Page 1: Cli Reference Guide
Dell™ PowerConnect™ PC8024/8024F CLI Reference Guide Model PC8024/PC8024F w w w . d e l l . c o m | s u p p o r t . d e l l . c o m...
Page 2 Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden. Trademarks used in this text: Dell, the DELL logo, PowerEdge, PowerConnect, and OpenManage are trademarks of Dell Inc.; Microsoft and Windows are either trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries; sFlow is a registered trademark of InMon Corporation.
Page 3: Table Of Contents
Contents Command Groups Introduction 47 Command Groups 47 Mode Types 51 Layer 2 Commands 52 Layer 3 Commands 77 Utility Commands 97 Using the CLI Introduction 111 Entering and Editing CLI Commands 111 CLI Command Modes 116 Starting the CLI 125 Using CLI Functions and Tools 132 Layer 2 Commands Introduction 145...
Page 4 enable password 152 ip http authentication 153 ip https authentication 154 login authentication 155 password (Line Configuration) 155 password (User EXEC) 156 show authentication methods 157 show users accounts 158 show users login-history 158 username 159 ACL Commands access-list 161 deny | permit 162 ip access-group 164 no ip access-group 164...
Page 5 bridge multicast forbidden address 173 bridge multicast forbidden forward-unregistered 174 bridge multicast forward-all 174 bridge multicast forward-unregistered 175 clear bridge 176 port security 176 port security max 177 show bridge address-table 178 show bridge address-table count 178 show bridge address-table static 179 show bridge multicast address-table 180 show bridge multicast filtering 181 show ports security 182...
Page 6 show isdp entry 193 show isdp interface 194 show isdp neighbors 196 show isdp traffic 198 Data Center Bridging Commands clear priority-flow-control statistics 201 datacenter-bridging 202 priority-flow-control mode on 202 priority-flow-control priority 203 show interfaces datacenter-bridging 204 10 DHCP Layer 2 Relay Commands dhcp l2relay (Global Configuration) 207 dhcp l2relay (Interface Configuration) 208 dhcp l2relay circuit-id 208...
Page 7 ip dhcp snooping log-invalid 215 ip dhcp snooping trust 216 ip dhcp snooping verify mac-address 216 show ip dhcp snooping 217 show ip dhcp snooping binding 218 show ip dhcp snooping database 219 show ip dhcp snooping interfaces 219 show ip dhcp snooping statistics 220 12 Dynamic ARP Inspection Commands arp access-list 223 clear counters ip arp inspection 224...
Page 8 flowcontrol 237 interface ethernet 238 interface range ethernet 239 mtu 239 negotiation 240 negotiation <capability-list> 241 show interfaces advertise 242 show interfaces configuration 243 show interfaces counters 244 show interfaces description 249 show interfaces detail 250 show interfaces status 253 show statistics ethernet 256 show storm-control 261 shutdown 262...
Page 9 show gvrp configuration 271 show gvrp error-statistics 273 show gvrp statistics 274 15 IGMP Snooping Commands ip igmp snooping (global) 277 ip igmp snooping (interface) 278 ip igmp snooping host-time-out 278 ip igmp snooping leave-time-out 279 ip igmp snooping mrouter-time-out 280 show ip igmp snooping groups 280 show ip igmp snooping interface 281 show ip igmp snooping mrouter 282...
Page 10 17 IP Addressing Commands clear host 295 ip address 296 ip address 297 ip address vlan 298 ip default-gateway 298 ip domain-lookup 299 ip domain-name 300 ip host 300 ip name-server 301 ipv6 address 302 ipv6 enable 303 ipv6 gateway 303 show arp switch 304 show hosts 305 show ip helper-address 306...
Page 11 ipv6 mld snooping querier (VLAN mode) 318 ipv6 mld snooping querier address 318 ipv6 mld snooping querier election participate 319 ipv6 mld snooping querier query-interval 320 ipv6 mld snooping querier timer expiry 320 show ipv6 mld snooping querier 321 20 IP Source Guard Commands ip verify source 325 ip verify source port-security 325 ip verify binding 326...
Page 12 show lacp ethernet 339 show lacp port-channel 341 23 Link Dependency Commands link-dependency group 343 no link-dependency group 344 add ethernet 344 add port-channel 345 no add port-channel 345 depends-on ethernet 346 no depends-on ethernet 347 depends-on port-channel 347 no depends-on port-channel 348 show link-dependency 348 24 LLDP Commands clear lldp remote-data 351...
Page 13 lldp transmit-mgmt 359 lldp transmit-tlv 359 show lldp 360 show lldp interface 361 show lldp local-device 362 show lldp med 363 show lldp med interface 364 show lldp med local-device 365 show lldp med remote-device 367 show lldp remote-device 370 show lldp statistics 371 25 Port Channel Commands channel-group 375...
Page 14 class 389 class-map 390 class-map rename 390 classofservice dot1p-mapping 391 classofservice ip-dscp-mapping 392 classofservice trust 392 conform-color 393 cos-queue min-bandwidth 394 cos-queue strict 395 diffserv 395 drop 396 mark cos 397 mark ip-dscp 397 mark ip-precedence 398 match class-map 398 match cos 400 match destination-address mac 401 match dstip 401...
Page 15 match srcip6 409 match srcl4port 410 match vlan 410 mirror 411 police-simple 412 policy-map 413 redirect 414 service-policy 414 show class-map 415 show classofservice dot1p-mapping 417 show classofservice ip-dscp-mapping 418 show classofservice trust 421 show diffserv 422 show diffserv service interface ethernet 423 show diffserv service interface port-channel 423 show diffserv service brief 424 show interfaces cos-queue 425...
Page 16 key 436 msgauth 437 name 438 primary 438 priority 439 radius-server deadtime 440 radius-server host 440 radius-server key 441 radius-server retransmit 442 radius-server source-ip 443 radius-server timeout 443 retransmit 444 show radius-servers 445 show radius-servers statistics 447 source-ip 450 timeout 450 usage 451 29 Spanning Tree Commands clear spanning-tree detected-protocols 454...
Page 17 spanning-tree auto-portfast 467 spanning-tree bpdu flooding 468 spanning-tree bpdu-protection 469 spanning-tree cost 470 spanning-tree disable 470 spanning-tree forward-time 471 spanning-tree guard 472 spanning-tree loopguard 472 spanning-tree max-age 473 spanning-tree max-hops 474 spanning-tree mode 474 spanning-tree mst 0 external-cost 475 spanning-tree mst configuration 476 spanning-tree mst cost 477 spanning-tree mst port-priority 477 spanning-tree mst priority 478...
Page 18 priority 486 show tacacs 487 tacacs-server host 488 tacacs-server key 488 tacacs-server timeout 489 timeout 490 31 VLAN Commands dvlan-tunnel ethertype 492 interface vlan 493 interface range vlan 493 mode dvlan-tunnel 494 name 495 protocol group 495 protocol vlan group 496 protocol vlan group all 497 show dvlan-tunnel 498 show dvlan-tunnel interface 499...
Page 19 switchport general allowed vlan 509 switchport general ingress-filtering disable 510 switchport general pvid 511 switchport mode 511 switchport protected 512 switchport protected name 513 switchport trunk allowed vlan 514 vlan 514 vlan association mac 515 vlan association subnet 516 vlan database 516 vlan makestatic 517 vlan protocol group 518 vlan protocol group add protocol ethertype 518...
Page 20 dot1x re-authenticate 531 dot1x re-authentication 531 dot1x system-auth-control 532 dot1x timeout quiet-period 532 dot1x timeout re-authperiod 533 dot1x timeout server-timeout 534 dot1x timeout supp-timeout 535 dot1x timeout tx-period 535 show dot1x 536 show dot1x clients 539 show dot1x ethernet 541 show dot1x statistics 542 show dot1x users 544 dot1x guest-vlan 545...
Page 21 arp retries 555 arp timeout 555 clear arp-cache 556 clear arp-cache management 556 ip proxy-arp 557 show arp 558 36 DHCP and BOOTP Relay Commands bootpdhcprelay cidridoptmode 561 bootpdhcprelay maxhopcount 562 bootpdhcprelay minwaittime 562 37 DHCPv6 Commands clear ipv6 dhcp 565 dns-server 566 domain-name 567 ipv6 dhcp pool 567...
Page 22 show ipv6 dhcp statistics 576 38 DVMRP Commands ip dvmrp 579 ip dvmrp metric 580 ip dvmrp trapflags 580 show ip dvmrp 581 show ip dvmrp interface 582 show ip dvmrp neighbor 582 show ip dvmrp nexthop 583 show ip dvmrp prune 584 show ip dvmrp route 584 39 IGMP Commands ip igmp 587...
Page 23 show ip igmp interface stats 597 40 IGMP Proxy Commands ip igmp-proxy 599 ip igmp-proxy reset-status 600 ip igmp-proxy unsolicited-report-interval 600 show ip igmp-proxy 601 show ip igmp-proxy interface 602 show ip igmp-proxy groups 603 show ip igmp-proxy groups detail 603 41 IP Helper Commands clear ip helper statistics 605 ip helper-address (global configuration) 606...
Page 24 ip routing 621 routing 621 show ip brief 622 show ip interface 623 show ip protocols 624 show ip route 626 show ip route preferences 627 show ip route summary 627 show ip stats 628 show ip vlan 630 43 IPv6 MLD Snooping Commands ipv6 mld snooping immediate-leave 633 ipv6 mld snooping groupmembership-interval 634 ipv6 mld snooping maxresponse 635...
Page 25 ipv6 pimsm dr-priority 644 ipv6 pimsm hello-interval 644 ipv6 pimsm join-prune-interval 645 ipv6 pimsm register-threshold 646 ipv6 pimsm rp-address 646 ipv6 pimsm rp-candidate 647 ipv6 pimsm spt-threshold 648 ipv6 pimsm ssm 648 show ipv6 pimsm 649 show ipv6 pimsm bsr 650 show ipv6 pimsm interface 651 show ipv6 pimsm neighbor 651 show ipv6 pimsm rphash 652...
Page 26 ipv6 mld query-interval 664 ipv6 mld query-max-response-time 664 ipv6 mld router 665 ipv6 mtu 665 ipv6 nd dad attempts 666 ipv6 nd managed-config-flag 667 ipv6 nd ns-interval 667 ipv6 nd other-config-flag 668 ipv6 nd prefix 669 ipv6 nd ra-interval 670 ipv6 nd ra-lifetime 671 ipv6 nd reachable-time 671 ipv6 nd suppress-ra 672...
Page 27 show ipv6 mld traffic 691 show ipv6 neighbors 692 show ipv6 pimdm 693 show ipv6 pimdm interface 694 show ipv6 pimdm neighbor 695 show ipv6 route 695 show ipv6 route preferences 696 show ipv6 route summary 697 show ipv6 traffic 698 show ipv6 vlan 701 traceroute ipv6 701 46 Loopback Interface Commands...
Page 28 ip pimsm register-threshold 713 ip pimsm rp-address 713 ip pimsm rp-candidate 714 ip pimsm spt-threshold 715 ip pimsm ssm 715 show bridge multicast address-table count 716 show ip mcast 717 show ip mcast boundary 718 show ip mcast interface 718 show ip mcast mroute 719 show ip mcast mroute group 720 show ip mcast mroute source 721...
Page 29 area stub 735 area stub no-summary 735 area virtual-link 736 area virtual-link authentication 737 area virtual-link dead-interval 737 area virtual-link hello-interval 738 area virtual-link retransmit-interval 739 area virtual-link transmit-delay 740 auto-cost 741 bandwidth 741 capability opaque 742 clear ip ospf 742 default-information originate 743 default-metric 744 distance ospf 745...
Page 30 ip ospf transmit-delay 755 maximum-paths 755 network area 756 passive-interface default 757 passive-interface 757 redistribute 758 router-id 759 router ospf 759 show ip ospf 760 show ip ospf abr 763 show ip ospf area 763 show ip ospf asbr 765 show ip ospf database 766 show ip ospf database database-summary 769 show ip ospf interface 771...
Page 31 49 OSPFv3 Commands area default-cost 784 area nssa 785 area nssa default-info-originate 786 area nssa no-redistribute 787 area nssa no-summary 787 area nssa translator-role 788 area nssa translator-stab-intv 789 area range 789 area stub 790 area stub no-summary 791 area virtual-link 792 area virtual-link dead-interval 792 area virtual-link hello-interval 793 area virtual-link retransmit-interval 794...
Page 32 ipv6 ospf mtu-ignore 803 ipv6 ospf network 804 ipv6 ospf priority 805 ipv6 ospf retransmit-interval 805 ipv6 ospf transmit-delay 806 ipv6 router ospf 807 maximum-paths 807 passive-interface 808 passive-interface default 809 redistribute 809 router-id 810 show ipv6 ospf 810 show ipv6 ospf abr 812 show ipv6 ospf area 812 show ipv6 ospf asbr 813 show ipv6 ospf database 814...
Page 33 50 PIM-DM Commands ip pimdm 829 show ip pimdm 829 show ip pimdm interface 830 show ip pimdm neighbor 831 51 PIM-SM Commands ip pimsm 833 ip pimsm spt-threshold 834 ip pim-trapflags 834 show ip pimsm 835 show ip pimsm interface 836 show ip pimsm neighbor 836 show ip pimsm rphash 837 52 Router Discovery Protocol Commands...
Page 34 default-metric 846 distance rip 847 distribute-list out 848 enable 848 hostroutesaccept 849 ip rip 850 ip rip authentication 850 ip rip receive version 851 ip rip send version 852 redistribute 852 router rip 853 show ip rip 854 show ip rip interface 855 show ip rip interface brief 856 split-horizon 857 54 Tunnel Interface Commands...
Page 35 ip vrrp mode 866 ip vrrp preempt 866 ip vrrp priority 867 ip vrrp timers advertise 868 ip vrrp track interface 868 ip vrrp track ip route 869 show ip vrrp 870 show ip vrrp interface 871 show ip vrrp interface brief 872 show ip vrrp interface stats 873 56 Utility Commands Introduction 875...
Page 36 show captive-portal status 886 block 887 configuration 888 enable 888 group 889 interface 890 locale 890 name 891 protocol 891 redirect 892 redirect-url 892 session-timeout 893 verification 893 captive-portal client deauthenticate 894 show captive-portal client status 895 show captive-portal configuration client status 896 show captive-portal interface client status 897 show captive-portal interface configuration status 898 clear captive-portal users 899...
Page 37 show captive-portal configuration status 906 show trapflags captive-portal 907 user group 908 user group moveusers 909 user group name 909 59 Clock Commands clock set 911 show clock 912 show sntp configuration 913 show sntp status 914 sntp authenticate 915 sntp authentication-key 916 sntp broadcast client enable 916 sntp client poll timer 917...
Page 38 copy 926 delete backup-config 929 delete backup-image 930 delete startup-config 930 filedescr 931 script apply 932 script delete 932 script list 933 script validate 934 show backup-config 935 show bootvar 936 show dir 937 show running-config 937 show startup-config 940 update bootcode 941 61 Denial of Service Commands dos-control firstfrag 943...
Page 39 ipv6 icmp error-interval 950 ipv6 unreachables 951 show dos-control 951 62 Line Commands exec-timeout 953 history 954 history size 954 line 955 show line 956 speed 957 63 Management ACL Commands deny (management) 959 management access-class 960 management access-list 961 permit (management) 962 show management access-class 963 show management access-list 964...
Page 40 65 PHY Diagnostics Commands show copper-ports cable-length 971 show copper-ports tdr 972 show fiber-ports optical-transceiver 973 test copper-port tdr 974 66 RMON Commands rmon alarm 975 rmon collection history 977 rmon event 978 show rmon alarm 978 show rmon alarm-table 980 show rmon collection history 981 show rmon events 983 show rmon history 984...
Page 41 debug ip igmp 996 debug ip mcache 997 debug ip pimdm 997 debug ip pimsm 998 debug ip vrrp 999 debug ipv6 mcache 999 debug ipv6 mld 1000 debug ipv6 pimdm 1000 debug ipv6 pimsm 1001 debug isdp 1002 debug lacp 1002 debug mldsnooping 1003 debug ospf 1004 debug ospfv3 1004...
Page 42 show sflow destination 1015 show sflow polling 1016 show sflow sampling 1017 69 SNMP Commands show snmp 1019 show snmp engineID 1021 show snmp filters 1021 show snmp groups 1022 show snmp users 1024 show snmp views 1025 show trapflags 1026 snmp-server community 1028 snmp-server community-group 1029 snmp-server contact 1030...
Page 43 70 SSH Commands crypto key generate dsa 1043 crypto key generate rsa 1044 crypto key pubkey-chain ssh 1044 ip ssh port 1045 ip ssh pubkey-auth 1046 ip ssh server 1047 key-string 1047 show crypto key mypubkey 1049 show crypto key pubkey-chain ssh 1050 show ip ssh 1051 user-key 1052 71 Syslog Commands...
Page 44 port 1062 show logging 1063 show logging file 1065 show syslog-servers 1065 72 System Management Commands asset-tag 1068 banner motd 1069 banner motd acknowledge 1069 clear power average 1070 cut-through mode 1071 hostname 1071 low-power 1072 member 1073 movemanagement 1074 ping 1074 reload 1076 set description 1077...
Page 45 show supported switchtype 1087 show switch 1089 show switch chassis-mgmt 1092 show system 1093 show system id 1094 show system power 1095 show system temperature 1096 show tech-support 1097 show users 1102 show version 1103 stack 1104 standby 1105 switch priority 1105 switch renumber 1106 telnet 1107 traceroute 1109...
Page 46 75 Web Server Commands common-name 1117 country 1118 crypto certificate generate 1119 crypto certificate import 1119 crypto certificate request 1121 duration 1122 ip http port 1122 ip http server 1123 ip https certificate 1124 ip https port 1124 ip https server 1125 key-generate 1126 location 1126 organization-unit 1127...
Page 47: Introduction
Command Groups Introduction The Command Line Interface (CLI) is a network management application operated through an ASCII terminal without the use of a Graphic User Interface (GUI) driven software application. By directly entering commands, the user has greater configuration flexibility. The CLI is a basic command-line interpreter similar to the UNIX C shell.
Page 48 (continued) Table 1-1. System Command Groups Command Group Description DHCP l2 Relay Enables the Layer 2 DHCP Relay agent for an interface. DHCP Snooping Configures DHCP snooping and whether an interface is trusted for filtering. Dynamic ARP Inspection Configures for rejection of invalid and malicious ARP packets. Ethernet Configuration Configures all port configuration options for example ports, storm control, port speed and auto-negotiation.
Page 49 (continued) Table 1-1. System Command Groups Command Group Description Layer 3 Commands ARP (IPv4) Manages Address Resolution Protocol functions. DHCP and BOOTP Relay Manages DHCP/BOOTP operations on the system. (IPv4) DHCPv6 Configures IPv6 DHCP functions. DVMRP (Mcast) Configures DVMRP operations. IGMP (Mcast) Configures IGMP operations.
Page 50 (continued) Table 1-1. System Command Groups Command Group Description Line Configures the console, SSH, and remote Telnet connection. Management ACL Configures and displays management access-list information. Password Management Provides password management. PHY Diagnostics Diagnoses and displays the interface status. RMON Can be configured through the CLI and displays RMON information.
Page 51: Mode Types
Mode Types The tables on the following pages use these abbreviations for Command Mode names. • ARPA — ARP ACL Configuration • CC — Crypto Configuration • CP — Captive Portal Configuration • CPI — Captive Portal Instance • CMC — Class-Map Configuration •...
Page 52: Layer 2 Commands
• VLAN — VLAN Configuration • v6ACL — IPv6 Access List Configuration • v6CMC • v6DP — IPv6 DHCP Pool Configuration Layer 2 Commands Command Description Mode* aaa authentication dot1x Specifies one or more authentication, authorization and accounting (AAA) methods for use on interfaces running IEEE 802.1X.
Page 53 Command Description Mode* access-list Creates an Access Control List (ACL) that is identified by accesslistnumber. the parameter deny|permit The deny command denies traffic if the conditions defined in the deny statement are matched. The permit command allows traffic if the conditions defined in the permit statement are matched.
Page 54 Address Table Command Description Mode* bridge address Adds a static MAC-layer station source address to the bridge table. bridge aging-time Sets the address table aging time. bridge multicast address Registers MAC-layer Multicast addresses to the bridge table, and adds static ports to the group. bridge multicast filtering Enables filtering of Multicast addresses.
Page 55 Auto-VoIP Command Description Mode* show switchport voice Displays the status of auto-voip on an interface or all interfaces. switchport voice detect auto Enables the VoIP Profile on all the interfaces of the switch. GC/IC *NOTE: For the meaning of each Mode abbreviation, see "Mode Types" on page 51. CDP Interoperability Command Description...
Page 56 Data Center Bridging Command Description Mode* clear priority-flow-control statistics Clears all or interface Priority-Flow-Control statistics. datacenter-bridging Enters the Data Center Bridging mode. priority-flow-control mode on Enables Priority-Flow-Control (PFC) on an interface. priority-flow-control priority Enables the priority group for lossless behavior (PFC enabled).
Page 57 DHCP Snooping Command Description Mode* clear ip dhcp snooping binding Clears all DHCP Snooping entries. clear ip dhcp snooping statistics clears all DHCP Snooping statistics. ip dhcp snooping Enables DHCP snooping globally or on a specific VLAN. GC/IC ip dhcp snooping binding Configures a static DHCP Snooping binding.
Page 58 Dynamic ARP Inspection Command Description Mode* arp access-list Creates an ARP ACL. clear counters ip arp inspection Resets the statistics for Dynamic ARP Inspection on all VLANs. ip arp inspection filter Configures the ARP ACL to be used for a single VLAN or a range of VLANs to filter invalid ARP packets.
Page 59 Ethernet Configuration Command Description Mode* clear counters Clears statistics on an interface. description Adds a description to an interface. duplex Configures the full/half duplex operation of a given Ethernet interface when not using auto-negotiation. flowcontrol Configures the flow control on a given interface. interface ethernet Enters the interface configuration mode to configure an Ethernet type interface.
Page 60 GVRP Command Description Mode* clear gvrp statistics Clears all the GVRP statistics information. garp timer Adjusts the GARP application join, leave, and leaveall GARP timer values. gvrp enable (global) Enables GVRP globally. gvrp enable (interface) Enables GVRP on an interface. gvrp registration-forbid De-registers all VLANs, and prevents dynamic VLAN registration on the port.
Page 61 Command Description Mode* ip igmp snooping fast-leave Enables or disables IGMP Snooping fast-leave mode on a VLAN selected VLAN. ip igmp snooping Sets the IGMP Group Membership Interval time on a VLAN groupmembership-interval VLAN. ip igmp snooping maxresponse Sets the IGMP Maximum Response time on a particular VLAN VLAN.
Page 62 Command Description Mode* ip default-gateway Defines a default gateway (router). ip domain-lookup Enables IP DNS-based host name-to-address translation. ip domain-name Defines a default domain name to complete unqualified host names. ip helper-address Allows the device to forward User Datagram Protocol (UDP) broadcasts received on an interface.
Page 63 IPv6 MLD Snooping Command Description Mode* ipv6 mld snooping immediate- Enables or disables MLD Snooping immediate-leave admin leave mode on a selected interface or VLAN. VLAN ipv6 mld snooping Sets the MLD Group Membership Interval time on a VLAN groupmembership-interval or interface.
Page 64 iSCSI Flow Acceleration Command Description Mode* iscsi aging time Sets aging time for iSCSI sessions. iscsi cos Sets the quality of service profile that will be applied to iSCSI flows. iscsi enable Enables Global Configuration mode command globally enables iSCSI awareness. iscsi target port Configures an iSCSI target port (optionally configures target port address and name).
Page 65 Link Dependency Command Description Mode* link-dependency group Enters the link-dependency mode to configure a link-dependency group. no link-dependency group Removes the configuration for a link-dependency group. add ethernet Adds member Ethernet port(s) to the Link Dependency dependency list. no add ethernet Removes member Ethernet port(s) from the Link Dependency dependency list.
Page 66 LLDP Command Description Mode* clear lldp remote data Deletes all data from the remote data table. clear lldp statistics Resets all LLDP statistics. lldp notification Enables remote data change notifications. lldp notification-interval Limits how frequently remote data change notifications are sent.
Page 67: Port Monitor
Port Channel Command Description Mode* channel-group Associates a port with a port-channel. interface port-channel Enters the interface configuration mode of a specific port-channel. interface range port-channel Enters the interface configuration mode to configure multiple port-channels. hashing-mode Sets the hashing algorithm on trunk ports. IC (port- channel) no hashing-mode...
Page 68 Command Description Mode* classofservice trust Sets the class of service trust mode of an interface. GC and conform-color Specifies for each outcome, the only possible actions are PCMC drop, set-cos-transmit, set-sec-cos-transmit, setdscp- transmit, set-prec-transmit, or transmit cos-queue min-bandwidth Specifies the minimum transmission bandwidth for each GC and interface queue.
Page 69 Command Description Mode* match ip dscp Adds to the specified class definition a match condition based on the value of the IP DiffServ Code Point (DSCP) field in a packet. match ip precedence Adds to the specified class definition a match condition based on the value of the IP.
Page 70 Command Description Mode* show classofservice trust Displays the current trust mode setting for a specific interface. show diffserv Displays the DiffServ General Status information. show diffserv service interface Displays policy service information for the specified ethernet in interface and direction. show diffserv service interface Displays policy service information for the specified port-channel in...
Page 71 Command Description Mode* primary Specifies that a configured server should be the primary server in the group of authentication servers which have the same server name. priority Specifies the order in which the servers are to be used, with 0 being the highest priority. radius-server deadtime Improves RADIUS response times when servers are unavailable.
Page 72 Spanning Tree Command Description Mode* clear spanning-tree detected- Restarts the protocol migration process on all interfaces or protocols on the specified interface. exit (mst) Exits the MST configuration mode and applies configuration changes. instance (mst) Maps VLANs to an MST instance. name (mst) Defines the MST configuration name.
Page 73 Command Description Mode* spanning-tree mst cost Configures the path cost for multiple spanning tree (MST) calculations. spanning-tree mst port-priority Configures port priority. spanning-tree mst priority Configures the switch priority for the specified spanning tree instance. spanning-tree pathcost method Configures the spanning tree default pathcost method spanning-tree portfast Enables PortFast mode.
Page 74 VLAN Command Description Mode* dvlan-tunnel ethertype Configures the EtherType for the interface. interface vlan Enters the interface configuration (VLAN) mode. interface range vlan Enters the interface configuration mode to configure multiple VLANs. mode dvlan-tunnel Enables Double VLAN tunneling on the specified interface IC name Configures a name to a VLAN.
Page 75 Command Description Mode* switchport mode Configures the VLAN membership mode of a port. switchport protected Sets the port to Protected mode. switchport protected name Configures a name for a protected group switchport trunk allowed vlan Adds or removes VLANs from a port in general mode. vlan Creates a VLAN.
Page 76 802.1X Command Description Mode* dot1x mac-auth-bypass Enables MAB on an interface. dot1x max-req Sets the maximum number of times the switch sends an EAP-request frame to the client before restarting the authentication process. dot1x max-users Sets the maximum number of clients supported on the port when MAC-based 802.1X authentication is enabled on the port.
Page 77: Layer 3 Commands
Command Description Mode* dot1x guest-vlan Defines a guest VLAN. show dot1x advanced Displays 802.1X advanced features for the switch or specified interface. radius-server attribute 4 Sets the network access server (NAS) IP address for the RADIUS server. *NOTE: For the meaning of each Mode abbreviation, see "Mode Types" on page 51. Layer 3 Commands ARP (IPv4) Command...
Page 78 DHCP and BOOTP Relay (IPv4) Command Description Mode* bootpdhcprelay cidridoptmode Enables the circuit ID option and remote agent ID mode for BootP/DHCP Relay on the system. bootpdhcprelay maxhopcount Configures the maximum allowable relay agent hops for BootP/DHCP Relay on the system. bootpdhcprelay minwaittime Configures the minimum wait time in seconds for BootP/DHCP Relay on the system.
Page 79 DVMRP Command Description Mode* ip dvmrp Sets the administrative mode of DVMRP in the router to active. ip dvmrp metric Configures the metric for an interface. ip dvmrp trapflags Enables the DVMRP trap mode. show ip dvmrp Displays the system-wide information for DVMRP. show ip dvmrp interface Displays the interface information for DVMRP on the specified interface.
Page 80 Command Description Mode* ip igmp startup-query-count Sets the number of queries sent out on startup—at intervals equal to the startup query interval for the interface. ip igmp startup-query-interval Sets the interval between general queries sent at startup on the interface. ip igmp version Configures the version of IGMP for an interface.
Page 81 IP Helper Command Description Mode* clear ip helper statistics Resets (to 0) the statistics displayed in show ip helper statistics. ip helper-address (global Configures the relay of certain UDP broadcast packets configuration) received on any interface. ip helper-address (interface Configures the relay of certain UDP broadcast packets configuration) received on a specific interface.
Page 82: Ipv6 Multicast
Command Description Mode* show ip route summary Shows the number of all routes, including best and non- best routes. show ip stats Displays IP statistical information show ip vlan Displays the VLAN routing information for all VLANs with routing enabled. *NOTE: For the meaning of each Mode abbreviation, see "Mode Types"...
Page 83 Command Description Mode* show ipv6 pimsm interface Displays interface config parameters. show ipv6 pimsm neighbor Displays IPv6 PIMSM neighbors learned on the routing interfaces. show ipv6 pimsm rphash Displays which rendezvous point (RP) is being selected for a specified group. show ipv6 pimsm rp mapping Displays all group-to-RP mappings of which the router is aware (either configured or learned from the BSR).
Page 84 Command Description Mode* ipv6 mld query-max-response-time Sets MLD querier's maximum response time for the interface. ipv6 mld router Enables MLD in the router in global configuration mode and for a specific interface in interface configuration mode. ipv6 mtu Sets the maximum transmission unit (MTU) size, in bytes, of IPv6 packets on an interface.
Page 85 Command Description Mode* show ipv6 brief Displays the IPv6 status of forwarding mode and IPv6 unicast routing mode. show ipv6 interface Shows the usability status of IPv6 interfaces. show ipv6 mld groups Displays information about multicast groups that MLD reported. show ipv6 mld interface Displays MLD related information for an interface.
Page 86: Loopback Interface
Loopback Interface Command Description Mode* interface loopback Enters the Interface Loopback configuration mode. show interface loopback Displays information about configured loopback interfaces. PE *NOTE: For the meaning of each Mode abbreviation, see "Mode Types" on page 51. Multicast Command Description Mode* ip mcast boundary Adds an administrative scope multicast boundary.
Page 87 Command Description Mode* show bridge multicast Displays statistical information about the entries in the address-table count multicast address table. show ip mcast Displays the system-wide multicast information. show ip mcast boundary Displays the system-wide multicast information. show ip mcast interface Displays the multicast information for the specified interface.
