-timeout command in Interface Configuration mode to set the time that the switch waits for a response before retransmitting an Extensible Authentication Protocol (EAP)-request frame to the client.
Page 542: Show Dot1X
Syntax seconds dot1x timeout tx-period no dot1x timeout tx-period seconds — Time in seconds that the switch should wait for a response to an • EAP-request/identity frame from the client before resending the request. (Range: 1–65535) Default Configuration The period of time is set to 30 seconds. Command Mode Interface Configuration (Ethernet) mode User Guidelines...
Page 543 User Guidelines This command has no user guidelines. Example The following example displays 802.1X port 1/g8 status. console#show dot1x ethernet 1/g8 Administrative Mode....Disabled Port Admin Oper Reauth Reauth Mode Mode Control Period ------- ------------------ ------------ -------- ---------- 1/g8 auto Authorized FALSE 3600...
Page 544: Username
Field Description Port The port number. Admin mode The port admin mode. Possible values are: Force-auth, Force-unauth, Auto, and mac-based. Oper mode The control mode under which this port is operating. Possible values are: Authorized or Unauthorized. Reauth Control Indicates whether re-authentication is enabled on this port. Reauth Period The timer used by the authenticator state machine on this port to determine when reauthentication of the supplicant takes place.
Page 545: Backend Authentication State
Field Description Backend Authentication State Current state of the backend authentication state machine. Possible values are Request, Response, Success, Fail, Timeout, Idle, and Initialize. Authentication success Counts the number of times the state machine has received a Success message from the Authentication Server. Authentication fails Counts the number of times the state machine has received a Failure message from the Authentication Server.
Page 546 User Name........guest1 Supp MAC Address....... 0012.1756.76EA Session Time........118 Filter Id........VLAN Assigned........1 Interface........1/g9 User Name........guest1 Supp MAC Address....... 0012.1756.796B Session Time........80 Filter Id........VLAN Assigned........1 The following table describes the significant fields shown in the display: Field Description Interface...
Page 547: Show Dot1X Ethernet
show dot1x ethernet Use the show dot1x ethernet command in Privileged EXEC mode to show the dot1x status. The command also displays a VLAN ID or name as required when RADIUS indicates the Tunnel- Private-Group-ID for a supplicant. Syntax interface show dot1x ethernet interface —...
Page 548: Show Dot1X Statistics
MAB mode (operational)......Enabled Logical Supplicant AuthPAE Backend VLAN Username Filter Port MAC-Address State State ------- ----------------- ------------ ----------- ----- -------- -------- 0012.43D1.D19F Authenticated Idle The following example shows port-based or auto Admin Mode and therefore does not list the supplicants which were shown in the previous example.
Page 549 interface — Ethernet port name. The full syntax is unit/port . • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays 802.1X statistics for the specified interface. console#show dot1x statistics ethernet 1/g2 Port...........
Page 550: Show Dot1X Users
Field Description EapolFramesTx The number of EAPOL frames of any type that have been transmitted by this Authenticator. EapolStartFramesRx The number of EAPOL Start frames that have been received by this Authenticator. EapolLogoffFramesRx The number of EAPOL Logoff frames that have been received by this Authenticator.
Page 551: Dot1X Guest-Vlan
User Guidelines This command has no user guidelines. Example The following example displays 802.1X users. console#show dot1x users Port Username --------- --------- 1/g1 1/g2 John Switch# show dot1x users username Bob Port Username --------- --------- 1/g1 The following table describes the significant fields shown in the display: Field Description Username...
Page 552: Dot1X Unauth-Vlan
Default Configuration The guest VLAN is disabled on the interface by default. Command Mode Interface Configuration (Ethernet) mode User Guidelines Configure the guest VLAN before using this command. Example The following example sets the guest VLAN on port 1/g2 to VLAN 10. console(config-if-1/g2)#dot1x guest-vlan 10 dot1x unauth-vlan Use the dot1x unauth-vlan command in Interface Configuration mode to specify the...
Page 553: Show Dot1X Advanced
show dot1x advanced Use the show dot1x advanced command in Privileged EXEC mode to display 802.1X advanced features for the switch or for the specified interface. The output of this command has been updated in release 2.1 to remove the Multiple Hosts column and add an Unauthenticated VLAN column, which indicates whether an unauthenticated VLAN is configured on a port.
Page 554: Radius-Server Attribute 4
console#show dot1x advanced ethernet 1/g2 Port Guest Unauthenticated VLAN Vlan --------- --------- --------------- 1/g2 radius-server attribute 4 Use the radius-server attribute 4 command in Global Configuration mode to set the network access server (NAS) IP address for the RADIUS server. Use the no version of the command to set the value to the default.
Page 555: Introduction
Layer 3 Commands Introduction The chapters that follow describe commands that conform to the OSI model’s Network Layer (Layer 3). Layer 3 commands perform a series of exchanges over various data links to deliver data between any two nodes in a network. These commands define the addressing and routing structure of the Internet.
Page 556 • Virtual Router Redundancy Protocol Commands...
Page 557: Arp Commands
ARP Commands This chapter explains the following commands: • • arp cachesize • arp dynamicrenew • arp purge • arp resptime • arp retries • arp timeout • clear arp-cache • clear arp-cache management • ip proxy-arp • show arp...
Page 558: Arp Cachesize
Use the arp command in Global Configuration mode to create an Address Resolution Protocol (ARP) entry. Use the no form of the command to remove the entry. Syntax ip-address mac-address ip-address no arp ip-address — IP address of a device on a subnet attached to an existing routing interface. •...
Page 559 Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example defines an arp cachesize of 500. console(config)#arp cachesize 500 arp dynamicrenew Use the arp dynamicrenew command in Global Configuration mode to enable the ARP component to automatically renew dynamic ARP entries when they age out.
Page 560 The disadvantage of enabling dynamic renew is that once an ARP cache entry is created, that cache entry continues to take space in the ARP cache as long as the neighbor continues to respond to ARP requests, even if no traffic is being forwarded to the neighbor. In a network where the number of potential neighbors is greater than the ARP cache capacity, enabling dynamic renew could prevent some neighbors from communicating because the ARP cache is full.
Page 561 arp resptime Use the arp resptime command in Global Configuration mode to configure the ARP request response timeout. To return the response timeout to the default value, use the no form of this command. Syntax integer arp resptime no arp resptime integer —...
Page 562 Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example defines 6 as the maximum number of retries. console(config)#arp retries 6 arp timeout Use the arp timeout command in Global Configuration mode to configure the ARP entry ageout time.
Page 563 Syntax clear arp-cache [gateway] • gateway — Removes the dynamic entries of type gateway, as well. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example clears all entries ARP of type dynamic, including gateway, from ARP cache.
Page 564 ip proxy-arp Use the ip proxy-arp command in Interface Configuration mode to enable proxy ARP on a router interface. Without proxy ARP, a device only responds to an ARP request if the target IP address is an address configured on the interface where the ARP request arrived. With proxy ARP, the device may also respond if the target IP address is reachable.
Page 565 Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example shows show arp command output. console#show arp Age Time (seconds)......1200 Response Time (seconds)......1 Retries........
Page 567 DHCP and BOOTP Relay Commands This chapter explains the following commands: • bootpdhcprelay cidridoptmode • bootpdhcprelay maxhopcount • bootpdhcprelay minwaittime...
Page 568 bootpdhcprelay cidridoptmode Use the bootpdhcprelay cidridoptmode command in Global Configuration mode to enable the circuit ID option and remote agent ID mode for BootP/DHCP Relay on the system. Use the no form of the command to disable the circuit ID option and remote agent ID mode for BootP/DHCP Relay.
Page 569 Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example defines a maximum hopcount of 6. console(config)#bootpdhcprelay maxhopcount 6 bootpdhcprelay minwaittime Use the bootpdhcprelay minwaittime command in Global Configuration mode to configure the minimum wait time in seconds for BootP/DHCP Relay on the system. When the BOOTP relay agent receives a BOOTREQUEST message, it might use the seconds-sinceclient- began- booting field of the request as a factor in deciding whether to relay the request or not.
Page 571: Dhcpv6 Commands
DHCPv6 Commands This chapter explains the following commands: • clear ipv6 dhcp • dns-server • domain-name • ipv6 dhcp pool • ipv6 dhcp relay • ipv6 dhcp relay-agent-info-opt • ipv6 dhcp relay-agent-info-remote-id-subopt • ipv6 dhcp server • prefix-delegation • service dhcpv6 •...
Page 572 clear ipv6 dhcp Use the clear ipv6 dhcp command in Privileged EXEC mode to clear DHCPv6 statistics for all interfaces or for a specific interface. Syntax vlan-id clear ipv6 dhcp {statistics | interface vlan statistics} vlan-id — Valid VLAN ID. •...
Page 573 Command Mode IPv6 DHCP Pool Configuration mode User Guidelines DHCPv6 pool can have multiple number of domain names with maximum of 8. Example The following example sets the ipv6 DNS server address of 2020:1::1, which is provided to a DHCPv6 client by the DHCPv6 server. console(config)#ipv6 dhcp pool addrpool console(config-dhcp6s-pool)#dns-server 2020:1::1 domain-name...
Page 574 console(config-dhcp6s-pool)#no domain-name test ipv6 dhcp pool Use the ipv6 dhcp pool command in Global Configuration mode to enter IPv6 DHCP Pool Configuration mode. DHCPv6 pools are used to specify information for DHCPv6 server to distribute to DHCPv6 clients. These pools are shared between multiple interfaces over which DHCPv6 server capabilities are configured.
Page 575 interface — Sets the relay server interface. • vlan-id — A valid VLAN ID. • user-defined-string }] — The Relay Agent Information Option “remote • [remote-id {duid-ifid| ID” sub-option to be added to relayed messages. This can either be the special keyword duid- ifid, which causes the “remote ID”...
Page 576 Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example configures the number 100 to represent the DHCPv6 Relay Agent Information Option. console(config)#ipv6 dhcp relay-agent-info-opt 100 ipv6 dhcp relay-agent-info-remote-id-subopt Use the ipv6 dhcp relay-agent-info-remote-id-subopt command in Global Configuration mode to configure a number to represent the DHCPv6 the “remote-id”...
Page 577 Syntax pool-name pref-value ipv6 dhcp server [rapid-commit] [preference pool-name — The name of the DHCPv6 pool containing stateless and/or prefix delegation • parameters • rapid-commit — Is an option that allows for an abbreviated exchange between the client and server. pref-value —...
Page 578 preferred-lifetime — Preferred lifetime for delegated prefix. (Range: 0-4294967295 seconds) • Default Configuration preferred-lifetime 2592000 seconds is the default value for . 604800 seconds is the default value valid-lifetime Command Mode IPv6 DHCP Pool Configuration mode User Guidelines This command has no user guidelines. Example The following example defines a Multiple IPv6 prefix and client DUID within a pool for distributing to specific DHCPv6 Prefix delegation clients.
Page 579 Example The following example enables DHCPv6 globally. console#configure console(config)#service dhcpv6 console(config)#no service dhcpv6 show ipv6 dhcp Use the show ipv6 dhcp command in Privileged EXEC mode to display the DHCPv6 server name and status. Syntax show ipv6 dhcp Default Configuration This command has no default configuration.
Page 580 Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the configured DHCP pool based on the entered IPv6 address. console#show ipv6 dhcp binding 2020:1:: show ipv6 dhcp interface Use the show ipv6 dhcp interface command in User EXEC mode to display DHCPv6 information for all relevant interfaces or a specified interface.
Page 581 IPv6 Interface......... vlan11 Mode........... Relay Relay Address........2020:1::1 Relay Interface Number......Relay Relay Remote ID........ Option Flags........console> show ipv6 dhcp interface vlan 11 statistics DHCPv6 Interface vlan11 Statistics ------------------------------------ DHCPv6 Solicit Packets Received....0 DHCPv6 Request Packets Received....0 DHCPv6 Confirm Packets Received....
Page 582: Show Ipv6 Dhcp Pool
show ipv6 dhcp pool Use the show ipv6 dhcp pool command in Privileged EXEC mode to display the configured DHCP pool. Syntax pool-name show ipv6 dhcp pool pool-name — Name of the pool. (Range: 1-32 characters) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 583 User Guidelines This command has no user guidelines. Example The following example displays the DHCPv6 server name and status. console> show ipv6 dhcp statistics DHCPv6 Interface Global Statistics ------------------------------------ DHCPv6 Solicit Packets Received....0 DHCPv6 Request Packets Received....0 DHCPv6 Confirm Packets Received....0 DHCPv6 Renew Packets Received....
Page 585: Dvmrp Commands
DVMRP Commands This chapter explains the following commands: • ip dvmrp • ip dvmrp metric • ip dvmrp trapflags • show ip dvmrp • show ip dvmrp interface • show ip dvmrp neighbor • show ip dvmrp nexthop • show ip dvmrp prune •...
Page 586: Ip Dvmrp Metric
ip dvmrp Use the ip dvmrp command to set the administrative mode of DVMRP in the router to active. IGMP must be enabled before DVMRP can be enabled. Syntax ip dvmrp no ip dvmrp Default Configuration Disabled is the default configuration. Command Mode Global Configuration Interface Configuration (VLAN) mode...
Page 587: Ip Dvmrp Trapflags
Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example configures a metric of 5 for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip dvmrp metric 5 ip dvmrp trapflags Use the ip dvmrp trapflags command in Global Configuration mode to enable the DVMRP trap mode.
Page 588: Show Ip Dvmrp Interface
Syntax show ip dvmrp Default Configuration This command has no default condition. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays system-wide information for DVMRP. console(config)#show ip dvmrp Admin Mode........Disable Version........
Page 589: Show Ip Dvmrp Neighbor
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays interface information for VLAN 11 DVMRP. console(config)#show ip dvmrp interface vlan 11 Interface Mode......... Disable show ip dvmrp neighbor Use the show ip dvmrp neighbor command in Privileged EXEC mode to display the neighbor information for DVMRP .
Page 590: Show Ip Dvmrp Prune
Syntax show ip dvmrp nexthop Default Configuration This command has no default condition. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the next hop information on outgoing interfaces for routing multicast datagrams.
Page 591: Show Ip Dvmrp Route
The following example displays the table that lists the router’s upstream prune information. console(config)#show ip dvmrp prune Expiry Group IP Source IP Source Mask Time(secs) -------------- -------------- -------------- -------------- show ip dvmrp route Use the show ip dvmrp route command in Privileged EXEC mode to display the multicast routing information for DVMRP.
Page 593: Igmp Commands
IGMP Commands This chapter explains the following commands: • ip igmp • ip igmp last-member-query-count • ip igmp last-member-query-interval • ip igmp query-interval • ip igmp query-max-response-time • ip igmp robustness • ip igmp startup-query-count • ip igmp startup-query-interval • ip igmp version •...
Page 594: Ip Igmp Last-Member-Query-Count
ip igmp Use the ip igmp command in Global Configuration mode to set the administrative mode of IGMP in the system to active. Syntax ip igmp no ip igmp Default Configuration Disabled is the default state. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
Page 595: Ip Igmp Last-Member-Query-Interval
User Guidelines This command has no user guidelines. Example The following example sets 10 as the number of VLAN 2 Group-Specific Queries. console#configure console(config)#interface vlan 2 console(config-if-vlan2)#ip igmp last-member-query-count 10 console(config-if-vlan2)#no ip igmp last-member-query-count ip igmp last-member-query-interval Use the ip igmp last-member-query-interval command in Interface Configuration mode to configure the Maximum Response Time inserted in Group-Specific Queries which are sent in response to Leave Group messages.
Page 596: Ip Igmp Query-Interval
ip igmp query-interval Use the ip igmp query-interval command in Interface Configuration mode to configure the query interval for the specified interface. The query interval determines how fast IGMP Host- Query packets are transmitted on this interface. Syntax seconds ip igmp query-interval no ip igmp query-interval seconds —...
Page 597: Ip Igmp Robustness
Default Configuration The default maximum response time value is 100 tenths of seconds. Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example configures a maximum response time interval of one second for VLAN 15.
Page 598: Ip Igmp Startup-Query-Count
console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp robustness 10 ip igmp startup-query-count Use the ip igmp startup-query-count command in Interface Configuration mode to set the number of queries sent out on startup at intervals equal to the startup query interval for the —...
Page 599: Ip Igmp Version
Default Configuration The default interval value is 31 seconds. Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example sets at 10 seconds the interval between general queries sent at startup for VLAN 15.
Page 600: Show Ip Igmp
show ip igmp Use the show ip igmp command in Privileged EXEC mode to display system-wide IGMP information. Syntax show ip igmp Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays system-wide IGMP information.
Page 601: Show Ip Igmp Interface
vlan-id — Valid VLAN ID • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the registered multicast groups for VLAN 1. console#show ip igmp groups interface vlan 3 detail REGISTERED MULTICAST GROUP DETAILS Version1 Version2...
Page 602: Show Ip Igmp Interface Membership
User Guidelines This command has no user guidelines. Example The following example displays IGMP information for VLAN 11. console#show ip igmp vlan 11 Interface........11 IGMP Admin Mode........ Enable Interface Mode......... Enable IGMP Version........3 Query Interval (secs)......125 Query Max Response Time (1/10 of a second)..100 Robustness........
Page 603: Show Ip Igmp Interface Stats
User Guidelines This command has no user guidelines. Examples The following examples display the list of interfaces that have registered in the multicast group at IP address 224.5.5.5, the latter in detail mode. console#show ip igmp interface membership 224.5.5.5 IGMP INTERFACE MEMBERSHIP INFO Interface Interface IP State...
Page 604 User Guidelines This command has no user guidelines. Examples The following example displays the IGMP statistical information for VLAN 7. console#show ip igmp interface stats vlan 7 Querier Status......... Querier Querier IP Address......7.7.7.7 Querier Up Time (secs) ......55372 Querier Expiry Time (secs) ....
Page 605 IGMP Proxy Commands This chapter explains the following commands: • ip igmp-proxy • ip igmp-proxy reset-status • ip igmp-proxy unsolicited-report-interval • show ip igmp-proxy • show ip igmp-proxy interface • show ip igmp-proxy groups • show ip igmp-proxy groups detail...
Page 606 ip igmp-proxy Use the ip igmp-proxy command in Interface Configuration mode to enable the IGMP Proxy on the router. To enable the IGMP Proxy on the router, multicast forwarding must be enabled and there must be no multicast routing protocols enabled on the router. Syntax ip igmp-proxy no ip igmp-proxy...
Page 607 User Guidelines This command has no user guidelines. Example The following example resets the host interface status parameters of the IGMP Proxy router. console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp-proxy reset-status ip igmp-proxy unsolicited-report-interval Use the ip igmp-proxy unsolicited-report-interval command in Interface Configuration mode to set the unsolicited report interval for the IGMP Proxy router.
Page 608 show ip igmp-proxy Use the show ip igmp-proxy command in Privileged EXEC mode to display a summary of the host interface status parameters. It displays status parameters only when IGMP Proxy is enabled. Syntax show ip igmp-proxy Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 609 show ip igmp-proxy interface Use the show ip igmp-proxy interface command in Privileged EXEC mode to display a detailed list of the host interface status parameters. It displays status parameters only when IGMP Proxy is enabled. Syntax show ip igmp-proxy interface Default Configuration This command has no default configuration.
Page 610 Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example attempts to display a table of information about multicast groups that IGMP Proxy reported. console#show ip igmp-proxy groups Interface Index........
Page 611 Example The following example displays complete information about multicast groups that IGMP Proxy has reported. console#show ip igmp-proxy groups detail Interface Index........ vlan13 Group Address Last Reporter Up Time Member State Filter Mode Sources ------------- --------------- ------- ------------ ----------- ------- 225.0.1.1 13.13.13.1 DELAY-MEMBER Exclude...
Page 613 IP Helper Commands This chapter explains the following commands: • clear ip helper statistics • ip helper-address (global configuration) • ip helper-address (interface configuration) • ip helper enable • show ip helper-address • show ip helper statistics...
Page 614: Ip Helper-Address (Global Configuration)
clear ip helper statistics Use the clear ip helper statistics command to reset to 0 the statistics displayed in show ip helper statistics. Syntax clear ip helper statistics Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
Page 615: Ip Helper-Address (Interface Configuration)
nameserver (port 42), netbios-dgm (port 138), netbios-ns (port 137), ntp (port 123), pim- auto-rp (port 496), rip (port 520), tacacs (port 49), tftp (port 69), and time (port 37). Other ports must be specified by number. Default Configuration No helper addresses are configured. Command Mode Global Configuration mode.
Page 616 Syntax ip helper-address { server-address | discard } [ dest-udp-port | dhcp | domain | isakmp | mobile ip | nameserver | netbios-dgm | netbios-ns | ntp | pim-auto-rp | rip | tacacs | tftp | time ] no ip helper-address [ server-address | discard ] [ dest-udp-port...
Page 617 console(config-if-vlan5)#ip helper-address 192.168.10.1 dhcp console(config-if-vlan5)#ip helper-address 192.168.20.1 dhcp To relay both DHCP and DNS packets to 192.168.30.1, use the following commands: console#config console(config)#interface vlan 5 console(config-if-vlan5)#ip helper-address 192.168.30.1 dhcp console(config-if-vlan5)#ip helper-address 192.168.30.1 dns This command takes precedence over an ip helper-address command given in global configuration mode.
Page 618: Show Ip Helper-Address
no ip helper enable Default Configuration IP helper is enabled by default. Command Mode Global Configuration mode. User Guidelines This command can be used to temporarily disable IP helper without deleting all IP helper addresses. This command replaces the bootpdhcprelay enable command, but affects not only relay of DHCP packets, but also relay of any other protocols for which an IP helper address has been configured.
Page 619 User Guidelines Field Descriptions: Interface The relay configuration is applied to packets that arrive on this interface. This field is set to “any” for global IP helper entries. UDP Port The relay configuration is applied to packets whose destination UDP port is this port.
Page 620 Command Mode Privileged EXEC mode User Guidelines Field descriptions: DHCP client messages The number of valid messages received from a DHCP client. The count is only received incremented if IP helper is enabled globally, the ingress routing interface is up, and the packet passes a number of validity checks, such as having a TTL >...
Page 621 Example console#show ip helper statistics DHCP client messages received....8 DHCP client messages relayed....2 DHCP server messages received....2 DHCP server messages relayed....2 UDP client messages received....8 UDP client messages relayed....2 DHCP message hop count exceeded max.... 0 DHCP message with secs field below min..
Page 623: Ip Routing Commands
IP Routing Commands This chapter explains the following commands: • encapsulation • ip address • ip mtu • ip netdirbcast • ip route • ip route default • ip route distance • ip routing • routing • show ip brief •...
Page 624: Ip Address
encapsulation Use the encapsulation command in Interface Configuration mode to configure the link layer encapsulation type for the packet. Routed frames are always ethernet encapsulated when a frame is routed to a VLAN. Syntax encapsulation {ethernet | snap} • ethernet — Specifies Ethernet encapsulation. •...
Page 625 secondary — Indicates the IP address is a secondary address. • Default Configuration This command has no default configuration. Command Mode Interface Configuration (VLAN, Loopback) mode User Guidelines This command also implicitly enables the interface for routing (i.e. as if the user had issued the ‘routing’...
Page 626 Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example defines 1480 as the MTU for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip mtu 1480 ip netdirbcast Use the ip netdirbcast command in Interface Configuration mode to enable the forwarding of network-directed broadcasts.
Page 627 ip route Use the ip route command in Global Configuration mode to configure a static route. Use the no form of the command to delete the static route. The IP route command sets a value for the route preference. Among routes to the same destination, the route with the lowest preference value is the route entered into the forwarding database.
Page 628 ip route default Use the ip route default command in Global Configuration mode to configure the default route. Use the no form of the command to delete the default route. Syntax next-hop-ip preference ip route default next-hop-ip preference no ip route default next-hop-ip —...
Page 629 Syntax integer ip route distance integer no ip route distance integer — Specifies the distance (preference) of an individual static route. (Range 1-255) • Default Configuration Default value of distance is 1. Command Mode Global Configuration mode User Guidelines Lower route distance values are preferred when determining the best route. Example The following example sets the default route metric to 80.
Page 630 routing Use the routing command in Interface Configuration mode to enable IPv4 and IPv6 routing for an interface. View the current value for this function with the show ip brief command. The value is labeled Routing Mode in the output display. Use the no form of the command to disable routing for an interface.
Page 631 User Guidelines This command has no user guidelines. Example The following example displays IP summary information. console#show ip brief Default Time to Live......30 Routing Mode........Disabled IP Forwarding Mode......Enabled Maximum Next Hops......2 show ip interface Use the show ip interface command in Privileged EXEC mode to display all pertinent information about one or more IP interfaces.
Page 632 Subnet Mask........255.255.255.0 Default Gateway........ 10.240.4.1 Burned In MAC Address......00:10:18:82:04:35 Network Configuration Protocol Current..None Management VLAN ID......1 Routing Interfaces: Netdir Multi Interface IP Address IP Mask Bcast CastFwd ---------- --------------- --------------- -------- -------- vlan1 192.168.10.10 255.255.255.0 Disable Disable vlan2 0.0.0.0...
Page 633 show ip protocols Use the show ip protocols command in Privileged EXEC mode to display the parameters and current state of the active routing protocols. Syntax show ip protocols Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Page 634 Routing Protocol is "ospf" Redistributing: OSPF, External direct, Static, RIP Interfaces: Interface Metric Key-chain -------- --------- ----------- ---------- 176.1.1.1 10 flowers 176.2.1.1 1 Routing Information Sources: Gateway State 176.1.1.2 Full External Preference: 60 Internal Preference: 20 show ip route Use the show ip route command in Privileged EXEC mode to display the routing table. Syntax protocol ip-address...
Page 635 User Guidelines This command has no user guidelines. Example The following example displays the routing table. console#show ip route Route Codes: R - RIP Derived, O - OSPF Derived, C - Connected, S - Static B - BGP Derived, IA - OSPF Inter Area E1 - OSPF External Type 1, E2 - OSPF External Type 2 N1 - OSPF NSSA External Type 1, N2 - OSPF NSSA external type 2 show ip route preferences...
Page 636 OSPF Inter-area routes......110 OSPF External routes......110 RIP..........120 show ip route summary Use the show ip route summary command in Privileged EXEC mode to display the routing table summary. Syntax show ip route summary [all] • all — Shows the number of all routes, including best and non-best routes. To include only the number of best routes, do not use this optional parameter.
Page 637 show ip stats Use the show ip stats command in User EXEC mode to display IP statistical information. Refer to RFC 1213 for more information about the fields that are displayed. Syntax show ip stats Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines...
Page 638 IpFragOKs........0 IpFragFails........0 IpFragCreates........0 IpRoutingDiscards......0 IcmpInMsgs........3 IcmpInErrors........0 IcmpInDestUnreachs......0 IcmpInTimeExcds........ 0 IcmpInParmProbs........ 0 IcmpInSrcQuenchs....... 0 IcmpInRedirects........ 0 IcmpInEchos........3 IcmpInEchoReps......... 0 IcmpInTimestamps....... 0 IcmpInTimestampReps......0 IcmpInAddrMasks........ 0 IcmpInAddrMaskReps......0 IcmpOutMsgs........3 IcmpOutErrors........0 IcmpOutDestUnreachs......0 IcmpOutTimeExcds.......
Page 639 show ip vlan Use the show ip vlan command in Privileged EXEC mode to display the VLAN routing information for all VLANs with routing enabled. Syntax show ip vlan Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines.
Page 641 IPv6 MLD Snooping Commands This chapter explains the following commands: • ipv6 mld snooping immediate-leave • ipv6 mld snooping groupmembership-interval • ipv6 mld snooping maxresponse • ipv6 mld snooping mcrtexpiretime • ipv6 mld snooping (Global) • ipv6 mld snooping (Interface) •...
Page 642 ipv6 mld snooping immediate-leave The ipv6 mld snooping immediate-leave command enables or disables MLD Snooping snooping immediate-leave admin mode on a selected interface or VLAN. Enabling fast-leave allows the switch to immediately remove the layer 2 LAN interface from its forwarding table entry upon receiving an MLD done message for that multicast group without first sending out MAC-based general queries to the interface.
Page 643 no ipv6 mld snooping groupmembership-interval [vlan-id] • vlan_id — Specifies a VLAN ID value in VLAN Database mode. • seconds — MLD group membership interval time in seconds. (Range: 2-3600) Default Configuration The default group membership interval time is 260 seconds. Command Mode Interface Configuration mode.
Page 644 User Guidelines This command has no user guidelines. Example console(config-if-4/g1)#ipv6 mld snooping maxresponse 33 ipv6 mld snooping mcrtexpiretime The ipv6 mld snooping mcrtexpiretime command sets the Multicast Router Present Expiration time. The time is set for a particular interface or VLAN. This is the amount of time in seconds that a switch waits for a query to be received on an interface before the interface is removed from the list of interfaces with multicast routers attached.
Page 645 no ipv6 mld snooping Default Configuration MLD Snooping is disabled. Command Mode Global Configuration mode. User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 mld snooping ipv6 mld snooping (Interface) The ipv6 mld snooping (Interface) command enables MLD Snooping on an interface. If an interface has MLD Snooping enabled and it becomes a member of a port-channel (LAG), MLD Snooping functionality is disabled on that interface.
Page 646 ipv6 mld snooping (VLAN) The ipv6 mld snooping (VLAN) command enables MLD Snooping on a particular VLAN and enables MLD snooping on all interfaces participating in a VLAN. Syntax vlan-id ipv6 mld snooping vlan-id no ipv6 mld snooping vlan-id — Specifies a VLAN ID value. •...
Page 647 Example With no optional arguments, the command displays the following information: • Admin Mode — Indicates whether or not MLD Snooping is active on the switch. • Interfaces Enabled for MLD Snooping — Interfaces on which MLD Snooping is enabled. •...
Page 648 User Guidelines To see the full Multicast address table (including static addresses) use the show bridge address- table command. Example console#show ipv6 mld snooping groups Vlan Ipv6 Address Type Ports ---- ----------------------- ------- ---------------------------------- 3333.0000.0003 Dynamic 1/g1,1/g3 3333.0000.0004 Dynamic 1/g1,1/g3 3333.0000.0005 Dynamic 1/g1,1/g3...
Page 649 IPv6 Multicast Commands This chapter explains the following commands: • ipv6 pimsm (Global config) • ipv6 pimsm (VLAN Interface config) • ipv6 pimsm bsr-border • ipv6 pimsm bsr-candidate • ipv6 pimsm dr-priority • ipv6 pimsm hello-interval • ipv6 pimsm join-prune-interval •...
Page 650 ipv6 pimsm (Global config) Use the ipv6 pimsm command to administratively enable of PIMSM for IPv6 multicast routing. Use the "no" form of this command to disable PIMSM for IPv6. Syntax ipv6 pimsm no ipv6 pimsm Default Configuration IPv6 PIMSM is disabled on the router by default. Command Mode Global Configuration mode User Guidelines...
Page 651 Example console(config-if-vlan3)#ipv6 pimsm ipv6 pimsm bsr-border Use the ipv6 pimsm bsr-border command to prevent bootstrap router (BSR) messages from being sent or received through an interface. Use the "no" form of this command to disable the interface from being the BSR border. Syntax ipv6 pimsm bsr-border no ipv6 pimsm bsr-border...
Page 652 priority —The priority of the candidate BSR. The BSR with the higher priority is preferred. If • the priority values are the same, the router with the higher IP address is the BSR. (Range: 0–255). Default Configuration The router will not announce its candidacy by default. The default hash mask length is 126 bits.
Page 653 Example console(config-if-vlan3)#ipv6 pimsm dr-priority ipv6 pimsm hello-interval Use the ipv6 pimsm hello-interval command to configure the PIM-SM Hello Interval for the specified interface. Use the "no" form of this command to set the hello interval to the default. Syntax ipv6 pimsm hello-interval interval no ipv6 pimsm hello-interval •...
Page 654 Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 pimsm join-prune-interval 90 ipv6 pimsm register-threshold Use the ipv6 pimsm register-threshold command to configure the Register Threshold rate for the RP router to switch to the shortest path. Use the "no" form of this command to set the register threshold rate to the default.
Page 655: Ipv6 Pimsm Rp-Candidate
Syntax rp-address group-address/prefixlength ipv6 pimsm rp-address [ override ] no ipv6 pimsm rp-address rp-address —An RP address. • group-address — The group address to display. • prefixlength — This parameter specifies the prefix length of the IP address for the media •...
Page 656: Ipv6 Pimsm Spt-Threshold
Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 pimsm rp-candidate vlan 6 ff1e::/64 ipv6 pimsm spt-threshold Use the ipv6 pimsm spt-threshold command to configure the Data Threshold rate for the last- hop router to switch to the shortest path.
Page 657: Show Ipv6 Pimsm
• default— Defines the SSM range access list to 232/8. • group-address— Group IP address supported by RP. • prefixlength— This parameter specifies the prefix length of the IP address for the media gateway. (Range: 1–32) Default Configuration There is no SSM range defined by default. Command Mode Global Configuration mode User Guidelines...
Page 658: Show Ipv6 Pimsm Bsr
Data Threshold Rate (Kbps)..... 1000 Register Threshold Rate (Kbps)....250 SSM RANGE TABLE Group Address/Prefix Length --------------------------------------- FF1E::/64 PIM-SM INTERFACE STATUS Interface Interface-Mode Operational-Status --------- -------------- ---------------- vlan 3 Enabled Operational vlan 6 Enabled Operational vlan 9 Enabled Operational show ipv6 pimsm bsr Use the show ipv6 pimsm bsr command to display the bootstrap router (BSR) information.
Page 659: Show Ipv6 Pimsm Interface
BSR Address........3001::1 BSR Priority........23 BSR Hash Mask Length......Next bootstrap message(hh:mm:ss)....00:00:11 Next Candidate RP advertisement(hh:mm:ss)..00:00:12 show ipv6 pimsm interface Use the show ipv6 pimsm interface command to display interface config parameters. If no interface is specified, all interfaces are displayed. Syntax vlan-id show ipv6 pimsm interface [ vlan...
Page 660: Default Configuration There Is No Default Configuration For This Command
Designated Router......FE80::2FF:EDFF:FED0:2 DR Priority........1 BSR Border........Disabled show ipv6 pimsm neighbor Use the show ipv6 pimsm neighbor command to display IPv6 PIMSM neighbors learned on the routing interfaces. Syntax vlan-id show ipv6 pimsm neighbor [ all | interface vlan vlan-id —...
Page 661: Show Ipv6 Pimsm Rp Mapping
Syntax group-address show ipv6 pimsm rphash group-address — Group IP address supported by RP. Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show ipv6 pimsm rphash ff1e::/64 Type Address...
Page 662 User Guidelines There are no user guidelines for this command. Example console#show ipv6 pimsm rp mapping Group Address........FF1E::/64 RP Address........2001::1 origin......... Static Group Address........FF1E::/64 RP Address........3001::1 origin......... BSR...
Page 663: Ipv6 Routing Commands
IPv6 Routing Commands This chapter explains the following commands: • clear ipv6 neighbors • clear ipv6 statistics • ipv6 address • ipv6 enable • ipv6 forwarding • ipv6 host • ipv6 mld last-member-query-count • ipv6 mld last-member-query-interval • ipv6 mld-proxy •...
Page 664 • ipv6 route distance • ipv6 unicast-routing • ping ipv6 • ping ipv6 interface • show ipv6 brief • show ipv6 interface • show ipv6 mld groups • show ipv6 mld interface • show ipv6 mld-proxy • show ipv6 mld-proxy groups •...
Page 665: Clear Ipv6 Statistics
clear ipv6 neighbors Use the clear ipv6 neighbors command in Privileged EXEC mode to clear all entries in the IPv6 neighbor table or an entry on a specific interface. Syntax vlan-id clear ipv6 neighbors [vlan vlan-id — Valid VLAN ID. •...
Page 666: Ipv6 Address
Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example clears IPv6 statistics for VLAN 11. console(config)#clear ipv6 statistics vlan 11 ipv6 address Use the ipv6 address command in Interface Configuration mode to configure an IPv6 address on an interface (including tunnel and loopback interfaces) and to enable IPv6 processing on this interface.
Page 667: Ipv6 Enable
Default Configuration This command has no default configuration. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode. User Guidelines This command has no user guidelines. Example The following example configures an IPv6 address and enables IPv6 processing. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 address 2020:1::1/64 ipv6 enable Use the ipv6 enable command in Interface Configuration mode to enable IPv6 routing on an interface (including tunnel and loopback interfaces) that has not been configured with an...
Page 668: Ipv6 Forwarding
console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 enable ipv6 forwarding Use the ipv6 forwarding command in Global Configuration mode to enable IPv6 forwarding on a router. Syntax ipv6 forwarding no ipv6 forwarding Default Configuration Enabled is the default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
Page 669: Ipv6 Mld Last-Member-Query-Count