Page 88 Command Description Mode* area range Creates a specified area range for a specified NSSA. ROSPF area stub Creates a stub area for the specified area ID. ROSPF area stub no-summary Prevents Summary LSAs from being advertised into the ROSPF NSSA. area virtual-link Creates the OSPF virtual interface for the specified area-id ROSPF...
Page 89 Command Description Mode* ip ospf authentication Sets the OSPF Authentication Type and Key for the specified interface. ip ospf cost Configures the cost on an OSPF interface. ip ospf dead-interval Sets the OSPF dead interval for the specified interface. ip ospf hello-interval Sets the OSPF hello interval for the specified interface.
Page 90 Command Description Mode* show ip ospf database database- Displays the number of each type of LSA in the database for summary each area and for the router. show ip ospf interface Displays the information for the IFO object or virtual interface tables.
Page 91 Command Description Mode* area nssa translator-stab-intv Configures the translator stability interval of the NSSA. ROSV3 area range Creates an area range for a specified NSSA. ROSV3 area stub Creates a stub area for the specified area ID. ROSV3 area stub no-summary Disables the import of Summary LSAs for the stub area ROSV3 areaid.
Page 92 Command Description Mode* ipv6 ospf retransmit-interval Sets the OSPF retransmit interval for the specified interface. ipv6 ospf transmit-delay Sets the OSPF Transmit Delay for the specified interface. ipv6 router ospf Enters Router OSPFv3 Configuration mode. maximum-paths Sets the number of paths that OSPF can report for a given ROSV3 destination.
Page 93 Command Description Mode* show ipv6 ospf virtual-link brief Displays the OSPFV3 Virtual Interface information for all areas in the system. trapflags Enables OSPF traps ROSV3 *NOTE: For the meaning of each Mode abbreviation, see "Mode Types" on page 51. PIM-DM Command Description Mode*...
Page 94 Command Description Mode* ip pimsm query-interval Configures the transmission frequency of hello messages in seconds between PIM enabled neighbors. ip pimsm register-rate-limit Sets the Register Threshold rate for the RP (Rendezvous Point) router to switch to the shortest path. ip pimsm spt-threshold Configures the threshold rate for the RP router to switch to the shortest path.
Page 95 Routing Information Protocol Command Description Mode* auto-summary Enables the RIP auto-summarization mode. default-information originate Controls the advertisement of default routes. default-metric Sets a default for the metric of distributed routes. distance rip Sets the route preference value of RIP in the router. distribute-list out Specifies the access list to filter routes received from the source protocol.
Page 96 Tunnel Interface Command Description Mode* interface tunnel Enables the interface configuration mode for a tunnel. show interface tunnel Displays the parameters related to tunnel such as tunnel mode, tunnel source address and tunnel destination address. tunnel destination Specifies the destination transport address of the tunnel. tunnel mode ipv6ip Specifies the mode of the tunnel.
Page 97: Utility Commands
Command Description Mode* show ip vrrp interface stats Displays the statistical information about each virtual router configured on the switch. vrrp track interface Alters the priority of the VRRP router based on the availability of its interfaces. vrrp track ip route Tracks route reachability.
Page 98 Command Description Mode* group Configures the group number for a captive portal configuration. interface Associates an interface with a captive portal configuration. CPI locale Associates an interface with a captive portal configuration. CPI name Configures the name for a captive portal configuration. protocol Configures the protocol mode for a captive portal configuration.
Page 99 Command Description Mode* show captive-portal configuration Displays information about all interfaces assigned to a interface captive portal configuration or about a specific interface assigned to a captive portal configuration. show captive-portal configuration Displays locales associated with a specific captive portal locales configuration.
Page 100 Command Description Mode* clock summer-time recurring Sets the summertime offset to UTC recursively every year. clock summer-time date Sets the summertime offset to UTC. no clock summer-time Resets the recurring summertime configuration. show clock Displays the time and date from the system clock. *NOTE: For the meaning of each Mode abbreviation, see "Mode Types"...
Page 101 Denial of Service Command Description Mode* dos-control firstfrag Enables Minimum TCP Header Size Denial of Service protection. dos-control icmp Enables Maximum ICMP Packet Size Denial of Service protections. dos-control l4port Enables L4 Port Denial of Service protection. dos-control sipdip Enables Source IP Address = Destination IP Address (SIP= DIP) Denial of Service protection.
Page 102: Password Management
Management ACL Command Description Mode* deny (management) Defines a deny rule. management access-class Defines which management access-list is used. management access-list Defines a management access-list, and enters the access-list for configuration. permit (management) Defines a permit rule. show management access-class Displays the active management access-list.
Page 103 PHY Diagnostics Command Description Mode* show copper-ports cable-length Displays the estimated copper cable length attached to a port. show copper-ports tdr Displays the last TDR (Time Domain Reflectometry) tests on specified ports. show fiber-ports optical- Displays the optical transceiver diagnostics. transceiver test copper-port tdr Diagnoses with TDR (Time Domain Reflectometry)
Page 104 Command Description Mode* debug console Enables the display of debug trace output on the login session in which it is executed. debug dot1x Enables dot1x packet tracing. debug igmpsnooping Enables tracing of IGMP Snooping packets transmitted and/or received by the switch. debug ip acl Enables debug of IP Protocol packets matching the ACL criteria.
Page 105 sFlow Command Description Mode* sflow destination Configures sFlow collector parameters (owner string, receiver timeout, ip address, and port). sflow polling Enables a new sflow poller instance for the data source if rcvr_idx is valid. sflow polling (Interface Mode) Enable a new sflow poller instance for this data source if rcvr_idx is valid.
Page 106 Command Description Mode* snmp-server engineID local Specifies the Simple Network Management Protocol (SNMP) engine ID on the local switch. snmp-server filter Creates or updates an SNMP server filter entry. snmp-server group Configures a new SNMP group or a table that maps SNMP users to SNMP views.
Page 107 Syslog Command Description Mode* clear logging Clears messages from the internal logging buffer. clear logging file Clears messages from the logging file. description Describes the syslog server. level Specifies the importance level of syslog messages. loggin cli-command Enable CLI command logging logging Logs messages to a syslog server logging buffered...
Page 108 Command Description Mode* member Configures the switch. movemanagement Moves the Management Switch functionality from one switch to another. no cut-through mode Disables the cut-through mode on the switch. ping Sends ICMP echo request packets to another node on the network. reload Reloads the operating system.
Page 109 Command Description Mode* switch priority Configures the ability of the switch to become the Management Switch. switch renumber Changes the identifier for a switch in the stack. telnet Logs into a host that supports Telnet. traceroute Discovers the IP routes that packets actually take when travelling to their destinations.
Page 110 Web Server Command Description Mode* common-name Specifies the common-name for the device. country Specifies the country. crypto certificate generate Generates a HTTPS certificate. crypto certificate import Imports a certificate signed by the Certification Authority for HTTPS crypto certificate request Generates and displays a certificate request for HTTPS duration Specifies the duration in days.
Page 111: Entering And Editing Cli Commands
Using the CLI Introduction This chapter describes the basics of entering and editing the Dell™ PowerConnect™ 62xx Series Command Line Interface (CLI) commands and defines the command hierarchy. It also explains how to activate the CLI and implement its major functions.
Page 112 • Show Command • Command Completion • Short Form Commands • Keyboard Shortcuts • Operating on Multiple Objects (Range) • Command Scripting • CLI Command Notation Conventions • Interface Naming Conventions History Buffer Every time a command is entered in the CLI, it is recorded in an internally managed Command First In First Out History buffer.
Page 113 Command Completion CLI can complete partially entered commands when the user presses the <tab> or <space> key. If a command entered is not complete, is not valid, or if some parameters of the command are not valid or missing, an error message is displayed to assist in entering the correct command. By pressing the <tab>...
Page 114 Keyboard Key Description <Ctrl>+<S> Disables serial flow <Ctrl>+<Z> Return to root command prompt <Tab, SPACE> Command-line completion Return to the root command prompt exit Go to next lower command prompt <?> List choices Operating on Multiple Objects (Range) The CLI allows the user to operate on the set of objects at the same time. The guidelines are as follows for range operation: •...
Page 115 Command Scripting The CLI can be used as a programmable management interface. To facilitate this function, any characters entered after the <!> character are treated as a comment and ignored by the CLI. Also, the CLI allows the user to disable session timeouts. CLI Command Notation Conventions When entering commands there are certain command-entry notations which apply to all commands.
Page 116: Cli Command Modes
CLI Command Modes Since the set of CLI commands is very large, the CLI is structured as a command-tree hierarchy, where related command sets are assigned to command modes for easier access. At each level, only the commands related to that level are available to the user and only those commands are shown in the context sensitive help for that level.
Page 117 User EXEC Mode After logging into the switch, the user is automatically in the User EXEC command mode unless the user is defined as a privileged user. In general, the User EXEC commands allow the user to perform basic tests, and list system information. The user-level prompt consists of the switch host name followed by the angle bracket (>).
Page 118 Router OSPFv3 Configuration — Global configuration mode command ipv6 router ospf is • used to enter into the Router OSPFv3 Configuration mode. IPv6 DHCP Pool Mode — Global configuration mode command ipv6 dhcp pool is used to • enter into the IPv6 DHCP Pool mode. •...
Page 119 TACACS — Configures the parameters for the TACACS server. • • Radius — Configures the parameters for the RADIUS server. • SNMP Host Configuration — Configures the parameters for the SNMP server host. • SNMP v3 Host Configuration — Configures the parameters for the SNMP v3 server host. •...
Page 120 Command Mode Access Method Command Prompt Exit or Access Previous Mode User EXEC The user is logout console> automatically in User EXEC mode unless the user is defined as a privileged user. Privileged EXEC Use the enable Use the exit console# command to enter into command, or press...
Page 121 Command Mode Access Method Command Prompt Exit or Access Previous Mode Class-Map From Global To exit to Global console(config- Configuration mode, Configuration classmap)# use the class-map mode, use the exit command. command, or press <Ctrl>+<Z> to Privileged EXEC mode. MAC Access List From Global To exit to Global console(config-mac-...
Page 122 Command Mode Access Method Command Prompt Exit or Access Previous Mode RADIUS From Global To exit to Global console(config- Configuration mode, Configuration radius)# use the radius-server mode, use the exit host command. command, or press <Ctrl>+<Z> to Privileged EXEC mode. SNMP Host From Global To exit to Global...
Page 123 Command Mode Access Method Command Prompt Exit or Access Previous Mode Stack From Global To exit to Global console(config- Configuration mode, Configuration stack)# use the stack command. mode, use the exit command, or press <Ctrl>+<Z> to Privileged EXEC mode. Logging From Global To exit to Global console(config-...
Page 124 Command Mode Access Method Command Prompt Exit or Access Previous Mode Router OSPFv3 Config From Global To exit to Global console(config- Configuration mode, Configuration rtr)# use the ipv6 router ospf mode, use the exit command. command, or press <Ctrl>+<Z> to Privileged EXEC mode IPv6 DHCP Pool Mode...
Page 125: Starting The Cli
Command Mode Access Method Command Prompt Exit or Access Previous Mode Port Channel From Global To exit to Global console (config-if- Configuration mode, Configuration chn)# use the interface port- mode, use the exit channel command. command, or <Ctrl>+<Z> to Privileged EXEC mode.
Page 126 Web, CLI and the remote Dell Network Manager. After initial setup, the user may enter to the system to set up more advanced configurations.
Page 127 If the user chooses not to use the wizard initially, the session defaults to the CLI mode with a warning to refer to the documentation. During a subsequent login, the user may again elect not to run the setup wizard. Once the wizard has established configuration, however, the wizard is presented only if the user resets the switch to the factory default settings.
Page 128 Figure 2-1. Easy Setup Wizard for PC8024/PC8024F Did the user Transfer to CLI mode previously save a startup configuration? Does the user want Transfer to CLI mode to use setup wizard? Request SNMP Is SNMP Management Community String & Required? Server IP Address Request user name, password...
Page 129 The following example contains the sequence of prompts and responses associated with running an example Dell Easy Setup Wizard session, using the input values listed above. Note in this case a static IP address for the management interface is being set up. However it may be requested that the system automatically retrieve an IP address via DHCP.
Page 130 Step 1: The system is not setup for SNMP management by default. To manage the switch using SNMP (required for Dell Network Manager) you can: o Set up the initial SNMP version 2 account now. o Return later and setup other SNMP accounts. (For more information on setting up an SNMP version 1 or 3 account, see the user documentation).
Page 131 To setup a user account: Please enter the user name: admin<Enter> Please enter the user password: ********<Enter> Please reenter the user password: ********<Enter> Step 3: Next, an IP address is setup. The IP address is defined on the default VLAN (VLAN #1), of which all ports are members. This is the IP address you use to access the CLI, Web interface, or SNMP interface for the switch.
Page 132: Using Cli Functions And Tools
If the information is incorrect, select (N) to discard configuration and restart the wizard: [Y/N] y<Enter> Thank you for using the Dell Easy Setup Wizard. You will now enter CLI mode..console>...
Page 133 To use the copy command, the user specifies the source file and the destination file. For tftp://remotehost/pub/backupfile backup-config example, copy copies a file from the remote TFTP server to a local backup configuration file. In this case, if the local configuration file does not exist, then it is created by the command.
Page 134 CLI through Telnet, SSH, Serial Interfaces The CLI is accessible through a local serial interface, a remote telnet, or secure shell sessions. Since the serial interface requires a physical connection for access, it is used if all else fails. The serial interface is the only interface from which the user may access the Easy Setup Wizard.
Page 135 When RADIUS is used, the field returns the access level for the user. Two vendor specific options are supported. These are CISCO-AV-Pairs(Shell:priv- lvl=x) and Dell RADIUS VSA (user-group=x). TACACS+ provides the appropriate level of access. The following rules and specifications apply: •...
Page 136 • If a log server is not specified by the user, the CLI maintains at most the last 1000 critical system events. In this case, less important events are not recorded. Security Logs Security logs are maintained to record all security events including the following: •...
Page 137 For each of these management profiles, the user defines the list of hosts or subnets from which the management profiles may be used. Other CLI Tools and Capabilities The CLI has several other capabilities associated with its primary functions. Terminal Paging The terminal width and length for CLI displays is 79 characters and 25 lines, respectively.
Page 138 Erase Region : 1 Num Blocks : 255 Block Size : 20000 (128 KB) First Block : 0 Last Block : 254 Start Adrs : fe000000 End Adrs : fffdffff Erase Region : 2 Num Blocks : 4 Block Size : 8000 (32 KB) First Block : 255 Last Block : 258 Start Adrs : fffe0000...
Page 139 # of obsolete descriptors: current volume configuration: - volume label: NO LABEL ; (in boot sector: - volume Id: 0x1ce - total number of sectors: 61,076 - bytes per sector: - # of sectors per cluster: 4 - # of reserved sectors: 1 - FAT entry size: FAT16 - # of sectors per FAT copy: 60...
Page 140 Select (1, 2): Boot Menu Version: 3 Mar 2009 Options available 1 - Start operational code 2 - Change baud rate 3 - Retrieve event log using XMODEM 4 - Load new operational code using XMODEM 5 - Display operational code vital product data 6 - Run flash diagnostics 7 - Update boot code 8 - Delete backup image...
Page 141 7 - 57600 8 - 115200 0 - no change The above setting takes effect immediately • Option to retrieve event log using XMODEM (64KB). [Boot Menu] 3 Sending event log, start XMODEM receive..• Option to load new operational code using XMODEM [Boot Menu] 4 Ready to receive the file with XMODEM/CRC..
Page 142 Boot Code FLASH flag......0 Boot Code CRC........0x3CC4 VPD - rel 6 ver 24 maint_lvl 19 build_num 23 Timestamp - Wed Jun 24 19:31:23 2009 File - Dell-Ent-esw-campbell-pct.85xx-V6R-CSxw-6IQHSr6v24m19b23.opr [Boot Menu] • Option to Update Boot Code. [Boot Menu] 7 • Option to Delete Operational Code. The user is not allowed to delete active image.
Page 143 [Boot Menu] 9 Are you SURE you want to reset the system? (y/n):y Boot code..SDRAM 256 Boot Menu Version: Oct 20 2004 Select an option. If no selection in 10 seconds then operational code will start. 1 - Start operational code. 2 - Start Boot Menu.
Page 144 entering the command logging console. Traps generated by the system are dumped to all CLI sessions that have requested monitoring mode to be enabled. The no logging console command disables trap monitoring for the session. By default, console logging is enabled. Using the CLI...
Page 145: Introduction
Layer 2 Commands Introduction The chapters that follow describe commands that conform to the OSI model data link layer (Layer 2). Layer 2 commands provide a logical organization for transmitting data bits on a particular medium. This layer defines the framing, addressing, and checksum functions for Ethernet packets.
Page 146 • LLDP Commands • Port Channel Commands • Port Monitor Commands • QoS Commands • RADIUS Commands • Spanning Tree Commands • TACACS+ Commands • VLAN Commands • Voice VLAN Commands • 802.1X Commands Layer 2 Commands...
Page 147: Aaa Authentication Dot1X
AAA Commands This chapter explains the following commands: • aaa authentication dot1x • aaa authentication enable • aaa authentication login • aaa authorization network default radius • enable authentication • enable password • ip http authentication • ip https authentication •...
Page 148: Aaa Authentication Enable
Keyword Description none Uses no authentication Default Configuration No authentication method is defined. Command Mode Global Configuration mode User Guidelines The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error, specify none as the final method in the command line.
Page 149: Aaa Authentication Login
Keyword Source or destination none Uses no authentication. radius Uses the list of all RADIUS servers for authentication. tacacs Uses the list of all TACACS+ servers for authentication. Default Configuration The default enable list is “enableList.” It is used by console, telnet, and SSH and only contains none the method Command Mode...
Page 150 Syntax list-name method1 method2... aaa authentication login {default| list-name no aaa authentication login {default| default — Uses the listed authentication methods that follow this argument as the default • list of methods when a user logs in. list-name — Character string used to name the list of authentication methods activated when •...
Page 151: Aaa Authorization Network Default Radius
Example The following example configures authentication login. console(config)# aaa authentication login default radius local enable none aaa authorization network default radius Use the aaa authorization network default radius command in Global Configuration mode to enable the switch to accept VLAN assignment by the RADIUS server. Syntax aaa authorization network default radius no aaa authorization network default radius...
Page 152: Enable Password
no enable authentication • default — Uses the default list created with the aaa authentication enable command. list-name — Uses the indicated list created with the aaaa authentication enable command. • (Range: 1-12 characters) Default Configuration Uses the default set with the command aaa authentication enable. Command Mode Line Configuration mode User Guidelines...
Page 153: Ip Http Authentication
User Guidelines This command has no user guidelines. Example The following example defines password “xxxyyyzzz” to control access to user and privilege levels. console(config)# enable password xxxyyyzzz ip http authentication Use the ip http authentication command in Global Configuration mode to specify authentication methods for http server users.
Page 154: Ip Https Authentication
Example The following example configures the http authentication. console(config)# ip http authentication radius local ip https authentication Use the ip https authentication command in Global Configuration mode to specify authentication methods for https server users. To return to the default configuration, use the no form of this command.
Page 155: Login Authentication
login authentication Use the login authentication command in Line Configuration mode to specify the login authentication method list for a line (console, telnet, or SSH). To return to the default specified by the authentication login command, use the no form of this command. Syntax list-name login authentication {default|...
Page 156: Password (User Exec)
Default Configuration No password is specified. Command Mode Line Configuration mode User Guidelines This command has no user guidelines. Example The following example specifies a password “mcmxxyyy” on a line. console(config-line)# password mcmxxyyy password (User EXEC) Use the password command in User EXEC mode to allow a user to change the password for only that user.
Page 157: Show Authentication Methods
show authentication methods Use the show authentication methods command in Privileged EXEC mode to display information about the authentication methods. Syntax show authentication methods Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the authentication configuration.
Page 158: Show Users Accounts
HTTPS :local HTTP :local DOT1X :none show users accounts Use the show users accounts command in Privileged EXEC mode to display information about the local user database. Syntax show users accounts [long] Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 159: Username
Syntax show users login-history [long] name — name of user. (Range: 1-20 characters) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example show user login history outputs. console#show users login-history Login Time Username...
Page 160 encrypted — Encrypted password entered, copied from another switch configuration. • Default Configuration No user name is defined. The default privilege level is 1. Command Mode Global Configuration mode User Guidelines This command can be used to unlock a locked user account for an already existing user. Example The following example configures user “bob”...
Page 161: Access-List
ACL Commands This chapter explains the following commands: • access-list • deny | permit • ip access-group • mac access-group • mac access-list extended • mac access-list extended rename • show ip access-lists • show mac access-list access-list Use the access-list command in Global Configuration mode to create an Access Control List list-name (ACL) that is identified by the parameter Syntax...
Page 162: Deny | Permit
srcmask — Source IP mask. • dstip — Destination IP address. • dstmask — Destination IP mask. • portvalue — The source layer 4 port match condition for the ACL rule is specified by the port • value parameter (Range: 0–65535). portkey —...
Page 163 Syntax srcmac srcmacmask dstmac dstmacmask {deny | permit} { | any} { | any | bpdu } ethertypekey 0x0600-0xFFFF 0-4095 0-4095 }] [ vlan eq ] [cos ] [secondary-vlan eq queue-id interface [secondary-cos ] [log] [ assign-queue ] [{mirror |redirect} srcmac —...
Page 164: Ip Access-Group
The assign-queue and redirect parameters are only valid for permit commands. Example The following example configures a MAC ACL to deny traffic from MAC address 0806.c200.0000. console(config)#mac access-list extended DELL123 console(config-mac-access-list)#deny 0806.c200.0000 ffff.ffff.ffff any ip access-group no ip access-group Use the ip access-group or no ip access-group command to apply/disable an IP based ACL on an Ethernet interface or a group of interfaces.
Page 165: Mac Access-Group
console(config-if-1/g1)#ip access-group aclname out 2 console(config-if-1/g1)#no ip access-group aclname out mac access-group Use the mac access-group command in Global Configuration or Interface Configuration mode to attach a specific MAC Access Control List (ACL) to an interface in a given direction. Syntax name direction sequence mac access-group...
Page 166: Mac Access-List Extended
mac access-list extended Use the mac access-list extended command in Global Configuration mode to create the MAC name Access Control List (ACL) identified by the parameter. Syntax name mac access-list extended name no mac access-list extended name — Name of the access list. (Range: 1-31 characters) •...
Page 167: Show Ip Access-Lists
Command Mode Global Configuration mode User Guidelines Command fails if the new name is the same as the old one. Example The following example shows the mac access-list extended rename command. console(config)#mac access-list extended rename DELL1 DELL2 show ip access-lists Use the show ip access-lists command in Privileged EXEC mode to display access lists applied on interfaces and all rules that are defined for the access lists.
Page 168: Show Mac Access-List
ACL41 show mac access-list Use the show mac access-list command in Privileged EXEC mode to display a MAC access list and all of the rules that are defined for the ACL. Syntax name show mac access-list name — Identifies a specific MAC access list to display. •...
Page 169: Address Table Commands
Address Table Commands This chapter explains the following commands: • bridge address • bridge aging-time • bridge multicast address • bridge multicast filtering • bridge multicast forbidden address • bridge multicast forbidden forward-unregistered • bridge multicast forward-all • bridge multicast forward-unregistered •...
Page 170: Bridge Address
bridge address Use the bridge address command in Interface Configuration mode to add a static MAC-layer station source address to the bridge table. To delete the MAC address, use the no form of the bridge address command (using the no form of the command without specifying a MAC address deletes all static MAC addresses belonging to this VLAN).
Page 171: Bridge Multicast Address
seconds — Time is the number of seconds. (Range: 10–1000000 seconds) • Default Configuration 300 seconds Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example In this example the bridge aging time is set to 400. console(config)#bridge aging-time 400 bridge multicast address Use the bridge multicast address command in Interface Configuration mode to register MAC-...
Page 172: Bridge Multicast Filtering
Command Mode Interface Configuration (VLAN) mode User Guidelines If the command is executed without add or remove, the command registers only the group in the bridge database. Static Multicast addresses can be defined only on static VLANs. Examples The following example registers the MAC address. console(config)#interface vlan 8 console(config-if-vlan8)#bridge multicast address 0100.5e02.0203 The following example registers the MAC address and adds ports statically.
Page 173: Bridge Multicast Forbidden Address
If switches exist on the VLAN and IGMP snooping is not enabled, use the bridge multicast forward-all command to enable forwarding all Multicast packets to the Multicast routers. Example In this example, bridge Multicast filtering is enabled. console(config)#bridge multicast filtering bridge multicast forbidden address Use the bridge multicast forbidden address command in Interface Configuration mode to forbid adding a specific Multicast address to specific ports.
Page 174: Bridge Multicast Forbidden Forward-Unregistered
console(config)#interface vlan 8 console(config-if-vlan8)#bridge multicast address 01:00:5e:02:02:03 console(config-if-vlan8)#bridge multicast forbidden address 01:00:5e:02:02:03 add ethernet 2/g9 bridge multicast forbidden forward-unregistered Use the bridge multicast forbidden forward-unregistered command in Interface Configuration mode to forbid Forwarding-unregistered-multicast-addresses. Use the no form of this command to return to the default.
Page 175: Bridge Multicast Forward-Unregistered
Default Configuration Forward-unregistered Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example In this example all VLAN1 Multicast packets are forwarded. console(config-if-vlan1)#bridge multicast forward-all bridge multicast forward-unregistered Use the bridge multicast forward-unregistered command in Interface Configuration mode to enable the forwarding of unregistered multicast addresses.
Page 176: Clear Bridge
clear bridge Use the clear bridge command in Privileged EXEC mode to remove any learned entries from the forwarding database. Syntax clear bridge Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example In this example, the bridge tables are cleared.
Page 177: Port Security Max
Command Mode Interface Configuration (Ethernet, Port-channel) mode User Guidelines When port security is enabled on an interface, all dynamic entries learned up to that point are flushed, and new entries can be learned only to the limit set by the port security max command. The default limit is 100 dynamic MAC addresses.
Page 178: Show Bridge Address-Table
show bridge address-table Use the show bridge address-table command in Privileged EXEC mode to display all entries in the bridge-forwarding database. Syntax vlan interface | port-channel-number show bridge address-table [vlan ] [ethernet port-channel vlan — Specific valid VLAN, such as VLAN 1. •...
Page 179: Show Bridge Address-Table Static
Syntax vlan interface-number show bridge address-table count [vlan |ethernet |port-channel port-channel-number vlan — Specifies a valid VLAN, such as VLAN 1 • interface — Specifies a valid Ethernet port • port-channel-number — Specifies a valid port-channel-number • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 180: Show Bridge Multicast Address-Table
port-channel-number — A valid port-channel number. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example In this example, all static entries in the bridge-forwarding database are displayed. console#show bridge address-table static Vlan Mac Address...
Page 181: Show Bridge Multicast Filtering
User Guidelines A MAC address can be displayed in IP format only if it is in the range 01:00:5e:00:00:00 through 01:00:5e:7f:ff:ff. Example In this example, Multicast MAC address table information is displayed. console#show bridge multicast address-table Vlan MAC Address Type Ports ------- -------------------...
Page 182: Show Ports Security
User Guidelines This command has no user guidelines. Example In this example, the Multicast configuration for VLAN 1 is displayed. console#show bridge multicast filtering 1 Filtering: Disabled VLAN: 1 Mode: Forward-Unregistered show ports security Use the show ports security command in Privileged EXEC mode to display the port-lock status. Syntax interface port-channel-number...
Page 183: Show Ports Security Addresses
---- ------ ----------------- -------- ------- ------- 1/g1 Locked Discard Enable 1/g2 Unlocked - 1/g3 Locked Discard, Shutdown Disable The following table describes the fields in this example. Field Description Port The port number. Status The status can be one of the following: Locked or Unlocked.
Page 184 Examples The following example displays dynamic addresses for port channel number 1/g1. console#show ports security addresses ethernet 1/g1 Dynamic addresses: 83 Maximum addresses: 100 Learned addresses ------- --------- Address Table Commands...
Page 185: Show Switchport Voice
Auto-VoIP Commands This chapter explains the following commands: • show switchport voice • switchport voice detect auto show switchport voice Use the show switchport voice command to show the status of Auto-VoIP on an interface or all interfaces. Syntax interface index show switchport voice [interface {ethernet | port-channel...
Page 186 1/g3 Enabled 1/g4 Enabled 1/g5 Enabled 1/g6 Enabled 1/g7 Enabled 1/g8 Enabled 1/g9 Enabled 1/g10 Enabled 1/g11 Enabled 1/g12 Enabled 1/g13 Enabled 1/g14 Enabled 1/g15 Enabled 1/g16 Enabled 1/g17 Enabled 1/g18 Enabled 1/g19 Enabled 1/g20 Enabled --More-- or (q)uit console#show switchport voice ethernet 1/g1 Interface Auto VoIP Mode Traffic Class --------- -------------- ------------- 1/g1...
Page 187: Switchport Voice Detect Auto
Interface Auto VoIP Mode Traffic Class --------- -------------- ------------- Disabled The command output provides the following information: • AutoVoIP Mode—The Auto VoIP mode on the interface. • Traffic Class—The Cos Queue or Traffic Class to which all VoIP traffic is mapped. This is not configurable and defaults to the highest COS queue available in the system for data traffic.
Page 188 Auto-VoIP Commands...
Page 189: Clear Isdp Counters
CDP Interoperability Commands This chapter explains the following commands: • clear isdp counters • clear isdp table • isdp advertise-v2 • isdp enable • isdp holdtime • isdp timer • show isdp • show isdp entry • show isdp interface •...
Page 190: Clear Isdp Table
Example console#clear isdp counters clear isdp table The clear isdp table command clears entries in the ISDP table. Syntax clear isdp table Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#clear isdp table isdp advertise-v2...
Page 191: Isdp Enable
Example console(config)#isdp advertise-v2 isdp enable The isdp enable command enables ISDP on the switch. User the “no” form of this command to disable ISDP . Use this command in global configuration mode to enable the ISDP function on the switch. Use this command in interface mode to enable sending ISDP packets on a specific interface.
Page 192: Isdp Timer
no isdp holdtime time —The time in seconds (range 10–255 seconds). • Default Configuration The default holdtime is 180 seconds. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example sets isdp holdtime to 40 seconds. console(config)#isdp holdtime 40 isdp timer The isdp timer command sets period of time between sending new ISDP packets.
Page 193: Show Isdp
show isdp The show isdp command displays global ISDP settings. Syntax show isdp Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show isdp Timer..........
Page 194: Show Isdp Interface
Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show isdp entry Switch Device ID Switch Address(es): IP Address: 172.20.1.18 IP Address: 172.20.1.18 Capability Router IGMP Platform...
Page 195: Show Isdp Interface
Syntax interface show isdp interface { all | ethernet • Show ISDP settings for all interfaces. — interface • Specifies a valid interface. The full syntax is unit/port. — Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
Page 196: Show Isdp Neighbors
1/g14 Enabled 1/g15 Enabled 1/g16 Enabled 1/g17 Enabled 1/g18 Enabled 1/g19 Enabled 1/g20 Enabled 1/g21 Enabled 1/g22 Enabled 1/g23 Enabled 1/g24 Enabled console#show isdp interface ethernet 1/g1 Interface Mode --------------- ---------- 1/g1 Enabled show isdp neighbors The show isdp neighbors command displays the list of neighboring devices. Syntax interface show isdp neighbors { ethernet...
Page 197: User Guidelines
User Guidelines There are no user guidelines for this command. Example console#show isdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route, S - Switch, H - Host, I - IGMP, r - Repeater Device ID Intf Hold Cap.
Page 198: Show Isdp Traffic
show isdp traffic The show isdp traffic command displays ISDP statistics. Syntax show isdp traffic Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. CDP Interoperability Commands...
Page 199 Example console#show isdp traffic ISDP Packets Received......4253 ISDP Packets Transmitted....... 127 ISDPv1 Packets Received......0 ISDPv1 Packets Transmitted..... 0 ISDPv2 Packets Received......4253 ISDPv2 Packets Transmitted..... 4351 ISDP Bad Header........ 0 ISDP Checksum Error......0 ISDP Transmission Failure...... 0 ISDP Invalid Format......
Page 200 CDP Interoperability Commands...
Page 201: Clear Priority-Flow-Control Statistics
Data Center Bridging Commands This chapter explains the following commands: • clear priority-flow-control statistics • datacenter-bridging • priority-flow-control mode on • priority-flow-control priority • show interfaces datacenter-bridging clear priority-flow-control statistics Use the clear priority-flow-control statistics command to clear all or interface Priority-Flow- Control statistics.
Page 202: Datacenter-Bridging
datacenter-bridging Use the datacenter-bridging command for an ethernet or port-channel interface in order to enter the DataCenterBridging mode. Priority-Flow-Control is configurable from within the DataCenterBridging mode. Syntax datacenter-bridging Default Configuration This command has no default configuration. Command Mode Interface Configuration (Ethernet, Port-channel) mode User Guidelines This command has no user guidelines.
Page 203: Priority-Flow-Control Priority
Command Mode Datacenter-Bridging mode User Guidelines • When you disable priority-flow-control, the interface will default to the 802.3x flow control setting for the interface. • When enabling PFC, the interface will not pause until there is at least one no-drop priority. Example The following example enables PFC.
Page 204: Show Interfaces Datacenter-Bridging
console(config-if-dcb)#priority-flow-control priority 5 no-drop show interfaces datacenter-bridging Use the show interfaces datacenter-bridging command in Privileged EXEC mode to display the datacenter-bridging configuration, status and counters for a given interface. Syntax interface port-channel-id show interfaces datacenter-bridging [ethernet | port-channel interface — Valid Ethernet port. •...
Page 205 Received PFC Frames:0 Transmit PFC Frames:0 Example #2 console#show interfaces datacenter-bridging port-channel 1 Port Drop No-Drop Priorities Priorities State State ---- ---------- ---------- ----- ----- 1,3-6 Enabled Active Priority Received PFC frames -------- ------------------- Received PFC Frames: 0 Transmit PFC Frames: 0 Example #3 console#show interfaces datacenter-bridging Port...
Page 206 1/g1 1-4,7 Enabled Active 1/g2 1-4,6-7 Disabled Inactive 1/g48 1-4,7 Enabled Active 1-4,7 Enabled Active 1-4,7 Enabled Active ch48 1-4,7 Enabled Active Data Center Bridging Commands...
Page 207: Dhcp L2Relay (Global Configuration)
DHCP Layer 2 Relay Commands This chapter explains the following commands: • dhcp l2relay (Global Configuration) (Global Configuration) • dhcp l2relay (Interface Configuration) (Interface Configuration) • dhcp l2relay circuit-id • dhcp l2relay remote-id • dhcp l2relay trust • dhcp l2relay vlan dhcp l2relay (Global Configuration) Use the dhcp l2relay command to enable layer 2 DHCP relay functionality.
Page 208: Dhcp L2Relay (Interface Configuration)
dhcp l2relay (Interface Configuration) Use the dhcp l2relay command to enable DHCP L2 Relay for an interface. Use the "no" form of this command to disable DHCP L2 Relay for an interface. Syntax dhcp l2relay no dhcp l2relay Default Configuration DHCP L2Relay is disabled on all interfaces by default.
Page 209: Dhcp L2Relay Remote-Id
User Guidelines There are no user guidelines for this command. Example console(config)#dhcp l2relay circuit-id vlan 340-350 dhcp l2relay remote-id Use the dhcp l2relay remote-id command to enable setting the DHCP Option 82 Remote ID for a VLAN. When enabled, the supplied string is used for the Remote ID in DHCP Option 82. Use the "no"...
Page 210: Dhcp L2Relay Vlan
Default Configuration DHCP Option 82 is discarded by default. Configuration Mode Interface Configuration (Ethernet). User Guidelines There are no user guidelines for this command. Example console(config-if-1/g1)#dhcp l2relay trust dhcp l2relay vlan Use the dhcp l2relay vlan command to enable the L2 DHCP Relay agent for a set of VLANs. All DHCP packets which arrive on interfaces in the configured VLAN are subject to L2 Relay processing.
Page 211: Clear Ip Dhcp Snooping Statistics
DHCP Snooping Commands This chapter explains the following commands: • clear ip dhcp snooping statistics • ip dhcp snooping • ip dhcp snooping binding • ip dhcp snooping database • ip dhcp snooping database write-delay • ip dhcp snooping limit •...
Page 212: Ip Dhcp Snooping
User Guidelines There are no user guidelines for this command. Example console#clear ip dhcp snooping statistics ip dhcp snooping Use the ip dhcp snooping command to enable DHCP snooping globally or on a specific VLAN. Use the “no” form of this command to disable DHCP snooping. Syntax ip dhcp snooping no ip dhcp snooping...
Page 213: Ip Dhcp Snooping Database
mac-address —The client's MAC address. • vlan-id —The number of the VLAN the client is authorized to use. • ip-address —The IP address of the client. • interface — The interface on which the client is authorized. The form is unit/port. •...
Page 214: Ip Dhcp Snooping Database Write-Delay
Example The following example configures the storage location of the snooping database as local. console(config)#ip dhcp snooping database local The following example configures the storage location of the snooping database as remote. console(config)#ip dhcp snooping database tftp://10.131.11.1/db.txt ip dhcp snooping database write-delay Use the ip dhcp snooping database write-delay command to configure the interval in seconds at which the DHCP Snooping database will be stored in persistent storage.
Page 215: Ip Dhcp Snooping Log-Invalid
no ip dhcp snooping limit pps —The maximum number of packets per second allowed (Range: 0–300 pps). • seconds — The time allowed for a burst (Range: 1–15 seconds). • Default Configuration The default maximum rate is 15 packets per second (pps). The default burst interval is 1 second.
Page 216: Ip Dhcp Snooping Trust
Example console(config-if-1/g1)#ip dhcp snooping log-invalid console(config-if-1/g1)#no ip dhcp snooping log-invalid ip dhcp snooping trust Use the ip dhcp snooping trust command to configure a port as trusted. Use the “no” form of this command to configure a port as untrusted. Syntax ip dhcp snooping trust no ip dhcp snooping trust...
Page 217: Show Ip Dhcp Snooping
Default Configuration Source MAC address verification is enabled by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ip dhcp snooping verify mac-address show ip dhcp snooping Use the show ip dhcp snooping command to display the DHCP snooping global and per port configuration.
Page 218: Show Ip Dhcp Snooping Binding
Interface Trusted Log Invalid Pkts --------- -------- ---------------- 1/g1 1/g2 1/g3 1/g4 1/g6 show ip dhcp snooping binding Use the show ip dhcp snooping binding command to display the DHCP snooping binding entries. Syntax port vlan-id show ip dhcp snooping binding [ { static | dynamic } ] [ interface ] [ vlan •...
Page 219: Show Ip Dhcp Snooping Database
------------------ ------------ ---- --------- ------------- 00:02:B3:06:60:80 210.1.1.3 1/g1 86400 00:0F:FE:00:13:04 210.1.1.4 1/g1 86400 show ip dhcp snooping database Use the show ip dhcp snooping database command to display the DHCP snooping configuration related to the database persistence. Syntax show ip dhcp snooping database Default Configuration There is no default configuration for this command.
Page 220: Show Ip Dhcp Snooping Statistics
Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command. Example console#show ip dhcp snooping interfaces Interface Trust State Rate Limit Burst Interval (pps) (seconds) ---------- ------------- ------------- ---------------...
Page 221 Syntax show ip dhcp snooping statistics Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC User Guidelines The following fields are displayed by this command: MAC Verify Failures The number of DHCP messages that were filtered on an untrusted interface because of source MAC address and client MAC address mismatch.
Page 222 Example console#show ip dhcp snooping statistics Interface MAC Verify Client Ifc DHCP Server Failures Mismatch Msgs Rec'd ----------- ---------- ---------- ----------- 1/g2 1/g3 1/g4 1/g5 1/g6 1/g7 1/g8 1/g9 1/g10 1/g11 1/g12 1/g13 1/g14 1/g15 1/g16 1/g17 1/g18 1/g19 1/g20 DHCP Snooping Commands...
Page 223: Arp Access-List
Dynamic ARP Inspection Commands This chapter explains the following commands: • arp access-list • clear counters ip arp inspection • ip arp inspection filter • ip arp inspection limit • ip arp inspection trust • ip arp inspection validate • ip arp inspection vlan •...
Page 224: Clear Counters Ip Arp Inspection
User Guidelines There are no user guidelines for this command. Example console(config)#arp access-list tier1 clear counters ip arp inspection Use the clear counters ip arp inspection command to reset the statistics for Dynamic ARP Inspection on all VLANs. Syntax clear counters ip arp inspection Default Configuration There is no default configuration for this command.
Page 225: Ip Arp Inspection Limit
Default Configuration No ARP ACL is configured. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ip arp inspection filter tier1 vlan 2-10 static console(config)#ip arp inspection filter tier1 vlan 20-30 ip arp inspection limit Use the ip arp inspection limit command to configure the rate limit and burst interval values for an interface.
Page 226: Ip Arp Inspection Trust
User Guidelines There are no user guidelines for this command. Example console(config-if-1/g1)#ip arp inspection limit none console(config-if-1/g1)#ip arp inspection limit rate 100 burst interval 2 ip arp inspection trust The ip arp inspection trust command configures an interface as trusted for Dynamic ARP Inspection.
Page 227: Ip Arp Inspection Vlan
Syntax ip arp inspection validate {[src-mac] [dst-mac] [ip]} no ip arp inspection validate {[src-mac] [dst-mac] [ip]} src-mac • For validating the source MAC address of an ARP packet. — • dst-mac For validating the destination MAC address of an ARP packet. —...
Page 228: Permit Ip Host Mac Host
Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ip arp inspection vlan 200-300 console(config)#ip arp inspection vlan 200-300 logging permit ip host mac host Use the permit ip host mac host command to configure a rule for a valid IP address and MAC address combination used in ARP packet validation.
Page 229: Show Arp Access-List
show arp access-list Use the show arp access-list command to display the configured ARP ACLs with the rules. Giving an ARP ACL name as the argument would display only the rules in that ARP ACL. Syntax acl-name show arp access-list [ acl-name —...
Page 230: Show Ip Arp Inspection Statistics
Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC User Guidelines The following fields are displayed for each interface: Interface The interface-id for each displayed row. Trust State Whether interface is trusted or untrusted for DAI. Rate Limit The configured rate limit value in packets per second.
Page 231 Command Mode Privileged EXEC mode User Guidelines The following information is displayed for each VLAN when a VLAN range is supplied: VLAN The Vlan-Id for each displayed row. Forwarded The total number of valid ARP packets forwarded in this Vlan. Dropped The total number of invalid ARP packets dropped in this Vlan.
Page 232: Show Ip Arp Inspection Vlan
---- ---------- ---------- ---------- ---------- ---------- ------ ---- --------- show ip arp inspection vlan Use the show ip arp inspection vlan command to display the Dynamic ARP Inspection configuration on all the VLANs in the given VLAN range. It also displays the global configuration values for source MAC validation, destination MAC validation and invalid IP validation.
Page 233 User Guidelines The following global parameters are displayed: Source Mac Validation If Source Mac validation of ARP frame is enabled. Destination Mac Validation If Destination Mac validation of ARP Response frame is enabled. IP Address Validation If IP address validation of ARP frame is enabled. The following fields are displayed for each VLAN: Vlan The Vlan-Id for each displayed row.
Page 234 Dynamic ARP Inspection Commands...
Page 235: Clear Counters
Ethernet Configuration Commands This chapter explains the following commands: • clear counters • description • duplex • flowcontrol • interface ethernet • interface range ethernet • • negotiation • negotiation <capability-list> • show interfaces advertise • show interfaces configuration • show interfaces counters •...
Page 236: Description
Syntax interface port-channel-number clear counters [ethernet | port-channel interface — Valid Ethernet port. The full syntax is: unit/port • port-channel-number — Valid port-channel index. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Page 237: Duplex
Example The following example adds a description to the Ethernet port 5. console(config)#interface ethernet 1/g5 console(config-if-1/g5)# description RD_SW#3 duplex Use the duplex command in Interface Configuration mode to configure the full/half duplex operation of a given Ethernet interface when not using auto-negotiation. To restore the default, use the no form of this command.
Page 238: Interface Ethernet
Syntax flowcontrol no flowcontrol Default Configuration Flow Control is enabled. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example In the following example, flow control is enabled. console(config)# flowcontrol interface ethernet Use the interface ethernet command in Global Configuration mode to enter the interface configuration mode to configure an Ethernet type interface.
Page 239: Interface Range Ethernet
interface range ethernet Use the interface range ethernet command in Global Configuration mode to execute a command on multiple ports at the same time. Syntax port-range interface range ethernet { | all} port-range — List of valid ports to configure. Separate non consecutive ports with a comma •...
Page 240: Negotiation
Default Configuration The default number of bytes is 1518 (1522 bytes of VLAN-tagged frames). Command Mode Interface Configuration (Ethernet) mode User Guidelines The value set allows an additional four bytes for the VLAN tag. Example The following example of the mtu command increases maximum packet size to 9216 bytes. console(config-if-1/g5)#mtu 9216 negotiation Use the negotiation command in Interface Configuration mode to enable auto-negotiation...
Page 241: Negotiation
console(config)#interface ethernet 1/g5 console(config-if-1/g5)#negotiation negotiation <capability-list> Use the negotiation <capability-list> command in Interface Configuration mode in order to limit auto-negotiation capabilities. Syntax negotiation <capability-list> • capabilitity-list — Specify one or more of the following values, separated by a space: 100f, 1000f and 10000f.

Page 242: Show Interfaces Advertise
Example console(config-if-1/xg17)#negotiation 1000f 10000f show interfaces advertise Use the show interfaces advertise command in Privileged EXEC mode to display information about auto-negotiation advertisement. Syntax interface show interfaces advertise [ethernet interface — A valid Ethernet port. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 243: Show Interfaces Configuration
Admin Local Link ------ ------ ------ ------ ------ Advertisement yes show interfaces configuration Use the show interfaces configuration command in User EXEC mode to display the configuration for all configured interfaces. Syntax interface port-channel-number show interfaces configuration [ethernet | port-channel interface —...
Page 244: Show Interfaces Counters
1/g8 Gigabit - Level Unknown Auto 1/g9 Gigabit - Level Unknown Auto 1/g10 Gigabit - Level Unknown Auto 1/g11 Gigabit - Level Unknown Auto 1/g12 Gigabit - Level Unknown Auto 1/g13 Gigabit - Level Unknown Auto 1/g14 Gigabit - Level Unknown Auto 1/g15...
Page 245 port-channel-number — A valid port-channel index. • Default Configuration This command has no default configuration. Command Mode User EXEC mode and Privileged EXEC mode User Guidelines This command has no user guidelines. The following table describes the fields shown in the display: Field Description InOctets...
Page 246 Field Description Oversize Packets Counted frames received that exceed the maximum permitted frame size. Internal MAC Rx Errors A count of frames for which reception fails due to an internal MAC sublayer receive error. Received Pause Frames A count of MAC Control frames received with an opcode indicating the PAUSE operation.
Page 247 OutOctets OutUcastPkts ---- ---------- --------- 23739 Example #2 The following example displays counters for Ethernet port 1/g1. console#show interfaces counters ethernet 1/g1 Port InOctets InUcastPkts ---- ---------- --------- 1/g1 183892 1289 Port OutOctets OutUcastPkts ---- ---------- --------- 1/g1 9188 Alignment Errors: 17 FCS Errors: 8 Single Collision Frames: 0 Multiple Collision Frames: 0...
Page 248 console#show interfaces counters ethernet 1/xg1 InOctets InUcastPkts InMcastPkts InBcastPkts ---------------- ---------- ----------- ----------- ----------- 1/xg1 OutOctets OutUcastPkts OutMcastPkts OutBcastPkts ---------------- ---------- ------------ ------------ ------------ 1xg1 Alignment Errors: ......56 FCS Errors: ........16 Single Collision Frames: ...... 21 Multiple Collision Frames: ....51 Late Collisions: ......
Page 249: Show Interfaces Description
1213 17861 23461 OutOctets OutUcastPkts OutMcastPkts OutBcastPkts ---------------- ---------- ------------ ------------ ------------ 2567 8124 2973 Alignment Errors: ......3 FCS Errors: ........8 Single Collision Frames: ...... 11 Multiple Collision Frames: ....90 Late Collisions: ......2 Excessive Collisions: ......10 Oversize Packets: ......
Page 250: Show Interfaces Detail
Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the description for the interface 1/g1. console>show interfaces description Port Description ---- ----------------------------------------------------------- 1/g1 Port that should be used for management only 2/g1 2/g2 Description...
Page 251 port-channel-number — A valid port-channel index. • Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example console#show interfaces detail Ethernet 1/xg1 Port Type Duplex Speed Admin Link State State ----- ---------------...
Page 252 Port 1/xg1 is member in: VLAN Name Egress rule Type ---- --------- ----------- ----- default untagged System VLAN008 tagged Dynamic VLAN0011 tagged Static IPv6 VLAN untagged Static VLAN0072 untagged Static Static configuration: PVID: 1 (default) Ingress Filtering: Enabled Acceptable Frame Type: All Port 1/xg1 is statically configured to: VLAN Name...
Page 253: Show Interfaces Status
------------------ Port 1 (1/xg1) enabled State: Forwarding Role: Root Port id: 128.1 Port cost: 20000 Port Fast: No (configured:no) Designated bridge Priority: 32768 Address: 00:01:42:97:e0:00 Designated port id: 128.25 Designated path cost: 0 BPDU: sent 2, received 120638 show interfaces status Use the show interfaces status command in User EXEC mode to display the status for all configured interfaces.
Page 254 1/g2 Gigabit - Level Unknown Auto Down Inactive 1/g3 Gigabit - Level Unknown Auto Down Inactive 1/g4 Gigabit - Level Unknown Auto Down Inactive 1/g5 Gigabit - Level Unknown Auto Down Inactive 1/g6 Gigabit - Level Unknown Auto Down Inactive 1/g7 Gigabit - Level Unknown...
Page 255 Link Aggregate Down Link Aggregate Down Link Aggregate Down Link Aggregate Down Link Aggregate Down --More-- or (q)uit ch10 Link Aggregate Down ch11 Link Aggregate Down ch12 Link Aggregate Down ch13 Link Aggregate Down ch14 Link Aggregate Down ch15 Link Aggregate Down ch16 Link Aggregate Down...
Page 256: Show Statistics Ethernet
ch40 Link Aggregate Down ch41 Link Aggregate Down ch42 Link Aggregate Down ch43 Link Aggregate Down ch44 Link Aggregate Down ch45 Link Aggregate Down ch46 Link Aggregate Down ch47 Link Aggregate Down ch48 Link Aggregate Down Flow Control:Disabled console# The displayed port status information includes the following: Field Description Port...
Page 257: Command Mode
switchport — Displays statistics for the entire switch. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Examples The following examples show statistics for port 1/g1 and for the entire switch. console#show statistics ethernet 1/g1 Total Packets Received (Octets)....
Page 258 Multicast Packets Received..... 48339 --More-- or (q)uit Broadcast Packets Received..... 76702 Total Packets Received with MAC Errors..0 Jabbers Received....... 0 Fragments/Undersize Received....0 Alignment Errors....... 0 FCS Errors........0 Overruns........0 Total Received Packets Not Forwarded... 91 Local Traffic Frames......0 802.3x Pause Frames Received....
Page 259 Tx Oversized........0 Underrun Errors........ 0 Total Transmit Packets Discarded....0 Single Collision Frames......0 Multiple Collision Frames...... 0 Excessive Collision Frames..... 0 Port Membership Discards....... 0 802.3x Pause Frames Transmitted....0 GVRP PDUs received......0 --More-- or (q)uit GVRP PDUs Transmitted......0 GVRP Failed Registrations......
Page 260 Maximum VLAN Entries......1024 Most VLAN Entries Ever Used....6 Static VLAN Entries......6 Dynamic VLAN Entries......0 VLAN Deletes........0 Time Since Counters Last Cleared....1 day 0 hr 42 min 13 sec console# Ethernet Configuration Commands...
Page 261: Show Storm-Control
show storm-control Use the show storm-control command in Privileged EXEC mode to display the configuration of storm control. Syntax interface show storm-control [all | interface — Valid Ethernet port. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Page 262: Shutdown
shutdown Use the shutdown command in Interface Configuration mode to disable an interface. To restart a disabled interface, use the no form of this command. Syntax shutdown no shutdown Default Configuration The interface is enabled. Command Mode Interface Configuration (Ethernet, Port-Channel, Tunnel, Loopback) mode User Guidelines This command has no user guidelines.
Page 263: Speed
speed Use the speed command in Interface Configuration mode to configure the speed of a given Ethernet interface when not using auto-negotiation. To restore the default, use the no form of this command. Syntax speed [10 | 100 ] no speed •...
Page 264: Storm-Control Multicast
no storm-control broadcast rate — Percentage of port bandwidth to allow. (Range: 0-100) • Default Configuration The default value is 5. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example console(config-if-1/g1)#storm-control broadcast level 5 storm-control multicast Use the storm-control multicast command in Interface Configuration mode to enable multicast storm recovery mode for an interface.
Page 265: Storm-Control Unicast
Example console(config-if-1/g1)#storm-control multicast level 5 storm-control unicast Use the storm-control unicast command in Interface Configuration mode to enable unknown unicast storm control for an interface. If the mode is enabled, unicast storm recovery is active, and if the rate of unknown L2 unicast (destination lookup failure) traffic ingressing on an interface increases beyond the configured threshold, the traffic will be dropped.
Page 266 Ethernet Configuration Commands...
Page 267: Clear Gvrp Statistics
GVRP Commands This chapter explains the following commands: • clear gvrp statistics • garp timer • gvrp enable (global) • gvrp enable (interface) • gvrp registration-forbid • gvrp vlan-creation-forbid • show gvrp configuration • show gvrp error-statistics • show gvrp statistics clear gvrp statistics Use the clear gvrp statistics command in Privileged EXEC mode to clear all the GVRP statistics information.
Page 268: Garp Timer
Example The following example clears all the GVRP statistics information on port 1/g8. console# clear gvrp statistics ethernet 1/g8 garp timer Use the garp timer command in Interface Configuration mode to adjust the GARP application join, leave, and leaveall GARP timer values. To reset the timer to default values, use the no form of this command.
Page 269: Gvrp Enable (Interface)
Example The following example sets the leave timer for port 1/g8 to 90 centiseconds. console (config)# interface ethernet 1/g8 console (config-if-1/g8)# garp timer leave 90 gvrp enable (global) Use the gvrp enable (global) command in Global Configuration mode to enable GVRP globally on the switch.
Page 270: Gvrp Registration-Forbid
Command Mode Interface Configuration (Ethernet, Port-Channel) mode User Guidelines An Access port cannot join dynamically to a VLAN because it is always a member of only one VLAN. Membership in untagged VLAN would be propagated in a same way as a tagged VLAN. In such cases it is the administrator’s responsibility to set the PVID to be the untagged VLAN VID.
Page 271: Gvrp Vlan-Creation-Forbid
gvrp vlan-creation-forbid Use the gvrp vlan-creation-forbid command in Interface Configuration mode to disable dynamic VLAN creation. To disable dynamic VLAN creation, use the no form of this command. Syntax gvrp vlan-creation-forbid no gvrp vlan-creation-forbid Default Configuration By default, dynamic VLAN creation is enabled. Command Mode Interface Configuration (Ethernet, Port-Channel) mode User Guidelines...
Page 272 Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example shows how to display GVRP configuration information: GVRP Commands...
Page 273: Show Gvrp Error-Statistics
console# show gvrp configuration Global GVRP Mode: Disabled Join Leave LeaveAll Port VLAN Interface Timer Timer Timer GVRP Mode Create Register (centisecs) (centisecs) (centisecs) Forbid Forbid ----------- ----------- ----------- ----------- ----------- ------ -- ---- 1/g1 1000 Disabled 1/g2 1000 Disabled 1/g3 1000 Disabled...
Page 274: Show Gvrp Statistics
Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example The following example displays GVRP error statistics information. console>show gvrp error-statistics GVRP error statistics: ---------------- Legend: INVPROT: Invalid Protocol Id INVATYP: Invalid Attribute Type INVALEN: Invalid Attribute Length INVAVAL: Invalid Attribute Value INVEVENT: Invalid Event...
Page 275 Syntax interface port-channel-number show gvrp statistics [ethernet | port-channel interface — A valid Ethernet interface. • port-channel-number — A valid port channel index. • Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example This example shows output of the show gvrp statistics command.
Page 276 1/g4 1/g5 1/g6 1/g7 1/g8 GVRP Commands...
Page 277: Ip Igmp Snooping (Global)
IGMP Snooping Commands This chapter explains the following commands: • ip igmp snooping (global) • ip igmp snooping (interface) • ip igmp snooping host-time-out • ip igmp snooping leave-time-out • ip igmp snooping mrouter-time-out • show ip igmp snooping groups •...
Page 278: Ip Igmp Snooping (Interface)
User Guidelines IGMP snooping is enabled on static VLANs only and is not enabled on Private VLANs or their community VLANs. Example The following example enables IGMP snooping. console(config)# ip igmp snooping ip igmp snooping (interface) Use the ip igmp snooping command in Interface Configuration mode to enable Internet Group Management Protocol (IGMP) snooping on a specific interface.
Page 279: Ip Igmp Snooping Leave-Time-Out
Syntax time-out ip igmp snooping host-time-out no ip igmp snooping host-time-out time-out — Host timeout in seconds. (Range: 2- 3600) • Default Configuration The default host-time-out is 260 seconds. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines The timeout should be more than sum of response time and twice the query interval. Example The following example configures the host timeout to 300 seconds.
Page 280: Ip Igmp Snooping Mrouter-Time-Out
User Guidelines The leave timeout should be set greater than the maximum time that a host is allowed to respond to an IGMP Query. Use immediate leave only where there is only one host connected to a port. Example The following example configures the host leave-time-out to 60 seconds. console(config-if-1/g1)#ip igmp snooping leave-time-out 60 ip igmp snooping mrouter-time-out Use the ip igmp snooping mrouter-time-out command in Interface Configuration mode to...
Page 281: Show Ip Igmp Snooping Interface
Syntax vlan-id ip-multicast-address show ip igmp snooping groups [vlan ] [address vlan_id — Specifies a VLAN ID value. • ip-multicast-address — Specifies an IP Multicast address. • Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines To see the full Multicast address table (including static addresses) use the show bridge address- table command.
Page 282: Show Ip Igmp Snooping Mrouter
Syntax interface interface port-channel- show ip igmp snooping interface {ethernet | port-channel number interface — Valid Ethernet port. The full syntax is unit/port. • port-channel-number — Valid port-channel index. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Page 283: Syntax
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example shows IGMP snooping mrouter information. console#show igmp snooping mrouter Port........1/g1 ip igmp snooping (VLAN) Use the ip igmp snooping command in VLAN Configuration mode to enable IGMP snooping on a particular interface or on all interfaces participating in a VLAN.
Page 284: Syntax
ip igmp snooping fast-leave This command enables or disables IGMP Snooping fast-leave mode on a selected VLAN. Enabling fast-leave allows the switch to immediately remove the layer 2 LAN interface from its forwarding table entry upon receiving an IGMP leave message for that multicast group without first sending out MAC-based general queries to the interface.
Page 285 Syntax vlan-id seconds ip igmp snooping groupmembership-interval no ip igmp snooping groupmembership-interval vlan-id — Number assigned to the VLAN • • seconds — IGMP group membership interval time in seconds. (Range: 2–3600) Default Configuration The default group membership interval time is 260 seconds. Command Mode VLAN Configuration mode User Guidelines...
Page 286: Ip Igmp Snooping Maxresponse
ip igmp snooping maxresponse This command sets the IGMP Maximum Response time on a particular VLAN. The Maximum Response time is the amount of time in seconds that a switch will wait after sending a query on an interface because it did not receive a report for a particular group in that interface. This value must be less than the IGMP Query Interval time value.
Page 287: Ip Igmp Snooping Mcrtrexpiretime
ip igmp snooping mcrtrexpiretime This command sets the Multicast Router Present Expiration time. The time is set on a particular VLAN. This is the amount of time in seconds that a switch waits for a query to be received on an interface before the interface is removed from the list of interfaces with multicast routers attached.
Page 288 IGMP Snooping Commands...
Page 289: Ip Igmp Snooping Querier
IGMP Snooping Querier Commands This chapter explains the following commands: • ip igmp snooping querier • ip igmp snooping querier election participate • ip igmp snooping querier query-interval • ip igmp snooping querier timer expiry • ip igmp snooping querier version •...
Page 290: Ip Igmp Snooping Querier Election Participate
Command Mode Global Configuration mode VLAN Configuration mode User Guidelines When using the command in Global Configuration mode to configure a snooping querier source address, the IPv4 address is the global querier address. When using the command in VLAN Configuration mode to configure a snooping querier source address, the IPv4 address is the querier address for the VLAN.
Page 291: Ip Igmp Snooping Querier Query-Interval
Example The following example configures the snooping querier to participate in the querier election. console(config-vlan)#ip igmp snooping querier election participate ip igmp snooping querier query-interval This command sets the IGMP Querier Query Interval time, which is the amount of time in seconds that the switch waits before sending another periodic query.
Page 292: Ip Igmp Snooping Querier Version
seconds — The time in seconds that the switch remains in Non-Querier mode after it has • discovered that there is a multicast querier in the network. The range is 60–300 seconds. Default Configuration The query interval default is 60 seconds. Command Mode Global Configuration mode User Guidelines...