User Guidelines This command has no user guidelines. Example console(config)#ipv6 host Dell 2001:DB8::/32 ipv6 mld last-member-query-count The ipv6 mld last-member-query-count command sets the number of listener-specific queries sent before the router assumes that there are no local members on the interface. Use the “no”...
Page 670: Ipv6 Mld Last-Member-Query-Interval
ipv6 mld last-member-query-interval The ipv6 mld last-member-query-interval command sets the last member query interval for the MLD interface, which is the value of the maximum response time parameter in the group- specific queries sent out of this interface. Use the “no” form of this command to set the last member query interval to the default.
Page 671: Ipv6 Mld-Proxy Reset-Status
Command Mode Interface Configuration (VLAN) mode. User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 mld-proxy ipv6 mld-proxy reset-status Use the ipv6 mld-proxy reset-status command to reset the host interface status parameters of the MLD Proxy router. This command is only valid when MLD Proxy is enabled on the interface.
Page 672: Ipv6 Mld Query-Interval
no ipv6 mld-proxy unsolicited-report-interval interval —The interval between unsolicited reports (Range: 1–260 seconds). • Default Configuration The unsolicited report interval is 1 second by default. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines Example console(config-if-vlan3)#ipv6 mld-proxy unsolicit-rprt-interval 10 ipv6 mld query-interval The ipv6 mld query-interval command sets the MLD router's query interval for the interface.
Page 673: Ipv6 Mld Query-Max-Response-Time
ipv6 mld query-max-response-time The ipv6 mld query-max-response-time command sets MLD query maximum response time for the interface. This value is used in assigning the maximum response time in the query messages that are sent on that interface. Use the “no” form of this command to set the maximum query response time to the default.
Page 674: Ipv6 Mtu
Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 mld router ipv6 mtu Use the ipv6 mtu command in Interface Configuration mode to set the maximum transmission unit (MTU) size, in bytes, of IPv6 packets on an interface. This command replaces the default or link MTU with a new MTU value.
Page 675: Ipv6 Nd Managed-Config-Flag
Syntax attempts ipv6 nd dad attempts no ipv6 nd dad attempts attempts — Probes transmitted. (Range: 0-600) • Default Configuration The default value for attempts is 1. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines. Example The following example sets at 10 the number of duplicate address detection probes transmitted while doing neighbor discovery.
Page 676 User Guidelines This command has no user guidelines. Example In the following example, the end node uses DHCPv6. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 nd managed-config-flag ipv6 nd ns-interval Use the ipv6 nd ns-interval command in Interface Configuration mode to set the interval between router advertisements for advertised neighbor solicitations.
Page 677 Syntax ipv6 nd other-config-flag no ipv6 nd other-config-flag Default Configuration False is the default configuration. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines. Example The following example sets to true the “other stateful configuration” flag in router advertisements console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 nd other-config-flag...
Page 678 Default Configuration 604800 seconds is the default value for valid-lifetime, 2592000 seconds for preferred lifetime. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines The router advertises its global IPv6 prefixes in its router advertisements (RAs). An RA only includes the prefixes of the IPv6 addresses configured on the interface where the RA is transmitted.
Page 679 Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines The minimum interval cannot be larger than 75% of the maximum interval. Example The following example sets the transmission interval between router advertisements at 1000 seconds. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 nd ra-interval 1000 ipv6 nd ra-lifetime Use the ipv6 nd ra-lifetime command in Interface Configuration mode to set the value that is placed in the Router Lifetime field of the router advertisements sent from the interface.
Page 680 ipv6 nd reachable-time Use the ipv6 nd reachable-time command in Interface Configuration mode to set the router advertisement time to consider a neighbor reachable after neighbor discovery confirmation. Syntax seconds ipv6 nd reachable-time milli no ipv6 nd reachable-time milliseconds — Reachable-time duration. A value of zero means the time is unspecified by •...
Page 681 Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines. Example The following example suppresses router advertisement transmission. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 nd suppress-ra ipv6 pimdm Use the ipv6 pimdm command to enable PIM-DM Multicast Routing Mode across the router in global configuration mode or on a specific routing interface in interface mode.
Page 682 ipv6 pimdm hello-interval The ipv6 pimdm hello-interval command is used to configure the PIM-DM Hello Interval for the specified router interface. The Hello-interval is to be specified in seconds. Use the "no" form of this command to reset the hello interval to the default. Syntax interval ipv6 pimdm hello-interval...
Page 683 next-hop-address — Is the IPv6 address of the next hop that can be used to reach the • specified network. preference — Is a value the router uses to compare this route with routes from other route • sources that have the same destination. (Range: 1-255) Default Configuration preference 1 is the default value for...
Page 684 User Guidelines Lower route distance values are preferred when determining the best route. Example The following example sets the default distance to 80. console(config)#ipv6 route distance 80 ipv6 unicast-routing Use the ipv6 unicast-routing command in Global Configuration mode to enable forwarding of IPv6 unicast datagrams.
Page 685 Syntax ip-address hostname size ping ipv6 { } [size ipv6-address — Target IPv6 address to ping. • hostname — Hostname to ping (contact). (Range: 1–158 characters) • size — Size of the datagram. (Range: 48–2048 bytes) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 686 loopback-id — Loopback identifier. (Range: 0-7) • link-local-address — IPv6 address to ping. • datagram-size — Size of the datagram. (Range: 48-2048 bytes) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example determines whether another computer is on the network at the IPv6 address specified.
Page 687 Example The following example displays the IPv6 status of forwarding mode and IPv6 unicast routing mode. console#show ipv6 brief IPv6 Forwarding Mode......Enable IPv6 Unicast Routing Mode...... Disable IPv6 Hop Limit........1 show ipv6 interface Use the show ipv6 interface command in Privileged EXEC mode to show the usability status of IPv6 interfaces.
Page 688 Administrative Mode......Enabled IPv6 Routing Operational Mode....Enabled Interface Maximum Transmit Unit....1500 Router Duplicate Address Detection Transmits... 1 Router Advertisement NS Interval....0 Router Lifetime Interval....... 1800 Router Advertisement Reachable Time.... 0 Router Advertisement Interval....600 Router Advertisement Managed Config Flag..Disabled Router Advertisement Other Config Flag..
Page 689 show ipv6 mld groups The show ipv6 mld groups command is used to display information about multicast groups that MLD reported. The information is displayed only when MLD is enabled on at least one interface. If MLD was not enabled on any interfaces, there is no group information to be displayed.
Page 690 Last Reporter The IP Address of the source of the last membership report received for this multicast group address on that interface. Filter Mode The filter mode of the multicast group on this interface. The values it can take are INCLUDE and EXCLUDE.
Page 691 console#show ipv6 mld groups vlan 6 Group Address........FF1E::1 Interface........vlan 6 Up Time (hh:mm:ss)......00:04:23 Expiry Time (hh:mm:ss)......------ Group Address........FF1E::2 Interface........vlan 6 Up Time (hh:mm:ss)......00:04:23 Expiry Time (hh:mm:ss)......------ Group Address........FF1E::3 Interface........vlan 6 Up Time (hh:mm:ss)......
Page 692 show ipv6 mld interface The show ipv6 mld interface command is used to display MLD related information for an interface. Syntax vlan-id show ipv6 mld interface { vlan | all } vlan-id — A valid VLAN id. • Default Configuration There is no default configuration for this command.
Page 693 Last Member Query This value indicates the configured number of Group-Specific Queries sent Count before the router assumes that there are no local members. The following information is displayed if the operational mode of the MLD interface is enabled: Querier Status This value indicates whether the interface is a MLD querier or non-querier on the subnet with which it is associated.
Page 694 show ipv6 mld-proxy Use the show ipv6 mld-proxy command to display a summary of the host interface status parameters. Syntax show ipv6 mld-proxy Command Mode Privileged EXEC mode Default Configuration There is no default configuration for this command. User Guidelines The command displays the following parameters only when you enable MLD Proxy: Interface Index The interface number of the MLD Proxy interface.
Page 695 Version........3 Num of Multicast Groups......0 Unsolicited Report Interval....1 Querier IP Address on Proxy Interface..fe80::1:2:5 Older Version 1 Querier Timeout....00:00:00 Proxy Start Frequency......1 show ipv6 mld-proxy groups Use the show ipv6 mld-proxy groups command to display information about multicast groups that the MLD Proxy reported.
Page 696 Example console#show ipv6 mld-proxy groups Interface........ vlan 10 Group Address Last Reporter Up Time Member State Filter Mode Sources ------------- -------------- ---------- ----------------- ------------ ------- FF1E::1 FE80::100:2.3 00:01:40 DELAY_MEMBER Exclude FF1E::2 FE80::100:2.3 00:02:40 DELAY_MEMBER Include FF1E::3 FE80::100:2.3 00:01:40 DELAY_MEMBER Exclude FF1E::4 FE80::100:2.3 00:02:44...
Page 697 Sources The number of sources attached to the multicast group. Group Source List The list of IP addresses of the sources attached to the multicast group. Expiry Time The time left for a source to get deleted. Example console#show ipv6 igmp-proxy groups Interface........
Page 698 show ipv6 mld-proxy interface Use the show ipv6 mld-proxy interface command to display a detailed list of the host interface status parameters. Syntax show ipv6 mld-proxy interface Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC User Guidelines The following parameters are displayed only when MLD Proxy is enabled: nterface...
Page 699 Example console#show ipv6 mld-proxy interface Interface........ vlan 10 Ver Query Rcvd Report Rcvd Report Sent Leave Rcvd Leave Sent ------------------------------------------------------------------ ----- ----- show ipv6 mld traffic The show ipv6 mld traffic command is used to display MLD statistical information for the router.
Page 700 Bad Checksum MLD Packets The number of bad checksum MLD packets received by the router. Malformed MLD Packets The number of malformed MLD packets received by the router. Example console#show ipv6 mld traffic Valid MLD Packets Received..... 52 Valid MLD Packets Sent......7 Queries Received.......
Page 701 Neighbor Last IPv6 Address MAC Address isRtr State Updated Interface -------------------- ----------------- ----- ------- --------- show ipv6 pimdm The show ipv6 pimdm command is used to display PIM-DM Global Configuration parameters and PIM DM interface status. Syntax show ipv6 pimdm Command Mode Privileged EXEC mode.
Page 702: Console#Show Ipv6 Pimsm Interface Vlan
show ipv6 pimdm interface The show ipv6 pimdm interface command is used to display PIM-DM Configuration information for all interfaces or for the specified interface. If no interface is specified, Configuration of all interfaces is displayed. Syntax vlan-id show ipv6 pimdm interface [ vlan | all ] vlan-id —...
Page 703: Show Ipv6 Route
192.168.36.129 vlan 20 10.1.37.2 vlan 24 show ipv6 pimdm neighbor The show ipv6 pimdm neighbor command is used to display PIM-DM Neighbor information including Neighbor Address, Uptime and Expiry time for all interfaces or for the specified interface. Syntax vlan-id show ipv6 pimdm neighbor [ interface vlan | all ] vlan-id —...
Page 704: Show Ipv6 Route Preferences
ipv6-address — Specifies an IPv6 address for which the best-matching route would be • displayed. protocol — Specifies the protocol that installed the routes. Is one of the following keywords: • connected, ospf, static. ipv6-prefix/ipv6 prefix-length — Specifies a IPv6 network for which the matching route would •...
Page 705: Show Ipv6 Route Summary
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example shows the preference value associated with the type of route. console#show ipv6 route preferences Local.......... 0 Static.........
Page 706: Show Ipv6 Traffic
User Guidelines This command has no user guidelines. Example The following example displays a summary of the routing table. console#show ipv6 route summary IPv6 Routing Table Summary - 0 entries Connected Routes....... 0 Static Routes........0 OSPF Routes........0 Intra Area Routes......0 Inter Area Routes......
Page 707 User Guidelines This command has no user guidelines. Examples The following examples show traffic and statistics for IPv6 and ICMPv6, first for all interfaces and an individual VLAN. console> show ipv6 traffic IPv6 STATISTICS Total Datagrams Received........0 Received Datagrams Locally Delivered...... 0 Received Datagrams Discarded Due To Header Errors..
Page 708 Interface ........11 IPv6 STATISTICS Total Datagrams Received........0 Received Datagrams Locally Delivered...... 0 Received Datagrams Discarded Due To Header Errors..0 Received Datagrams Discarded Due To MTU....0 Received Datagrams Discarded Due To No Route....0 Received Datagrams With Unknown Protocol....0 Received Datagrams Discarded Due To Invalid Address..
Page 709: Show Ipv6 Vlan
show ipv6 vlan Use the show ipv6 vlan command in Privileged EXEC mode to display IPv6 VLAN routing interface addresses. Syntax show ipv6 vlan Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays IPv6 VLAN routing interface addresses.
Page 710 Default Configuration 33434 is the default port value. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example discovers the packet routes on a hop-by-hop basis. console#traceroute ipv6 2020:1::1 Tracing route over a maximum of 20 hops 1 * N * N * N...
Page 711: Loopback Interface Commands
Loopback Interface Commands This chapter explains the following commands: • interface loopback • show interfaces loopback...
Page 712: Show Interfaces Loopback
interface loopback Use the interface loopback command in Global Configuration mode to enter the Interface Loopback configuration mode. Syntax loopback-id interface loopback loopback-id no interface loopback • loopback-id — Loopback identifier. (Range: 0-7) Default Configuration This command has no default configuration. Command Mode Global Configuration mode.
Page 713 User Guidelines This command has no user guidelines. Examples The following examples display information about configured loopback interfaces. console# show interfaces loopback Loopback Id Interface IP Address Received Packets Sent Packets ----------- --------- ---------- ---------------- ------------- loopback 1 0.0.0.0 console# show interfaces loopback 1 Interface Link Status......
Page 715: Multicast Commands
Multicast Commands This chapter explains the following commands: • ip mcast boundary • ip mroute • ip multicast • ip multicast ttl-threshold • ip pimsm • ip pimsm bsr-border • ip pimsm bsr-candidate • ip pimsm dr-priority • ip pimsm hello-interval •...
Page 716 • show ip pimsm rp mapping...
Page 717: Ip Mroute
ip mcast boundary Use the ip mcast boundary command in Interface Configuration mode to add an administrative groupipaddr mask scope multicast boundary specified by for which this multicast groupipaddr mask administrative boundary is applicable. is a group IP address and is a group IP mask.
Page 718: Ip Multicast
rpf-address — The IP address of the next hop towards the source. • preference — The cost of the route (Range: 1 - 255). • Default Configuration There is no default configuration for this command. Command Mode Global Configuration mode Usage Guidelines There are no user guidelines for this command.
Page 719: Ip Multicast Ttl-Threshold
Example The following example enables IP multicast on the router. console#configure console(config)#ip multicast console(config)#no ip multicast ip multicast ttl-threshold Use the ip multicast ttl-threshold command in Interface Configuration mode to apply a ttlvalue ttlvalue to a routing interface. is the TTL threshold which is applied to the multicast Data packets forwarded through the interface.
Page 720: Ip Pimsm
ip pimsm The ip pimsm command is used to administratively enable PIM-SM multicast routing mode on a particular router interface. Use the “no” form of this command to disable PIM SM on an interface. This command deprecates the ip pimsm mode command. Syntax ip pimsm no ip pimsm...
Page 721: Ip Pimsm Bsr-Candidate
User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ip pimsm bsr-border ip pimsm bsr-candidate The ip pimsm bsr-candidate command is used to configure the router to announce its candidacy as a bootstrap router (BSR). Use the “no” form of this command to stop the router from announcing its candidacy as a bootstrap router.
Page 722: Ip Pimsm Dr-Priority
ip pimsm dr-priority The ip pimsm dr-priority command is used to set the priority value for which a router is elected as the designated router (DR). Use the “no” form of this command to set the priority to the default. Syntax priority ip pimsm dr-priority...
Page 723: Ip Pimsm Join-Prune-Interval
User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ip pimsm hello-interval 60 ip pimsm join-prune-interval The ip pimsm join-prune-interval command is used to configure the interface join/prune interval for the PIM-SM router. Use the “no” form of this command to set the join/prune interval to the default.
Page 724: Ip Pimsm Register-Threshold
ip pimsm register-threshold The ip pimsm register-threshold command is used to configure the Register Threshold rate for the RP router to switch to the shortest path. Use the “no” form of this command to set the register threshold rate to the default. This command deprecates the ip pimsm register rate limit command.
Page 725: Ip Pimsm Rp-Candidate
Default Configuration There are no static RP addresses configured by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ip pimsm rp-address 192.168.20.1 225.1.0.0 255.255.255.0 ip pimsm rp-candidate The ip pimsm rp-candidate command is used to configure the router to advertise itself as a PIM candidate rendezvous point (RP) to the bootstrap router (BSR).
Page 726: Ip Pimsm Spt-Threshold
ip pimsm spt-threshold The ip pimsm spt-threshold command is used to configure the Data Threshold rate for the last- hop router to switch to the shortest path. Use the “no” form of this command to set the data threshold to the default. Syntax threshold ip pimsm spt-threshold...
Page 727: Show Bridge Multicast Address-Table Count
Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ip pimsm ssm default console(config)#ip pimsm ssm 224.1.0.0 255.255.0.0 show bridge multicast address-table count Use the show bridge multicast address-table count command to view statistical information about the entries in the multicast address table.
Page 728: Show Ip Mcast
The following table shows the information the command displays: Field Description Capacity The maximum number of addresses that can be stored in the multicast address table. Used The total number of addresses in the multicast address table. Static addresses The number of addresses in the multicast address table that are static IP addresses. Dynamic addresses The number of addresses in the multicast address table that were learned dynamically.
Page 729: Show Ip Mcast Boundary
show ip mcast boundary Use the show ip mcast boundary command in Privileged EXEC mode to display all the configured administrative scoped multicast boundaries. Syntax vlan-id show ip mcast boundary {vlan | all} vlan-id — Valid VLAN ID. • Default Configuration This command has no default configuration.
Page 730: Show Ip Mcast Mroute
Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays the multicast information for VLAN 15. console#show ip mcast interface vlan 15 Interface --------- ----- show ip mcast mroute Use the show ip mcast mroute command in Privileged EXEC mode to display a summary or all the details of the multicast table.
Page 731: Show Ip Mcast Mroute Group
console#show ip mcast mroute detail Multicast Route Table Expiry Up Time Source Ip Group Ip Time(secs) (secs) RPF Neighbor Flags --------- ----------- ---------- ----------- --------------- ----- show ip mcast mroute group Use the show ip mcast mroute group command in Privileged EXEC mode to display the multicast configuration settings such as flags, timer settings, incoming and outgoing interfaces, RPF neighboring routers, and expiration times of all the entries in the multicast mroute table groupipaddr...
Page 732: Show Ip Mcast Mroute Source
console#show ip mcast mroute group 224.5.5.5 detail Multicast Route Table Expiry Up Time Source Ip Group Ip Time(secs) (secs) RPF Neighbor Flags --------- --------- ----------- --------- --------------- ----- show ip mcast mroute source Use the show ip mcast mroute source command in Privileged EXEC mode to display the multicast configuration settings such as flags, timer settings, incoming and outgoing interfaces, RPF neighboring routers, and expiration times of all the entries in the multicast mroute table sourceipaddr...
Page 733: Show Ip Mcast Mroute Static
console#show ip mcast mroute source 10.1.1.1 224.5.5.5 Multicast Route Table Expiry Up Time Source IP Group IP Time(secs) (secs) RPF Neighbor Flags --------- --------- ----------- ----------- ------------ ----- show ip mcast mroute static Use the show ip mcast mroute static command in Privileged EXEC mode to display all the static routes configured in the static mcast table if it is specified or display the static route sourceipaddr associated with the particular...
Page 734: Show Ip Pimsm Bsr
show ip pimsm bsr The show ip pimsm bsr command displays the bootstrap router (BSR) information. The output includes elected BSR information and information about the locally configured candidate rendezvous point (RP) advertisement. This command deprecates the show ip pimsm componenttable command.
Page 735: Show Ip Pimsm Interface
Example console#show ip pimsm bsr BSR Address........1.1.1.1 BSR Priority........20 BSR Hash Mask Length......Next bootstrap message(hh:mm:ss)....00:00:11 Next Candidate RP advertisement(hh:mm:ss)..00:00:00 show ip pimsm interface The show ip pimsm interface command displays interface config parameters. If no interface is specified, all interfaces are displayed.
Page 736: Show Ip Pimsm Rphash
Join Prune Interval (secs)..... 60 Neighbor Count ........ 0 Designated Router......1.1.1.1 DR Priority........1 BSR Border........Disabled show ip pimsm rphash The show ip pimsm rphash command displays which rendezvous point (RP) is being selected for a specified group. Syntax group-address show ip pimsm rphash...
Page 737: Show Ip Pimsm Rp Mapping
show ip pimsm rp mapping The show ip pimsm rp mapping command is used to display all group-to-RP mappings of which the router is aware (either configured or learned from the bootstrap router (BSR)). If no RP is specified, all active RPs are displayed. This command deprecates the show ip pimsm rp candidate, show ip pimsm staticrp and show ip pimsm rp commands.
Page 739: Ospf Commands
OSPF Commands This chapter explains the following commands: • area default-cost • area nssa • area nssa default-info-originate • area nssa no-redistribute • area nssa no-summary • area nssa translator-role • area nssa translator-stab-intv • area range • area stub •...
Page 740 • external-lsdb-limit • ip ospf area • ip ospf authentication • ip ospf cost • ip ospf dead-interval • ip ospf hello-interval • ip ospf mtu-ignore • ip ospf network • ip ospf priority • ip ospf retransmit-interval • ip ospf transmit-delay •...
Page 741: Area Default-Cost
• timers spf • 1583compatibility area default-cost Use the area default-cost command in Router OSPF Configuration mode to configure the monetary default cost for the stub area. Use the no form of the command to return the cost to the default value. Syntax area-id integer...
Page 742: Area Nssa Default-Info-Originate
area-id no area nssa area-id — Identifies the OSPF not-so-stubby-area. (Range: 0–4294967295) • Default Configuration This command has no default configuration. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures not-so-stubby-area 10 as an NSSA. console(config)#router ospf console(config-router)#area 10 nssa area nssa default-info-originate...
Page 743: Area Nssa No-Redistribute
Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the metric value and type for the default route advertised into the NSSA. console(config-router)#area 20 nssa default-info-originate 250 non-comparable area nssa no-redistribute Use the area nssa no-redistribute command in Router OSPF Configuration mode to configure the NSSA Area Border router (ABR) so that learned external routes are not redistributed to the NSSA.
Page 744: Area Nssa No-Summary
area nssa no-summary Use the area nssa no-summary command in Router OSPF Configuration mode to configure the NSSA so that summary LSAs are not advertised into the NSSA. Syntax area-id area nssa no-summary area-id no area nssa no-summary area-id — Identifies the OSPF NSSA to configure. (Range: 0–4294967295) •...
Page 745: Area Nssa Translator-Stab-Intv
Default Configuration The default role is candidate. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the translator role of the NSSA. console(config-router)#area 20 nssa translator-role always area nssa translator-stab-intv Use the area nssa translator-stab-intv command in Router OSPF Configuration mode to configure the translator stability interval of the NSSA.
Page 746: Area Range
area range Use the area range command in Router OSPF Configuration mode to configure a summary prefix for routes learned in a given area. There are two types of area ranges. An area range can be configured to summarize intra-area routes. An ABR advertises the range rather than the specific intra-area route as a type 3 summary LSA.
Page 747: Area Stub
area stub Use the area stub command in Router OSPF Configuration mode to create a stub area for the specified area ID. A stub area is characterized by the fact that AS External LSAs are not propagated into the area. Removing AS External LSAs and Summary LSAs can significantly reduce the link state database of routers within the stub area.
Page 748: Area Virtual-Link
Default Configuration Disabled is the default configuration. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example prevents the Summary LSA from being advertised into the area 3 NSSA. console(config-router)#area 3 stub no-summary area virtual-link Use the area virtual-link command in Router OSPF Configuration mode to create the OSPF virtual interface for the specified area-id and neighbor router.
Page 749: Area Virtual-Link Authentication
area virtual-link authentication Use the area virtual-link authentication command in Router OSPF Configuration mode to configure the authentication type and key for the OSPF virtual interface identified by the area ID and neighbor ID. Use the no form of the command to return the authentication type to the default value.
Page 750: Area Virtual-Link Hello-Interval
Syntax area-id neighbor-id seconds area virtual-link dead-interval area-id neighbor-id no area virtual-link dead-interval area-id — Identifies the OSPF area to configure. (Range: IP address or decimal from • 0–4294967295) neighbor-id — Identifies the Router ID of the neighbor. • seconds — Number of seconds to wait before the OSPF virtual interface on the virtual •...
Page 751: Area Virtual-Link Retransmit-Interval
seconds — Number of seconds to wait before sending hello packets to the OSPF virtual • interface. (Range: 1–65535) Default Configuration 10 seconds is the default configuration. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures a 50-second wait interval.
Page 752: Area Virtual-Link Transmit-Delay
User Guidelines This command has no user guidelines. Example The following example configures a 500-second retransmit wait interval. console(config-router)#area 10 virtual-link 192.168.2.2 retransmit-interval 500 area virtual-link transmit-delay Use the area virtual-link transmit-delay command in Router OSPF Configuration mode to configure the transmit delay for the OSPF virtual interface identified by the area ID and neighbor ID.
Page 753: Auto-Cost
auto-cost By default, OSPF computes the link cost of each interface from the interface bandwidth. The link cost is computed as the ratio of a “reference bandwidth” to the interface bandwidth (ref_bw / interface bandwidth), where interface bandwidth is defined by the “bandwidth” command. Because the default reference bandwidth is 100 Mbps, OSPF uses the same default link cost for all interfaces whose bandwidth is 100 Mbps or greater.
Page 754: Capability Opaque
Default Configuration The default reference bandwidth is 10 Mbps Command Mode Interface Configuration (VLAN) mode. User Guidelines There are no user guidelines for this command. Example The following example configures the interface bandwidth to 500000 Kbps. console(config-if-vlan1)#bandwidth 500000 capability opaque Use the capability opaque command to enable Opaque Capability on the router.
Page 755: Default-Information Originate
Syntax vlan id clear ip ospf [ { configuration | redistribution | counters | neighbor [ interface vlan neighbor id ] ] } ] configuration — Reset the OSPF configuration to factory defaults. • • redistribution — Flush all self-originated external LSAs. Reapply the redistribution configuration and re originate prefixes as necessary.
Page 756: Default-Metric
Syntax integer default-information originate [always] [metric ] [metric-type {1 | 2}] no default-information originate [metric] [metric-type] • always — Always advertise default routes. integer — The metric (or preference) value of the default route. (Range: 1–16777214) • • 1 — External type-1 route. •...
Page 757: Distance Ospf
Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets a value of 50 for the default metric. console(config-router)#default-metric 50 distance ospf The distance ospf command sets the preference values of OSPF route types in the router. Lower route preference values are preferred when determining the best route.
Page 758: Distribute-List Out
distribute-list out Use the distribute-list out command in Router OSPF Configuration mode to specify the access list to filter routes received from the source protocol. Use the no form of the command to remove the specified source protocol from the access list. Syntax accesslistname distribute-list...
Page 759: Exit-Overflow-Interval
Default Configuration Enabled is the default configuration. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example enables OSPF router mode. console(config-router)#enable exit-overflow-interval Use the exit-overflow-interval command in Router OSPF Configuration mode to configure the exit overflow interval for OSPF.
Page 760: External-Lsdb-Limit
external-lsdb-limit Use the external-lsdb-limit command in Router OSPF Configuration mode to configure the external LSDB limit for OSPF. If the value is -1, then there is no limit. When the number of non-default AS-external-LSAs in a router's link-state database reaches the external LSDB limit, the router enters overflow state.
Page 761: Ip Ospf Authentication
area-id — The ID of the area (Range: IP address or decimal from 0 –4294967295). • Default Configuration OSPFv2 is disabled by default. Command Mode Interface Configuration (VLAN) mode. User Guidelines There are no user guidelines for this command. Example console(config-if-vlan1)#ip ospf area 192.168.1.10 ip ospf authentication Use the ip ospf authentication command in the Interface Configuration mode to set the OSPF...
Page 762: Ip Ospf Cost
Example The following example sets the OSPF Authentication Type and Key for VLAN 15. console(config-if-vlan15)#ip ospf authentication encrypt test123 ip ospf cost Use the ip ospf cost command in Interface Configuration mode to configure the cost on an OSPF interface. Use the no form of the command to return the cost to the default value. Syntax integer ip ospf cost...
Page 763: Ip Ospf Hello-Interval
seconds — Number of seconds that a router's Hello packets have not been seen before its • neighbor routers declare that the router is down. (Range: 1–65535) Default Configuration 40 is the default number of seconds. Command Mode Interface Configuration (VLAN) mode User Guidelines The value for the length of time must be the same for all routers attached to a common network.
Page 764: Ip Ospf Mtu-Ignore
Example The following example sets the OSPF hello interval at 30 seconds. console(config-if-vlan15)#ip ospf hello-interval 30 ip ospf mtu-ignore Use the ip ospf mtu-ignore command in Interface Configuration mode to disable OSPF maximum transmission unit (MTU) mismatch detection. OSPF Database Description packets specify the size of the largest IP packet that can be sent without fragmentation on the interface.
Page 765: Ip Ospf Priority
no ip ospf network broadcast — Set the network type to broadcast. • point-to-point — Set the network type to point-to-point • Default Configuration Interfaces operate in broadcast mode by default. Command Mode Interface Configuration (VLAN) mode. Usage Guidelines OSPF treats interfaces as broadcast interfaces by default. Loopback interfaces have a special loopback network type, which cannot be changed.
Page 766: Ip Ospf Retransmit-Interval
Command Mode Interface Configuration (VLAN) mode. User Guidelines A value of 1 is the highest router priority. A value of 0 indicates that the interface is not eligible to become the designated router on this network. Example The following example sets the OSPF priority for the VLAN 15 router at 100. console(config-if-vlan15)#ip ospf priority 100 ip ospf retransmit-interval Use the ip ospf retransmit-interval command in Interface Configuration mode to set the OSPF...
Page 767: Ip Ospf Transmit-Delay
ip ospf transmit-delay Use the ip ospf transmit-delay command in Interface Configuration mode to set the OSPF Transit Delay for the specified interface. Use the no form of the command to return the delay to the default value. Syntax seconds ip ospf transmit-delay no ip ospf transmit-delay seconds —...
Page 768: Network Area
Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets the number of paths at 2 that OSPF can report for a given destination. console(config-router)#maximum-paths 2 network area The network area command enables OSPFv2 on an interface and sets its area ID if the ip- address of an interface is covered by this network command.
Page 769: Passive-Interface Default
passive-interface default The passive-interface default command enables the global passive mode by default for all interfaces. It overrides any interface level passive mode. Use the “no” form of this command to disable the global passive mode by default for all interfaces. Any interface previously configured to be passive reverts to non-passive mode.
Page 770: Redistribute
User Guidelines There are no user guidelines for this command. Example console(config-router)#passive-interface vlan 1 redistribute Use the redistribute command in Router OSPF Configuration mode to configure OSPF protocol to allow redistribution of routes from the specified source protocol/routers. Use the no version of the command to disable redistribution from the selected source or to reset options to their default values.
Page 771: Router-Id
Example The following example configures OSPF protocol to allow redistribution of routes from the specified source protocol/routers. console(config-router)#redistribute rip metric 90 metric-type 1 tag 555 subnets router-id Use the router-id command in Router OSPF Configuration mode to set a 4-digit dotted- decimal number uniquely identifying the router OSPF ID.
Page 772 Command Mode Global Configuration mode. User Guidelines The command prompt changes when the router ospf command executes. Example The following example enters into router OSPF mode. console(config)#router ospf console(config-router)# show ip ospf Use the show ip ospf command to display information relevant to the OSPF router. This command has been modified to show additional fields.
Page 773 RFC 1583 Reflects whether 1583 compatibility is enabled or disabled. This is a configured Compatibility value. Opaque Capability Shows whether router is capable of sending Opaque LSA's. This is a configured value. ABR Status Shows whether the router is an OSPF Area Border Router. Exit Overflow Interval Shows the number of seconds that, after entering OverflowState, a router will attempt to leave OverflowState.
Page 774 Example The following example displays OSPF router information. console#show ip ospf Router ID........5.5.5.5 OSPF Admin Mode........ Enable ASBR Mode........Enable RFC 1583 Compatibility......Enable ABR Status........Disable Exit Overflow Interval......0 Spf Delay Time......... 20 Spf Hold Time........30 External LSA Count......
Page 775 show ip ospf abr The show ip ospf abr command displays the internal OSPF routing table entries to Area Border Routers (ABR). This command takes no options. Syntax show ip ospf abr Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode.
Page 776 Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays OSPF router information. console#show ip ospf area 10 AreaID......... 0.0.0.10 External Routing....... Import External LSAs Spf Runs........0 Area Border Router Count....... 0 Area LSA Count.........
Page 777 Translator Stability Interval....2000 Translator State....... Disabled show ip ospf asbr The show ip ospf asbr command displays the internal OSPF routing table entries to Autonomous System Boundary Routes (ASBR). This command takes no options. Syntax show ip ospf asbr Default Configuration This command has no default configuration.
Page 778 show ip ospf database Use the show ip ospf database command in Privileged EXEC mode to display information about the link state database when OSPF is enabled. If parameters are entered, the command displays the LSA headers. Use the optional parameters to specify the type of link state advertisements to display.
Page 779 Example The following example displays information about the link state database when OSPF is enabled. console#show ip ospf database Router Link States (Area 0.0.0.0) Link Id Adv Router Sequence Chksm Options Rtr Opt --------------- --------------- ----- -------- ------ ------- ------- 5.2.0.0 0.0.0.0 1360...
Page 780 5.2.0.0 0.0.0.0 1361 80000006 183a ------ Link Opaque States (Area 0.0.0.0) Link Id Adv Router Sequence Chksm Options Rtr Opt --------------- --------------- ----- -------- ------ ------- ------- 5.2.0.0 0.0.0.0 1361 80000005 ef59 ------ Area Opaque States (Area 0.0.0.0) Link Id Adv Router Sequence Chksm Options Rtr Opt...
Page 781 show ip ospf database database-summary Use the show ip ospf database database-summary command to display the number of each type of LSA in the database for each area and for the router. The command also displays the total number of LSAs in the database. This command has been modified. Syntax show ip ospf database database-summary Default Configuration...
Page 782 Example The following example displays the number of each type of LSA in the database for each area and for the router. console#show ip ospf database database-summary OSPF Router with ID (5.5.5.5) Area 0.0.0.0 database summary Router......... 0 Network........0 Summary Net........
Page 783 Summary ASBR........0 Type-7 Ext........0 Opaque Link........0 Opaque Area........0 Type-5 Ext........0 Self-Originated Type-5 Ext..... 0 Opaque AS........0 Total.......... 0 show ip ospf interface Use the show ip ospf interface command in Privileged EXEC mode to display the information for the VLAN or loopback interface.
Page 784 Example The following example displays the information for the IFO object or virtual interface tables associated with VLAN 3. console#show ip ospf interface vlan 10 IP Address........1.1.1.1 Subnet Mask........255.255.255.0 Secondary IP Address(es)....... OSPF Admin Mode........ Enable OSPF Area ID........0.0.0.0 OSPF Network Type......