Page 293: Show Igmp Snooping Querier
show igmp snooping querier This command displays IGMP Snooping Querier information. Configured information is displayed whether or not IGMP Snooping Querier is enabled. vlan_id When the optional argument is not used, the command shows the following information: • Admin Mode — Indicates whether or not IGMP Snooping Querier is active on the switch. •...
Page 294 Syntax vlan_id show ip igmp snooping querier [{detail | vlan vlan_id — Number assigned to the VLAN. • Default Configuration This command has no default configuration Command Mode Privileged Exec mode User Guidelines This command has no user guidelines. Example The following example shows querier information for VLAN 2.
Page 295: Clear Host
IP Addressing Commands This chapter explains the following commands: • clear host • ip address • ip address vlan • ip default-gateway • ip domain-lookup • ip domain-name • ip host • ip name-server • ipv6 address • ipv6 enable •...
Page 296: Ip Address
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example deletes all entries from the host name-to-address cache. console#clear host * ip address Use the ip address command in Global Configuration mode to set an IP address. To remove an IP address, use the no form of this command.
Page 297: Ip Address
Examples The following example acquires an IP address for the switch management interface from DHCP . console(config)#ip address dhcp The following examples configure the IP address 131.108.1.27 and subnet mask 255.255.255.0 and the same IP address with prefix length of 24 bits. console(config)#ip address 131.108.1.27 255.255.255.0 console(config)#ip address 131.108.1.27 /24 ip address...
Page 298: Ip Address Vlan
console(config-if)#ip address dhcp console(config-if)#ip address none console(config)#interface out-of-band console(config-if)#ip address 10.240.4.115 255.255.255.0 10.240.4.1 ip address vlan Use the ip address vlan command in Global Configuration mode to set the management VLAN. Syntax vlanid ip address vlan no ip address vlan vlanid —...
Page 299: Ip Domain-Lookup
Default Configuration No default gateway is defined. Command Mode Global Configuration mode User Guidelines A static IP address must be configured using the ip address command before setting the default gateway. The default gateway should reside on the subnet defined by the ip address command. NOTE: For management traffic forwarding decisions, a default-route configured on the switch (CLI, Web, SNMP, or learned via routing protocol such as OSPF), takes precedence over the ip default-gateway setting.
Page 300: Ip Domain-Name
Global Configuration mode User Guidelines This command has no user guidelines. Example The following example defines a default domain name of dell.com. console(config)#ip domain-name dell.com ip host Use the ip host command in Global Configuration mode to define static host name-to-address mapping in the host cache.
Page 301: Ip Name-Server
This command has no user guidelines. Example The following example defines a static host name-to-address mapping in the host cache. console(config)#ip host accounting.dell.com 176.10.23.1 ip name-server Use the ip name-server command in Global Configuration mode to define available IPv4 or IPv6 name servers.
Page 302: Ipv6 Address
ipv6 address Use the ipv6 address command to set the IPv6 address of the management interface. Use the "no" form of this command to reset the IPv6 address to the default. Syntax prefix/prefix-length ipv6 address { [eui64] | autoconfig | dhcp } no ipv6 address prefix —...
Page 303: Ipv6 Enable
console(config)#no ipv6 address dhcp console(config)#no ipv6 address autoconfig console(config)#no ipv6 address 2003::6/64 console(config)#no ipv6 address 2001::/64 eui64 console(config)#no ipv6 address ipv6 enable Use the ipv6 enable command to enable IPv6 on the management interface. Use the "no" form of this command to disable IPv6 on the management interface. Syntax ipv6 enable no ipv6 enable...
Page 304: Show Arp Switch
Syntax gateway-address ipv6 gateway no ipv6 gateway gateway-address —The gateway address in IPv6 global or link-local address format. Default Configuration There is no IPv6 gateway configured by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 gateway 2003::1 console(config)#no ipv6 gateway...
Page 305: Show Hosts
Example The following example displays ARP table information. console#show arp switch MAC Address IP Address Interface ------------------- ---------------- ------------ 0016.9CE1.D800 10.27.6.1 1/g37 show hosts Use the show hosts command in User EXEC mode to display the default domain name, a list of name server hosts, and the static and cached list of host names and addresses.
Page 306: Show Ip Helper-Address
Cache: TTL (Hours) Host Total Elapsed Type Addresses ---------------- ----- ------- ------- ------------- www.stanford.edu 171.64.14.203 show ip helper-address Use the show ip helper-address command in Privileged EXEC mode to display IP helper addresses configuration. Syntax intf-address show ip helper-address [ intf-address —...
Page 307: Show Ip Interface Management
show ip interface management Use the show ip interface management command to display the management interface configuration. Syntax show ip interface management Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the management interface configuration.
Page 308 IP Addressing Commands...
Page 309: Deny | Permit}
IPv6 Access List Commands This chapter explains the following commands: • {deny | permit} • ipv6 access-list • ipv6 access-list rename • ipv6 traffic-filter • show ipv6 access-lists {deny | permit} This command creates a new rule for the current IPv6 access list. Each rule is appended to the list of configured rules for the list.
Page 310 eq — Equal. Refers to the Layer 4 port number being used as a match criteria. The first • reference is source match criteria, the second is destination match criteria. portkey — Or you can specify the portkey, which can be one of the following keywords: •...
Page 311: Ipv6 Access-List
console(Config-ipv6-acl)# ipv6 access-list The ipv6 access-list command creates an IPv6 Access Control List (ACL) consisting of classification fields defined for the IP header of an IPv6 frame. The <name> parameter is a case-sensitive alphanumeric string from 1 to 31 characters uniquely identifying the IPv6 access list.
Page 312: Ipv6 Traffic-Filter
name — the name of an existing IPv6 ACL. • newname — alphanumeric string from 1 to 31 characters uniquely identifying the IPv6 access • list. Default Configuration There is no default configuration for this command. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
Page 313: Show Ipv6 Access-Lists
Default Configuration This command has no default configuration. Command Modes Global Configuration mode Interface Configuration (Ethernet, Port-channel, VLAN) mode User Guidelines This command specified in 'Interface Config' mode only affects a single interface, whereas the 'Global Config' mode setting is applied to all interfaces. Example •...
Page 314 Example The following example displays configuration information for the IPv6 ACLs. console#show ipv6 access-lists Current number of all ACLs: 1 Maximum number of all ACLs: 100 IPv6 ACL Name Rules Direction Interface(s) VLAN(s) ------------------------------- ----- --------- -------------------- ------------- STOP_HTTP inbound 1/g1 console#show ipv6 access-lists STOP_HTTP ACL Name: STOP_HTTP...
Page 315 Source L4 Port This field displays the source port for this rule. Keyword Destination IP This displays the destination IP address for this rule. Address Destination L4 This field displays the destination port for this rule. Port Keyword IP DSCP This field indicates the value specified for IP DSCP .
Page 316 IPv6 Access List Commands...
Page 317: Ipv6 Mld Snooping Querier
IPv6 MLD Snooping Querier Commands This chapter explains the following commands: • ipv6 mld snooping querier • ipv6 mld snooping querier (VLAN mode) • ipv6 mld snooping querier address • ipv6 mld snooping querier election participate • ipv6 mld snooping querier query-interval •...
Page 318: Ipv6 Mld Snooping Querier (Vlan Mode)
ipv6 mld snooping querier (VLAN mode) Use the ipv6 mld snooping querier command in VLAN mode to enable MLD Snooping Querier on a VLAN. Use the "no" form of this command to disable MLD Snooping Querier on a VLAN. Syntax vlan-id ipv6 mld snooping querier vlan-id...
Page 319: Ipv6 Mld Snooping Querier Election Participate
Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 mld snooping querier address Fe80::5 ipv6 mld snooping querier election participate Use the ipv6 mld snooping querier election participate command to enable the Snooping Querier to participate in the Querier Election process when it discovers the presence of another Querier in the VLAN.
Page 320: Ipv6 Mld Snooping Querier Query-Interval
ipv6 mld snooping querier query-interval Use the ipv6 mld snooping querier query-interval command to set the MLD Querier Query Interval time. It is the amount of time in seconds that the switch waits before sending another general query. Use the "no" form of this command to reset the Query Interval to the default. Syntax interval ipv6 mld snooping querier query-interval...
Page 321: Show Ipv6 Mld Snooping Querier
Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 mld snooping querier timer expiry 222 show ipv6 mld snooping querier Use the show ipv6 mld snooping querier command to display MLD Snooping Querier information.
Page 322 When the optional argument vlan vlan-id is used, the following additional information appears: MLD Snooping Querier VLAN Indicates whether MLD Snooping Querier is active on the VLAN. Mode Querier Election Participate Mode Indicates whether the MLD Snooping Querier participates in querier election if it discovers the presence of a querier in the VLAN.
Page 323 When the optional argument detail is used, the command shows the global information and the information for all Querier enabled VLANs as well as the following information: Last Querier Address Indicates the IP address of the most recent Querier from which a Query was received.
Page 324 IPv6 MLD Snooping Querier Commands...
Page 325: Ip Verify Source
IP Source Guard Commands This chapter explains the following commands: • ip verify source • ip verify source port-security • ip verify binding • show ip verify interface • show ip verify source interface • show ip source binding ip verify source Use the ip verify source command in Interface Configuration mode to enable filtering of IP packets matching the source IP address.
Page 326: Ip Verify Binding
Syntax ip verify source port-security Default Configuration By default, IPSG is disabled on all interfaces. Command Mode Interface Configuration mode User Guidelines This command has no user guidelines. Example console(config-if-1/g1)#ip verify source port-security ip verify binding Use the ip verify binding command in Global Configuration mode to configure static bindings. Syntax ip verify binding <macaddr>...
Page 327: Show Ip Verify Source Interface
Syntax show ip verify interface Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example console#show ip verify interface 1/g1 show ip verify source interface Use the show ip verify source interface command in Privileged EXEC mode to display the bindings configured on a particular interface.
Page 328 Syntax show ip source binding Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example console#show ip source binding IP Source Guard Commands...
Page 329: Iscsi Aging Time
iSCSI Flow Acceleration Commands This chapter explains the following commands: • iscsi aging time • iscsi cos • iscsi enable • iscsi target port • show iscsi • show iscsi sessions iscsi aging time The iscsi aging time command sets the time out value for iSCSI sessions. To reset the aging time to the default value, use the no form of this command.
Page 330: Iscsi Cos
Example The following example sets the aging time for iSCSI sessions to 100 minutes. console(config)#iscsi aging time 100 iscsi cos The iscsi cos command sets the quality of service profile that will be applied to iSCSI flows. To return to the default value, use the no form of this command. Syntax dscp iscsi cos {vpt...
Page 331: Iscsi Enable
iscsi enable The iscsi enable command globally enables iSCSI awareness. To disable iSCSI awareness use the no form of this command. Syntax iscsi enable no iscsi enable Default Configuration The default configuration is disabled. Command Mode Global Configuration mode. User Guidelines When you issue the no iscsi enable command, iSCSI resources are released.
Page 332: Show Iscsi
Default Configuration iSCSI well-known ports 3260 and 860 are configured as default but can be removed as any other configured target. Command Mode Global Configuration mode. User Guidelines When working with private iSCSI ports (not IANA assigned iSCSI ports 3260/860), it is recommended to specify the target IP address as well.
Page 333: Show Iscsi Sessions
User Guidelines There are no user guidelines for this command. Example The following example displays the iSCSI settings. console#show iscsi iSCSI enabled iSCSI vpt is 5, remark Session aging time: 10 min Maximum number of sessions is 192 ------------------------------------------------ iSCSI Targets and TCP Ports: ------------------------------------------------ TCP Port Target IP Address...
Page 334 Example The following examples show summary and detailed information about the iSCSI sessions. console#show iscsi sessions Session 0: ------------------------------------------------------------------ Target: iqn.2001-05.com.equallogic:0-8a0906-0e70c2002- 10a0018426a48c94-iom010 Initiator: iqn.1991-05.com.microsoft:win-x9l8v27yajg ISID: 400001370000 Session 1: ------------------------------------------------------------------ Target: iqn.2001-05.com.equallogic:0-8a0906-0f60c2002- 0360018428d48c94-iom011 Initiator: iqn.1991-05.com.microsoft:win-x9l8v27yajg ISID: 400001370000 Session 2: ------------------------------------------------------------------ Target: iqn.2001-05.com.equallogic:0-8a0906-1080c2002- 336001842b348c94-iom012 Initiator: iqn.1991-05.com.microsoft:win-x9l8v27yajg ISID: 400001370000...
Page 335 Initiator Initiator Target Target IP Address TCP Port IP Address TCP Port 192.168.2.125 49272 192.168.2.20 3260 Session 1: ----------------------------------------------------------------- Target: iqn.2001-05.com.equallogic:0-8a0906-0f60c2002- 0360018428d48c94-iom011 Initiator: iqn.1991-05.com.microsoft:win-x9l8v27yajg Up Time: 00:00:00:13 (DD:HH:MM:SS) Time for aging out: 47 secs ISID: 400001370000 Initiator Initiator Target Target IP Address TCP Port IP Address...
Page 336 iSCSI Flow Acceleration Commands...
Page 337: Lacp Port-Priority
LACP Commands This chapter explains the following commands: • lacp port-priority • lacp system-priority • lacp timeout • show lacp ethernet • show lacp port-channel lacp port-priority Use the lacp port-priority command in Interface Configuration mode to configure the priority value for physical ports.
Page 338: Lacp System-Priority
lacp system-priority Use the lacp system-priority command in Global Configuration mode to configure the Link Aggregation system priority. To reset to default, use the no form of this command. Syntax value lacp system-priority no lacp system-priority value — Port priority value. (Range: 1–65535) •...
Page 339: Show Lacp Ethernet
Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example The following example assigns an administrative LACP timeout for port 1/g8 to a long timeout value. console(config)#interface ethernet 1/g8 console(config-if-1/g8)#lacp timeout long show lacp ethernet Use the show lacp ethernet command in Privileged EXEC mode to display LACP information for Ethernet ports.
Page 340 system mac addr: 00:00:12:34:56:78 port Admin key: port Oper key: port Oper priority: port Admin timeout: LONG port Oper timeout: LONG LACP Activity: ACTIVE Aggregation: AGGREGATABLE synchronization: FALSE collecting: FALSE distributing: FALSE expired: FALSE Partner system priority: system mac addr: 00:00:00:00:00:00 port Admin key: port Oper key:...
Page 341: Show Lacp Port-Channel
show lacp port-channel Use the show lacp port-channel command in Privileged EXEC mode to display LACP information for a port-channel. Syntax port_channel_number show lacp port-channel [ port_channel_number — The port-channel number. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 342 LACP Commands...
Page 343: Link-Dependency Group
Link Dependency Commands This chapter explains the following commands: • link-dependency group • no link-dependency group • add ethernet • add port-channel • add port-channel • no add port-channel • depends-on ethernet • no depends-on ethernet • depends-on port-channel • no depends-on port-channel •...
Page 344: No Link-Dependency Group
Example console(config)#link-dependency group 1 console(config-linkDep-group-1)# no link-dependency group Use the no link-dependency group command to remove the configuration for a link- dependency group. Syntax no link-dependency group GroupId GroupId — Link dependency group identifier. (Range: 1–16) • Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines...
Page 345: Add Port-Channel
Command Mode Link Dependency mode User Guidelines No specific guidelines Example console(config-depend-1)#add ethernet 1/g1 add port-channel Use the add port-channel command to add member port-channels to the dependency list. Syntax port-channel-list add port-channel port-channel-list — List of port-channel interfaces. Separate nonconsecutive ports with a •...
Page 346: Depends-On Ethernet
port-channel-list — List of port-channel interfaces. Separate nonconsecutive ports with a • comma and no spaces. Use a hyphen to designate the range of ports. (Range: Valid port- channel interface list or range) Default Configuration This command has no default configuration. Command Mode Link Dependency mode User Guidelines...
Page 347: No Depends-On Ethernet
no depends-on ethernet Use the no depends-on ethernet command to remove the dependent Ethernet ports list. Syntax intf-list no depends-on ethernet intf-list — List of Ethernet interfaces. Separate nonconsecutive ports with a comma and no • spaces. Use a hyphen to designate the range of ports. (Range: Valid Ethernet interface list or range) Default Configuration This command has no default configuration.
Page 348: No Depends-On Port-Channel
User Guidelines No specific guidelines Example console(config-linkDep-group-1)#depends-on port-channel 6 no depends-on port-channel Use the no depends-on port-channel command to remove the dependent port-channels list. Syntax port-channel-list no depends-on port-channel port-channel-list — List of port-channel interfaces. Separate nonconsecutive ports with a •...
Page 349 Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines No specific guidelines Example The following command shows link dependencies for all groups. console#show link-dependency GroupId Member Ports Ports Depended On ------- --------------------- ---------------------------------- 1/g1-1/g4 1/g8-1/g9 1/g5 1/g3-1/g4...
Page 350 Link Dependency Commands...
Page 351: Clear Lldp Remote-Data
LLDP Commands This chapter explains the following commands: • clear lldp remote-data • clear lldp statistics • lldp med • lldp med confignotification • lldp med faststartrepeatcount • lldp med transmit-tlv • lldp notification • lldp notification-interval • lldp receive •...
Page 352: Clear Lldp Statistics
Syntax clear lldp remote-data Default Configuration By default, data is removed only on system reset. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays how to clear the LLDP remote data. console#clear lldp remote-data clear lldp statistics Use the clear lldp statistics command in Privileged EXEC mode to reset all LLDP statistics.
Page 353: Lldp Med
lldp med This command is used to enable/disable LLDP-MED on an interface. By enabling MED, the transmit and receive functions of LLDP are effectively enabled. Syntax Description lldp med no lldp med Parameter Ranges Not applicable Command Mode Interface (Ethernet) Configuration Default Value LLDP-MED is disabled on all supported interfaces.
Page 354: Lldp Med Faststartrepeatcount
Default Value By default, notifications are disabled on all supported interfaces. Usage Guidelines No specific guidelines. Example console(config)#lldp med confignotification lldp med faststartrepeatcount This command is used to set the value of the fast start repeat count. Syntax Description count lldp med faststartrepeatcount no lldp med faststartrepeatcount count —...
Page 355: Lldp Notification
Syntax Description capabilities network-policy ex-pse ex-pd location inventory lldp med transmit-tlv [ capabilities network-policy ex-pse ex-pd location inventory no med lldp transmit-tlv [ Capabilities • — Transmit the capabilities TLV network-policy • — Transmit the network policy TLV ex-pse • —...
Page 356: Lldp Notification-Interval
Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example The following example displays how to enable remote data change notifications. console(config-if-1/g3)#lldp notification lldp notification-interval Use the lldp notification-interval command in Global Configuration mode to limit how frequently remote data change notifications are sent.
Page 357: Lldp Timers
Syntax lldp receive no lldp receive Default Configuration The default lldp receive mode is disabled. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example The following example displays how to enable the LLDP receive capability. console(config-if-1/g3)#lldp receive lldp timers Use the lldp timers command in Global Configuration mode to set the timing parameters for...
Page 358: Lldp Transmit
Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Examples The following example displays how to configure LLDP to transmit local information every 1000 seconds. console(config)#lldp timers interval 1000 The following example displays how to set the timing parameter at 1000 seconds with a hold multiplier of 8 and a 5 second delay before re-initialization.
Page 359: Lldp Transmit-Mgmt
lldp transmit-mgmt Use the lldp transmit-mgmt command in Interface Configuration mode to include transmission of the local system management address information in the LLDPDUs. To cancel inclusion of the management information, use the no form of this command. Syntax lldp transmit-mgmt no lldp transmit-mgmt Default Configuration By default, management address information is not included.
Page 360: Show Lldp
Default Configuration By default, no optional TLVs are included. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example The following example shows how to include the system description TLV in local data transmit. console(config-if-1/g3)#lldp transmit-tlv sys-desc show lldp Use the show lldp command in Privileged EXEC mode to display the current LLDP configuration summary.
Page 361: Show Lldp Interface
Notification Interval: limited to every 5 seconds console#show lldp LLDP transmit and receive disabled on all interfaces show lldp interface Use the show lldp interface command in Privileged EXEC mode to display the current LLDP interface state. Syntax interface show lldp interface { | all } interface —...
Page 362: Show Lldp Local-Device
Interface Link Transmit Receive Notify TLVs Mgmt --------- ---- -------- -------- -------- ------- ---- 1/g1 Enabled Enabled Enabled 0,1,2,3 TLV Codes: 0 – Port Description, 1 – System Name, 2 – System Description, 3 – System Capability show lldp local-device Use the show lldp local-device command in Privileged EXEC mode to display the advertised LLDP local data.
Page 363: Show Lldp Med
Interface: 1/g1 Chassis ID Subtype: MAC Address Chassis ID: 00:62:48:00:00:00 Port ID Subtype: MAC Address Port ID: 00:62:48:00:00:02 System Name: System Description: Routing Port Description: System Capabilities Supported: bridge, router System Capabilities Enabled: bridge Management Address: Type: IPv4 Address: 192.168.17.25 show lldp med This command displays a summary of the current LLDP MED configuration.
Page 364: Show Lldp Med Interface
LLDP MED Global Configuration Fast Start Repeat Count: 3 Device Class: Network Connectivity show lldp med interface This command displays a summary of the current LLDP MED configuration for a specific interface. Syntax Description unit/port show lldp med interface {< >...
Page 365: Show Lldp Med Local-Device
console #show lldp med interface 1/g1 LLDP MED Interface Configuration Interface Link configMED operMED ConfigNotify TLVsTx --------- ------ -------- -------- -------- ------- 1/g1 Enabled Enabled Disabled TLV Codes: 0- Capabilities, 1- Network Policy 2-Location, 3- Extended PSE, 4- Extended PD, 5-Inventory show lldp med local-device This command displays the advertised LLDP local data.
Page 366 LLDP MED Local Device Detail Interface: 1/0/8 Network Policies Media Policy Application Type : voice Vlan ID: 10 Priority: 5 DSCP: 1 Unknown: False Tagged: True Media Policy Application Type : streamingvideo Vlan ID: 20 Priority: 1 DSCP: 2 Unknown: False Tagged: True Inventory Hardware Rev: xxx xxx xxx...
Page 367: Show Lldp Med Remote-Device
Info: xxx xxx xxx Extended POE Device Type: pseDevice Extended POE PSE Available: 0.3 watts Source: primary Priority: critical Extended POE PD Required: 0.2 watts Source: local Priority: low show lldp med remote-device This command displays the current LLDP MED remote data. This command can display summary information or detail for each interface.
Page 368 Default Value Not applicable Example Console#show lldp med remote-device all LLDP MED Remote Device Summary Local InterfaceDevice Class --------------------- 1/g1Class I 1/g2 Not Defined 1/g3Class II 1/g4Class III 1/g5Network Con Console#show lldp med remote-device detail 1/g1 LLDP MED Remote Device Detail Local Interface: 1/g1 Capabilities MED Capabilities Supported: capabilities, networkpolicy, location,...
Page 369 Vlan ID: 10 Priority: 5 DSCP: 1 Unknown: False Tagged: True Media Policy Application Type : streamingvideo Vlan ID: 20 Priority: 1 DSCP: 2 Unknown: False Tagged: True Inventory Hardware Rev: xxx xxx xxx Firmware Rev: xxx xxx xxx Software Rev: xxx xxx xxx Serial Num: xxx xxx xxx Mfg Name: xxx xxx xxx Model Name: xxx xxx xxx...
Page 370: Show Lldp Remote-Device
Extended POE PSE Available: 0.3 Watts Source: primary Priority: critical Extended POE PD Required: 0.2 Watts Source: local Priority: low show lldp remote-device Use the lldp remote-device command in Privileged EXEC mode to display the current LLDP remote data. This command can display summary information or detail for each interface. Syntax interface interface...
Page 371: Show Lldp Statistics
--------- ----------------- ----------------- ---------- 1/g1 01:23:45:67:89:AB 01:23:45:67:89:AC 60 seconds 1/g2 01:23:45:67:89:CD 01:23:45:67:89:CE 120 seconds 1/g3 01:23:45:67:89:EF 01:23:45:67:89:FG 80 seconds console# show lldp remote-device detail 1/g1 Ethernet1/g1, Remote ID: 01:23:45:67:89:AB System Name: system-1 System Description: System Capabilities: Bridge Port ID: 01:23:45:67:89:AC Port Description: 1/g4 Management Address: 192.168.112.1 TTL: 60 seconds...
Page 372 Examples The following examples shows an example of the display of current LLDP traffic statistics. console#show lldp statistics all LLDP Device Statistics Last Update........0 days 22:58:29 Total Inserts........ 1 Total Deletes........ 0 Total Drops........0 Total Ageouts........ 1 Interface Total Total Discards Errors Ageout Discards Unknowns MED 802.1 802.3 --------- ----- ----- -------- ------ ------ -------- -------- ---- ----- ----- 1/g11...
Page 373 Parameter Description Transmit Total Total number of LLDP frames transmitted on the indicated port. Receive Total Total number of valid LLDP frames received on the indicated port. Discards Number of LLDP frames received on the indicated port and discarded for any reason. Errors Number of non-valid LLDP frames received on the indicated port.
Page 374 LLDP Commands...
Page 375: Channel-Group
Port Channel Commands This chapter explains the following commands: • channel-group • interface port-channel • interface range port-channel • hashing-mode • no hashing-mode • show interfaces port-channel • show statistics port-channel channel-group Use the channel-group command in Interface Configuration mode to configure a port-to-port channel.
Page 376: Interface Port-Channel
Example The following example shows how port 1/g5 is configured to port-channel number 1 without LACP . console(config)# interface ethernet 1/g5 console(config-if-1/g5)# channel-group 1 mode on interface port-channel Use the interface port-channel command in Global Configuration mode to configure a port-channel type and enter port-channel configuration mode.
Page 377: Hashing-Mode
port-channel-range — List of port-channels to configure. Separate non-consecutive port- • channels with a comma and no spaces. A hyphen designates a range of port-channels. (Range: valid port-channel) • all — All the channel-ports. Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines...
Page 378: No Hashing-Mode
Default Configuration This command has no default configuration. Command Mode Interface Configuration (port-channel) User Guidelines No specific guidelines. Example console(config)#interface port-channel l console(config-if-ch1)#hashing-mode 4 no hashing-mode Use the no hashing-mode command to set the hashing algorithm on Trunk ports to the default (3).
Page 379 Syntax Description port-channel number show interfaces port-channel [ port-channel-number ] — Number of the port channel to show. This parameter is optional. If • the port channel number is not given, all the channel groups are displayed. (Range: Valid port- channel number, 1 to 48) Default Configuration This command has no default configuration.
Page 380 5 - Source/Destination MAC, VLAN, EtherType and source MODID/port 6 - Source/Destination IP and source/destination TCP/UDP port Port Channel Commands...
Page 381: Show Statistics Port-Channel
show statistics port-channel Use the show statistics port-channel command in Privileged EXEC mode to display statistics about a specific port-channel. Syntax port-channel-number show statistics port-channel port-channel-number — Valid port-channel number channel to display. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 382 Unicast Packets Received....... 0 Multicast Packets Received..... 0 Broadcast Packets Received..... 0 Total Packets Received with MAC Errors..0 Jabbers Received....... 0 Fragments/Undersize Received....0 Alignment Errors....... 0 --More-- or (q)uit FCS Errors........0 Overruns........0 Total Received Packets Not Forwarded... 0 Local Traffic Frames......
Page 383 Underrun Errors........ 0 Total Transmit Packets Discarded....0 Single Collision Frames......0 Multiple Collision Frames...... 0 Excessive Collision Frames..... 0 Port Membership Discards....... 0 802.3x Pause Frames Transmitted....0 GVRP PDUs received......0 GVRP PDUs Transmitted......0 GVRP Failed Registrations...... 0 Time Since Counters Last Cleared....
Page 384 Port Channel Commands...
Page 385: Monitor Session
Port Monitor Commands This chapter explains the following commands: • monitor session • show monitor session monitor session Use the monitor session command in Global Configuration mode to configure a probe port and a monitored port for monitor session (port monitoring). Use the src-interface parameter to specify the interface to monitor.
Page 386: Show Monitor Session
Example The following examples shows various port monitoring configurations. console(config)#monitor session 1 source interface 1/g8 console(config)#monitor session 1 destination interface 1/g10 console(config)#monitor session 1 mode show monitor session Use the show monitor session command in Privileged EXEC mode to display status of port monitoring.
Page 387: Qos Commands
QoS Commands This chapter explains the following commands: • assign-queue • class • class-map • class-map rename • classofservice dot1p-mapping • classofservice ip-dscp-mapping • classofservice trust • conform-color • cos-queue min-bandwidth • cos-queue strict • diffserv • drop • mark cos •...
Page 388: Assign-Queue
• match protocol • match source-address mac • match srcip • match srcip6 • match srcl4port • match vlan • mirror • police-simple • policy-map • redirect • service-policy • show class-map • show classofservice dot1p-mapping • show classofservice ip-dscp-mapping •...
Page 389: Class
This command causes the specified policy to create a reference to the class definition. The command mode is changed to Policy-Class-Map Configuration when this command is executed successfully. Example The following example shows how to specify the DiffServ class name of “DELL.” QoS Commands...
Page 390: Class-Map
Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example creates a class-map named “DELL” which requires all ACE’s to be matched. console(config)#class-map DELL console(config-cmap)# class-map rename Use the class-map rename command in Global Configuration mode to change the name of a DiffServ class.
Page 391: Classofservice Dot1P-Mapping
Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example displays how to change the name of a DiffServ class from “DELL ” to “DELL1.” console(config)#class-map rename DELL DELL1 console(config)# classofservice dot1p-mapping Use the classofservice dot1p-mapping command in Global Configuration mode to map an 802.1p priority to an internal traffic class.
Page 392: Classofservice Ip-Dscp-Mapping
Example The following example configures mapping for user priority 1 and traffic class 2. console(config)#classofservice dot1p-mapping 1 2 classofservice ip-dscp-mapping Use the classofservice ip-dscp-mapping command in Global Configuration mode to map an IP DSCP value to an internal traffic class. Syntax ipdscp trafficclass classofservice ip-dscp-mapping...
Page 393: Conform-Color
dot1p — Specifies that the mode be set to trust dot1p (802.1p) packet markings. • • untrusted — Sets the Class of Service Trust Mode for all interfaces to Untrusted. • ip-dscp — Specifies that the mode be set to trust IP DSCP packet markings. Default Configuration This command has no default configuration.
Page 394: Cos-Queue Min-Bandwidth
User Guidelines This command has no user guidelines. Example The following example displays how to specify the conform-color command. console(config-policy-classmap)#conform-color test_class (test_class is <class-map-name> cos-queue min-bandwidth Use the cos-queue min-bandwidth command in either Global Configuration mode or Interface Configuration mode to specify the minimum transmission bandwidth for each interface queue. To restore the default for each queue’s minimum bandwidth value, use the no form of this command.