Page 785 show ip ospf interface brief Use the show ip ospf interface brief command in Privileged EXEC mode to display brief information for the IFO object or virtual interface tables. Syntax show ip ospf interface brief Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode.
Page 786 show ip ospf interface stats Use the show ip ospf interface stats command in User EXEC mode to display the statistics for a specific interface. The information is only displayed if OSPF is enabled. Syntax vlan-id show ip ospf interface stats vlan vlan-id —...
Page 787 show ip ospf neighbor Use the show ip ospf neighbor command in Privileged EXEC mode to display information about OSPF neighbors. The information below only displays if OSPF is enabled and the interface has a neighbor. Syntax vlan-id ip-address show ip ospf neighbor [interface vlan vlan-id —...
Page 788 show ip ospf range Use the show ip ospf range command in Privileged EXEC mode to display information about the area ranges for the specified area-id. Syntax area-id show ip ospf range area-id — Identifies the OSPF area whose ranges are being displayed. (Range: IP address or •...
Page 789 Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example console>show ip ospf statistics Area 0.0.0.0: SPF algorithm executed 0 times Delta T SPF Duration (msec) Reason -------- ------------------- --------------- 26:01:45...
Page 790 Example The following example displays the OSPF stub table. console(config)#show ip ospf stub table AreaId TypeofService Metric Val Import SummaryLSA ------------- ------------- ---------- ----------------- 0.0.0.1 Normal Enable show ip ospf virtual-link Use the show ip ospf virtual-link command in Privileged EXEC mode to display the OSPF Virtual Interface information for a specific area and neighbor.
Page 791 Hello Interval......... 10 Dead Interval........655555 Iftransit Delay Interval....... 1 Retransmit Interval......5 State.......... down Metric......... 0 Neighbor State......... down Authentication Type......MD5 Authentication Key......"test123" Authentication Key ID......100 show ip ospf virtual-link brief Use the show ip ospf virtual-link brief command in Privileged EXEC mode to display the OSPF Virtual Interface information for all areas in the system.
Page 792 Example The following example displays the OSPF Virtual Interface information in the system. console#show ipv6 ospf virtual-link brief Hello Dead Retransmit Transit Area ID Neighbor Interval Interval Interval Delay ------- -------- -------- -------- ---------- -------- 0.0.0.2 5.5.5.5 timers spf Use the timers spf command in Router OSPF Configuration mode to configure the SPF delay and hold time.
Page 793 1583compatibility Use the 1583compatibility command in Router OSPF Configuration mode to enable OSPF 1583 compatibility. Use the no form of the command to disable it. Syntax 1583compatibility no 1583compatibility Default Configuration Enabled is the default configuration. Command Mode Router OSPF Configuration mode. User Guidelines If all OSPF routers in the routing domain are capable of operating according to RFC 2328, OSPF 1583 compatibility mode should be disabled.
Page 795 OSPFv3 Commands This chapter explains the following commands: • area default-cost • area nssa • area nssa default-info-originate • area nssa no-redistribute • area nssa no-summary • area nssa translator-role • area nssa translator-stab-intv • area range • area stub •...
Page 796 • ipv6 ospf mtu-ignore • ipv6 ospf network • ipv6 ospf priority • ipv6 ospf retransmit-interval • ipv6 ospf transmit-delay • ipv6 router ospf • maximum-paths • passive-interface • passive-interface default • redistribute • router-id • show ipv6 ospf • show ipv6 ospf abr •...
Page 797: Area Nssa
area default-cost Use the area default-cost command in Router OSPFv3 Configuration mode to configure the monetary default cost for the stub area. The operator must specify the area id and an integer value between 1-16777215. Use the no form of the command to return the cost to the default value.
Page 798: Area Nssa Default-Info-Originate
Default Configuration This command has no default configuration. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures area 1 to function as an NSSA. console(config)#ipv6 router ospf console(config-rtr)#area 1 nssa area nssa default-info-originate Use the area nssa default-info-originate command in Router OSPFv3 Configuration mode to configure the metric value and type for the default route advertised into the NSSA.
Page 799: Area Nssa No-Redistribute
User Guidelines This command has no user guidelines. Example The following example configures the default metric value for the default route advertised into the NSSA. console(config)#ipv6 router ospf console(config-rtr)#area 1 nssa default-info-originate area nssa no-redistribute Use the area nssa no-redistribute command in Router OSPFv3 Configuration mode to configure the NSSA ABR so that learned external routes will not be redistributed to the NSSA.
Page 800: Area Nssa Translator-Role
area nssa no-summary Use the area nssa no-summary command in Router OSPFv3 Configuration mode to configure the NSSA so that summary LSAs are not advertised into the NSSA. Use the no form of the command to remove the configuration. Syntax areaid area nssa no-summary...
Page 801: Area Nssa Translator-Stab-Intv
candidate — Causes the router to participate in the translator election process when it • attains border router status. Default Configuration This command has no default configuration. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the always translator role of the area 1 NSSA.
Page 802: Area Range
Example The following example configures a translator stability interval of 100 seconds for the area 1 NSSA. console(config)#ipv6 router ospf console(config-rtr)#area 1 nssa translator-stab-intv 100 area range Use the area range command in Router OSPF Configuration mode to configure a summary prefix for routes learned in a given area.
Page 803: Area Stub No-Summary
Example The following example creates an area range for the area 1 NSSA. console(config)#ipv6 router ospf console(config-rtr)#area 1 range 2020:1::1/64 summarylink area stub Use the area stub command in Router OSPFv3 Configuration mode to create a stub area for the specified area ID.
Page 804: Area Virtual-Link
areaid no area stub no-summary areaid — Valid OSPFv3 area identifier. • Default Configuration This command has no default configuration. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example prevents Summary LSAs from being advertised into the area 1 NSSA. console(config)#ipv6 router ospf console(config-rtr)#area 1 stub no-summary area virtual-link...
Page 805: Area Virtual-Link Dead-Interval
Example The following example creates the OSPF virtual interface for area 1 and its neighbor router. console(config)#ipv6 router ospf console(config-rtr)#area 1 virtual-link 2 area virtual-link dead-interval Use the area virtual-link dead-interval command in Router OSPFv3 Configuration mode to configure the dead interval for the OSPF virtual interface on the virtual interface identified by areaid neighbor Syntax...
Page 806: Area Virtual-Link Retransmit-Interval
Syntax areaid neighbor seconds area virtual-link hello-interval areaid neighbor no area virtual-link hello-interval areaid — Valid OSPFv3 area identifier. • neighbor — Router ID of neighbor. • • seconds — Hello interval. (Range: 1-65535) Default Configuration seconds 10 is the default value for Command Mode Router OSPFv3 Configuration mode.
Page 807: Area Virtual-Link Transmit-Delay
Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the retransmit interval of 20 seconds for the OSPF virtual interface on the virtual interface identified by area 1 and its neighbor. (config)#ipv6 router ospf (config-rtr)#area 1 virtual-link 2 retransmit-interval 20 area virtual-link transmit-delay...
Page 808: Default-Information Originate
console(config)#ipv6 router ospf console(config-rtr)#area 1 virtual-link 2 transmit-delay 20 default-information originate Use the default-information originate command in Router OSPFv3 Configuration mode to control the advertisement of default routes. Use the no form of the command to return the default route advertisement settings to the default value. Syntax integer default-information originate [always] [metric...
Page 809: Default-Metric
default-metric Use the default-metric command in Router OSPFv3 Configuration mode to set a default for the metric of distributed routes. Syntax metric default-metric no default-metric metric — Metric value used for distribution (Range: 1-16777214) • Default Configuration This command has no default configuration. Command Mode Router OSPFv3 Configuration mode.
Page 810: Enable
Default Configuration The default preference value is 110. Command Mode Router OSPF Configuration mode. Router OSPFv3 Configuration mode. User Guidelines There are no user guidelines for this command. Example The following example sets a route preference value of 100 for intra OSPF in the router. console(config)#ipv6 router ospf console(config-rtr)#distance ospf intra 100 enable...
Page 811: Exit-Overflow-Interval
exit-overflow-interval Use the exit-overflow-interval command in Router OSPFv3 Configuration mode to configure the exit overflow interval for OSPF. It describes the number of seconds after entering Overflow state that a router will wait before attempting to leave the Overflow State. This allows the router to originate non-default AS-external-LSAs again.
Page 812: Ipv6 Ospf
limit — External LSDB limit for OSPF (Range: -1-2147483647) • Default Configuration limit -1 is the default value for Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets the external LSDB limit at 100 for OSPF. console(config)#ipv6 router ospf console(config-rtr)#external-lsdb-limit 100 ipv6 ospf...
Page 813: Ipv6 Ospf Areaid
console(config-if-vlan15)#ipv6 ospf ipv6 ospf areaid Use the ipv6 ospf areaid command in Interface Configuration mode to set the OSPF area to which the specified router interface belongs. Syntax areaid ipv6 ospf areaid no ipv6 ospf areaid areaid areaid — Is a 32-bit integer, formatted as a 4-digit dotted-decimal number or a decimal value. •...
Page 814: Ipv6 Ospf Dead-Interval
Default Configuration cost 10 is the default value of Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode. User Guidelines This command has no user guidelines. Example The following example configures a cost of 100. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 ospf cost 100 ipv6 ospf dead-interval Use the ipv6 ospf dead-interval command in Interface Configuration mode to set the OSPF dead interval for the specified interface.
Page 815: Ipv6 Ospf Hello-Interval
console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 ospf dead-interval 100 ipv6 ospf hello-interval Use the ipv6 ospf hello-interval command in Interface Configuration mode to set the OSPF hello interval for the specified interface. Syntax seconds ipv6 ospf hello-interval no ipv6 ospf hello-interval seconds — A valid positive integer which represents the length of time of the OSPF hello •...
Page 816: Ipv6 Ospf Network
Syntax ipv6 ospf mtu-ignore no ipv6 ospf mtu-ignore Default Configuration Enabled is the default state. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode. User Guidelines This command has no user guidelines. Example The following example disables OSPF maximum transmission unit (MTU) mismatch detection.
Page 817: Ipv6 Ospf Priority
Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines. Example The following example changes the default OSPF network type to point-to-point. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 ospf network point-to-point ipv6 ospf priority Use the ipv6 ospf priority command in Interface Configuration mode to set the OSPF priority for the specified router interface.
Page 818: Ipv6 Ospf Retransmit-Interval
ipv6 ospf retransmit-interval Use the ipv6 ospf retransmit-interval command in Interface Configuration mode to set the OSPF retransmit interval for the specified interface. Syntax seconds ipv6 ospf retransmit-interval no ipv6 ospf retransmit-interval seconds — The number of seconds between link-state advertisement retransmissions for •...
Page 819: Ipv6 Router Ospf
Default Configuration No default value. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode. User Guidelines This command has no user guidelines. Example The following example sets the OSPF Transmit Delay at 100 seconds for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 ospf transmit-delay 100 ipv6 router ospf Use the ipv6 router ospf command in Global Configuration mode to enter Router OSPFv3 Configuration mode.
Page 820: Maximum-Paths
maximum-paths Use the maximum-paths command in Router OSPFv3 Configuration mode to set the number of paths that OSPF can report for a given destination. Syntax maxpaths maximum-paths no maximum-paths maxpaths — Number of paths that can be reported. (Range: 1-2) •...
Page 821: Passive-Interface Default
Command Mode Router OSPFv3 Configuration mode. User Guidelines There are no user guidelines for this command. Example console(config-router)#passive-interface vlan 1 passive-interface default The passive-interface default command enables the global passive mode by default for all interfaces. It overrides any interface level passive mode. Use the “no” form of this command to disable the global passive mode by default for all interfaces.
Page 822: Router-Id
metric no redistribute {static | connected} [ ] [metric-type] [ metric — Metric value used for default routes. (Range: 0-16777214) • tag — Tag. (Range: 0-4294967295) • Default Configuration 2 is the default value for metric-type, 0 for Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines.
Page 823: Show Ipv6 Ospf
Example The following example sets a 4-digit dotted-decimal number identifying the Router OSPF ID as 2.3.4.5. console(config)#ipv6 router ospf console(config-rtr)#router-id 2.3.4.5 show ipv6 ospf Use the show ipv6 ospf command in Privileged EXEC mode to display information relevant to the OSPF router. Syntax show ipv6 ospf Default Configuration...
Page 824: Show Ipv6 Ospf Abr
External LSDB Limit......No Limit Default Metric......... Not Configured Maximum Paths........2 Default Route Advertise......Disabled Always......... FALSE Metric......... Metric Type........External Type 2 show ipv6 ospf abr This command displays the internal OSPFv3 routes to reach Area Border Routers (ABR). This command takes no options.
Page 825: Show Ipv6 Ospf Area
show ipv6 ospf area Use the show ipv6 ospf area command in Privileged EXEC mode to display information about the area. Syntax areaid show ipv6 ospf area areaid — Identifier for the OSPF area being displayed. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode.
Page 826: Show Ipv6 Ospf Database
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example console#show ipv6 ospf asbr Type Router Id Cost Area ID Next Hop Next Hop Intf ---- --------- ---- -------- ----------------------- -------...
Page 827 prefix — Displays intra-area Prefix LSA. • • router — Displays router LSAs. • unknown — Displays unknown area, AS or link-scope LSAs. lsid — Specifies a valid link state identifier (LSID). • • adv-router — Shows the LSAs that are restricted by the advertising router. rtrid —...
Page 828 Adv Router Link Id Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- ------- ------- 1.1.1.1 80000001 3970 2.2.2.2 80000001 1B8A 1.1.1.1 80000001 3529 2.2.2.2 80000001 FC5E Link States (Area 0.0.0.0) Adv Router Link Id Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- ------- ------- 1.1.1.1 80000008 2D89 V6E--R-...
Page 829: Show Ipv6 Ospf Database Database-Summary
-------------- --------------- ----- -------- ---- ------- ------- 1.1.1.1 80000001 B9E2 V6E--R- Inter Network States (Area 0.0.0.1) Adv Router Link Id Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- ------- ------- 1.1.1.1 80000001 CA7C 2.2.2.2 80000001 B28D Link States (Area 0.0.0.1) Adv Router Link Id Sequence Csum Options Rtr Opt...
Page 830: Show Ipv6 Ospf Interface
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays the number of each type of LSA in the database and the total number of LSAs in the database. console#show ipv6 ospf database database-summary OSPF Router with ID (0.0.0.2) Router database summary...
Page 831 Syntax vlan-id tunnel-id loopback-id show ipv6 ospf interface {vlan | tunnel | loopback vlan-id — Valid VLAN ID. • tunnel-id — Tunnel identifier. (Range: 0-7) • loopback-id — Loopback identifier. (Range: 0-7) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 832: Show Ipv6 Ospf Interface Brief
show ipv6 ospf interface brief Use the show ipv6 ospf interface brief command in Privileged EXEC mode to display brief information for the IFO object or virtual interface tables. Syntax show ipv6 ospf interface brief Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 833 Command Mode User EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays the interface statistics for VLAN 5. console>show ipv6 ospf interface stats vlan OSPFv3 Area ID......... 0.0.0.1 Spf Runs........265 Area Border Router Count....... 1 AS Border Router Count......
Page 834: Show Ipv6 Ospf Interface Vlan
Packet Type Sent Received -------------------- ---------- ---------- Hello Database Description LS Request LS Update LS Acknowledgement show ipv6 ospf interface vlan Use the show ipv6 ospf interface vlan command in Privileged EXEC mode to display OSPFv3 configuration and status information for a specific vlan. Syntax vlan-id show ipv6 ospf interface vlan {...
Page 835: Show Ipv6 Ospf Neighbor
Retransmit Interval...... 5 Hello Interval......10 Dead Interval......40 LSA Ack Interval......1 Iftransit Delay Interval....1 Authentication Type...... None Metric Cost......10 (computed) OSPF Mtu-ignore......Disable OSPF Interface Type...... broadcast State........backup-designated-router Designated Router......1.1.1.1 Backup Designated Router....2.2.2.2 Number of Link Events....
Page 836: Show Ipv6 Ospf Range
User Guidelines This command has no user guidelines. Examples The following examples display information about OSPF neighbors, in the first case in a summary table, and in the second in a table specific to tunnel 1. console#show ipv6 ospf neighbor Router ID Priority Intf Interface State Dead...
Page 837: Show Ipv6 Ospf Stub Table
Syntax areaid show ipv6 ospf range areaid — Identifies the OSPF area whose ranges are being displayed. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays information about the area ranges for area 1.
Page 838: Show Ipv6 Ospf Virtual-Link
Example The following example displays the OSPF stub table. console#show ipv6 ospf stub table AreaId TypeofService Metric Val Import SummaryLSA ------------ ------------- ---------- ----------------- 0.0.0.10 Normal Enable show ipv6 ospf virtual-link Use the show ipv6 ospf virtual-link command in Privileged EXEC mode to display the OSPF Virtual Interface information for a specific area and neighbor.
Page 839: Show Ipv6 Ospf Virtual-Link Brief
Retransmit Interval......5 State.......... point-to-point Metric......... 10 Neighbor State......... Full show ipv6 ospf virtual-link brief Use the show ipv6 ospf virtual-link brief command in Privileged EXEC mode to display the OSPFV3 Virtual Interface information for all areas in the system. Syntax show ipv6 ospf virtual-link brief Default Configuration...
Page 841 PIM-DM Commands This chapter explains the following commands: • ip pimdm • show ip pimdm • show ip pimdm interface • show ip pimdm neighbor...
Page 842: Show Ip Pimdm
ip pimdm Use the ip pimdm command in Global Configuration mode to enable the administrative mode of PIM-DM in the router. Syntax ip pimdm no ip pimdm Default Configuration Disabled is the default state. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
Page 843: Show Ip Pimdm Interface
Example The following example displays system-wide information for PIM-DM. console(config)#show ip pimdm Admin Mode........Disable PIM-DM INTERFACE STATUS Interface Interface Mode Protocol State --------- --------------- --------------- show ip pimdm interface Use the show ip pimdm interface command in Privileged EXEC mode to display interface information for PIM-DM on the specified interface.
Page 844 Syntax vlan-id show ip pimdm neighbor [ interface vlan | all] vlan-id — A valid VLAN ID. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example display the neighbor information for PIM-DM on all interfaces.
Page 845 PIM-SM Commands This chapter explains the following commands: • ip pimsm • ip pimsm spt-threshold • ip pim-trapflags • show ip pimsm • show ip pimsm interface • show ip pimsm neighbor • show ip pimsm rphash...