Page 395: Cos-Queue Strict
cos-queue strict Use the cos-queue strict command in either Global Configuration mode or Interface Configuration mode to activate the strict priority scheduler mode for each specified queue. To restore the default weighted scheduler mode for each specified queue, use the no form of this command.
Page 396: Drop
Syntax diffserv no diffserv Default Configuration This command default is enabled. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example displays how to set the DiffServ operational mode to active. console(Config)#diffserv drop Use the drop command in Policy-Class-Map Configuration mode to specify that all packets for the associated traffic stream are to be dropped at ingress.
Page 397: Mark Cos
mark cos Use the mark cos command in Policy-Class-Map Configuration mode to mark all packets for the associated traffic stream with the specified class of service value in the priority field of the 802.1p header. If the packet does not already contain this header, one is inserted. Syntax cos-value mark cos...
Page 398: Mark Ip-Precedence
User Guidelines This command has no user guidelines. Example The following example displays how to mark all packets with an IP DSCP value of “cs4.” console(config-policy-classmap)#mark ip-dscp cs4 mark ip-precedence Use the mark ip-precedence command in Policy-Class-Map Configuration mode to mark all packets for the associated traffic stream with the specified IP precedence value.
Page 399 Example The following example adds match conditions defined for the Dell class to the class currently being configured. console(config-classmap)#match class-map Dell The following example deletes the match conditions defined for the Dell class from the class currently being configured.
Page 400: Match Cos
match cos Use the match cos command in Class-Map Configuration mode to add to the specified class definition a match condition for the class of service value (the only tag in a single-tagged packet or the first or outer 802.1Q tag of a double-VLAN tagged packet). Syntax match cos •...
Page 401: Match Destination-Address Mac
match destination-address mac Use the match destination-address mac command in Class-Map Configuration mode to add to the specified class definition a match condition based on the destination MAC address of a packet. Syntax macaddr macmask match destination-address mac macaddr — Specifies any valid layer 2 MAC address formatted as six two-digit hexadecimal •...
Page 402: Match Dstip6
Default Configuration This command has no default configuration. Command Mode Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example displays adding a match condition using the specified IP address and bit mask. console(config-classmap)#match dstip 10.240.1.1 10.240.0.0 match dstip6 The match dstip6 command adds to the specified class definition a match condition based on the destination IPv6 address of a packet.
Page 403: Match Dstl4Port
match dstl4port Use the match dstl4port command in Class-Map Configuration mode to add to the specified class definition a match condition based on the destination layer 4 port of a packet using a single keyword or a numeric notation. Syntax portkey port-number match dstl4port {...
Page 404: Match Ip6Flowlbl
Default Configuration This command has no default configuration. Command Mode Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example displays how to add a match condition based on ethertype. console(config-classmap)#match ethertype arp match ip6flowlbl The match ip6flowlbl command adds to the specified class definition a match condition based on the IPv6 flow label of a packet.
Page 405: Match Ip Dscp
match ip dscp Use the match ip dscp command in Class-Map Configuration mode to add to the specified class definition a match condition based on the value of the IP DiffServ Code Point (DSCP) field in a packet. This field is defined as the high-order six bits of the Service Type octet in the IP header.
Page 406: Match Ip Tos
Default Configuration This command has no default configuration. Command Mode Class-Map Configuration mode User Guidelines The ip dscp, ip precedence, and ip tos match conditions are alternative ways to specify a match criterion for the same Service Type field in the IP header but with a slightly different user notation.
Page 407: Match Protocol
User Guidelines The ip dscp, ip precedence, and ip tos match conditions are alternative ways to specify a match criterion for the same Service Type field in the IP header but with a slightly different user notation. free form This specification is the version of the IP DSCP/Precedence/TOS match specification in that you have complete control of specifying which bits of the IP Service Type field are checked.
Page 408: Match Source-Address Mac
match source-address mac Use the match source-address mac command in Class-Map Configuration mode to add to the specified class definition a match condition based on the source MAC address of the packet. Syntax address macmask match source-address mac macaddr — Specifies any valid layer 2 MAC address formatted as six two-digit hexadecimal •...
Page 409: Match Srcip6
Default Configuration This command has no default configuration. Command Mode Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example displays adding a match condition for the specified IP address and address bit mask. console(config-classmap)#match srcip 10.240.1.1 10.240.0.0 match srcip6 The match srcip6 command adds to the specified class definition a match condition based on the source IPv6 address of a packet.
Page 410: Match Srcl4Port
match srcl4port Use the match srcl4port command in Class-Map Configuration mode to add to the specified class definition a match condition based on the source layer 4 port of a packet using a single keyword or a numeric notation. Syntax portkey port-number match srcl4port {...
Page 411: Mirror
Command Mode Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example displays adding a match condition for the VLAN ID “2.” console(config-classmap)#match vlan 2 mirror Use the mirror command in Policy-Class-Map Configuration mode to mirror all the data that matches the class defined to the destination port specified.
Page 412: Police-Simple
police-simple Use the police-simple command in Policy-Class-Map Configuration mode to establish the traffic policing style for the specified class. The simple form of the police command uses a single data rate and burst size, resulting in two outcomes: conform and nonconform. Syntax datarate burstsize...
Page 413: Policy-Map
The CLI mode is changed to Policy-Class-Map Configuration when this command is successfully executed. The policy type dictates which of the individual policy attribute commands are valid within the policy definition. Example The following example shows how to establish a new DiffServ policy named “DELL.” console(config)#policy-map DELL console(config-policy-classmap)# QoS Commands...
Page 414: Redirect
redirect Use the redirect command in Policy-Class-Map Configuration mode to specify that all incoming packets for the associated traffic stream are redirected to a specific egress interface (physical port or port-channel). Syntax interface redirect interface — Specifies any valid interface. Interface is Ethernet port or port-channel (Range: •...
Page 415: Show Class-Map
Example The following example shows how to attach a service policy named “DELL” to all interfaces. console(config)#service-policy DELL show class-map Use the show class-map command in Privileged EXEC mode to display all configuration information for the specified class.
Page 416 Example The following example displays all the configuration information for the class named “Dell”. console#show class-map Class L3 Class Name Type Proto Reference Class Name ------------------------------- ----- ----- ---------------------- ------- ipv4 ipv4 ipv6 ipv6 stop_http_class ipv6 match_icmp6 ipv6 console#show class-map ipv4 Class Name........
Page 417: Show Classofservice Dot1P-Mapping
Match Criteria Values ---------------------------- ------------------------------------- Source IP Address 2001:DB8::/32 Source Layer 4 Port 80(http/www) show classofservice dot1p-mapping Use the show classofservice dot1p-mapping command in Privileged EXEC mode to display the current Dot1p (802.1p) priority mapping to internal traffic classes for a specific interface. Syntax unit>/<port-type><port>...
Page 418: Show Classofservice Ip-Dscp-Mapping
The following table lists the parameters in the example and gives a description of each. Parameter Description User Priority The 802.1p user priority value. Traffic Class The traffic class internal queue identifier to which the user priority value is mapped. show classofservice ip-dscp-mapping Use the show classofservice ip-dscp-mapping command in Privileged EXEC mode to display the current IP DSCP mapping to internal traffic classes for a specific interface.
Page 419 ------------- ------------- 0(be/cs0 8(cs1) 10(af11) 12(af12) 14(af13) 16(cs2) 18(af21) --More-- or (q)uit 20(af22) 22(af23) 24(cs3) 26(af31) QoS Commands...
Page 420 28(af32) 30(af33) 32(cs4) 34(af41) 36(af42) 38(af43) 40(cs5) --More-- or (q)uit 46(ef) 48(cs6) QoS Commands...
Page 421: Show Classofservice Trust
56(cs7) console# show classofservice trust Use the show classofservice trust command in Privileged EXEC mode to display the current trust mode setting for a specific interface. Syntax unit>/<port-type><port> port-channel number show classofservice trust [< |port-channel <unit>/<port-type><port> — Specifies a valid unit/port combination: •...
Page 422: Show Diffserv
Example The following example displays the current trust mode settings for the specified port. console#show classofservice trust 1/g2 Class of Service Trust Mode: Dot1P show diffserv Use the show diffserv command in Privileged EXEC mode to display the DiffServ general information, which includes the current administrative mode setting as well as the current and maximum number of DiffServ components.
Page 423: Show Diffserv Service Interface Ethernet
show diffserv service interface ethernet Use the show diffserv service interface ethernet command in Privileged EXEC mode to display policy service information for the specified interface. Syntax <unit>/<port-type><port> show diffserv service interface ethernet {in|out} unit>/<port-type><port> — A valid < unit>/<port-type><port> in the system. •...
Page 424: Show Diffserv Service Brief
out— Outbound direction. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC User Guidelines Not applicable Example console#show diffserv service interface port-channel 1 in DiffServ Admin Mode......Enable Interface........ch1 Direction........In No policy is attached to this interface in this direction show diffserv service brief Use the show diffserv service brief command in Privileged EXEC mode to display all interfaces in the system to which a DiffServ policy has been attached.
Page 425: Show Interfaces Cos-Queue
Direction OperStatus Policy Name ----------- ----------- ------------ ------------------- 1/g1 Down DELL show interfaces cos-queue Use the show interfaces cos-queue command in Privileged EXEC mode to display the class-of-service queue configuration for the specified interface. Syntax unit>/<port-type><port> port-channel number show interfaces cos-queue [<...
Page 426 Global Configuration Interface Shaping Rate......0 Queue Id Min. Bandwidth Scheduler Type Queue Management Type -------- -------------- -------------- --------------------- Weighted Tail Drop Weighted Tail Drop Weighted Tail Drop Weighted Tail Drop Weighted Tail Drop Weighted Tail Drop Weighted Tail Drop This example displays the COS configuration for the specified interface 1/g1.
Page 427: Show Policy-Map
Parameter Description Interface The port of the interface. If displaying the global configuration, this output line is replaced with a global configuration indication. Intf Shaping Rate The maximum transmission bandwidth limit for the interface as a whole. It is independent of any per-queue maximum bandwidth values in effect for the interface.
Page 428: Show Policy-Map Interface
This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the statistics information for port 1/g1. console#show policy-map interface 1/g1 in Interface........1/g1 Operational Status......Down Policy Name........DELL QoS Commands...
Page 429: Show Service-Policy
Class Name........test In Discarded Packets......0 Class Name........DELL1 In Discarded Packets......0 Class Name........DELL In Discarded Packets......0 show service-policy Use the show service-policy command in Privileged EXEC mode to display a summary of policy-oriented statistics information for all interfaces.
Page 430: Traffic-Shape
------ ----- ------------------------------- 1/g1 Down DELL 1/g2 Down DELL 1/g3 Down DELL 1/g4 Down DELL 1/g5 Down DELL 1/g6 Down DELL 1/g7 Down DELL 1/g8 Down DELL 1/g9 Down DELL 1/g10 Down DELL traffic-shape Use the traffic-shape command in Global Configuration mode and Interface Configuration mode to specify the maximum transmission bandwidth limit for the interface as a whole.
Page 431 Example The following example displays the setting of traffic-shape to a maximum bandwidth of 1024 Kpbs. console(config-if-1/g1)#traffic-shape 1024 kbps QoS Commands...
Page 432 QoS Commands...
Page 433: Aaa Accounting Network Default Start-Stop Group Radius
RADIUS Commands This chapter explains the following commands: • aaa accounting network default start-stop group radius • acct-port • auth-port • deadtime • • msgauth • name • primary • priority • radius-server deadtime • radius-server host • radius-server key •...
Page 434: Acct-Port
Syntax aaa accounting network default start-stop group radius no aaa accounting network default start-stop group radius Default Configuration RADIUS accounting is disabled by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#aaa accounting network default start-stop group radius acct-port...
Page 435: Auth-Port
console(config)#radius-server host acct 3.2.3.2 console(Config-acct-radius)#acct-port 56 auth-port Use the auth-port command in RADIUS mode to set the port number for authentication requests of the designated RADIUS server. Syntax auth-port-number auth-port auth-port-number — Port number for authentication requests. (Range: 1 - 65535) •...
Page 436: Deadtime
deadtime Use the deadtime command in RADIUS mode to improve RADIUS response times when a server is unavailable by causing the unavailable server to be skipped. Syntax deadtime deadtime deadtime — The amount of time that the unavailable server is skipped over. (Range: 0-2000 •...
Page 437: Msgauth
User Guidelines There are no user guidelines for this command. Example lion-king The following example specifies an authentication and encryption key of “ ”. console(config)#radius-server host acct 3.2.3.2 console(Config-acct-radius)#key keyacct msgauth Use the msgauth command to enable the message authenticator attribute to be used for the RADIUS Authenticating server being configured.
Page 438: Name
name Use the name command to assign a name to a RADIUS server. Use the "no" form of this command to reset the name to the default. Syntax servername name no name servername — The name for the RADIUS server (Range: 1 - 32 characters). Default Configuration The default RADIUS server name is Default-RADIUS-Server.
Page 439: Priority
Command Mode RADIUS mode User Guidelines There are no user guidelines for this command. Example console(Config-auth-radius)#primary priority Use the priority command in RADIUS mode to specify the order in which the servers are to be used, with 0 being the highest priority. Syntax priority priority...
Page 440: Radius-Server Deadtime
radius-server deadtime Use the radius-server deadtime command in Global Configuration mode to improve RADIUS response times when servers are unavailable. The command is used to cause the unavailable servers to be skipped. To set the deadtime to 0, use the no form of this command. Syntax deadtime radius-server deadtime...
Page 441: Radius-Server Key
Default Configuration The default server type is authentication. The default server name is “Default RADIUS Server”. The default port number is 1812 for an authentication server and 1813 for an accounting server. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example specifies a RADIUS server host with the following characteristics: Server host IP address —...
Page 442: Radius-Server Retransmit
Example The following example sets the authentication and encryption key for all RADIUS .” communications between the device and the RADIUS server to “dell-server console(config)#radius-server key dell-server radius-server retransmit Use the radius-server retransmit command in Global Configuration mode to specify the number of times the RADIUS client will retransmit requests to the RADIUS server.
Page 443: Radius-Server Source-Ip
radius-server source-ip Use the radius-server source-ip command in Global Configuration mode to specify the source IP address used for communication with RADIUS servers. To return to the default, use the no form of this command. 0.0.0.0 is interpreted as a request to use the IP address of the outgoing IP interface.
Page 444: Retransmit
Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example sets the interval for which a switch waits for a server host to reply to 5 seconds. console(config)#radius-server timeout 5 retransmit Use the retransmit command in RADIUS mode to specify the number of times the RADIUS client retransmits requests to the RADIUS server.
Page 445: Show Radius-Servers
show radius-servers Use the show radius-servers command to display the list of configured RADIUS servers and the values configured for the global parameters of the RADIUS client. Syntax servername show radius-servers [ accounting | authentication ] [ name [ accounting — This optional parameter will cause accounting servers to be displayed. authentication —...
Page 446 Field Description RADIUS Attribute 4 Mode A Global parameter to indicate whether the NAS-IP-Address attribute has been enabled to use in RADIUS requests. RADIUS Attribute 4 Value A Global parameter that specifies the IP address to be used in NAS-IP- Address attribute to be used in RADIUS requests.
Page 447: Show Radius-Servers Statistics
Timeout........5 Deadtime........0 Port........... 1812 Source IP........0.0.0.0 Secret Configured......No Message Authenticator......Enable show radius-servers statistics Use the show radius-servers statistics command to show the statistics for an authentication or accounting server. Syntax ipaddress hostname show radius-servers statistics [ accounting | authentication ] { | name servername •...
Page 448 Field Description Retransmissions The number of RADIUS Accounting Request packets retransmitted to this RADIUS accounting server. Responses The number of RADIUS packets received on the accounting port from this server. Malformed Responses The number of malformed RADIUS Accounting Response packets received from this server.
Page 449 Field Description Bad Authenticators The number of RADIUS Access Response packets containing invalid authenticators or signature attributes received from this server. Pending Requests The number of RADIUS Access Request packets destined for this server that have not yet timed out or received a response. Timeouts The number of authentication timeouts to this server.
Page 450: Source-Ip
Access Rejects........ 0 Access Challenges......0 Malformed Access Responses....0 Bad Authenticators......0 Pending Requests......0 Timeouts........0 Unknown Types......... 0 Packets Dropped....... 0 source-ip Use the source-ip command in RADIUS mode to specify the source IP address to be used for communication with RADIUS servers.
Page 451: Usage
Syntax timeout timeout timeout — Timeout value in seconds for the specified server. (Range: 1-30 seconds.) • Default Configuration The default value is 15 seconds. Command Mode RADIUS mode User Guidelines User must enter the mode corresponding to a specific RADIUS server before executing this command.
Page 452 Example login The following example specifies usage type console(config)#radius-server host 192.143.120.123 console(config-radius)#usage login RADIUS Commands...
Page 453: Spanning Tree Commands
Spanning Tree Commands This chapter explains the following commands: • clear spanning-tree detected-protocols • exit (mst) • instance (mst) • name (mst) • revision (mst) • show spanning-tree • show spanning-tree summary • spanning-tree • spanning-tree auto-portfast • spanning-tree bpdu flooding •...
Page 454: Clear Spanning-Tree Detected-Protocols
• spanning-tree portfast default • spanning-tree port-priority • spanning-tree priority • spanning-tree tcnguard • spanning-tree transmit hold-count clear spanning-tree detected-protocols Use the clear spanning-tree detected-protocols command in Privileged EXEC mode to restart the protocol migration process (force the renegotiation with neighboring switches) on all interfaces or on the specified interface.
Page 455: Instance (Mst)
Syntax exit Default Configuration MST configuration. Command Mode MST mode User Guidelines This command has no user guidelines. Example The following example shows how to exit the MST configuration mode and save changes. console(config)#spanning-tree mst configuration console(config-mst)#exit instance (mst) Use the instance command in MST mode to map VLANS to an MST instance. Syntax instance-id vlan-range...
Page 456: Name (Mst)
For two or more switches to be in the same MST region, they must have the same VLAN mapping, the same configuration revision number, and the same name. Example The following example maps VLANs 10-20 to MST instance 1. console(config)#spanning-tree mst configuration console(config-mst)#instance 1 add vlan 10-20 name (mst) Use the name command in MST mode to define the configuration name.
Page 457: Show Spanning-Tree
no revision value — Configuration revision number. (Range: 0-65535) • Default Configuration Revision number is 0. Command Mode MST mode User Guidelines This command has no user guidelines. Example The following example sets the configuration revision to 1. console(config)#spanning-tree mst configuration console(config-mst)#revision 1 show spanning-tree Use the show spanning-tree command in Privileged EXEC mode to display the spanning-tree...
Page 458 Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Examples The following examples display spanning-tree information. console#show spanning-tree Spanning tree Disabled BPDU Flooding disabled Portfast BPDU filtering Disabled mode rstp CST Regional Root: 80:00:00:FC:E3:90:00:5D Regional Root Path Cost: ROOT ID Address 80:00:00:FC:E3:90:00:5D...
Page 459 Name State Prio.Nbr Cost Role PortFast Restricted ------ -------- --------- ---------- ---- ----- -------- ------- 1/g5 Enabled 128.5 Disb 1/g6 Enabled 128.6 Disb 1/g7 Enabled 128.7 Disb 1/g8 Enabled 128.8 Disb 1/g9 Enabled 128.9 Disb 1/g10 Enabled 128.10 Disb 1/g11 Enabled 128.11 Disb...
Page 460 1/xg2 Enabled 128.26 Disb 1/xg3 Enabled 128.27 Disb 1/xg4 Enabled 128.28 Disb Enabled 128.626 Disb Enabled 128.627 Disb Enabled 128.628 Disb Enabled 128.629 Disb Enabled 128.630 Disb Enabled 128.631 Disb Enabled 128.632 Disb --More-- or (q)uit /***************************************************************** ******************/ console(config)# console#show spanning-tree Spanning tree Enabled BPDU Flooding disabled Portfast BPDU filtering Disabled m...
Page 461 Bridge ID Priority 32768 Address 80:00:00:FC:E3:90:00:5D Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Interfaces Name State Prio.Nbr Cost Role PortFast Restricted ------ -------- --------- ---------- ---- ----- -------- ------- --More-- or (q)uit Name State Prio.Nbr Cost Role PortFast Restricted...
Page 462 1/g16 Enabled 128.16 Disb --More-- or (q)uit Name State Prio.Nbr Cost Role PortFast Restricted ------ -------- --------- ---------- ---- ----- -------- ------- 1/g17 Enabled 128.17 Disb 1/g18 Enabled 128.18 Disb 1/g19 Enabled 128.19 Disb 1/g20 Enabled 128.20 Disb 1/g21 Enabled 128.21 Disb 1/g22...
Page 463 Enabled 128.631 Disb Enabled 128.632 Disb Enabled 128.633 Disb Enabled 128.634 Disb ch10 Enabled 128.635 Disb ch11 Enabled 128.636 Disb ch12 Enabled 128.637 Disb ch13 Enabled 128.638 Disb ch14 Enabled 128.639 Disb ch15 Enabled 128.640 Disb ch16 Enabled 128.641 Disb ch17 Enabled 128.642...
Page 464 Path Cost 20000 Root Port 1/g1 Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 Address 80:00:00:FC:E3:90:00:5D Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Interfaces Name State Prio.Nbr Cost Role PortFast RestrictedPort...
Page 465 Regional Root Path Cost: ###### MST 0 Vlan Mapped: 1, 3001 ROOT ID Address 40:00:00:FC:E3:90:06:0F Path Cost 20000 Root Port 1/g1 Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 Address 80:00:00:FC:E3:90:00:5D Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Interfaces Name State...
Page 466: Show Spanning-Tree Summary
show spanning-tree summary Use the show spanning-tree summary command to display spanning tree settings and parameters for the switch. Syntax show spanning-tree summary Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines The following fields are displayed: Spanning Tree Admin Mode Enabled or disabled...
Page 467: Spanning-Tree
BPDU Filter Mode....Disabled BPDU Flooding Mode....Disabled Configuration Name....00-11-88-2B-40-91 Configuration Revision Level..0 Configuration Digest Key..0xac36177f50283cd4b83821d8ab26de62 Configuration Format Selector..0 No MST instances to display. spanning-tree Use the spanning-tree command in Global Configuration mode to enable spanning-tree functionality.
Page 468: Spanning-Tree Bpdu Flooding
Syntax spanning-tree auto-portfast no spanning-tree auto-portfast Default Configuration Auto portfast mode is disabled by default. Command Mode Interface Configuration (Ethernet, Port Channel) mode Usage Guidelines There are no user guidelines for this command. Example The following example enables spanning-tree functionality on ethernet interface 4/g1. console#config console(config)#interface ethernet 4/g1 console(config-if-4/g1)#spanning-tree auto-portfast...
Page 469: Spanning-Tree Bpdu-Protection
Example console#spanning-tree bpdu flooding spanning-tree bpdu-protection Use the spanning-tree bpdu-protection command in Global Configuration mode to enable BPDU protection on a switch. Use the no form of this command to resume the default status of BPDU protection function. For an access layer device, the access port is generally connected to the user terminal (such as a desktop computer) or file server directly and configured as an edge port to implement the fast transition.
Page 470: Spanning-Tree Cost
spanning-tree cost Use the spanning-tree cost command in Interface Configuration mode to configure the spanning-tree path cost for a port. To return to the default port path cost, use the no form of this command. Syntax cost spanning-tree cost no spanning-tree cost cost —...
Page 471: Spanning-Tree Forward-Time
no spanning-tree disable Default Configuration By default, all ports are enabled for spanning-tree. Command Mode Interface Configuration (Ethernet, Port-Channel) mode User Guidelines This command has no user guidelines. Example The following example disables spanning-tree on 1/g5. console(config)#interface ethernet 1/g5 console(config-if-1/g5)#spanning-tree disable spanning-tree forward-time Use the spanning-tree forward-time command in Global Configuration mode to configure the spanning-tree bridge forward time, which is the amount of time a port remains in the listening...
Page 472: Spanning-Tree Guard
Example The following example configures spanning-tree bridge forward time to 25 seconds. console(config)#spanning-tree forward-time 25 spanning-tree guard The spanning-tree guard command selects whether loop guard or root guard is enabled on an interface. If neither is enabled, the port operates in accordance with the multiple spanning tree protocol.
Page 473: Spanning-Tree Max-Age
Syntax spanning-tree loopguard default no spanning-tree loopguard default Default Configuration Loop guard is disabled by default. Command Mode Global Configuration mode Usage Guidelines There are no usage guidelines for this command. Example The following example enables spanning-tree loopguard functionality on all ports. console(config)#spanning-tree loopguard default spanning-tree max-age Use the spanning-tree max-age command in Global Configuration mode to configure the...
Page 474: Spanning-Tree Max-Hops
Max-Age >= 2*(Hello-Time + 1) Example The following example configures the spanning-tree bridge maximum-age to 10 seconds. console(config)#spanning-tree max-age 10 spanning-tree max-hops Use the spanning-tree max-hops command to set the MSTP Max Hops parameter to a new value for the common and internal spanning tree. Use the “no” form of this command to reset the Max Hops to the default.
Page 475: Spanning-Tree Mst 0 External-Cost
rstp — Rapid Spanning Tree Protocol (RSTP) is enabled. • • mstp — Multiple Spanning Tree Protocol (MSTP) is enabled. Default Configuration Rapid Spanning Tree Protocol (RSTP) is supported. Command Mode Global Configuration mode User Guidelines In RSTP mode the switch would use STP when the neighbor switch is using STP . In MSTP mode the switch would use RSTP when the neighbor switch is using RSTP and would use STP when the neighbor switch is using STP.
Page 476: Spanning-Tree Mst Configuration
Command Mode Interface Configuration (Ethernet, Port Channel) mode User Guidelines There are no user guidelines for this command. Example The following example configures the spanning-tree mst 0 external-cost at 20000. console(config-if-4/g1)#spanning-tree mst 0 external-cost 20000 spanning-tree mst configuration Use the spanning-tree mst configuration command in Global Configuration mode to enable configuring an MST region by entering the multiple spanning-tree (MST) mode.
Page 477: Spanning-Tree Mst Cost
spanning-tree mst cost Use the spanning-tree mst cost command in Interface Configuration mode to configure the path cost for multiple spanning tree (MST) calculations. If a loop occurs, the spanning tree considers path cost when selecting an interface to put in the forwarding state. To return to the default port path cost, use the no form of this command.
Page 478: Spanning-Tree Mst Priority
Syntax instance-id priority spanning-tree mst port-priority instance-id no spanning-tree mst port-priority instance-ID — ID of the spanning-tree instance. (Range: 1-15) • priority — The port priority. (Range: 0–240 in multiples of 16) • Default Configuration The default port-priority for IEEE MSTP is 128. Command Mode Interface Configuration (Ethernet, Port-Channel) mode User Guidelines...
Page 479: Spanning-Tree Portfast
Command Mode Global Configuration mode User Guidelines The priority value must be a multiple of 4096. The switch with the lowest priority is selected as the root of the spanning tree. Example The following example configures the spanning tree priority of instance 1 to 4096. console(config)#spanning-tree mst 1 priority 4096 spanning-tree portfast Use the spanning-tree portfast command in Interface Configuration mode to enable PortFast...
Page 480: Spanning-Tree Portfast Bpdufilter Default
console(config-if-1/g5)#spanning-tree portfast spanning-tree portfast bpdufilter default The spanning-tree portfast bpdufilter default command discards BPDUs received on spanning- tree ports in portfast mode. Use the “no” form of the command to disable discarding. Syntax spanning-tree portfast bpdufilter default no spanning-tree portfast bpdufilter default Default Configuration This feature is disabled by default.
Page 481: Spanning-Tree Port-Priority
Usage Guidelines There are no usage guidelines for this command. Example The following example enables Portfast mode on all ports. console(config)#spanning-tree portfast default spanning-tree port-priority Use the spanning-tree port-priority command in Interface Configuration mode to configure port priority. To reset the default port priority, use the no form of this command. Syntax priority spanning-tree port-priority...
Page 482: Spanning-Tree Tcnguard
Syntax priority spanning-tree priority no spanning-tree priority priority — Priority of the bridge. (Range: 0–61440) • Default Configuration The default bridge priority for IEEE STP is 32768. Command Mode Global Configuration mode User Guidelines The priority value must be a multiple of 4096. The switch with the lowest priority is the root of the spanning tree.
Page 483 Example The following example configures spanning-tree tcnguard on 4/g1. console(config-if-4/g1)#spanning-tree tcnguard Spanning Tree Commands...
Page 484: Spanning-Tree Transmit Hold-Count
spanning-tree transmit hold-count Use the spanning-tree transmit hold-count command to set the maximum number of BPDUs that a bridge is allowed to send within a hello time window (2 seconds). Use the “no” form of this command to reset the hold count to the default value. Syntax value spanning-tree transmit hold-count [...
Page 485 TACACS+ Commands This chapter explains the following commands: • • port • priority • show tacacs • tacacs-server host • tacacs-server key • tacacs-server timeout • timeout Use the key command in TACACS Configuration mode to specify the authentication and encryption key for all TACACS communications between the device and the TACACS server.
Page 486: Port
console(config-tacacs)#key 12 port Use the port command in TACACS Configuration mode to specify a server port number. Syntax port [ port-number ] port-number — The server port number. If left unspecified, the default port number is 49. • (Range: 0–65535) Default Configuration The default port number is 49.
Page 487: Show Tacacs
User Guidelines This command has no user guidelines. Example The following example shows how to specify a server priority of 10000. console(config-tacacs)#priority 10000 show tacacs Use the show tacacs command in Privileged EXEC mode to display the configuration and statistics of a TACACS+ server. Syntax ip-address show tacacs [...
Page 488: Tacacs-Server Host
tacacs-server host Use the tacacs-server host command in Global Configuration mode to configure a TACACS+ server. This command enters into the TACACS+ configuration mode. To delete the specified hostname or IP address, use the no form of this command. Syntax ip-address hostname tacacs-server host {...
Page 489: Tacacs-Server Timeout
This command has no user guidelines. Example The following example sets the authentication encryption key. console(config)#tacacs-server key dell-s tacacs-server timeout Use the tacacs-server timeout command in Global Configuration mode to set the interval during which a switch waits for a server host to reply. To restore the default, use the no form of this command.
Page 490: Timeout
timeout Use the timeout command in TACACS Configuration mode to specify the timeout value in seconds. If no timeout value is specified, the global value is used. Syntax timeout [ timeout ] timeout — The timeout value in seconds. (Range: 1–30) •...
Page 491: Vlan Commands
VLAN Commands This chapter explains the following commands: • dvlan-tunnel ethertype • interface vlan • interface range vlan • mode dvlan-tunnel • name • protocol group • protocol vlan group • protocol vlan group all • show dvlan-tunnel • show dvlan-tunnel interface •...
Page 492: Dvlan-Tunnel Ethertype
• vlan • vlan association mac • vlan association subnet • vlan database • vlan makestatic • vlan protocol group • vlan protocol group add protocol ethertype • vlan protocol group remove dvlan-tunnel ethertype Use the dvlan-tunnel ethertype command in Global Configuration mode to configure the ethertype for the specified interface.
Page 493: Interface Vlan
interface vlan Use the interface vlan command in Global Configuration mode to configure a VLAN type and to enter Interface Configuration mode. Syntax vlan-id interface vlan vlan-id — The ID of a valid VLAN (Range: 1–4093). • Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines...
Page 494: Mode Dvlan-Tunnel
Command Mode Global Configuration mode User Guidelines Commands used in the interface range context are executed independently on each interface in the range. If the command returns an error on one of the interfaces, an error message is displayed and execution continues on other interfaces. Example The following example groups VLAN 221 till 228 and VLAN 889 to receive the same command.
Page 495: Protocol Group
name Use the name command in Interface Configuration mode to add a name to a VLAN. To remove the VLAN name, use the no form of this command. NOTE: This command cannot be configured for a range of interfaces (range context). Syntax string name...
Page 496: Protocol Vlan Group
groupid — The protocol-based VLAN group ID, which is automatically generated when you • create a protocol-based VLAN group with the vlan protocol group command. To see the group ID associated with the name of a protocol group, use the show port protocol all command.
Page 497: Protocol Vlan Group All
groupid — The protocol-based VLAN group ID, which is automatically generated when you • create a protocol-based VLAN group with the vlan protocol group command. To see the group ID associated with the name of a protocol group, use the show port protocol all command.
Page 498: Show Dvlan-Tunnel
Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example displays how to add all physical interfaces to the protocol-based group identified by group ID "2." console(config)#protocol vlan group all 2 show dvlan-tunnel Use the show dvlan-tunnel command in Privileged EXEC mode to display all interfaces enabled...
Page 499: Show Dvlan-Tunnel Interface
show dvlan-tunnel interface Use the show dvlan-tunnel interface command in Privileged EXEC mode to display detailed information about Double VLAN Tunneling for the specified interface or all interfaces. Syntax unit/port show dvlan-tunnel interface { |all} unit/port — A valid unit and port number separated by forward slashes (/). •...
Page 500: Show Interfaces Switchport
show interfaces switchport Use the show interfaces switchport command in Privileged EXEC mode to display switchport configuration. Syntax interface port-channel-number show interfaces switchport {ethernet |port-channel Interface — Specific interface, such as ethernet 1/g8. • port-channel-number — Valid port-channel trunk index. •...
Page 501 VLAN008 tagged Dynamic VLAN0011 tagged Static IPv6 VLAN untagged Static VLAN0072 untagged Static Static configuration: PVID: 1 (default) Ingress Filtering: Enabled Acceptable Frame Type: All Port 1/g1 is statically configured to: VLAN Name Egress rule ---- --------- ----------- VLAN0011 tagged IPv6 VLAN untagged VLAN0072...
Page 502 IP Telephony tagged Static Static configuration: PVID: 8 Ingress Filtering: Disabled Acceptable Frame Type: All Port 1/g2 is statically configured to: VLAN Name Egress rule ---- --------- ----------- VLAN0072 untagged IP Telephony tagged Forbidden VLANS: VLAN Name ---- --------- The following example displays switchport configuration individually for 2/g19. console#show interfaces switchport ethernet 2/g19 Port 2/g19: Operating parameters:...
Page 503: Show Port Protocol
Ingress Filtering: Enabled Acceptable Frame Type: Untagged GVRP status: Disabled Port 2/g19 is member in: VLAN Name Egress rule Type ---- --------- ----------- ----- 2921 Primary A untagged Static 2922 Community A1 untagged Static show port protocol Use the show port protocol command in Privileged EXEC mode to display the Protocol-Based VLAN information for either the entire system or for the indicated group.
Page 504: Show Switchport Protected
test 1/g1 show switchport protected Use the show switchport protected command in Privileged EXEC mode to display the status of all the interfaces, including protected and unprotected interfaces. Syntax groupid show switchport protected groupid — Identifies which group the port is to be protected in. (Range: 0-2) •...
Page 505: Show Vlan Association Mac
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays all VLAN information. console#show vlan VLAN Name Ports Type Authorization -------- --------------- ------ ----- -------------- default 1/g1-1/g2 Other Required 2/g1-1/g4 VLAN0010 1/g3-1/g4 dynamic Required VLAN0011...
Page 506: Show Vlan Association Subnet
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example shows no entry in MAC address to VLAN cross-reference. console#show vlan association mac MAC Address VLAN ID ----------------------- ------- 0001.0001.0001.0001 console# show vlan association subnet Use the show vlan association subnet command in Privileged EXEC mode to display the VLAN associated with a specific configured IP-Address and netmask.
Page 507: Switchport Access Vlan
Example The following example shows the case if no IP Subnet to VLAN association exists. console#show vlan association subnet IP Address IP Mask VLAN ID ---------------- ---------------- ------- The IP Subnet to VLAN association does not exist. switchport access vlan Use the switchport access vlan command in Interface Configuration mode to configure the VLAN ID when the interface is in access mode.
Page 508: Switchport Forbidden Vlan
switchport forbidden vlan Use the switchport forbidden vlan command in Interface Configuration mode to forbid adding specific VLANs to a port. To revert to allowing the addition of specific VLANs to the port, use the remove parameter of this command. Syntax vlan-list vlan-list...
Page 509: Switchport General Allowed Vlan
Default Configuration All frame types are accepted at ingress. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines This command has no user guidelines. Example The following example configures 1/g8 to discard untagged frames at ingress. console(config)#interface ethernet 1/g8 console(config-if-1/g8)#switchport general acceptable-frame-type tagged-only switchport general allowed vlan Use the switchport general allowed vlan command in Interface Configuration mode to add...
Page 510: Switchport General Ingress-Filtering Disable
User Guidelines You can use this command to change the egress rule (for example, from tagged to untagged) without first removing the VLAN from the list. Example The following example shows how to add VLANs 1, 2, 5, and 8 to the allowed list. console(config-if-1/g8)#switchport general allowed vlan add 1,2,5,8 tagged switchport general ingress-filtering disable...
Page 511: Switchport General Pvid
switchport general pvid Use the switchport general pvid command in Interface Configuration mode to configure the Port VLAN ID (PVID) when the interface is in general mode. Use the switchport mode general command to set the VLAN membership mode of a port to "general." To configure the default value, use the no form of this command.
Page 512: Switchport Protected
access — An access port connects to a single end station belonging to a single VLAN. An • access port is configured with ingress filtering enabled and will accept either an untagged frame or a packet tagged with the access port VLAN. An access port only egresses untagged packets.
Page 513: Switchport Protected Name
Default Configuration No protected switchports are defined. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example The following example configures Ethernet port 1/g1 as a member of protected group 1. console(config)#interface ethernet 1/g1 console(config-if-1/g1)#switchport protected 1 switchport protected name Use the switchport protected name command in Global Configuration mode to adds the port to the protected group 1 and also sets the group name to "protected".
Page 514: Switchport Trunk Allowed Vlan
switchport trunk allowed vlan Use the switchport trunk allowed vlan command in Interface Configuration mode to add VLANs to or remove VLANs from a trunk port. Syntax vlan-list vlan-list switchport trunk allowed vlan {add |remove vlan-list — List of VLAN IDs to add. Separate non-consecutive VLAN IDs with a comma •...
Page 515: Vlan Association Mac
Command Mode VLAN Database mode User Guidelines This command has no user guidelines. Example The following example shows how to create (add) VLAN of IDs 22, 23, and 56. console(config-vlan)#vlan 22,23,56 console(config-vlan)# vlan association mac Use the vlan association mac command in VLAN Database mode to associate a MAC address to a VLAN.
Page 516: Vlan Association Subnet
vlan association subnet Use the vlan association subnet command in VLAN Database mode to associate a VLAN to a specific IP-subnet. Syntax ip-address subnet-mask vlanid vlan association subnet ip-address subnet-mask no vlan association subnet ip-address — Source IP address. (Range: Any valid IP address) •...
Page 517: Vlan Makestatic
Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example enters the VLAN database mode. console(config)#vlan database console(config-vlan)# vlan makestatic This command changes a dynamically created VLAN (one that is created by GVRP registration) to a static VLAN (one that is permanently configured and defined).
Page 518: Vlan Protocol Group
vlan protocol group Use the vlan protocol group <groupid> command in Global Configuration mode to add multiple vlan protocol groups to the system. When a protocol group is created, it is assigned a unique group ID number. The group ID is used for both configuration and script generation to identify the group in subsequent commands.
Page 519: Vlan Protocol Group Name
Syntax groupid> value vlan protocol group add protocol < ethertype < > groupid> value no vlan protocol group add protocol < ethertype < > groupid — The protocol-based VLAN group ID, which is automatically generated when you • create a protocol-based VLAN group with the vlan protocol group command. To see the group ID associated with the name of a protocol group, use the show port protocol all command.
Page 520: Vlan Protocol Group Remove
groupName — The group name you want to add.The group name can be up to 16 characters • in length using any valid alphanumeric characters. Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
Page 521 VLAN Commands...
Page 522 VLAN Commands...
Page 523: Voice Vlan (Interface)
Voice VLAN Commands This chapter explains the following commands: • voice vlan • voice vlan (Interface) • show voice vlan voice vlan This command is used to enable the voice vlan capability on the switch. Syntax voice vlan no voice vlan Parameter Ranges Not applicable Command Mode...
Page 524: Show Voice Vlan
Syntax vlanid priority voice vlan { | dot1p | none | untagged | data priority { trust | untrust } | auth dscp { enable | disable } | dscp no voice vlan vlanid • The voice VLAN ID. — priority •...
Page 525 Voice VLAN IdThe voice VLAN ID. Voice VLAN PriorityThe Dot1p priority for the voice VLAN on the port. Voice VLAN Untagged The tagging option foe the voice VLAN traffic. Voice VLAN COS Override The Override option for the voice traffic arriving on the port. Voice VLAN Status The operational status of voice VLAN on the port.
Page 526 Voice VLAN Commands...
Page 527: Dot1X Mac-Auth-Bypass
802.1X Commands This chapter explains the following commands: • dot1x mac-auth-bypass • dot1x max-req • dot1x max-users • dot1x port-control • dot1x re-authenticate • dot1x re-authentication • dot1x system-auth-control • dot1x timeout quiet-period • dot1x timeout re-authperiod • dot1x timeout server-timeout •...
Page 528: Dot1X Max-Req
Syntax dot1x mac-auth-bypass no dot1x mac-auth-bypass Default Configuration MAC Authentication Bypass is disabled by default. Command Mode Interface Configuration (Ethernet) mode User Guidelines There are no user guidelines for this command. Example The following example sets MAC Authentication Bypass on interface 1/2: console(config-if-1/g2)#dot1x mac-auth-bypass dot1x max-req Use the dot1x max-req command in Interface Configuration mode to set the maximum number...
Page 529: Dot1X Max-Users
User Guidelines Change the default value of this command only to adjust for unusual circumstances, such as unreliable links or specific behavioral problems with certain clients and authentication servers. Example The following example sets the number of times that the switch sends an EAP-request/identity frame to 6.
Page 530: Dot1X Port-Control
dot1x port-control Use the dot1x port-control command in Interface Configuration mode to enable the IEEE 802.1X operation on the port. Syntax dot1x port-control {force-authorized | force-unauthorized | auto | mac-based} no dot1x port-control • auto — Enables 802.1X authentication on the interface and causes the port to transition to the authorized or unauthorized state based on the 802.1X authentication exchange between the switch and the client.
Page 531: Dot1X Re-Authenticate
dot1x re-authenticate Use the dot1x re-authenticate command in Privileged EXEC mode to enable manually initiating a re-authentication of all 802.1X-enabled ports or the specified 802.1X-enabled port. Syntax interface dot1x re-authenticate [ethernet interface — Specifies a valid interface number. The full syntax is unit/port . •...
Page 532: Dot1X System-Auth-Control
User Guidelines This command has no user guidelines. Example The following example enables periodic re-authentication of the client. console(config)# interface ethernet 1/g16 console(config-if-1/g16)# dot1x re-authentication dot1x system-auth-control Use the dot1x system-auth-control command in Global Configuration mode to enable 802.1X globally. To disable 802.1X globally, use the no form of this command. Syntax dot1x system-auth-control no dot1x system-auth-control...
Page 533: Dot1X Timeout Re-Authperiod
Syntax seconds dot1x timeout quiet-period no dot1x timeout quiet-period seconds — Time in seconds that the switch remains in the quiet state following a failed • authentication exchange with the client. (Range: 0–65535 seconds) Default Configuration The switch remains in the quiet state for 60 seconds. Command Mode Interface Configuration (Ethernet) mode User Guidelines...
Page 534: Dot1X Timeout Server-Timeout
Default Configuration Re-authentication period is 3600 seconds. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example The following example sets the number of seconds between re-authentication attempts to 300. console(config)# interface ethernet 1/g16 console(config-if-1/g16)# dot1x timeout re-authperiod 300 dot1x timeout server-timeout Use the dot1x timeout server-timeout command in Interface Configuration mode to set the time that the switch waits for a response from the authentication server.
Page 535: Dot1X Timeout Supp-Timeout
Example The following example sets the time for the retransmission to the authentication server to 3600 seconds. console(config-if-1/g1)# dot1x timeout server-timeout 3600 dot1x timeout supp-timeout Use the dot1x timeout supp-timeout command in Interface Configuration mode to set the time that the switch waits for a response before retransmitting an Extensible Authentication Protocol (EAP)-request frame to the client.
Page 536: Show Dot1X
Syntax seconds dot1x timeout tx-period no dot1x timeout tx-period seconds — Time in seconds that the switch should wait for a response to an • EAP-request/identity frame from the client before resending the request. (Range: 1–65535) Default Configuration The period of time is set to 30 seconds. Command Mode Interface Configuration (Ethernet) mode User Guidelines...
Page 537 User Guidelines This command has no user guidelines. Example The following example displays 802.1X port 1/g8 status. console#show dot1x ethernet 1/g8 Administrative Mode....Disabled Port Admin Oper Reauth Reauth Mode Mode Control Period ------- ------------------ ------------ -------- ---------- 1/g8 auto Authorized FALSE 3600...
Page 538: Username
Field Description Port The port number. Admin mode The port admin mode. Possible values are: Force-auth, Force-unauth, Auto, and mac-based. Oper mode The control mode under which this port is operating. Possible values are: Authorized or Unauthorized. Reauth Control Indicates whether re-authentication is enabled on this port. Reauth Period The timer used by the authenticator state machine on this port to determine when reauthentication of the supplicant takes place.
Page 539: Backend Authentication State
Field Description Backend Authentication State Current state of the backend authentication state machine. Possible values are Request, Response, Success, Fail, Timeout, Idle, and Initialize. Authentication success Counts the number of times the state machine has received a Success message from the Authentication Server. Authentication fails Counts the number of times the state machine has received a Failure message from the Authentication Server.
Page 540 User Name........guest1 Supp MAC Address....... 0012.1756.76EA Session Time........118 Filter Id........VLAN Assigned........1 Interface........1/g9 User Name........guest1 Supp MAC Address....... 0012.1756.796B Session Time........80 Filter Id........VLAN Assigned........1 The following table describes the significant fields shown in the display: Field Description Interface...
Page 541: Show Dot1X Ethernet
show dot1x ethernet Use the show dot1x ethernet command in Privileged EXEC mode to show the dot1x status. The command also displays a VLAN ID or name as required when RADIUS indicates the Tunnel- Private-Group-ID for a supplicant. Syntax interface show dot1x ethernet interface —...
Page 542: Show Dot1X Statistics
MAB mode (operational)......Enabled Logical Supplicant AuthPAE Backend VLAN Username Filter Port MAC-Address State State ------- ----------------- ------------ ----------- ----- -------- -------- 0012.43D1.D19F Authenticated Idle The following example shows port-based or auto Admin Mode and therefore does not list the supplicants which were shown in the previous example.
Page 543 interface — Ethernet port name. The full syntax is unit/port . • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays 802.1X statistics for the specified interface. console#show dot1x statistics ethernet 1/g2 Port...........
Page 544: Show Dot1X Users
Field Description EapolFramesTx The number of EAPOL frames of any type that have been transmitted by this Authenticator. EapolStartFramesRx The number of EAPOL Start frames that have been received by this Authenticator. EapolLogoffFramesRx The number of EAPOL Logoff frames that have been received by this Authenticator.
Page 545: Dot1X Guest-Vlan
User Guidelines This command has no user guidelines. Example The following example displays 802.1X users. console#show dot1x users Port Username --------- --------- 1/g1 1/g2 John Switch# show dot1x users username Bob Port Username --------- --------- 1/g1 The following table describes the significant fields shown in the display: Field Description Username...
Page 546: Dot1X Unauth-Vlan
Default Configuration The guest VLAN is disabled on the interface by default. Command Mode Interface Configuration (Ethernet) mode User Guidelines Configure the guest VLAN before using this command. Example The following example sets the guest VLAN on port 1/g2 to VLAN 10. console(config-if-1/g2)#dot1x guest-vlan 10 dot1x unauth-vlan Use the dot1x unauth-vlan command in Interface Configuration mode to specify the...
Page 547: Show Dot1X Advanced
show dot1x advanced Use the show dot1x advanced command in Privileged EXEC mode to display 802.1X advanced features for the switch or for the specified interface. The output of this command has been updated in release 2.1 to remove the Multiple Hosts column and add an Unauthenticated VLAN column, which indicates whether an unauthenticated VLAN is configured on a port.
Page 548: Radius-Server Attribute 4
console#show dot1x advanced ethernet 1/g2 Port Guest Unauthenticated VLAN Vlan --------- --------- --------------- 1/g2 radius-server attribute 4 Use the radius-server attribute 4 command in Global Configuration mode to set the network access server (NAS) IP address for the RADIUS server. Use the no version of the command to set the value to the default.
Page 549: Introduction
Layer 3 Commands Introduction The chapters that follow describe commands that conform to the OSI model’s Network Layer (Layer 3). Layer 3 commands perform a series of exchanges over various data links to deliver data between any two nodes in a network. These commands define the addressing and routing structure of the Internet.
Page 550 Layer 3 Commands...
Page 551: Arp Commands
ARP Commands This chapter explains the following commands: • • arp cachesize • arp dynamicrenew • arp purge • arp resptime • arp retries • arp timeout • clear arp-cache • clear arp-cache management • ip proxy-arp • show arp Use the arp command in Global Configuration mode to create an Address Resolution Protocol (ARP) entry.
Page 552: Arp Cachesize
User Guidelines This command has no user guidelines. Example The following example creates an ARP entry consisting of an IP address and a MAC address. console(config)#arp 192.168.1.2 00A2.64B3.A245 arp cachesize Use the arp cachesize command in Global Configuration mode to configure the maximum number of entries in the ARP cache.
Page 553: Arp Purge
no arp dynamicrenew Default Configuration The default state is enabled. Command Mode Global Configuration mode User Guidelines When an ARP entry reaches its maximum age, the system must decide whether to retain or delete the entry. If the entry has recently been used to forward data packets, the system will renew the entry by sending an ARP request to the neighbor.
Page 554: Arp Resptime
ip-address — The IP address to be removed from ARP cache. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example removes the specified IP address from arp cache. console#arp purge 192.168.1.10 arp resptime Use the arp resptime command in Global Configuration mode to configure the ARP request...
Page 555: Arp Retries
arp retries Use the arp retries command in Global Configuration mode to configure the ARP count of maximum requests for retries. To return to the default value, use the no form of this command. Syntax integer arp retries no arp retries integer —...
Page 556: Clear Arp-Cache
User Guidelines This command has no user guidelines. Example The following example defines 900 seconds as the timeout. console(config)#arp timeout 900 clear arp-cache Use the clear arp-cache command in Privileged EXEC mode to remove all ARP entries of type dynamic from the ARP cache. Syntax clear arp-cache [gateway] •...
Page 557: Ip Proxy-Arp
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example console#clear arp-cache management ip proxy-arp Use the ip proxy-arp command in Interface Configuration mode to enable proxy ARP on a router interface.
Page 558: Show Arp
console(config-if-vlan15)#ip proxy-arp show arp Use the show arp command in Privileged EXEC mode to display the Address Resolution Protocol (ARP) cache. The displayed results are not the total ARP entries. To view the total ARP entries, the operator should view the show ARP results in conjunction with the show ARP switch results.
Page 559 IP Address MAC Address Interface Type ---------- ---------------- ------------- ------- ----------- console# ARP Commands...
Page 560 ARP Commands...
Page 561: Bootpdhcprelay Cidridoptmode
DHCP and BOOTP Relay Commands This chapter explains the following commands: • bootpdhcprelay cidridoptmode • bootpdhcprelay maxhopcount • bootpdhcprelay minwaittime bootpdhcprelay cidridoptmode Use the bootpdhcprelay cidridoptmode command in Global Configuration mode to enable the circuit ID option and remote agent ID mode for BootP/DHCP Relay on the system. Use the no form of the command to disable the circuit ID option and remote agent ID mode for BootP/DHCP Relay.
Page 562: Bootpdhcprelay Maxhopcount
bootpdhcprelay maxhopcount Use the bootpdhcprelay maxhopcount command in Global Configuration mode to configure the maximum allowable relay agent hops for BootP/DHCP Relay on the system. Use the no form of the command to set the maximum hop count to the default value. Syntax integer bootpdhcprelay maxhopcount...
Page 563 Default Configuration integer 0 is the default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example defines a minimum wait time of 10 seconds. console(config)#bootpdhcprelay minwaittime 10 DHCP and BOOTP Relay Commands...
Page 564 DHCP and BOOTP Relay Commands...
Page 565: Clear Ipv6 Dhcp
DHCPv6 Commands This chapter explains the following commands: • clear ipv6 dhcp • dns-server • domain-name • ipv6 dhcp pool • ipv6 dhcp relay • ipv6 dhcp relay-agent-info-opt • ipv6 dhcp relay-agent-info-remote-id-subopt • ipv6 dhcp server • prefix-delegation • service dhcpv6 •...
Page 566: Dns-Server
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Examples The following examples clears DHCPv6 statistics for VLAN 11. console#clear ipv6 dhcp interface vlan 11 statistics dns-server Use the dns-server command in IPv6 DHCP Pool Configuration mode to set the ipv6 DNS server address which is provided to a DHCPv6 client by the DHCPv6 server.
Page 567: Domain-Name
domain-name Use the domain-name command in IPv6 DHCP Pool Configuration mode to set the DNS domain name which is provided to a DHCPv6 client by the DHCPv6 server. DNS domain name is configured for stateless server support. Syntax dns-domain-name domain-name dns-domain-name no domain-name dns-domain-name —...
Page 568: Ipv6 Dhcp Relay
Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example enters IPv6 DHCP Pool Configuration mode. console(config)#ipv6 dhcp pool addrpool console(config-dhcp6s-pool)# ipv6 dhcp relay Use the ipv6 dhcp relay command in Interface Configuration mode to configure an interface for DHCPv6 relay functionality.
Page 569: Ipv6 Dhcp Relay-Agent-Info-Opt
User Guidelines relay-address relay-interface relay-address is an IPv6 global address, then is not required. If is a relay-interface relay-address link-local or multicast address, then is required. Finally, a value for relay-interface is not specified, then a value for must be specified and the DHCPV6- ALLAGENTS multicast address (i.e.
Page 570: Ipv6 Dhcp Relay-Agent-Info-Remote-Id-Subopt
ipv6 dhcp relay-agent-info-remote-id-subopt Use the ipv6 dhcp relay-agent-info-remote-id-subopt command in Global Configuration mode to configure a number to represent the DHCPv6 the “remote-id” sub-option. Syntax suboption ipv6 dhcp relay-agent-info-remote-id-subopt suboption — Remote ID suboption. (Range: 1-65535) • Default Configuration suboption The default value for is 1.
Page 571: Prefix-Delegation
Default Configuration This command has no default configuration. Command Mode Interface Configuration (VLAN, Tunnel) mode User Guidelines This command has no user guidelines. Example The following example configures DHCPv6 server functionality. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 dhcp server pool prefix-delegation Use the prefix-delegation command in IPv6 DHCP Pool Configuration mode to define Multiple IPv6 prefixes within a pool for distributing to specific DHCPv6 Prefix delegation clients.
Page 572: Service Dhcpv6
User Guidelines This command has no user guidelines. Example The following example defines a Multiple IPv6 prefix and client DUID within a pool for distributing to specific DHCPv6 Prefix delegation clients. console(config)#ipv6 dhcp pool addrpool console(config-dhcp6s-pool)#prefix-delegation 2020:1::1/64 00:01:00:09:f8:79:4e:00:04:76:73:43:76 service dhcpv6 Use the service dhcpv6 command in Global Configuration mode to enable DHCPv6 configuration on the router.
Page 573: Show Ipv6 Dhcp Binding
Syntax show ipv6 dhcp Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the DHCPv6 server name and status. console#show ipv6 dhcp DHCPv6 is disabled Server DUID: show ipv6 dhcp binding Use the show ipv6 dhcp binding command in Privileged EXEC mode to display the configured...
Page 574: Show Ipv6 Dhcp Interface
Example The following example displays the configured DHCP pool based on the entered IPv6 address. console#show ipv6 dhcp binding 2020:1:: show ipv6 dhcp interface Use the show ipv6 dhcp interface command in User EXEC mode to display DHCPv6 information for all relevant interfaces or a specified interface. If an interface is specified, the optional statistics parameter is available to view statistics for the specified interface.
Page 575: Show Ipv6 Dhcp Pool
console> show ipv6 dhcp interface vlan 11 statistics DHCPv6 Interface vlan11 Statistics ------------------------------------ DHCPv6 Solicit Packets Received....0 DHCPv6 Request Packets Received....0 DHCPv6 Confirm Packets Received....0 DHCPv6 Renew Packets Received....0 DHCPv6 Rebind Packets Received....0 DHCPv6 Release Packets Received....0 DHCPv6 Decline Packets Received....
Page 576: Show Ipv6 Dhcp Statistics
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the configured DHCP pool. console#show ipv6 dhcp pool test DHCPv6 Pool: test show ipv6 dhcp statistics Use the show ipv6 dhcp statistics command in User EXEC mode to display the DHCPv6 server name and status.
Page 577 DHCPv6 Request Packets Received....0 DHCPv6 Confirm Packets Received....0 DHCPv6 Renew Packets Received....0 DHCPv6 Rebind Packets Received....0 DHCPv6 Release Packets Received....0 DHCPv6 Decline Packets Received....0 DHCPv6 Inform Packets Received....0 DHCPv6 Relay-forward Packets Received..0 DHCPv6 Relay-reply Packets Received....
Page 578 DHCPv6 Commands...
Page 579: Ip Dvmrp
DVMRP Commands This chapter explains the following commands: • ip dvmrp • ip dvmrp metric • ip dvmrp trapflags • show ip dvmrp • show ip dvmrp interface • show ip dvmrp neighbor • show ip dvmrp nexthop • show ip dvmrp prune •...
Page 580: Ip Dvmrp Metric
The following example sets VLAN 15’s administrative mode of DVMRP to active. console(config)#interface vlan 15 console(config-if-vlan15)#ip dvmrp ip dvmrp metric Use the ip dvmrp metric command in Interface Configuration mode to configure the metric for an interface. This value is used in the DVMRP messages as the cost to reach this network. Syntax metric ip dvmrp metric...
Page 581: Show Ip Dvmrp
Default Configuration Disabled is the default state. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following command enables DVMRP trap mode. console#configure console(config)#ip dvmrp trapflags console(config)#no ip dvmrp trapflags show ip dvmrp Use the show ip dvmrp command in Privileged EXEC mode to display the system-wide information for DVMRP .
Page 582: Show Ip Dvmrp Interface
Total Number of Routes......0 Reachable Routes ......0 DVMRP INTERFACE STATUS Interface Interface Mode Protocol State --------- -------------- -------------- show ip dvmrp interface Use the show ip dvmrp interface command in Privileged EXEC mode to display the interface information for DVMRP on the specified interface. Syntax vlan-id show ip dvmrp interface vlan...
Page 583: Show Ip Dvmrp Nexthop
Default Configuration This command has no default condition. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the neighbor information for DVMRP. console(config)#show ip dvmrp neighbor No neighbors available. show ip dvmrp nexthop Use the show ip dvmrp nexthop command in Privileged EXEC mode to display the next hop information on outgoing interfaces for routing multicast datagrams.
Page 584: Show Ip Dvmrp Prune
show ip dvmrp prune Use the show ip dvmrp prune command in Privileged EXEC mode to display the table that lists the router’s upstream prune information. Syntax show ip dvmrp prune Default Configuration This command has no default condition. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Page 585 User Guidelines This command has no user guidelines. Example The following example displays the multicast routing information for DVMRP. console#show ip dvmrp route Upstream Expiry Up Time Source Address Neighbor Interface Metric Time(secs) (secs) -------------- -------- ---------------- ---------- --------- DVMRP Commands...
Page 586 DVMRP Commands...
Page 587: Igmp Commands
IGMP Commands This chapter explains the following commands: • ip igmp • ip igmp last-member-query-count • ip igmp last-member-query-interval • ip igmp query-interval • ip igmp query-max-response-time • ip igmp robustness • ip igmp startup-query-count • ip igmp startup-query-interval • ip igmp version •...
Page 588: Ip Igmp Last-Member-Query-Count
User Guidelines This command has no user guidelines. Example The following example globally enables IGMP. console(config)#ip igmp ip igmp last-member-query-count Use the ip igmp last-member-query-count command in Interface Configuration mode to set the number of Group-Specific Queries sent before the router assumes that there are no local members on the interface.
Page 589: Ip Igmp Last-Member-Query-Interval
ip igmp last-member-query-interval Use the ip igmp last-member-query-interval command in Interface Configuration mode to configure the Maximum Response Time inserted in Group-Specific Queries which are sent in response to Leave Group messages. Syntax tenthsofseconds ip igmp last-member-query-interval no ip igmp last-member-query-interval tenthsofseconds —...
Page 590: Ip Igmp Query-Max-Response-Time
Default Configuration The default query interval value is 125 seconds. Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example configures a 10-second query interval for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp query-interval 10 ip igmp query-max-response-time Use the ip igmp query-max-response-time command in Internet Configuration mode to configure the maximum response time interval for the specified interface.
Page 591: Ip Igmp Robustness
console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp query-max-response-time 10 ip igmp robustness Use the ip igmp robustness command in Interface Configuration mode to configure the robustness that allows tuning of the interface, that is, tuning for the expected packet loss on a subnet.
Page 592: Ip Igmp Startup-Query-Interval
count — The number of startup queries. (Range: 1-20) • Default Configuration The default count value is 2. Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example sets for VLAN 15 the number of queries sent out on startup at 10. console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp startup-query-count 10 ip igmp startup-query-interval...