Page 846: Ip Pimsm Spt-Threshold
ip pimsm Use the ip pimsm command in Global Configuration mode to set administrative mode of PIM- SM multicast routing across the router to enabled. IGMP must be enabled before PIM-SM can be enabled. Syntax ip pimsm no ip pimsm Default Configuration PIM-SM is disabled by default.
Page 847: Ip Pim-Trapflags
User Guidelines This command has no user guidelines. Example The following example configures a threshold rate of 100 kilobits/sec. console(config)#ip pimsm spt-threshold 100 ip pim-trapflags Use the ip pim-trapflags command in Global Configuration mode to enable the PIM trap mode for both Sparse Mode (SM) and Dense Mode (DM).
Page 848: Show Ip Pimsm Interface
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays the system-wide information for PIM-SM. console#show ip pimsm Admin Mode........Disable Join/Prune Interval (secs)..... 60 Data Threshold Rate (Kbps).....
Page 849: Show Ip Pimsm Neighbor
User Guidelines This command has no user guidelines. Example The following example displays interface information for VLAN 11 PIM-SM. console#show ip pimsm interface vlan 11 Interface........11 IP Address........0.0.0.0 Subnet Mask........0.0.0.0 Mode........... Disable Hello Interval (secs)......30 secs CBSR Preference........
Page 850: Show Ip Pimsm Rphash
console#show ip pimsm neighbor all NEIGHBOR TABLE Interface IP Address Up Time Expiry Time (hh:mm:ss) (hh:mm:ss) --------- ---------------- ---------- ------------ show ip pimsm rphash Use the show ip pimsm rphash command in Privileged EXEC mode to display the RP router being selected from the set of active RP routers.
Page 851: Router Discovery Protocol Commands
Router Discovery Protocol Commands This chapter explains the following commands: • ip irdp • ip irdp address • ip irdp holdtime • ip irdp maxadvertinterval • ip irdp minadvertinterval • ip irdp preference • show ip irdp...
Page 852: Ip Irdp Address
ip irdp Use the ip irdp command in Interface Configuration mode to enable Router Discovery on an interface. Use the no form of the command to disable Router Discovery. Syntax ip irdp no ip irdp Default Configuration Disabled is the default configuration. Command Mode Interface Configuration (VLAN) mode User Guidelines...
Page 853: Ip Irdp Holdtime
Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example sets the limited broadcast address as the IP address for router discovery advertisements. console(config)#interface vlan 15 console(config-if-vlan15)#ip irdp address 255.255.255.255 ip irdp holdtime Use the ip irdp holdtime command in Interface Configuration mode to configure the value, in seconds, of the holdtime field of the router advertisement sent from this interface.
Page 854: Ip Irdp Maxadvertinterval
ip irdp maxadvertinterval Use the ip irdp maxadvertinterval command in Interface Configuration mode to configure the maximum time, in seconds, allowed between sending router advertisements from the interface. Use the no form of the command to set the time to the default value. Syntax integer ip irdp maxadvertinterval...
Page 855: Ip Irdp Preference
Default Configuration The minimum interval value is 450. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example sets minimum advertisement interval at 100 seconds for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip irdp minadvertinterval 100 ip irdp preference Use the ip irdp preference command in Interface Configuration mode to configure the preference of the address as a default router address relative to other router addresses on the...
Page 856: Show Ip Irdp
console(config-if-vlan15)#ip irdp preference 1000 show ip irdp Use the show ip irdp command in Privileged EXEC mode to display the router discovery information for all interfaces, or for a specified interface. Syntax vlan-id show ip irdp {vlan |all} vlan-id — Valid VLAN ID •...
Page 857: Routing Information Protocol Commands
Routing Information Protocol Commands This chapter explains the following commands: • auto-summary • default-information originate • default-metric • distance rip • distribute-list out • enable • hostroutesaccept • ip rip • ip rip authentication • ip rip receive version • ip rip send version •...
Page 858: Default-Information Originate
auto-summary Use the auto-summary command in Router RIP Configuration mode to enable the RIP auto- summarization mode. Use the no form of the command to disable auto-summarization mode. Syntax auto-summary no auto-summary Default Configuration Disabled is the default configuration. Command Mode Router RIP Configuration mode.
Page 859: Distance Rip
Example console(config-router)#default-information originate default-metric Use the default-metric command in Router RIP Configuration mode to set a default for the metric of distributed routes. Use the no form of the command to return the metric to the default value. Syntax integer default-metric no default-metric integer —...
Page 860: Distribute-List Out
Default Configuration 15 is the default configuration. Command Mode Router RIP Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets the route preference value of RIP in the router at 100. console(config-router)#distance rip 100 distribute-list out Use the distribute-list out command in Router RIP Configuration mode to specify the access list to filter routes received from the source protocol.
Page 861: Hostroutesaccept
Example The following example elects access list ACL40 to filter routes received from the source protocol. console(config-router)#distribute-list ACL40 out static enable Use the enable command in Router RIP Configuration mode to reset the default administrative mode of RIP in the router (active). Use the no form of the command to disable the administrative mode for RIP.
Page 862: Ip Rip Authentication
Command Mode Router RIP Configuration mode. User Guidelines This command has no user guidelines. Example console(config-router)#hostroutesaccept ip rip Use the ip rip command in Interface Configuration mode to enable RIP on a router interface. Use the no form of the command to disable RIP on the interface. Syntax ip rip no ip rip...
Page 863: Ip Rip Receive Version
no ip rip authentication key — Authentication key for the specified interface. (Range: 16 bytes or less) • • encrypt — Specifies the Ethernet unit/port of the interface to view information. key-id — Authentication key identifier for authentication type encrypt. (Range: 0-255) •...
Page 864: Ip Rip Send Version
User Guidelines This command has no user guidelines. Example The following example allows no RIP control packets to be received by VLAN 11. console(config-if-vlan11)#ip rip receive version none ip rip send version Use the ip rip sent version command in Interface Configuration mode to configure the interface to allow RIP control packets of the specified version to be sent.
Page 865: Redistribute
redistribute The redistribute command configures RIP protocol to redistribute routes from the specified source protocol/routers. If the source protocol is OSPF, there are five possible match options. Syntax integer redistribute ospf [metric ] [match [internal] [external 1] [external 2] [nssa-external 1] [nssa-external 2]] no redistribute ospf redistribute { static | connected} [metric integer...
Page 866: Router Rip
router rip Use the router rip command in Global Configuration mode to enter Router RIP mode. Syntax router rip Default Configuration This command has no default configuration. Command Mode Global Configuration mode. User Guidelines This command has no user guidelines. Example The following example enters Router RIP mode.
Page 867: Show Ip Rip Interface
Example The following example displays information relevant to the RIP router. console#show ip rip RIP Admin Mode......... Enable Split Horizon Mode......Simple Auto Summary Mode......Enable Host Routes Accept Mode......Enable Global route changes......0 Global queries......... 0 Default Metric......... 12 Default Route Advertise......
Page 868: Show Ip Rip Interface Brief
Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays information related to the VLAN 15 RIP interface. console#show ip rip interface vlan 15 Interface........15 IP Address........----- Send version........RIP-2 Receive version........
Page 869: Split-Horizon
Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays general information for each RIP interface. console#show ip rip interface brief Send Receive Link Interface IP Address Version Version Mode State ---------- ---------- -------- ----------- --------- ---------- vlan1 0.0.0.0...
Page 870 Example The following example does not use split horizon. console(config-router)#split-horizon none...
Page 871 Tunnel Interface Commands This chapter explains the following commands: • interface tunnel • show interfaces tunnel • tunnel destination • tunnel mode ipv6ip • tunnel source...
Page 872 interface tunnel Use the interface tunnel command in Global Configuration mode to enter the interface configuration mode for a tunnel. Syntax tunnel-id interface tunnel tunnel-id no interface tunnel tunnel-id — Tunnel identifier. (Range: 0–7) • Default Configuration This command has no default configuration. Command Mode Global Configuration mode.
Page 873 User Guidelines This command has no user guidelines. Examples The following examples show the parameters related to an individual tunnel and to all tunnel interfaces. console#show interfaces tunnel 1 Interface Link Status......down MTU size........1480 bytes console#show interfaces tunnel TunnelId Interface TunnelMode...
Page 874 console(config)#interface tunnel 1 console(config-if-tunnel1)#tunnel destination 10.1.1.1 tunnel mode ipv6ip Use the tunnel mode ipv6ip command in Interface Configuration mode to specify the mode of the tunnel. Syntax tunnel mode ipv6ip [6to4] no tunnel mode • 6to4 — Sets the tunnel mode to automatic. Default Configuration This command has no default configuration.
Page 875 vlan-id — Valid VLAN ID. • Default Configuration This command has no default configuration. Command Mode Interface Configuration (Tunnel) mode. User Guidelines This command has no user guidelines. Example The following example specifies VLAN 11 as the source transport address of the tunnel. console(config)#interface tunnel 1 console(config-if-tunnel1)#tunnel source vlan 11...
Page 877 Virtual Router Redundancy Protocol Commands This chapter explains the following commands: • ip vrrp • ip vrrp authentication • ip vrrp ip • ip vrrp mode • ip vrrp preempt • ip vrrp priority • ip vrrp timers advertise • ip vrrp track interface •...
Page 878 ip vrrp Use the ip vrrp command in Global Configuration mode to enable the administrative mode of VRRP for the router. In Interface Config mode, this command enables the VRRP protocol on an interface. Use the no form of the command to disable the administrative mode of VRRP for the router.
Page 879 Syntax vr-id ip vrrp authentication {none | simple vr-id no ip vrrp authentication vr-id — The virtual router identifier. (Range: 1-255) • • none — Indicates authentication type is none. • simple — Authentication type is a simple text password. key —...
Page 880 Default Configuration This command has no default configuration. Command Mode Interface Configuration (VLAN) mode. User Guidelines The primary IP address can be modified, but not deleted. The no form of the command is only valid for the secondary IP address. Example The following example sets the virtual router IP address for VLAN 15.
Page 881 console(config-if-vlan15)#ip vrrp 5 mode ip vrrp preempt Use the ip vrrp preempt command in Interface Configuration mode to set the preemption mode value for the virtual router configured on a specified interface. Use the no form of the command to disable preemption mode. Syntax ip vrrp vr-id...
Page 882 Default Configuration priority has a default value of 100. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example sets the priority value for the virtual router for VLAN 15. console(config-if-vlan15)#ip vrrp 5 priority 20 ip vrrp timers advertise Use the ip vrrp timers advertise command in Interface Configuration mode to set the frequency, in seconds, that an interface on the specified virtual router sends a virtual router...
Page 883 Example The following example sets the frequency at which the VLAN 15 virtual router sends a virtual router advertisement. console(config-if-vlan15)#ip vrrp 5 timers advertise 10 ip vrrp track interface Use the ip vrrp track interface command to alter the priority of the VRRP router based on the availability of its interfaces.
Page 884 User Guidelines There are no user guidelines for this command. Example The following example adds VLAN 2 to the virtual router tracked list (with a priority decrement value of 20). (config-if-vlan10)#ip vrrp 1 track interface vlan 2 decrement 20 ip vrrp track ip route Use the ip vrrp track ip route command to track the route reachability.
Page 885 Example The following example adds the route 2.2.2.0/24 to the virtual router tracked list (with a priority decrement value of 20). console(config-if-vlan10)#ip vrrp 1 track ip route 2.2.2.0/24 decrement 20 show ip vrrp Use the show ip vrrp command in Privileged EXEC mode to display whether VRRP functionality is enabled or disabled on the switch.
Page 886 Syntax vlan-id vr-id show ip vrrp interface vlan vlan-id — Valid VLAN ID. • vr-id — The virtual router identifier. (Range: 1-255) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays all configuration information about the VLAN 15 virtual router.
Page 887 Track Route(pfx/len) Reachable DecrementPriority --------------------- --------- ------------------ 10.10.10.0/24 False show ip vrrp interface brief Use the show ip vrrp interface brief command in Privileged EXEC mode to display information about each virtual router configured on the switch. It displays information about each virtual router.
Page 888 Syntax vlan-id vr-id show ip vrrp interface stats vlan vlan-id — Valid VLAN ID. • vr-id — The virtual router identifier. (Range: 1-255) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays all statistical information about the VLAN 15 virtual router.
Page 889 Utility Commands This section of the document contains the following topics: • Autoconfig Commands • Captive Portal Commands • Clock Commands • Configuration and Image File Commands • Denial of Service Commands • Line Commands • Management ACL Commands • Password Management Commands •...
Page 891 Autoconfig Commands This chapter explains the following commands: • boot host auto-save • boot host dhcp • boot host retry-count • show boot...
Page 892 boot host auto-save The boot host auto-save command enables/disables the option to automatically save configuration files downloaded to the switch by Auto Config. Syntax boot host auto-save no boot host auto-save Default Configuration The downloaded configuration is not automatically saved by default. Command Mode Global Configuration mode User Guidelines...
Page 893: Show Boot
Example console#no boot host dhcp boot host retry-count The boot host retry-count command sets the number of attempts to download a configuration. Use the "no" form of this command to reset the number to the default. Syntax retry boot host retry-count no boot host retry-count retry —The number of attempts to download a configuration (Range: 1–6).
Page 894 User Guidelines This command has no user guidelines. Example console#show boot Config Download via DHCP: enabled Auto Config State : Waiting for boot options Auto Config State : Resolving switch hostname Auto Config State : Downloading file <boot>.cfg...
Page 895 Captive Portal Commands This chapter explains the following commands: Captive Portal Global Commands • authentication timeout • captive-portal • enable • http port • https port • show captive-portal • show captive-portal status Captive Portal Configuration Commands • block • configuration •...
Page 896 • show captive-portal interface configuration status Captive Portal Interface Commands • clear captive-portal users Captive Portal Local User Commands • clear captive-portal users • no user • show captive-portal user • user group • user name • user password • user session-timeout Captive Portal Status Commands •...
Page 897 Captive Portal Global Commands authentication timeout Use the authentication timeout command to configure the authentication timeout. If the user does not enter valid credentials within this time limit, the authentication page needs to be served again in order for the client to gain access to the network. Use the “no” form of this command to reset the authentication timeout to the default.
Page 898: Enable
Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#captive-portal console(config-CP)# enable Use the enable command to globally enable captive portal. Use the “no” form of this command to globally disable captive portal. Syntax enable no enable...
Page 899 no http port port-num — The port number to monitor (Range: 1–65535). • Default Configuration Captive portal only monitors port 80 by default. Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command. Example console(config-CP)#http port 81 console(config-CP)#no http port https port...
Page 900 console(config-CP)#no https port show captive-portal Use the show captive-portal command to display the status of the captive portal feature. Syntax show captive-portal Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Example console#show captive-portal Administrative Mode.......
Page 901 User Guidelines There are no user guidelines for this command. Example console#show captive-portal status Additional HTTP Port......81 Additional HTTP Secure Port....1443 Authentication Timeout......300 Supported Captive Portals...... 10 Configured Captive Portals..... 1 Active Captive Portals......0 Local Supported Users......128 Configured Local Users......
Page 902: Configuration
User Guidelines There are no user guidelines for this command. Example console(config-CP 2)#block configuration Use the configuration command to enter the captive portal instance mode. The captive portal configuration identified by CP ID 1 is the default CP configuration. The system supports a total of ten CP configurations.
Page 903 no enable Default Configuration Configurations are enabled by default Command Mode Captive Portal Instance mode. User Guidelines There are no user guidelines for this command. Example console(config-CP 2)#no enable group Use the group command to configure the group number for a captive portal configuration. If a group number is configured, the user entry (Local or RADIUS) must be configured with the same name and the group to authenticate to this captive portal instance.
Page 904: Interface
interface Use the interface command to associate an interface with a captive portal configuration. Use the “no” form of this command to remove an association. Syntax interface interface interface no interface interface —An interface or range of interfaces. Default Configuration No interfaces are associated with a configuration by default.
Page 905: Name
User Guidelines There are no user guidelines for this command. name Use the name command to configure the name for a captive portal configuration. Use the “no” form of this command to remove a configuration name. Syntax cp-name name no name cp-name —CP configuration name (Range: 1–32 characters).
Page 906 User Guidelines There are no user guidelines for this command. Example console(config-CP 2)#protocol http redirect Use the redirect command to enable the redirect mode for a captive portal configuration. Use the “no” form of this command to disable redirect mode. Syntax redirect no redirect...
Page 907 User Guidelines There are no user guidelines for this command. Example console(config-CP 2)#redirect-url www.dell.com session-timeout Use the session-timeout command to configure the session timeout for a captive portal configuration. Use the “no” form of this command to reset the session timeout to the default.
Page 908 Syntax verification { guest | local | radius } • guest— Allows access for unauthenticated users (users that do not have assigned user names and passwords). • local— Authenticates users against a local user database. • radius— Authenticates users against a remote RADIUS database. Default Configuration The default verification mode is guest.
Page 909 User Guidelines There are no user guidelines for this command. Example console#captive-portal client deauthenticate 0002.BC00.1290 show captive-portal client status Use the show captive-portal client status command to display client connection details or a connection summary for connected captive portal users. Syntax macaddr show captive-portal client [...