Page 593: Ip Igmp Version
console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp startup-query-interval 10 ip igmp version Use the ip igmp version command in Interface Configuration mode to configure the version of IGMP for an interface. Syntax version ip igmp version version — IGMP version. (Range: 1-3) •...
Page 594: Show Ip Igmp Groups
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays system-wide IGMP information. console#show ip igmp IGMP Admin Mode........ Enabled IGMP Router-Alert check......Disabled IGMP INTERFACE STATUS Interface Interface-Mode Operational-Status --------- -------------- ---------------- vlan 3 Enabled Non-Operational...
Page 595: Show Ip Igmp Interface
Example The following example displays the registered multicast groups for VLAN 1. console#show ip igmp groups interface vlan 3 detail REGISTERED MULTICAST GROUP DETAILS Version1 Version2 Group Multicast Last Expiry Host Host Compat IP Address Reporter Time Time Timer Timer Mode --------------- ------------ ----------...
Page 596: Show Ip Igmp Interface Membership
Query Interval (secs)......125 Query Max Response Time (1/10 of a second)..100 Robustness........2 Startup Query Interval (secs) ....31 Startup Query Count......2 Last Member Query Interval (1/10 of a second).. 10 Last Member Query Count......2 show ip igmp interface membership Use the show ip igmp interface membership command in Privileged EXEC mode to display the list of interfaces that have registered in the multicast group.
Page 597: Show Ip Igmp Interface Stats
console(config)#show ip igmp interface membership 224.5.5.5 detail IGMP INTERFACE DETAILED MEMBERSHIP INFO Interface Group Compat Source Filter Source Hosts Expiry Time Mode Mode ---------- ------------- -------------- -------------- ----------- show ip igmp interface stats Use the show ip igmp interface stats command in User EXEC mode to display the IGMP statistical information for the interface.
Page 598 Number of Joins........ 7 Number of Groups....... 1 IGMP Commands...
Page 599: Ip Igmp-Proxy
IGMP Proxy Commands This chapter explains the following commands: • ip igmp-proxy • ip igmp-proxy reset-status • ip igmp-proxy unsolicited-report-interval • show ip igmp-proxy • show ip igmp-proxy interface • show ip igmp-proxy groups • show ip igmp-proxy groups detail ip igmp-proxy Use the ip igmp-proxy command in Interface Configuration mode to enable the IGMP Proxy on the router.
Page 600: Ip Igmp-Proxy Reset-Status
console(config-if-vlan15)#ip igmp-proxy ip igmp-proxy reset-status Use the ip igmp-proxy reset-status command in Interface Configuration mode to reset the host interface status parameters of the IGMP Proxy router. This command is valid only when IGMP Proxy is enabled on the interface. Syntax ip igmp-proxy reset-status Default Configuration...
Page 601: Show Ip Igmp-Proxy
Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example sets 10 seconds as the unsolicited report interval for the IGMP Proxy router. console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp-proxy unsolicited-report- interval 10 show ip igmp-proxy Use the show ip igmp-proxy command in Privileged EXEC mode to display a summary of the host interface status parameters.
Page 602: Show Ip Igmp-Proxy Interface
Version........3 Number of Multicast Groups..... 0 Unsolicited Report Interval....1 Querier IP Address on Proxy Interface..0.0.0.0 Older Version 1 Querier Timeout....0 Older Version 2 Querier Timeout....0 Proxy Start Frequency......1 show ip igmp-proxy interface Use the show ip igmp-proxy interface command in Privileged EXEC mode to display a detailed list of the host interface status parameters.
Page 603: Show Ip Igmp-Proxy Groups
show ip igmp-proxy groups Use the show ip igmp-proxy groups command in Privileged EXEC mode to display a table of information about multicast groups that IGMP Proxy reported. It displays status parameters only when IGMP Proxy is enabled. Syntax show ip igmp-proxy groups Default Configuration This command has no default configuration.
Page 604 Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays complete information about multicast groups that IGMP Proxy has reported. console#show ip igmp-proxy groups detail Interface Index........
Page 605: Clear Ip Helper Statistics
IP Helper Commands This chapter explains the following commands: • clear ip helper statistics • ip helper-address (global configuration) • ip helper-address (interface configuration) • ip helper enable • show ip helper-address • show ip helper statistics clear ip helper statistics Use the clear ip helper statistics command to reset to 0 the statistics displayed in show ip helper statistics.
Page 606: Ip Helper-Address (Global Configuration)
ip helper-address (global configuration) Use the ip helper-address (global configuration) command to configure the relay of certain UDP broadcast packets received on any interface. To delete an IP helper entry, use the no form of this command. Syntax server-address dest-udp-port ip helper-address | dhcp | domain | isakmp | mobile-ip | nameserver | netbios-dgm | netbios-ns | ntp | pim-auto-rp | rip | tacacs | tftp | time ]...
Page 607: Ip Helper-Address (Interface Configuration)
console(config)#ip helper-address 10.1.1.1 dhcp console(config)#ip helper-address 10.1.2.1 dhcp To relay UDP packets received on any interface for all default ports (Table 4) to the server at 20.1.1.1, use the following commands: console#config console(config)#ip helper-address 20.1.1.1 ip helper-address (interface configuration) Use the ip helper-address (interface configuration) command to configure the relay of certain UDP broadcast packets received on a specific interface.
Page 608 Command Mode Interface Configuration (VLAN) mode. User Guidelines This command can be invoked multiple times on routing interface, either to specify multiple server addresses for a given port number or to specify multiple port numbers handled by a specific server. The command no ip helper-address with no arguments clears all helper addresses on the interface.
Page 609: Ip Helper Enable
console(config)#interface vlan 5 console(config-if-vlan5)#ip helper-address 192.168.40.2 dhcp console(config-if-vlan5)#ip helper-address 192.168.40.2 domain console(config-if-vlan5)#exit console(config)#interface 2/6 console(config-if-vlan6)#ip helper-address 192.168.23.1 162 console(config-if-vlan6)#ip helper-address discard dhcp ip helper enable Use the ip helper enable command to enable relay of UDP packets. To disable relay of all UDP packets, use the “no”...
Page 610 Syntax interface show ip helper-address [ interface — Optionally specify an interface to limit the output to the configuration of a single • interface. The interface is identified as vlan vlan-id. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode IP Helper Commands...
Page 611: Show Ip Helper Statistics
User Guidelines Field Descriptions: Interface The relay configuration is applied to packets that arrive on this interface. This field is set to “any” for global IP helper entries. UDP Port The relay configuration is applied to packets whose destination UDP port is this port.
Page 612 Command Mode Privileged EXEC mode User Guidelines Field descriptions: DHCP client messages The number of valid messages received from a DHCP client. The count is only received incremented if IP helper is enabled globally, the ingress routing interface is up, and the packet passes a number of validity checks, such as having a TTL >...
Page 613 Example console#show ip helper statistics DHCP client messages received....8 DHCP client messages relayed....2 DHCP server messages received....2 DHCP server messages relayed....2 UDP client messages received....8 UDP client messages relayed....2 DHCP message hop count exceeded max.... 0 DHCP message with secs field below min..
Page 614 IP Helper Commands...
Page 615: Encapsulation
IP Routing Commands This chapter explains the following commands: • encapsulation • ip address • ip mtu • ip netdirbcast • ip route • ip route default • ip route distance • ip routing • routing • show ip brief •...
Page 616: Ip Address
Default Configuration Ethernet encapsulation is the default configuration. Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example applies SNAP encapsulation for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#encapsulation snap ip address Use the ip address command in Interface Configuration mode to configure an IP address on an interface.
Page 617 User Guidelines This command also implicitly enables the interface for routing (i.e. as if the user had issued the ‘routing’ interface command). Example The following example defines the IP address and subnet mask for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip address 192.168.10.10 255.255.255.0 ip mtu Use the ip mtu command in Interface Configuration mode to set the IP Maximum Transmission Unit (MTU) on a routing interface.
Page 618: Ip Netdirbcast
console(config)#interface vlan 15 console(config-if-vlan15)#ip mtu 1480 ip netdirbcast Use the ip netdirbcast command in Interface Configuration mode to enable the forwarding of network-directed broadcasts. When enabled, network directed broadcasts are forwarded. When disabled they are dropped. Use the no form of the command to disable the broadcasts. Syntax ip netdirbcast no ip netdirbcast...
Page 619: Ip Route Default
no ip route ip addr subnetmask prefix length nextHopRtr preference ip-address — IP address of destination interface. • subnet-mask — Subnet mask of destination interface. • prefix-length — Length of prefix. Must be preceded with a forward slash (/). (Range: 0-32 •...
Page 620: Ip Route Distance
preference — Specifies the preference value, a.k.a administrative distance, of an individual • static route. (Range: 1-255) Default Configuration Default value of preference is 1. Command Mode Global Configuration mode User Guidelines For routed management traffic: 1. Router entries are checked for applicable destinations. 2.
Page 621: Ip Routing
Command Mode Global Configuration mode User Guidelines Lower route distance values are preferred when determining the best route. Example The following example sets the default route metric to 80. console(config)#ip route distance 80 ip routing To globally enable IPv4 routing on the router, use the "ip routing" command in Global Configuration mode.
Page 622: Show Ip Brief
Syntax routing no routing Default Configuration Disabled is the default configuration. Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example enables IPv4 and IPv6 routing for VLAN 15 console(config)#interface vlan 15 console(config-if-vlan15)#routing show ip brief Use the show ip brief command in Privileged EXEC mode to display all the summary...
Page 623: Show Ip Interface
Default Time to Live......30 Routing Mode........Disabled IP Forwarding Mode......Enabled Maximum Next Hops......2 show ip interface Use the show ip interface command in Privileged EXEC mode to display all pertinent information about one or more IP interfaces. Syntax show ip interface [vlan vlan-id | loopback loopback -id] vlan-id —...
Page 624: Show Ip Protocols
Netdir Multi Interface IP Address IP Mask Bcast CastFwd ---------- --------------- --------------- -------- -------- vlan1 192.168.10.10 255.255.255.0 Disable Disable vlan2 0.0.0.0 0.0.0.0 Enable Disable loopback2 0.0.0.0 0.0.0.0 Disable Disable console#show ip interface vlan 15 Primary IP Address......192.168.10.10/255.255.255.0 Secondary IP Address(es)....... 192.168.20.20/255.255.255.0 Routing Mode........
Page 625 Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays parameters and current state of active routing protocols. console#show ip protocols Routing Protocol is "rip" Sending updates every 30 seconds Invalid after 180 seconds, hold down 120, flushed after 300 Redistributing: RIP, Static, OSPF Default version control: send version 1, receive version 1 Interfaces:...
Page 626: Show Ip Route
Gateway State 176.1.1.2 Full External Preference: 60 Internal Preference: 20 show ip route Use the show ip route command in Privileged EXEC mode to display the routing table. Syntax protocol ip-address subnet-mask prefix-length show ip route [ |address ] [longer-prefixes]] protocol —...
Page 627: Show Ip Route Preferences
N1 - OSPF NSSA External Type 1, N2 - OSPF NSSA external type 2 show ip route preferences Use the show ip route preferences command in Privileged EXEC mode displays detailed information about the route preferences. Route preferences are used in determining the best route.
Page 628: Show Ip Stats
Syntax show ip route summary [all] • all — Shows the number of all routes, including best and non-best routes. To include only the number of best routes, do not use this optional parameter. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 629 Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example The following example displays IP route preferences. console>show ip stats IpInReceives........24002 IpInHdrErrors........1 IpInAddrErrors......... 925 IpForwDatagrams........ 0 IpInUnknownProtos......
Page 630: Show Ip Vlan
IcmpInErrors........0 IcmpInDestUnreachs......0 IcmpInTimeExcds........ 0 IcmpInParmProbs........ 0 IcmpInSrcQuenchs....... 0 IcmpInRedirects........ 0 IcmpInEchos........3 IcmpInEchoReps......... 0 IcmpInTimestamps....... 0 IcmpInTimestampReps......0 IcmpInAddrMasks........ 0 IcmpInAddrMaskReps......0 IcmpOutMsgs........3 IcmpOutErrors........0 IcmpOutDestUnreachs......0 IcmpOutTimeExcds....... 0 IcmpOutParmProbs....... 0 IcmpOutSrcQuenchs......0 IcmpOutRedirects....... 0 IcmpOutEchoReps........ 3 IcmpOutTimestamps......
Page 631 Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays VLAN routing information. console#show ip vlan MAC Address used by Routing VLANs: 00:00:00:01:00:02 VLAN ID IP Address Subnet Mask ------- --------------- --------------- 0.0.0.0...
Page 632 IP Routing Commands...
Page 633: Ipv6 Mld Snooping Immediate-Leave
IPv6 MLD Snooping Commands This chapter explains the following commands: • ipv6 mld snooping immediate-leave • ipv6 mld snooping groupmembership-interval • ipv6 mld snooping maxresponse • ipv6 mld snooping mcrtexpiretime • ipv6 mld snooping (Global) • ipv6 mld snooping (Interface) •...
Page 634: Ipv6 Mld Snooping Groupmembership-Interval
Command Mode Interface Configuration (Ethernet, port-channel) Mode. VLAN Database Mode. User Guidelines This command has no user guidelines. Example console(config-vlan)#ipv6 mld snooping immediate-leave 4 ipv6 mld snooping groupmembership-interval The ipv6 mld snooping groupmembership-interval command sets the MLD Group Membership Interval time on a VLAN or interface. The Group Membership Interval time is the amount of time in seconds that a switch waits for a report from a particular group on a particular interface before deleting the interface from the entry.
Page 635: Ipv6 Mld Snooping Maxresponse
ipv6 mld snooping maxresponse The ipv6 mld snooping maxresponse command sets the MLD Maximum Response time for an interface or VLAN. The Maximum Response time is the amount of time in seconds that a switch will wait after sending a query on an interface because it did not receive a report for a particular group in that interface.
Page 636: Ipv6 Mld Snooping (Global)
Default Configuration The default multicast router present expiration time is 300 seconds. Command Mode Interface Configuration mode. VLAN Database mode. User Guidelines This command has no user guidelines Example console(config-if-4/g1)#ipv6 mld snooping mcrtrexpiretime 60 ipv6 mld snooping (Global) The ipv6 mld snooping (Global) command enables MLD Snooping on the system (Global Config Mode).
Page 637: Ipv6 Mld Snooping (Vlan)
ipv6 mld snooping (Interface) The ipv6 mld snooping (Interface) command enables MLD Snooping on an interface. If an interface has MLD Snooping enabled and it becomes a member of a port-channel (LAG), MLD Snooping functionality is disabled on that interface. MLD Snooping functionality is re-enabled if the interface is removed from a port-channel (LAG).
Page 638: Show Ipv6 Mld Snooping
User Guidelines There are no user guidelines for this command. Example console(config-vlan)#ipv6 mld snooping 1 show ipv6 mld snooping The show ipv6 mld snooping command displays MLD Snooping information. Configured information is displayed whether or not MLD Snooping is enabled. Syntax interface port-channel-number...
Page 639: Show Ipv6 Mld Snooping Groups
• Max Response Time — Displays the amount of time the switch waits after it sends a query on an interface, participating in the VLAN, because it did not receive a report for a particular group on that interface. This value may be configured. •...
Page 640 --------------------------------------------- Vlan Ipv6 Address Ports ---- ----------------------- ---------------------------------------- console#show ipv6 mld snooping groups vlan 2 Vlan Ipv6 Address Type Ports ---- ----------------------- ------- -------------------------------- 3333.0000.0004 Dynamic 1/g1,1/g3 3333.0000.0005 Dynamic 1/g1,1/g3 MLD Reporters that are forbidden statically: --------------------------------------------- Vlan Ipv6 Address Ports ---- -----------------------...
Page 641: Ipv6 Pimsm (Global Config)
IPv6 Multicast Commands This chapter explains the following commands: • ipv6 pimsm (Global config) • ipv6 pimsm (VLAN Interface config) • ipv6 pimsm bsr-border • ipv6 pimsm bsr-candidate • ipv6 pimsm dr-priority • ipv6 pimsm hello-interval • ipv6 pimsm join-prune-interval •...
Page 642: Ipv6 Pimsm (Vlan Interface Config)
Default Configuration IPv6 PIMSM is disabled on the router by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 pimsm ipv6 pimsm (VLAN Interface config) Use the ipv6 pimsm command in VLAN Interface configuration mode to administratively enable PIM-SM multicast routing mode on a particular IPv6 router interface.
Page 643: Ipv6 Pimsm Bsr-Candidate
Syntax ipv6 pimsm bsr-border no ipv6 pimsm bsr-border Default Configuration BSR-border is disabled by default. Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 pimsm bsr-border ipv6 pimsm bsr-candidate Use the ipv6 pimsm bsr-candidate command to configure the router to announce its candidacy as a bootstrap router (BSR).
Page 644: Ipv6 Pimsm Dr-Priority
Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 pimsm bsr-candidate vlan 9 10 34 ipv6 pimsm dr-priority Use the ipv6 pimsm dr-priority command to set the priority value for which a router is elected as the designated router (DR).
Page 645: Ipv6 Pimsm Join-Prune-Interval
no ipv6 pimsm hello-interval • interval—The hello interval (Range: 0–65535 seconds). Default Configuration The default hello interval is 30 seconds. Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 pimsm hello-interval 45 ipv6 pimsm join-prune-interval Use the ipv6 pimsm join-prune-interval command to configure the interface join/prune interval for the PIM-SM router.
Page 646: Ipv6 Pimsm Register-Threshold
ipv6 pimsm register-threshold Use the ipv6 pimsm register-threshold command to configure the Register Threshold rate for the RP router to switch to the shortest path. Use the "no" form of this command to set the register threshold rate to the default. Syntax threshold ipv6 pimsm register-threshold...
Page 647: Ipv6 Pimsm Rp-Candidate
Default Configuration There are no static RP addresses configured by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 pimsm rp-address 2001::1 ff1e::/64 ipv6 pimsm rp-candidate Use the ipv6 pimsm rp-candidate command to configure the router to advertise itself as a PIM candidate rendezvous point (RP) to the bootstrap router (BSR).
Page 648: Ipv6 Pimsm Spt-Threshold
ipv6 pimsm spt-threshold Use the ipv6 pimsm spt-threshold command to configure the Data Threshold rate for the last- hop router to switch to the shortest path. Use the "no" form of this command to set the data threshold to the default. Syntax threshold ipv6 pimsm spt-threshold...
Page 649: Show Ipv6 Pimsm
Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 pimsm ssm ff1e::/64 show ipv6 pimsm Use the show ipv6 pimsm command to display global status of IPv6 PIMSM and its IPv6 routing interfaces. Syntax show ipv6 pimsm Default Configuration...
Page 650: Show Ipv6 Pimsm Bsr
FF1E::/64 PIM-SM INTERFACE STATUS Interface Interface-Mode Operational-Status --------- -------------- ---------------- vlan 3 Enabled Operational vlan 6 Enabled Operational vlan 9 Enabled Operational show ipv6 pimsm bsr Use the show ipv6 pimsm bsr command to display the bootstrap router (BSR) information. The output includes elected BSR information and information about the locally configured candidate rendezvous point (RP) advertisement.
Page 651: Show Ipv6 Pimsm Interface
show ipv6 pimsm interface Use the show ipv6 pimsm interface command to display interface config parameters. If no interface is specified, all interfaces are displayed. Syntax vlan-id show ipv6 pimsm interface [ vlan • vlan-id—A valid VLAN ID value. Default Configuration There is no default configuration for this command.
Page 652: Show Ipv6 Pimsm Rphash
Syntax vlan-id show ipv6 pimsm neighbor [ all | interface vlan vlan-id — A valid VLAN ID value. • Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show ipv6 pimsm neighbor all Slot/Port........
Page 653: Show Ipv6 Pimsm Rp Mapping
User Guidelines There are no user guidelines for this command. Example console#show ipv6 pimsm rphash ff1e::/64 Type Address ------------------------ ----- 3001::1 show ipv6 pimsm rp mapping Use the show ipv6 pimsm rp mapping command to display all group-to-RP mappings of which the router is aware (either configured or learned from the bootstrap router (BSR)).
Page 654 origin......... Static Group Address........FF1E::/64 RP Address........3001::1 origin......... BSR IPv6 Multicast Commands...
Page 655: Ipv6 Routing Commands
IPv6 Routing Commands This chapter explains the following commands: • clear ipv6 neighbors • clear ipv6 statistics • ipv6 address • ipv6 enable • ipv6 forwarding • ipv6 host • ipv6 mld last-member-query-count • ipv6 mld last-member-query-interval • ipv6 mld-proxy •...
Page 656: Clear Ipv6 Neighbors
• ipv6 route distance • ipv6 unicast-routing • ping ipv6 • ping ipv6 interface • show ipv6 brief • show ipv6 interface • show ipv6 mld groups • show ipv6 mld interface • show ipv6 mld-proxy • show ipv6 mld-proxy groups •...
Page 657: Clear Ipv6 Statistics
Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example clears all entries in the IPv6 neighbor table. console(config)#clear ipv6 neighbors clear ipv6 statistics Use the clear ipv6 statistics command in Privileged EXEC mode to clear IPv6 statistics for all interfaces or for a specific interface, including loopback and tunnel interfaces.
Page 658: Ipv6 Address
ipv6 address Use the ipv6 address command in Interface Configuration mode to configure an IPv6 address on an interface (including tunnel and loopback interfaces) and to enable IPv6 processing on this interface. Multiple globally reachable addresses can be assigned to an interface by using this command.
Page 659: Ipv6 Forwarding
console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 address 2020:1::1/64 ipv6 enable Use the ipv6 enable command in Interface Configuration mode to enable IPv6 routing on an interface (including tunnel and loopback interfaces) that has not been configured with an explicit IPv6 address. Command execution automatically configures the interface with a link- local address.
Page 660: Ipv6 Host
— Host name. • ipv6-address — IPv6 address of the host. • Default Configuration No IPv6 hosts are defined. Command Mode Global Configuration mode. User Guidelines This command has no user guidelines. Example console(config)#ipv6 host Dell 2001:DB8::/32 IPv6 Routing Commands...
Page 661: Ipv6 Mld Last-Member-Query-Count
ipv6 mld last-member-query-count The ipv6 mld last-member-query-count command sets the number of listener-specific queries sent before the router assumes that there are no local members on the interface. Use the “no” form of this command to set the last member query count to the default. Syntax last-member-query-count ipv6 mld last-member-query-count...
Page 662: Ipv6 Mld-Proxy
Command Mode Interface Configuration (VLAN) mode. User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 mld last-member-query-interval 5000 ipv6 mld-proxy Use the ipv6 mld-proxy command to enable MLD Proxy on the router. To enable MLD Proxy on the router, you must also enable multicast forwarding. Also, ensure that there are no other multicast routing protocols enabled on the router.
Page 663: Ipv6 Mld-Proxy Unsolicit-Rprt-Interval
Syntax ipv6 mld-proxy reset-status Command Mode Interface Configuration (VLAN) mode. Default Configuration There is no default configuration for this command. User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 mld-proxy reset-status ipv6 mld-proxy unsolicit-rprt-interval Use the ipv6 mld-proxy unsolicit-rprt-interval command to set the unsolicited report interval for the MLD Proxy router.
Page 664: Ipv6 Mld Query-Interval
ipv6 mld query-interval The ipv6 mld query-interval command sets the MLD router's query interval for the interface. The query-interval is the amount of time between the general queries sent when the router is querying on that interface. Use the “no” form of this command to set the query interval to the default.
Page 665: Ipv6 Mld Router
Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 mld query-max-response-time 4500 ipv6 mld router The ipv6 mld router command is used to enable MLD in the router in global configuration mode and for a specific interface in interface configuration mode.
Page 666: Ipv6 Nd Dad Attempts
Syntax ipv6 mtu no ipv6 mtu mtu — Is the maximum transmission unit. (Range: 1280-1500) • Default Configuration The default MTU is 1500. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines. Example The following example sets the maximum transmission unit (MTU) size, in bytes, of IPv6 packets.
Page 667: Ipv6 Nd Managed-Config-Flag
User Guidelines This command has no user guidelines. Example The following example sets at 10 the number of duplicate address detection probes transmitted while doing neighbor discovery. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 nd dad attempts 10 ipv6 nd managed-config-flag Use the ipv6 nd managed-config-flag command in Interface Configuration mode to set the “managed address configuration”...
Page 668: Ipv6 Nd Other-Config-Flag
Syntax milliseconds ipv6 nd ns-interval no ipv6 nd ns-interval milliseconds — Interval duration. (Range: 0, 1000–4294967295) • Default Configuration milliseconds 0 is the default value for Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines. Example The following example sets the interval between router advertisements for advertised neighbor solicitations at 5000 ms.
Page 669: Ipv6 Nd Prefix
Example The following example sets to true the “other stateful configuration” flag in router advertisements console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 nd other-config-flag ipv6 nd prefix Use the ipv6 nd prefix command to configure parameters associated with prefixes that the router advertises in its router advertisements. Syntax prefix/prefix-length valid-lifetime...
Page 670: Ipv6 Nd Ra-Interval
The ipv6 nd prefix command will allow you to preconfigure RA prefix values before you configure the associated interface address. In order for the prefix to be included in RAs, you must configure an address that matches the prefix using the ipv6 address command. Prefixes specified using ipv6 nd prefix without an associated interface address will not be included in RAs and will not be committed to the device configuration.
Page 671: Ipv6 Nd Ra-Lifetime
ipv6 nd ra-lifetime Use the ipv6 nd ra-lifetime command in Interface Configuration mode to set the value that is placed in the Router Lifetime field of the router advertisements sent from the interface. Syntax seconds ipv6 nd ra-lifetime no ipv6 nd ra-lifetime seconds —...
Page 672: Ipv6 Nd Suppress-Ra
Default Configuration The default value for neighbor discovery reachable times is 0 milliseconds. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines. Example The following example sets the router advertisement time at 5000 milliseconds to consider a neighbor reachable after neighbor discovery confirmation.
Page 673: Ipv6 Pimdm
ipv6 pimdm Use the ipv6 pimdm command to enable PIM-DM Multicast Routing Mode across the router in global configuration mode or on a specific routing interface in interface mode. Use the “no” form of this command to disable PIM-DM. Syntax ipv6 pimdm no ipv6 pimdm Default Configuration...
Page 674: Ipv6 Route
User Guidelines There are no user guidelines for this command. Example console(config-if-vlan5)#ipv6 pimdm hello-interval 500 ipv6 route Use the ipv6 route command in Global Configuration mode to configure an IPv6 static route. Syntax ipv6-prefix prefix-length tunnel-id vlan-id next- ipv6 route [Null | interface {tunnel | vlan hop-address...
Page 675: Ipv6 Route Distance
console(config)#ipv6 route 2020:1::1/64 2030:1::2 ipv6 route distance Use the ipv6 route distance command in Global Configuration mode to set the default distance (preference) for static routes. Lower route preference values are preferred when determining the best route. The ipv6 route and ipv6 route default commands allow optional setting of the distance of an individual static route.
Page 676: Ping Ipv6
Default Configuration Disabled is the default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example globally enables Ipv6 unicast datagram forwarding. console(config)#ipv6 unicast-routing console(config)#no ipv6 unicast-routing ping ipv6 Use ping ipv6 command in Privileged EXEC mode to determine whether another computer is on the network.
Page 677: Ping Ipv6 Interface
Example The following example determines whether another computer is on the network at the IPv6 address specified. console(config)#ping ipv6 2030:1::1/64 Send count=3, Receive count=0 from 2030:1::1/64 Average round trip time = 0.00 ms ping ipv6 interface Use ping ipv6 interface command in the Privileged EXEC mode to determine whether another computer is on the network.
Page 678: Show Ipv6 Brief
Example The following example determines whether another computer is on the network at the IPv6 address specified. console(config)#ping ipv6 interface loopback 1 FE80::202:BCFF:FE00:3068/128 Send count=3, Receive count=0 from FE80::202:BCFF:FE00:3068/128 Average round trip time = 0.00 ms show ipv6 brief Use the show ipv6 brief command in Privileged EXEC mode to display the IPv6 status of forwarding mode and IPv6 unicast routing mode.
Page 679 Syntax loopback-id tunnel-id vlan-id show ipv6 interface {brief|loopback | tunnel |vlan [ prefix ] } loopback-id — Valid loopback interface ID • tunnel-id — Valid tunnel interface ID • vlan-id — Valid VLAN ID. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 680: Show Ipv6 Mld Groups
Router Advertisement Suppress Flag..... Disabled Prefix 3FF0:1236:C261::1/64 Preferred Lifetime......10000 Valid Lifetime......... 100000 Onlink Flag........Enabled Autonomous Flag........ Enabled console#show ipv6 interface brief Oper. Interface Mode IPv6 Address/Length ---------- -------- --------------------------------- vlan3 Enabled FE80::2FC:E3FF:FE90:147/128 3FF0:1236:C261::1/64 loopback 1 Enabled FE80::2FC:E3FF:FE90:145/128 3FF0:C221:1234::1/64 loopback 2 Disabled tunnel 1 Disabled 3FFE:1234::1/64...
Page 681 Command Mode Privileged EXEC mode User Guidelines vlan-id The following fields are displayed as a table when vlan is specified: Number of (*, G) entries Displays the number of groups present in the MLD Table. Number of (S, G) entries Displays the number of include and exclude mode sources present in the MLD Table.
Page 682 Example console#show ipv6 mld groups ff1e::5 Interface........vlan 6 Group Address........FF1E::5 Last Reporter........FE80::200:FF:FE00:22 Up Time (hh:mm:ss)......00:03:43 Expiry Time (hh:mm:ss)......------ Filter Mode........Include Version1 Host Timer......------ Group compat mode......v2 Source Address ExpiryTime ----------------- ----------- 4001::6 00:03:15 4001::7 00:03:15...
Page 683 Group Address........FF1E::3 Interface........vlan 6 Up Time (hh:mm:ss)......00:04:23 Expiry Time (hh:mm:ss)......------ Group Address........FF1E::4 Interface........vlan 6 Up Time (hh:mm:ss)......00:04:23 Expiry Time (hh:mm:ss)......------ IPv6 Routing Commands...
Page 684: Show Ipv6 Mld Interface
show ipv6 mld interface The show ipv6 mld interface command is used to display MLD related information for an interface. Syntax vlan-id show ipv6 mld interface { vlan | all } vlan-id — A valid VLAN id. • Default Configuration There is no default configuration for this command.
Page 685 Last Member Query This value indicates the configured number of Group-Specific Queries sent Count before the router assumes that there are no local members. The following information is displayed if the operational mode of the MLD interface is enabled: Querier Status This value indicates whether the interface is a MLD querier or non-querier on the subnet with which it is associated.
Page 686: Show Ipv6 Mld-Proxy
show ipv6 mld-proxy Use the show ipv6 mld-proxy command to display a summary of the host interface status parameters. Syntax show ipv6 mld-proxy Command Mode Privileged EXEC mode Default Configuration There is no default configuration for this command. User Guidelines The command displays the following parameters only when you enable MLD Proxy: Interface Index The interface number of the MLD Proxy interface.