Page 910: Show Captive-Portal Configuration Client Status
Verification Mode......Local CP ID........1 CP Name........cp1 Interface......... 1/g1 Interface Description..... Unit: 1 Slot: 0 Port: 1 Gigabit - Level User Name......... user123 Session Time......0d:00:00:13 show captive-portal configuration client status Use the show captive-portal configuration client status command to display the clients authenticated to all captive portal configurations or a to specific configuration.
Page 911 console#show captive-portal configuration 1 client status CP ID........1 CP Name........cp1 Client Client MAC Address IP Address Interface Interface Description -------------- --------------- --------- -------------------------------- 0002.BC00.1290 10.254.96.47 1/g1 Unit: 1 Slot: 0 Port: 1 Gigabit 0002.BC00.1291 10.254.96.48 1/g2 Unit: 1 Slot: 0 Port: 2 Gigabit show captive-portal interface client status Use the show captive-portal interface client status command to display information about clients authenticated on all interfaces or a specific interface.
Page 912 console#show captive-portal interface 1/g1 client status Interface......... 1/g1 Interface Description..... Unit: 1 Slot: 0 Port: 1 Gigabit Client Client MAC Address IP Address CP ID CP Name Protocol Verification ----------------- --------------- ----- ----------------- -------- ------------ 0002.BC00.1290 10.254.96.47 http local 0002.BC00.1291 10.254.96.48 http local...
Page 913 CP Name........cp1 Interface Interface Description Type --------- ----------------------------------- -------- 1/g1 Unit: 1 Slot: 0 Port: 1 Gigabit ... Physical Captive Portal Local User Commands clear captive-portal users Use the clear captive-portal users command to delete all captive portal user entries. Syntax clear captive-portal users Default Configuration...
Page 914 Command Mode Captive Portal Configuration mode. User Guidelines There are no user guidelines for this command. Example console(config-CP)#no user 1 show captive-portal user Use the show captive-portal user command to display all configured users or a specific user in the captive portal local user database. Syntax show captive-portal user [ user-id ] user-id —User ID (Range: 1–128).
Page 915 console#show captive-portal user 1 User ID........1 User Name........user123 Password Configured......Yes Session Timeout........ 0 Group ID Group Name -------- -------------------------------- Default group2 user group Use the user group command to associate a group with a captive portal user. Use the “no” form of this command to disassociate a group and user.
Page 916: User Name
user name Use the user name command to modify the user name for a local captive portal user. Syntax user-id name user name user-id —User ID (Range: 1–128). • name —user name (Range: 1–32 characters). • Default Configuration There is no name for a user by default. Command Mode Captive Portal Configuration mode.
Page 917 User Guidelines There are no user guidelines for this command. Example console(Config-CP)#user 1 password Enter password (8 to 64 characters): ******** Re-enter password: ******** user session-timeout Use the user session-timeout command to set the session timeout value for a captive portal user. Use the “no”...
Page 918 Captive Portal Status Commands show captive-portal configuration Use the show captive-portal configuration command to display the operational status of each captive portal configuration. Syntax cp-id show captive-portal configuration cp-id —Captive Portal ID. Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode.
Page 919 cp-id — Captive Portal ID. • interface — Interface in unit/port format. • Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Example console#show captive-portal configuration 1 interface CP ID........
Page 920 show captive-portal configuration locales Use the show captive-portal configuration locales command to display locales associated with a specific captive portal configuration. Syntax cp-id show captive-portal configuration locales cp-id — Captive Portal Configuration ID. • Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode.
Page 921 Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Example console#show captive-portal configuration status CP ID CP Name Mode Protocol Verification ----- --------------- -------- -------- ------------ Enable https Guest Enable http Local Disable https Guest console#show captive-portal configuration 1 status CP ID..........
Page 922: User Group
Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Example console#show trapflags captive-portal Client Authentication Failure Traps.... Disable Client Connection Traps......Disable Client Database Full Traps..... Disable Client Disconnection Traps.....
Page 923 User Guidelines There are no user guidelines for this command. Example console(config-CP)#user group 2 console(config-CP)#no user group 2 user group moveusers Use the user group moveusers command to move a group's users to a different group. Syntax group-id new-group-id user group moveusers group-id —...
Page 924 Default Configuration User groups have no names by default. Command Mode Captive Portal Configuration mode. User Guidelines There are no user guidelines for this command. Example console(config-CP)#user group 2 name group2...
Page 925 Clock Commands This chapter explains the following commands: • • show clock • show sntp configuration • show sntp status • sntp authenticate • sntp authentication-key • sntp broadcast client enable • sntp client poll timer • sntp server • sntp trusted-key •...
Page 926 Command Mode Privileged EXEC User Guidelines No specific guidelines Example The following example shows the time and date only. console# show clock 15:29:03 PDT(UTC-7) Jun 17 2005 Time source is SNTP When SNTP client Admin Mode is disabled, the command displays No time source as shown in the following example: console# show clock 04:48:52 (UTC+0:00) May 9 2005...
Page 927 show sntp configuration Use the show sntp configuration command in Privileged EXEC mode to show the configuration of the Simple Network Time Protocol (SNTP). Syntax show sntp configuration Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Page 928 show sntp status Use the show sntp status command in Privileged EXEC mode to show the status of the Simple Network Time Protocol (SNTP). Syntax show sntp status Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Page 929 no sntp authenticate Default Configuration No authentication. Command Mode Global Configuration mode User Guidelines The command is relevant for both Unicast and Broadcast. Example The following example, after defining the authentication key for SNTP , grants authentication. console(config)# sntp authentication-key 8 md5 ClkKey console(config)# sntp trusted-key 8 console(config)# sntp authenticate sntp authentication-key...
Page 930 Examples The following examples define the authentication key for SNTP . console(config)# sntp authentication-key 8 md5 ClkKey console(config)# sntp trusted-key 8 console(config)# sntp authenticate sntp broadcast client enable Use the sntp broadcast client enable command in Global Configuration mode to enable a Simple Network Time Protocol (SNTP) Broadcast client.
Page 931 seconds — Polling interval. (Range: 64-1024 seconds, in powers of 2) • Default Configuration The polling interval is 64 seconds. Command Mode Global Configuration mode User Guidelines If a user enters a value which is not an exact power of two, the nearest power-of-two value is applied.
Page 932 User Guidelines Up to 8 SNTP servers can be defined. Use the sntp client enable command in Global Configuration mode to enable unicast clients globally. Polling time is determined by the sntp client poll timer <64-1024> global configuration command. Example The following example configures the device to accept Simple Network Time Protocol (SNTP) traffic from the server at IP address 192.1.1.1.
Page 933 sntp unicast client enable Use the sntp unicast client enable command in Global Configuration mode to enable a client to use Simple Network Time Protocol (SNTP) predefined Unicast clients. To disable an SNTP Unicast client, use the no form of this command. Syntax sntp unicast client enable no sntp unicast client enable...
Page 934: Clock Summer-Time Recurring
Default Value No default setting User Guidelines No specific guidelines Example console(config)#clock timezone -5 minutes 30 zone IST no clock timezone Use the no clock timezone command to reset the time zone settings. Syntax no clock timezone Default Configuration This command has no default configuration. Command Mode Global Configuration User Guidelines...
Page 935: Clock Summer-Time Date
day — Day of the week. (Range: The first three letters by name; sun, for example.) • month — Month. (Range: The first three letters by name; jan, for example.) • hh:mm — Time in 24-hour format in hours and minutes. (Range: hh: 0–23, mm: 0–59) •...
Page 936: No Clock Summer-Time
Default Configuration This command has no default configuration. Command Mode Global Configuration User Guidelines No specific guidelines Examples console(config)# clock summer-time date 1 Apr 2007 02:00 28 Oct 2007 offset 90 zone EST console(config)# clock summer-time date Apr 1 2007 02:00 Oct 28 2007 offset 90 zone EST no clock summer-time Use the no clock summer-time command to reset the summertime configuration.
Page 937: Boot System
Configuration and Image File Commands This chapter explains the following commands: • boot system • clear config • copy • delete backup-config • delete backup-image • delete startup-config • filedescr • script apply • script delete • script list • script show •...
Page 938: Clear Config
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines Use the show bootvar command to find out which image is the active image. Example The following example loads system image image1 for the next device startup. console# boot system image1 clear config Use the clear config command in Privileged EXEC mode to restore the switch to the default...
Page 939 Syntax source-url destination-url //ipaddr/filepath/filename copy {xmodem | tftp: //username ipaddr/filepath/filename hostname sftp|scp: source-url — The location URL or reserved keyword of the source file being copied. (Range: • 1–160 characters.) • destination-url — The URL or reserved keyword of the destination file. (Range: 1–160 characters.) ipaddr —...
Page 940 Command Mode Privileged EXEC mode User Guidelines The location of a file system dictates the format of the source or destination URL. The entire copying process may take several minutes and differs from protocol to protocol and from network to network. Understanding Invalid Combinations of Source and Destination Some combinations of source and destination are not valid.
Page 941: Delete Backup-Config
Saving the Running Configuration to the Startup Configuration Use the copy running-config startup-config command to copy the running configuration to the startup configuration. Backing up the Running Configuration or Startup Configuration to the Backup Configuration Use the copy running-config backup-config command to back up the running configuration to the backup configuration file.
Page 942: Delete Backup-Image
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example deletes the backup-config file. console#delete backup-config Delete backup-config (Y/N)?y delete backup-image Use the delete backup-image command in Privileged EXEC mode to delete a file from a flash memory device.
Page 943: Filedescr
Syntax delete startup-config Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines If the startup-config file is not present when system reboots, it reboots with default settings. Example The following example deletes the startup-config file. console# delete startup-config Delete startup-config (y/n)? filedescr...
Page 944: Script Apply
Example The following example attaches a file description to image2. console#filedescr image2 “backedup on 03-22-05” script apply Use the script apply command in Privileged EXEC mode to apply the commands in the script to the switch. Syntax scriptname script apply scriptname —...
Page 945: Script List
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example deletes all scripts from the switch. console#script delete all script list Use the script list command in Privileged EXEC mode to list all scripts present on the switch as well as the remaining available space.
Page 946: Script Validate
script show Use the script show command in Privileged EXEC mode to display the contents of a script file. Syntax scriptname script show scriptname — Name of the script file to be displayed. (Range: 1-31 characters) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 947: Show Backup-Config
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example config.scr The following example validates the contents of the script file console#script validate config.scr show backup-config Use the show backup-config command in Privileged EXEC mode to display the contents of the backup configuration file.
Page 948: Show Bootvar
exit interface ethernet 1/g2 ip address 176.243.100.100 255.255.255.0 duplex full speed 1000 exit show bootvar Use the show bootvar command in User EXEC mode to display the active system image file that the device loads at startup. Syntax unit show bootvar [ unit —Unit number.
Page 949: Show Dir
------------------------------------------------------------------------- unit image1 image2 current-active next-active ------------------------------------------------------------------------- 0.31.0.0 0.31.0.0 image2 image2 show dir Use the show dir command to list all the files available on the flash file system (TrueFlashFileSystem). The user can view the file names, the size of each file, and the date of the last modification.
Page 950 Syntax all | scriptname ] show running-config [ all -—To display or capture the commands with settings and configuration that are equal • all option. to the default value, include the scriptname -—If the optional scriptname is provided, the output is redirected to a script •...
Page 951 Example The following example displays the contents of the running-config file. console#show running-config !Current Configuration: !System Description “PowerConnect M6348, 3.1.0.1, VxWorks 6.5" !System Software Version 3.1.0.1 configure vlan database vlan 10,20,30 exit stack member 1 2 exit ip address dhcp...
Page 952: Show Startup-Config
Example The following example displays the contents of the startup-config file. console#show startup-config 1 : !Current Configuration: 2 : !System Description “PowerConnect M6348, 3.1.0.x, VxWorks6.5” 3 : !System Software Version 3.1.0.x 4 : ! 5 : configure 6 : vlan database...
Page 953: Update Bootcode
13 : ip address vlan 1001 14 : interface vlan 3 15 : routing 16 : exit 17 : username “lvl7” password fb3604df5a109405b2d79ecb06c47ab5 level 15 encrypted 18 : ! 19 : interface ethernet 1/g17 20 : switchport mode general 21 : switchport general pvid 1001 22 : no switchport general acceptable-frame-type tagged-only 23 : switchport general allowed vlan add 1000-1001 24 : switchport general allowed vlan remove 1...
Page 954 Syntax unit update bootcode [ unit —Unit number. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines unit is not specified, all units are updated. Example The following example updates the bootcode on unit 2. console#update bootcode 2...
Page 955: Denial Of Service Commands
Denial of Service Commands This chapter explains the following commands: • dos-control firstfrag • dos-control icmp • dos-control l4port • dos-control sipdip • dos-control tcpflag • dos-control tcpfrag • ip icmp echo-reply • ip icmp error-interval • ip unreachables • ip redirects •...
Page 956: Dos-Control Icmp
dos-control firstfrag Use the dos-control firstfrag command in Global Configuration mode to enable Minimum TCP Header Size Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress having a TCP Header Size smaller than the configured value, the packets are dropped.
Page 957: Dos-Control L4Port
Default Configuration Denial of Service is disabled. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example activates the Maximum ICMP Packet Denial of Service protection with a maximum packet size of 1023. console(config)#dos-control icmp 1023 dos-control l4port Use the dos-control l4port command in Global Configuration mode to enable L4 Port Denial of...
Page 958: Dos-Control Sipdip
dos-control sipdip Use the dos-control sipdip command in Global Configuration mode to enable Source IP Address = Destination IP Address (SIP=DIP) Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress with SIP=DIP , the packets is dropped if the mode is enabled.
Page 959 Command Mode Global Configuration mode. User Guidelines This command has no user guidelines. Example The following example activates TCP Flag Denial of Service protections. console(config)#dos-control tcpflag dos-control tcpfrag Use the dos-control tcpfrag command in Global Configuration mode to enable TCP Fragment Denial of Service protection.
Page 960 Syntax ip icmp echo-reply no ip icmp echo-reply Default Configuration ICMP Echo Reply messages are enabled by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ip icmp echo-reply ip icmp error-interval Use the ip icmp error-interval command to limit the rate at which IPv4 ICMP error messages are sent.
Page 961 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console(config)#ip icmp error-interval 1000 20 ip unreachables Use the ip unreachables command to enable the generation of ICMP Destination Unreachable messages. Use the “no” form of this command to prevent the generation of ICMP Destination Unreachable messages.
Page 962 Syntax ip redirects no ip redirects Default Configuration ICMP Redirect messages are enabled by default. Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example console(config-if-vlan10)#ip redirects ipv6 icmp error-interval Use the icmp error-interval command to limit the rate at which ICMP error messages are sent. The rate limit is configured as a token bucket with two configurable parameters: Burst-size and burst interval.
Page 963 User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 icmp error-interval 2000 20 ipv6 unreachables Use the ipv6 unreachables command to enable the generation of ICMPv6 Destination Unreachable messages. Use the “no” form of this command to prevent the generation of ICMPv6 Destination Unreachable messages.
Page 964 Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays Denial of Service configuration information. console#show dos-control SIPDIP Mode.......Disable First Fragment Mode.......Disable Min TCP Hdr Size......20 TCP Fragment Mode......Disable TCP Flag Mode......Disable L4 Port Mode......Disable ICMP Mode.........Disable Max ICMP Pkt Size......512...
Page 965: Line Commands
Line Commands This chapter explains the following commands: • exec-timeout • history • history size • line • show line • speed...
Page 966 exec-timeout Use the exec-timeout command in Line Configuration mode to set the interval that the system waits for user input before timeout. To restore the default setting, use the no form of this command. Syntax minutes seconds exec-timeout no exec-timeout minutes —...
Page 967 Command Mode Line Interface mode User Guidelines This command has no user guidelines. Example The following example disables the command history function for the current terminal session. console(config-line)# no history history size Use the history size command in Line Configuration mode to change the command history buffer size for a particular line.
Page 968 line Use the line command in Global Configuration mode to identify a specific line for configuration and enter the line configuration command mode. Syntax line {console|telnet|ssh} • console — Console terminal line. • telnet — Virtual terminal for remote console access (Telnet). •...
Page 969: Speed
Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the line configuration. console>show line Console configuration: Interactive timeout: Disabled History: 10 Baudrate: 9600 Databits: 8 Parity: none Stopbits: 1 Telnet configuration: Interactive timeout: 10 minutes 10 seconds History: 10 SSH configuration:...
Page 970 Default Configuration This default speed is 9600. Command Mode Line Interface (console) mode User Guidelines This configuration applies only to the current session. Example The following example configures the console baud rate to 9600. console(config-line)#speed 9600...
Page 971 Management ACL Commands This chapter explains the following commands: • deny (management) • management access-class • management access-list • permit (management) • show management access-class • show management access-list...
Page 972 deny (management) Use the deny command in Management Access-List Configuration mode to set conditions for the management access list. Syntax interface-number vlan-id number service deny [ethernet | vlan | port-channel ] [service priority [priority ip-address mask prefix-length interface-number vlan- deny ip-source [mask ] [ethernet | vlan...
Page 973 management access-class Use the management access-class command in Global Configuration mode to restrict management connections. To disable restriction, use the no form of this command. Syntax name management access-class {console-only| no management access-class name — A valid access-list name. (Range: 1–32 characters) •...
Page 974 Command Mode Global Configuration mode User Guidelines This command enters the access-list configuration mode, where the denied or permitted access conditions with the deny and permit commands must be defined. If no match criteria are defined the default is deny. If reentering to an access-list context, the new rules are entered at the end of the access-list.
Page 975 Syntax ip-address mask prefix-length interface-number permit ip-source [ mask ] [ethernet | vlan vlan-id number service priority-value |port-channel ] [ service ] [ priority permit { ethernet interface-number | vlan vlan-id | port-channel number service } [service priority-value [priority service priority-value permit service [priority...
Page 976 console(config)# management access-class mlist The following example shows how to configure all the interfaces to be management interfaces except for two interfaces, Ethernet 1/g1 and Ethernet 2/g9. console(config)# management access-list mlist console(config-macl)# deny ethernet 1/g1 priority <1-64> console(config-macl)# deny ethernet 2/g9 priority <1-64> console(config-macl)# permit priority <1-64>...
Page 977 Syntax name show management access-list [ name — A valid access list name. (Range: 1–32 characters) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the active management access-list. console# show management access-list mlist -----...
Page 979: Password Management Commands
Password Management Commands This chapter explains the following commands: • passwords aging • passwords history • passwords lock-out • passwords min-length • show passwords configuration...
Page 980: Passwords History
passwords aging Use the passwords aging command in Global Configuration mode to implement expiration date on the passwords. The user is required to change the passwords when they expire. Use the no form of this command to disable the aging function. Syntax passwords aging no passwords aging...
Page 981: Passwords Lock-Out
Default Configuration No password history is maintained. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example sets the number of previous passwords remembered by the system at 10. console(config)#passwords history 10 passwords lock-out As the administrator, use the passwords lock-out command in Global Configuration mode to strengthen the security of the switch by enabling the user lockout feature.
Page 982: Passwords Min-Length
console(config)#passwords lock-out 2 passwords min-length Use the passwords min-length command in Global Configuration mode to configure the minimum length required for passwords in the local database. Use the no version of this command to disable any minimum password length limitation. If the password length requirement is disabled, users can be created with no password.
Page 983 Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the command output. console#show passwords configuration passwords configuration: Minimum password length : disabled Minimum password length value : - Password History : enabled Password History length aging : enabled...
Page 985: Phy Diagnostics Commands
PHY Diagnostics Commands This chapter explains the following commands: • show copper-ports cable-length • show copper-ports tdr • show fiber-ports optical-transceiver • test copper-port tdr...
Page 986: Show Copper-Ports Tdr
show copper-ports cable-length Use the show copper-ports cable-length command in Privileged EXEC mode to display the estimated copper cable length attached to a port. Syntax interface show copper-ports cable-length [ interface — A valid Ethernet port. The full syntax is unit / port. •...
Page 987: Show Fiber-Ports Optical-Transceiver
interface — A valid Ethernet port. The full syntax is unit / port. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines The copper-related commands do not apply to the stacking, CX-4, or 10GBaseT ports associated with these plug-in modules.
Page 988: Test Copper-Port Tdr
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines The show fiber ports command is only applicable to the SFP combo ports and XFP ports (not the ports on the SFP+ plug-in module). Examples The following examples display the optical transceiver diagnostics.
Page 989 Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines During the test shut down the port under test unless it is a combo port with an active fiber port. NOTE: The maximum distance VCT can function is 120 meters. PCM8024 10G BaseT ports.
Page 991: Rmon Commands
RMON Commands This chapter explains the following commands: • rmon alarm • rmon collection history • rmon event • show rmon alarm • show rmon alarm-table • show rmon collection history • show rmon events • show rmon history • show rmon log •...
Page 992: Rmon Alarm
rmon alarm Use the rmon alarm command in Global Configuration mode to configure alarm conditions. To remove an alarm, use the no form of this command. Also see the related show rmon alarm command. Syntax index variable interval rthreshold fthreshold revent fevent type rmon alarm [type...
Page 993: Rmon Collection History
Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example configures the following alarm conditions: • Alarm index — 1 • Variable identifier — 1.3.6.1.2.1.2.2.1.10.5 • Sample interval — 10 seconds • Rising threshold — 500000 •...
Page 994: Rmon Event
Default Configuration The buckets configuration is 50. The interval configuration is 1800 seconds. Command Mode Interface Configuration (Ethernet, Port-Channel) mode. User Guidelines This command cannot be executed on multiple ports using the interface range ethernet command. Example The following example enables a Remote Monitoring (RMON) MIB history statistics group on port 1/g8 with the index number "1"...
Page 995: Show Rmon Alarm
Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example configures an event with the trap index of 10. console(config)#rmon event 10 log show rmon alarm Use the show rmon alarm command in User EXEC mode to display alarm configuration. Also see the rmon alarm command.
Page 996 Sample Type: delta Startup Alarm: rising Rising Threshold: 8700000 Falling Threshold: 78 Rising Event: 1 Falling Event: 1 Owner: CLI The following table describes the significant fields shown in the display: Field Description Alarm Alarm index. Monitored variable OID. Last Sample Value The statistic value during the last sampling period.
Page 997: Show Rmon Alarm-Table
show rmon alarm-table Use the show rmon alarm-table command in User EXEC mode to display the alarms summary table. Syntax show rmon alarm-table Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the alarms summary table: console>...
Page 998: Show Rmon Collection History
show rmon collection history Use the show rmon collection history command in User EXEC mode to display the requested group of statistics. Also see the rmon collection history command. Syntax interface port-channel-number show rmon collection history [ethernet | port-channel interface — Valid Ethernet port. The full syntax is unit |port . •...
Page 999: Show Rmon Events
The following table describes the significant fields shown in the display: Field Description Index An index that uniquely identifies the entry. Interface The sampled Ethernet interface. Interval The interval in seconds between samples. Requested Samples The requested number of samples to be saved. Granted Samples The granted number of samples to be saved.
Page 1000: Show Rmon History
The following table describes the significant fields shown in the display: Field Description Index An index that uniquely identifies the event. Description A comment describing this event. Type The type of notification that the device generates about this event. Can have the following values: none, log, trap, log-trap.
Page 1001 Examples The following example displays RMON Ethernet Statistics history for “throughput” on index number 1. console> show rmon history 1 throughput Sample Set: 1 Owner: CLI Interface: 1/g1 interval: 1800 Requested samples: 50 Granted samples: 50 Maximum table size: 270 Time Octets Packets...
Page 1002 The following example displays RMON Ethernet Statistics history for "other" on index number console> show rmon history 1 other Sample Set: 1 Owner: Me Interface: 1/g1 Interval: 1800 Requested samples: 50 Granted samples: 50 Maximum table size: 270 Time Dropped Collisions ------------------- ----------- -----------...
Page 1003 Field Description Fragments The total number of packets received during this sampling interval that were less than 64 octets in length (excluding framing bits but including FCS octets) had either a bad Frame Check Sequence (FCS) with an integral number of octets (FCS Error), or a bad FCS with a non-integral number of octets (AlignmentError).
Page 1004: Show Rmon Log
show rmon log Use the show rmon log command in User EXEC mode to display the RMON logging table. Syntax event show rmon log [ event — Event index. (Range: 1–65535) • Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines...
Page 1005: Show Rmon Statistics
The following table describes the significant fields shown in the display: Field Description Event An index that uniquely identifies the event. Description A comment describing this event. Time The time this entry was created. show rmon statistics Use the show rmon statistics command in User EXEC mode to display RMON Ethernet Statistics.
Page 1006 Fragments: 0 Jabbers: 0 64 Octets: 98 65 to 127 Octets: 0 128 to 255 Octets: 0 256 to 511 Octets: 0 512 to 1023 Octets: 491 1024 to 1518 Octets: 389 The following table describes the significant fields shown in the display: Field Description Dropped...
Page 1007 Field Description 65 to 127 Octets The total number of packets (including bad packets) received that are between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets). 128 to 255 Octets The total number of packets (including bad packets) received that are between 128 and 255 octets in length inclusive (excluding framing bits but including FCS octets).
Page 1008 1008...
Page 1009: Serviceability Tracing Packet Commands
Serviceability Tracing Packet Commands This chapter explains the following commands: • debug arp • debug auto-voip • debug clear • debug console • debug dot1x • debug igmpsnooping • debug ip acl • debug ip dvmrp • debug ip igmp •...
Page 1010: Debug Arp
• show debugging NOTE: Debug commands are not persistent across resets. debug arp Use the debug arp command to enable tracing of ARP packets. Use the “no” form of this command to disable tracing of ARP packets. Syntax debug arp no debug arp Default Configuration ARP packet tracing is disabled by default.
Page 1011: Debug Clear
User Guidelines There are no usage guidelines for this command. Example console#debug auto-voip debug clear Use the debug clear command to disable all debug traces. Syntax debug clear Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode.
Page 1012: Debug Dot1X
Command Mode Privileged EXEC mode. User Guidelines There are no usage guidelines for this command. Example console#debug console debug dot1x Use the debug dot1x command to enable dot1x packet tracing. Use the “no” form of this command to disable dot1x packet tracing. Syntax debug dot1x packet [ receive | transmit ] no debug dot1x packet [ receive | transmit ]...
Page 1013: Debug Ip Acl
Default Configuration Display of IGMP Snooping traces is disabled by default. Command Mode Privileged EXEC mode. User Guidelines There are no usage guidelines for this command. Example console#debug igmpsnooping packet debug ip acl Use the debug ip acl command to enable debug of IP Protocol packets matching the ACL criteria.
Page 1014: Debug Ip Igmp
dumped. Vital information such as source address, destination address, control packet type, packet length, and the interface on which the packet is received or transmitted is displayed on the console. Syntax debug ip dvmrp packet [ receive | transmit ] no debug ip dvmrp packet [ receive | transmit ] Default Configuration Display of DVMRP traces is disabled by default.
Page 1015: Debug Ip Mcache
User Guidelines There are no usage guidelines for this command. Example console#debug ip igmp packet debug ip mcache Use the debug ip mcache command for tracing MDATA packet reception and transmission. The receive option traces only received data packets and the transmit option traces only transmitted data packets.
Page 1016: Debug Ip Pimsm
Syntax debug ip pimdm packet [ receive | transmit ] no debug ip pimdm packet [ receive | transmit ] Default Configuration Display of PIMDM traces is disabled by default. Command Mode Privileged EXEC mode. User Guidelines There are no usage guidelines for this command. Example console#debug ip pimdm packet debug ip pimsm...
Page 1017: Debug Ip Vrrp
Example console#debug ip pimsm packet debug ip vrrp Use the debug ip vrrp command to enable VRRP debug protocol messages. Use the “no” form of this command to disable VRRP debug protocol messages. Syntax debug ip vrrp no debug ip vrrp Default Configuration Display of VRRP traces is disabled by default.
Page 1018: Debug Ipv6 Mld
Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example console#debug ipv6 mcache packet debug ipv6 mld Use the debug ipv6 mld command to trace MLD packet reception and transmission. The receive option traces only received MLD packets and the transmit option traces only transmitted MLD packets.
Page 1019: Debug Ipv6 Pimsm
address, control packet type, packet length, and the interface on which the packet is received or transmitted is displayed on the console. Use the “no” form of this command to disable PIMDMv6 tracing. Syntax debug ipv6 pimdm packet [ receive | transmit ] no debug ipv6 pimdm packet [ receive | transmit ] Default Configuration Display of PIMDMv6 traces is disabled by default.
Page 1020: Debug Isdp
Usage Guidelines There are no usage guidelines for this command. Example console#debug ipv6 pimsm packet debug isdp Use the debug isdp command to trace ISDP packet reception and transmission. The receive option traces only received ISDP packets and the transmit option traces only transmitted ISDP packets.
Page 1021: Debug Mldsnooping
Default Configuration Display of LACP traces is disabled by default. Command Mode Privileged EXEC mode. Usage Guidelines There are no usage guidelines for this command. Example console#debug lacp packet debug mldsnooping Use the debug mldsnooping command to trace MLD snooping packet reception and transmission.
Page 1022: Debug Ospf
debug ospf Use the debug ospf command to enable tracing of OSPF packets received and transmitted by the switch. Use the “no” form of this command to disable tracing of OSPF packets. Syntax debug ospf packet no debug ospf packet Default Configuration Display of OSPF traces is disabled by default.
Page 1023: Debug Ping
Example console#debug ospfv3 packet debug ping Use the debug ping command to enable tracing of ICMP echo requests and responses. This command traces pings on the network port and on the routing interfaces. Use the “no” form of this command to disable tracing of ICMP echo requests and responses. Syntax debug ping packet no debug ping packet...
Page 1024: Debug Sflow
Command Mode Privileged EXEC mode. Usage Guidelines There are no usage guidelines for this command. Example console#debug rip packet debug sflow Use the debug sflow command to enable sFlow debug packet trace. Use the “no” form of this command to disable sFlow packet tracing. Syntax debug sflow packet no debug sflow packet...
Page 1025: Show Debugging
Syntax debug spanning-tree bpdu [ receive | transmit ] no debug spanning-tree bpdu [ receive | transmit ] Default Configuration Display of spanning tree BPDU traces is disabled by default. Command Mode Privileged EXEC mode. Usage Guidelines There are no usage guidelines for this command. Example console#debug spanning-tree bpdu show debugging...
Page 1026 console #show debugging Arp packet tracing enabled. 1026...
Page 1027: Sflow Commands
Sflow Commands This chapter explains the following commands: • sflow destination • sflow polling • sflow polling (Interface Mode) • sflow sampling • sflow sampling (Interface Mode) • show sflow agent • show sflow destination • show sflow polling • show sflow sampling 1027...
Page 1028: Sflow Destination
sflow destination Use the sflow destination command to configure the sFlow collector parameters (owner string, receiver timeout, maxdatagram, ip address and port). Use the “no” form of this command to set receiver parameters to the default or remove a receiver. Syntax rcvr_index ip-address...
Page 1029: Sflow Polling
User Guidelines This command has no user guidelines Example console(config)#sflow 1 destination owner 1 timeout 2000 console(config)#sflow 1 destination maxdatagram 500 console(config)#sflow 1 destination 30.30.30.1 560 sflow polling Use the sflow polling command to enable a new sflow poller instance for this data source if rcvr_idx is valid.
Page 1030: Sflow Polling (Interface Mode)
sflow polling (Interface Mode) Use the sflow polling command in Interface Mode to enable a new sflow poller instance for this data source if rcvr_idx is valid. Use the "no" form of this command to reset poller parameters to the defaults. Syntax rcvr-index poll-interval...
Page 1031: Sflow Sampling (Interface Mode)
interfaces — The list of interfaces to poll. • sampling-rate — The statistical sampling rate for packet sampling from this source. A • sampling rate of 1 counts all packets. A rate of 0 disables sampling. A value of n means that out of n incoming packets, 1 packet will be sampled.
Page 1032: Show Sflow Agent
size — The maximum number of bytes that should be copied from the sampler packet • (Range: 20 - 256 bytes). Default Configuration There are no samplers configured by default. The default sampling rate is 0. The default maximum header size is 128. Command Mode Interface Configuration (Ethernet) mode User Guidelines...
Page 1033: Show Sflow Destination
IP Address The IP address associated with this agent. Example console#show sflow agent sFlow Version........1.3;Dell Corp.;10.23.18.28 IP Address........0.0.0.0 show sflow destination Use the show sflow destination command to display all the configuration information related to the sFlow receivers.
Page 1034: Show Sflow Polling
User Guidelines The following fields are displayed: Receiver Index The sFlow Receiver associated with the sampler/poller. Owner String The identity string for receiver, the entity making use of this sFlowRcvrTable entry. Time Out The time (in seconds) remaining before the receiver is released and stops sending samples to sFlow receiver.

This manual is also suitable for:

Powerconnect m8024 Powerconnect m6220 Powerconnect pcm6220 Powerconnect pcm6348 Powerconnect pcm8024

Dell PowerConnect M6348 Cli Reference Manual

Table of Contents

Command Groups

Layer 2 Commands

Address Table Commands

CDP Interoperability Commands

Link Dependency Commands

Port Aggregator Commands

Port Channel Commands

IGMP Proxy Commands

Ipv6 Multicast Commands

Tunnel Interface Commands

Captive Portal Commands

Utility Commands

Management ACL Commands

Telnet Server Commands

User Interface Commands

Web Server Commands

Dhcp Layer 2 Relay Commands

Dhcp Snooping Commands

Dynamic Arp Inspection Commands

Ethernet Configuration Commands

Qos Commands

Radius Commands

Spanning Tree Commands

Voice Vlan Commands

Quick Links

CLI Reference Guide

Chapters

Related Manuals for Dell PowerConnect M6348

Summary of Contents for Dell PowerConnect M6348