Page 687: Show Ipv6 Mld-Proxy Groups
Version........3 Num of Multicast Groups......0 Unsolicited Report Interval....1 Querier IP Address on Proxy Interface..fe80::1:2:5 Older Version 1 Querier Timeout....00:00:00 Proxy Start Frequency......1 show ipv6 mld-proxy groups Use the show ipv6 mld-proxy groups command to display information about multicast groups that the MLD Proxy reported.
Page 688: Show Ipv6 Mld-Proxy Groups Detail
Example console#show ipv6 mld-proxy groups Interface........ vlan 10 Group Address Last Reporter Up Time Member State Filter Mode Sources ------------- -------------- ---------- ----------------- ------------ ------- FF1E::1 FE80::100:2.3 00:01:40 DELAY_MEMBER Exclude FF1E::2 FE80::100:2.3 00:02:40 DELAY_MEMBER Include FF1E::3 FE80::100:2.3 00:01:40 DELAY_MEMBER Exclude FF1E::4 FE80::100:2.3 00:02:44...
Page 689 Sources The number of sources attached to the multicast group. Group Source List The list of IP addresses of the sources attached to the multicast group. Expiry Time The time left for a source to get deleted. Example console#show ipv6 igmp-proxy groups Interface........
Page 690: Show Ipv6 Mld-Proxy Interface
show ipv6 mld-proxy interface Use the show ipv6 mld-proxy interface command to display a detailed list of the host interface status parameters. Syntax show ipv6 mld-proxy interface Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC User Guidelines The following parameters are displayed only when MLD Proxy is enabled: nterface...
Page 691: Show Ipv6 Mld Traffic
Example console#show ipv6 mld-proxy interface Interface........ vlan 10 Ver Query Rcvd Report Rcvd Report Sent Leave Rcvd Leave Sent ------------------------------------------------------------------ ----- ----- show ipv6 mld traffic The show ipv6 mld traffic command is used to display MLD statistical information for the router.
Page 692: Show Ipv6 Neighbors
Bad Checksum MLD Packets The number of bad checksum MLD packets received by the router. Malformed MLD Packets The number of malformed MLD packets received by the router. Example console#show ipv6 mld traffic Valid MLD Packets Received..... 52 Valid MLD Packets Sent......7 Queries Received.......
Page 693: Show Ipv6 Pimdm
Neighbor Last IPv6 Address MAC Address isRtr State Updated Interface -------------------- ----------------- ----- ------- --------- show ipv6 pimdm The show ipv6 pimdm command is used to display PIM-DM Global Configuration parameters and PIM DM interface status. Syntax show ipv6 pimdm Command Mode Privileged EXEC mode.
Page 694: Show Ipv6 Pimdm Interface
show ipv6 pimdm interface The show ipv6 pimdm interface command is used to display PIM-DM Configuration information for all interfaces or for the specified interface. If no interface is specified, Configuration of all interfaces is displayed. Syntax vlan-id show ipv6 pimdm interface [ vlan | all ] vlan-id —...
Page 695: Show Ipv6 Pimdm Neighbor
192.168.36.129 vlan 20 10.1.37.2 vlan 24 show ipv6 pimdm neighbor The show ipv6 pimdm neighbor command is used to display PIM-DM Neighbor information including Neighbor Address, Uptime and Expiry time for all interfaces or for the specified interface. Syntax vlan-id show ipv6 pimdm neighbor [ interface vlan | all ] vlan-id —...
Page 696: Show Ipv6 Route Preferences
ipv6-address — Specifies an IPv6 address for which the best-matching route would be • displayed. protocol — Specifies the protocol that installed the routes. Is one of the following keywords: • connected, ospf, static. ipv6-prefix/ipv6 prefix-length — Specifies a IPv6 network for which the matching route would •...
Page 697: Show Ipv6 Route Summary
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example shows the preference value associated with the type of route. console#show ipv6 route preferences Local.......... 0 Static.........
Page 698: Show Ipv6 Traffic
User Guidelines This command has no user guidelines. Example The following example displays a summary of the routing table. console#show ipv6 route summary IPv6 Routing Table Summary - 0 entries Connected Routes....... 0 Static Routes........0 OSPF Routes........0 Intra Area Routes......0 Inter Area Routes......
Page 699 User Guidelines This command has no user guidelines. Examples The following examples show traffic and statistics for IPv6 and ICMPv6, first for all interfaces and an individual VLAN. console> show ipv6 traffic IPv6 STATISTICS Total Datagrams Received........0 Received Datagrams Locally Delivered...... 0 Received Datagrams Discarded Due To Header Errors..
Page 700 Interface ........11 IPv6 STATISTICS Total Datagrams Received........0 Received Datagrams Locally Delivered...... 0 Received Datagrams Discarded Due To Header Errors..0 Received Datagrams Discarded Due To MTU....0 Received Datagrams Discarded Due To No Route....0 Received Datagrams With Unknown Protocol....0 Received Datagrams Discarded Due To Invalid Address..
Page 701: Show Ipv6 Vlan
show ipv6 vlan Use the show ipv6 vlan command in Privileged EXEC mode to display IPv6 VLAN routing interface addresses. Syntax show ipv6 vlan Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays IPv6 VLAN routing interface addresses.
Page 702 Default Configuration 33434 is the default port value. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example discovers the packet routes on a hop-by-hop basis. console#traceroute ipv6 2020:1::1 Tracing route over a maximum of 20 hops 1 * N * N * N IPv6 Routing Commands...
Page 703: Interface Loopback
Loopback Interface Commands This chapter explains the following commands: • interface loopback • show interfaces loopback interface loopback Use the interface loopback command in Global Configuration mode to enter the Interface Loopback configuration mode. Syntax loopback-id interface loopback loopback-id no interface loopback •...
Page 704 Syntax loopback-id show interfaces loopback [ loopback-id — Loopback identifier. (Range: 0-7) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Examples The following examples display information about configured loopback interfaces. console# show interfaces loopback Loopback Id Interface...
Page 705: Multicast Commands
Multicast Commands This chapter explains the following commands: • ip mcast boundary • ip mroute • ip multicast • ip multicast ttl-threshold • ip pimsm • ip pimsm bsr-border • ip pimsm bsr-candidate • ip pimsm dr-priority • ip pimsm hello-interval •...
Page 706: Ip Mcast Boundary
• show ip pimsm rp mapping ip mcast boundary Use the ip mcast boundary command in Interface Configuration mode to add an administrative groupipaddr mask scope multicast boundary specified by for which this multicast groupipaddr mask administrative boundary is applicable. is a group IP address and is a group IP mask.
Page 707: Ip Multicast
source-address — The IP address of the multicast data source. • source-mask — The IP subnet mask of the multicast data source. • rpf-address — The IP address of the next hop towards the source. • preference — The cost of the route (Range: 1 - 255). •...
Page 708: Ip Multicast Ttl-Threshold
Example The following example enables IP multicast on the router. console#configure console(config)#ip multicast console(config)#no ip multicast ip multicast ttl-threshold Use the ip multicast ttl-threshold command in Interface Configuration mode to apply a ttlvalue ttlvalue to a routing interface. is the TTL threshold which is applied to the multicast Data packets forwarded through the interface.
Page 709: Ip Pimsm
ip pimsm The ip pimsm command is used to administratively enable PIM-SM multicast routing mode on a particular router interface. Use the “no” form of this command to disable PIM SM on an interface. This command deprecates the ip pimsm mode command. Syntax ip pimsm no ip pimsm...
Page 710: Ip Pimsm Bsr-Candidate
User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ip pimsm bsr-border ip pimsm bsr-candidate The ip pimsm bsr-candidate command is used to configure the router to announce its candidacy as a bootstrap router (BSR). Use the “no” form of this command to stop the router from announcing its candidacy as a bootstrap router.
Page 711: Ip Pimsm Dr-Priority
ip pimsm dr-priority The ip pimsm dr-priority command is used to set the priority value for which a router is elected as the designated router (DR). Use the “no” form of this command to set the priority to the default. Syntax priority ip pimsm dr-priority...
Page 712: Ip Pimsm Join-Prune-Interval
User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ip pimsm hello-interval 60 ip pimsm join-prune-interval The ip pimsm join-prune-interval command is used to configure the interface join/prune interval for the PIM-SM router. Use the “no” form of this command to set the join/prune interval to the default.
Page 713: Ip Pimsm Register-Threshold
ip pimsm register-threshold The ip pimsm register-threshold command is used to configure the Register Threshold rate for the RP router to switch to the shortest path. Use the “no” form of this command to set the register threshold rate to the default. This command deprecates the ip pimsm register rate limit command.
Page 714: Ip Pimsm Rp-Candidate
Default Configuration There are no static RP addresses configured by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ip pimsm rp-address 192.168.20.1 225.1.0.0 255.255.255.0 ip pimsm rp-candidate The ip pimsm rp-candidate command is used to configure the router to advertise itself as a PIM candidate rendezvous point (RP) to the bootstrap router (BSR).
Page 715: Ip Pimsm Spt-Threshold
ip pimsm spt-threshold The ip pimsm spt-threshold command is used to configure the Data Threshold rate for the last- hop router to switch to the shortest path. Use the “no” form of this command to set the data threshold to the default. Syntax threshold ip pimsm spt-threshold...
Page 716: Show Bridge Multicast Address-Table Count
Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ip pimsm ssm default console(config)#ip pimsm ssm 224.1.0.0 255.255.0.0 show bridge multicast address-table count Use the show bridge multicast address-table count command to view statistical information about the entries in the multicast address table.
Page 717: Show Ip Mcast
The following table shows the information the command displays: Field Description Capacity The maximum number of addresses that can be stored in the multicast address table. Used The total number of addresses in the multicast address table. Static addresses The number of addresses in the multicast address table that are static IP addresses. Dynamic addresses The number of addresses in the multicast address table that were learned dynamically.
Page 718: Show Ip Mcast Boundary
show ip mcast boundary Use the show ip mcast boundary command in Privileged EXEC mode to display all the configured administrative scoped multicast boundaries. Syntax vlan-id show ip mcast boundary {vlan | all} vlan-id — Valid VLAN ID. • Default Configuration This command has no default configuration.
Page 719: Show Ip Mcast Mroute
Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays the multicast information for VLAN 15. console#show ip mcast interface vlan 15 Interface --------- ----- show ip mcast mroute Use the show ip mcast mroute command in Privileged EXEC mode to display a summary or all the details of the multicast table.
Page 720: Show Ip Mcast Mroute Group
console#show ip mcast mroute detail Multicast Route Table Expiry Up Time Source Ip Group Ip Time(secs) (secs) RPF Neighbor Flags --------- ----------- ---------- ----------- --------------- ----- show ip mcast mroute group Use the show ip mcast mroute group command in Privileged EXEC mode to display the multicast configuration settings such as flags, timer settings, incoming and outgoing interfaces, RPF neighboring routers, and expiration times of all the entries in the multicast mroute table groupipaddr...
Page 721: Show Ip Mcast Mroute Source
console#show ip mcast mroute group 224.5.5.5 detail Multicast Route Table Expiry Up Time Source Ip Group Ip Time(secs) (secs) RPF Neighbor Flags --------- --------- ----------- --------- --------------- ----- show ip mcast mroute source Use the show ip mcast mroute source command in Privileged EXEC mode to display the multicast configuration settings such as flags, timer settings, incoming and outgoing interfaces, RPF neighboring routers, and expiration times of all the entries in the multicast mroute table sourceipaddr...
Page 722: Show Ip Mcast Mroute Static
console#show ip mcast mroute source 10.1.1.1 224.5.5.5 Multicast Route Table Expiry Up Time Source IP Group IP Time(secs) (secs) RPF Neighbor Flags --------- --------- ----------- ----------- ------------ ----- show ip mcast mroute static Use the show ip mcast mroute static command in Privileged EXEC mode to display all the static routes configured in the static mcast table if it is specified or display the static route sourceipaddr associated with the particular...
Page 723: Show Ip Pimsm Bsr
show ip pimsm bsr The show ip pimsm bsr command displays the bootstrap router (BSR) information. The output includes elected BSR information and information about the locally configured candidate rendezvous point (RP) advertisement. This command deprecates the show ip pimsm componenttable command.
Page 724: Show Ip Pimsm Interface
Example console#show ip pimsm bsr BSR Address........1.1.1.1 BSR Priority........20 BSR Hash Mask Length......Next bootstrap message(hh:mm:ss)....00:00:11 Next Candidate RP advertisement(hh:mm:ss)..00:00:00 show ip pimsm interface The show ip pimsm interface command displays interface config parameters. If no interface is specified, all interfaces are displayed.
Page 725: Show Ip Pimsm Rphash
Join Prune Interval (secs)..... 60 Neighbor Count ........ 0 Designated Router......1.1.1.1 DR Priority........1 BSR Border........Disabled show ip pimsm rphash The show ip pimsm rphash command displays which rendezvous point (RP) is being selected for a specified group. Syntax group-address show ip pimsm rphash...
Page 726: Show Ip Pimsm Rp Mapping
show ip pimsm rp mapping The show ip pimsm rp mapping command is used to display all group-to-RP mappings of which the router is aware (either configured or learned from the bootstrap router (BSR)). If no RP is specified, all active RPs are displayed. This command deprecates the show ip pimsm rp candidate, show ip pimsm staticrp and show ip pimsm rp commands.
Page 727: Ospf Commands
OSPF Commands This chapter explains the following commands: • area default-cost • area nssa • area nssa default-info-originate • area nssa no-redistribute • area nssa no-summary • area nssa translator-role • area nssa translator-stab-intv • area range • area stub •...
Page 728 • external-lsdb-limit • ip ospf area • ip ospf authentication • ip ospf cost • ip ospf dead-interval • ip ospf hello-interval • ip ospf mtu-ignore • ip ospf network • ip ospf priority • ip ospf retransmit-interval • ip ospf transmit-delay •...
Page 729: Area Default-Cost
• timers spf • 1583compatibility area default-cost Use the area default-cost command in Router OSPF Configuration mode to configure the monetary default cost for the stub area. Use the no form of the command to return the cost to the default value. Syntax area-id integer...
Page 730: Area Nssa Default-Info-Originate
no area area-id nssa area-id — Identifies the OSPF not-so-stubby-area. (Range: 0–4294967295) • Default Configuration This command has no default configuration. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures not-so-stubby-area 10 as an NSSA. console(config)#router ospf console(config-router)#area 10 nssa area nssa default-info-originate...
Page 731: Area Nssa No-Redistribute
Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the metric value and type for the default route advertised into the NSSA. console(config-router)#area 20 nssa default-info-originate 250 non-comparable area nssa no-redistribute Use the area nssa no-redistribute command in Router OSPF Configuration mode to configure the NSSA Area Border router (ABR) so that learned external routes are not redistributed to the NSSA.
Page 732: Area Nssa No-Summary
area nssa no-summary Use the area nssa no-summary command in Router OSPF Configuration mode to configure the NSSA so that summary LSAs are not advertised into the NSSA. Syntax area-id area nssa no-summary area-id no area nssa no-summary area-id — Identifies the OSPF NSSA to configure. (Range: 0–4294967295) •...
Page 733: Area Nssa Translator-Stab-Intv
Default Configuration The default role is candidate. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the translator role of the NSSA. console(config-router)#area 20 nssa translator-role always area nssa translator-stab-intv Use the area nssa translator-stab-intv command in Router OSPF Configuration mode to configure the translator stability interval of the NSSA.
Page 734: Area Range
area range Use the area range command in Router OSPF Configuration mode to configure a summary prefix for routes learned in a given area. There are two types of area ranges. An area range can be configured to summarize intra-area routes. An ABR advertises the range rather than the specific intra-area route as a type 3 summary LSA.
Page 735: Area Stub
area stub Use the area stub command in Router OSPF Configuration mode to create a stub area for the specified area ID. A stub area is characterized by the fact that AS External LSAs are not propagated into the area. Removing AS External LSAs and Summary LSAs can significantly reduce the link state database of routers within the stub area.
Page 736: Area Virtual-Link
Default Configuration Disabled is the default configuration. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example prevents the Summary LSA from being advertised into the area 3 NSSA. console(config-router)#area 3 stub no-summary area virtual-link Use the area virtual-link command in Router OSPF Configuration mode to create the OSPF virtual interface for the specified area-id and neighbor router.
Page 737: Area Virtual-Link Authentication
area virtual-link authentication Use the area virtual-link authentication command in Router OSPF Configuration mode to configure the authentication type and key for the OSPF virtual interface identified by the area ID and neighbor ID. Use the no form of the command to return the authentication type to the default value.
Page 738: Area Virtual-Link Hello-Interval
Syntax area-id neighbor-id seconds area virtual-link dead-interval area-id neighbor-id no area virtual-link dead-interval area-id — Identifies the OSPF area to configure. (Range: IP address or decimal from • 0–4294967295) neighbor-id — Identifies the Router ID of the neighbor. • seconds — Number of seconds to wait before the OSPF virtual interface on the virtual •...
Page 739: Area Virtual-Link Retransmit-Interval
seconds — Number of seconds to wait before sending hello packets to the OSPF virtual • interface. (Range: 1–65535) Default Configuration 10 seconds is the default configuration. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures a 50-second wait interval.
Page 740: Area Virtual-Link Transmit-Delay
User Guidelines This command has no user guidelines. Example The following example configures a 500-second retransmit wait interval. console(config-router)#area 10 virtual-link 192.168.2.2 retransmit-interval 500 area virtual-link transmit-delay Use the area virtual-link transmit-delay command in Router OSPF Configuration mode to configure the transmit delay for the OSPF virtual interface identified by the area ID and neighbor ID.
Page 741: Auto-Cost
auto-cost By default, OSPF computes the link cost of each interface from the interface bandwidth. The link cost is computed as the ratio of a “reference bandwidth” to the interface bandwidth (ref_bw / interface bandwidth), where interface bandwidth is defined by the “bandwidth” command. Because the default reference bandwidth is 100 Mbps, OSPF uses the same default link cost for all interfaces whose bandwidth is 100 Mbps or greater.
Page 742: Capability Opaque
Default Configuration The default reference bandwidth is 10 Mbps Command Mode Interface Configuration (VLAN) mode. User Guidelines There are no user guidelines for this command. Example The following example configures the interface bandwidth to 500000 Kbps. console(config-if-vlan1)#bandwidth 500000 capability opaque Use the capability opaque command to enable Opaque Capability on the router.
Page 743: Default-Information Originate
Syntax vlan id clear ip ospf [ { configuration | redistribution | counters | neighbor [ interface vlan neighbor id ] ] } ] configuration — Reset the OSPF configuration to factory defaults. • • redistribution — Flush all self-originated external LSAs. Reapply the redistribution configuration and re originate prefixes as necessary.
Page 744: Default-Metric
Syntax integer default-information originate [always] [metric ] [metric-type {1 | 2}] no default-information originate [metric] [metric-type] • always — Always advertise default routes. integer — The metric (or preference) value of the default route. (Range: 1–16777214) • • 1 — External type-1 route. •...
Page 745: Distance Ospf
Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets a value of 50 for the default metric. console(config-router)#default-metric 50 distance ospf The distance ospf command sets the preference values of OSPF route types in the router. Lower route preference values are preferred when determining the best route.
Page 746: Distribute-List Out
distribute-list out Use the distribute-list out command in Router OSPF Configuration mode to specify the access list to filter routes received from the source protocol. Use the no form of the command to remove the specified source protocol from the access list. Syntax accesslistname distribute-list...
Page 747: Exit-Overflow-Interval
Default Configuration Enabled is the default configuration. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example enables OSPF router mode. console(config-router)#enable exit-overflow-interval Use the exit-overflow-interval command in Router OSPF Configuration mode to configure the exit overflow interval for OSPF.
Page 748: External-Lsdb-Limit
external-lsdb-limit Use the external-lsdb-limit command in Router OSPF Configuration mode to configure the external LSDB limit for OSPF. If the value is -1, then there is no limit. When the number of non-default AS-external-LSAs in a router's link-state database reaches the external LSDB limit, the router enters overflow state.
Page 749: Ip Ospf Authentication
area-id — The ID of the area (Range: IP address or decimal from 0 –4294967295). • Default Configuration OSPFv2 is disabled by default. Command Mode Interface Configuration (VLAN) mode. User Guidelines There are no user guidelines for this command. Example console(config-if-vlan1)#ip ospf area 192.168.1.10 ip ospf authentication Use the ip ospf authentication command in the Interface Configuration mode to set the OSPF...
Page 750: Ip Ospf Cost
Example The following example sets the OSPF Authentication Type and Key for VLAN 15. console(config-if-vlan15)#ip ospf authentication encrypt test123 ip ospf cost Use the ip ospf cost command in Interface Configuration mode to configure the cost on an OSPF interface. Use the no form of the command to return the cost to the default value. Syntax integer ip ospf cost...
Page 751: Ip Ospf Hello-Interval
seconds — Number of seconds that a router's Hello packets have not been seen before its • neighbor routers declare that the router is down. (Range: 1–65535) Default Configuration 40 is the default number of seconds. Command Mode Interface Configuration (VLAN) mode User Guidelines The value for the length of time must be the same for all routers attached to a common network.
Page 752: Ip Ospf Mtu-Ignore
Example The following example sets the OSPF hello interval at 30 seconds. console(config-if-vlan15)#ip ospf hello-interval 30 ip ospf mtu-ignore Use the ip ospf mtu-ignore command in Interface Configuration mode to disable OSPF maximum transmission unit (MTU) mismatch detection. OSPF Database Description packets specify the size of the largest IP packet that can be sent without fragmentation on the interface.
Page 753: Ip Ospf Priority
no ip ospf network broadcast — Set the network type to broadcast. • point-to-point — Set the network type to point-to-point • Default Configuration Interfaces operate in broadcast mode by default. Command Mode Interface Configuration (VLAN) mode. Usage Guidelines OSPF treats interfaces as broadcast interfaces by default. Loopback interfaces have a special loopback network type, which cannot be changed.
Page 754: Ip Ospf Retransmit-Interval
Command Mode Interface Configuration (VLAN) mode. User Guidelines A value of 1 is the highest router priority. A value of 0 indicates that the interface is not eligible to become the designated router on this network. Example The following example sets the OSPF priority for the VLAN 15 router at 100. console(config-if-vlan15)#ip ospf priority 100 ip ospf retransmit-interval Use the ip ospf retransmit-interval command in Interface Configuration mode to set the OSPF...
Page 755: Ip Ospf Transmit-Delay
ip ospf transmit-delay Use the ip ospf transmit-delay command in Interface Configuration mode to set the OSPF Transit Delay for the specified interface. Use the no form of the command to return the delay to the default value. Syntax seconds ip ospf transmit-delay no ip ospf transmit-delay seconds —...
Page 756: Network Area
Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets the number of paths at 2 that OSPF can report for a given destination. console(config-router)#maximum-paths 2 network area The network area command enables OSPFv2 on an interface and sets its area ID if the ip- address of an interface is covered by this network command.
Page 757: Passive-Interface Default
passive-interface default The passive-interface default command enables the global passive mode by default for all interfaces. It overrides any interface level passive mode. Use the “no” form of this command to disable the global passive mode by default for all interfaces. Any interface previously configured to be passive reverts to non-passive mode.
Page 758: Redistribute
User Guidelines There are no user guidelines for this command. Example console(config-router)#passive-interface vlan 1 redistribute Use the redistribute command in Router OSPF Configuration mode to configure OSPF protocol to allow redistribution of routes from the specified source protocol/routers. Use the no version of the command to disable redistribution from the selected source or to reset options to their default values.
Page 759: Router-Id
Example The following example configures OSPF protocol to allow redistribution of routes from the specified source protocol/routers. console(config-router)#redistribute rip metric 90 metric-type 1 tag 555 subnets router-id Use the router-id command in Router OSPF Configuration mode to set a 4-digit dotted- decimal number uniquely identifying the router OSPF ID.
Page 760: Show Ip Ospf
Command Mode Global Configuration mode. User Guidelines The command prompt changes when the router ospf command executes. Example The following example enters into router OSPF mode. console(config)#router ospf console(config-router)# show ip ospf Use the show ip ospf command to display information relevant to the OSPF router. This command has been modified to show additional fields.
Page 761 RFC 1583 Reflects whether 1583 compatibility is enabled or disabled. This is a configured Compatibility value. Opaque Capability Shows whether router is capable of sending Opaque LSA's. This is a configured value. ABR Status Shows whether the router is an OSPF Area Border Router. Exit Overflow Interval Shows the number of seconds that, after entering OverflowState, a router will attempt to leave OverflowState.
Page 762 Example The following example displays OSPF router information. console#show ip ospf Router ID........5.5.5.5 OSPF Admin Mode........ Enable ASBR Mode........Enable RFC 1583 Compatibility......Enable ABR Status........Disable Exit Overflow Interval......0 Spf Delay Time......... 20 Spf Hold Time........30 External LSA Count......
Page 763: Show Ip Ospf Abr
show ip ospf abr The show ip ospf abr command displays the internal OSPF routing table entries to Area Border Routers (ABR). This command takes no options. Syntax show ip ospf abr Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode.
Page 764 Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays OSPF router information. console#show ip ospf area 10 AreaID......... 0.0.0.10 External Routing....... Import External LSAs Spf Runs........0 Area Border Router Count....... 0 Area LSA Count.........
Page 765: Show Ip Ospf Asbr
Translator Stability Interval....2000 Translator State....... Disabled show ip ospf asbr The show ip ospf asbr command displays the internal OSPF routing table entries to Autonomous System Boundary Routes (ASBR). This command takes no options. Syntax show ip ospf asbr Default Configuration This command has no default configuration.
Page 766: Show Ip Ospf Database
show ip ospf database Use the show ip ospf database command in Privileged EXEC mode to display information about the link state database when OSPF is enabled. If parameters are entered, the command displays the LSA headers. Use the optional parameters to specify the type of link state advertisements to display.
Page 767 Example The following example displays information about the link state database when OSPF is enabled. console#show ip ospf database Router Link States (Area 0.0.0.0) Link Id Adv Router Sequence Chksm Options Rtr Opt --------------- --------------- ----- -------- ------ ------- ------- 5.2.0.0 0.0.0.0 1360...
Page 768 5.2.0.0 0.0.0.0 1361 80000006 183a ------ Link Opaque States (Area 0.0.0.0) Link Id Adv Router Sequence Chksm Options Rtr Opt --------------- --------------- ----- -------- ------ ------- ------- 5.2.0.0 0.0.0.0 1361 80000005 ef59 ------ Area Opaque States (Area 0.0.0.0) Link Id Adv Router Sequence Chksm Options Rtr Opt...
Page 769: Show Ip Ospf Database Database-Summary
show ip ospf database database-summary Use the show ip ospf database database-summary command to display the number of each type of LSA in the database for each area and for the router. The command also displays the total number of LSAs in the database. This command has been modified. Syntax show ip ospf database database-summary Default Configuration...
Page 770 Example The following example displays the number of each type of LSA in the database for each area and for the router. console#show ip ospf database database-summary OSPF Router with ID (5.5.5.5) Area 0.0.0.0 database summary Router......... 0 Network........0 Summary Net........
Page 771: Show Ip Ospf Interface
Summary ASBR........0 Type-7 Ext........0 Opaque Link........0 Opaque Area........0 Type-5 Ext........0 Self-Originated Type-5 Ext..... 0 Opaque AS........0 Total.......... 0 show ip ospf interface Use the show ip ospf interface command in Privileged EXEC mode to display the information for the VLAN or loopback interface.
Page 772 Example The following example displays the information for the IFO object or virtual interface tables associated with VLAN 3. console#show ip ospf interface vlan 10 IP Address........1.1.1.1 Subnet Mask........255.255.255.0 Secondary IP Address(es)....... OSPF Admin Mode........ Enable OSPF Area ID........0.0.0.0 OSPF Network Type......
Page 773: Show Ip Ospf Interface Brief
show ip ospf interface brief Use the show ip ospf interface brief command in Privileged EXEC mode to display brief information for the IFO object or virtual interface tables. Syntax show ip ospf interface brief Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode.
Page 774: Show Ip Ospf Interface Stats
show ip ospf interface stats Use the show ip ospf interface stats command in User EXEC mode to display the statistics for a specific interface. The information is only displayed if OSPF is enabled. Syntax vlan-id show ip ospf interface stats vlan vlan-id —...
Page 775: Show Ip Ospf Neighbor
show ip ospf neighbor Use the show ip ospf neighbor command in Privileged EXEC mode to display information about OSPF neighbors. The information below only displays if OSPF is enabled and the interface has a neighbor. Syntax vlan-id ip-address show ip ospf neighbor [interface vlan vlan-id —...
Page 776: Show Ip Ospf Range
show ip ospf range Use the show ip ospf range command in Privileged EXEC mode to display information about the area ranges for the specified area-id. Syntax area-id show ip ospf range area-id — Identifies the OSPF area whose ranges are being displayed. (Range: IP address or •...
Page 777: Show Ip Ospf Stub Table
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example console>show ip ospf statistics Area 0.0.0.0: SPF algorithm executed 0 times Delta T SPF Duration (msec) Reason -------- ------------------- --------------- 26:01:45...
Page 778: Show Ip Ospf Virtual-Link
Example The following example displays the OSPF stub table. console(config)#show ip ospf stub table AreaId TypeofService Metric Val Import SummaryLSA ------------- ------------- ---------- ----------------- 0.0.0.1 Normal Enable show ip ospf virtual-link Use the show ip ospf virtual-link command in Privileged EXEC mode to display the OSPF Virtual Interface information for a specific area and neighbor.
Page 779: Show Ip Ospf Virtual-Link Brief
Hello Interval......... 10 Dead Interval........655555 Iftransit Delay Interval....... 1 Retransmit Interval......5 State.......... down Metric......... 0 Neighbor State......... down Authentication Type......MD5 Authentication Key......"test123" Authentication Key ID......100 show ip ospf virtual-link brief Use the show ip ospf virtual-link brief command in Privileged EXEC mode to display the OSPF Virtual Interface information for all areas in the system.
Page 780: Timers Spf
Example The following example displays the OSPF Virtual Interface information in the system. console#show ipv6 ospf virtual-link brief Hello Dead Retransmit Transit Area ID Neighbor Interval Interval Interval Delay ------- -------- -------- -------- ---------- -------- 0.0.0.2 5.5.5.5 timers spf Use the timers spf command in Router OSPF Configuration mode to configure the SPF delay and hold time.
Page 781: Compatibility
1583compatibility Use the 1583compatibility command in Router OSPF Configuration mode to enable OSPF 1583 compatibility. Use the no form of the command to disable it. Syntax 1583compatibility no 1583compatibility Default Configuration Enabled is the default configuration. Command Mode Router OSPF Configuration mode. User Guidelines If all OSPF routers in the routing domain are capable of operating according to RFC 2328, OSPF 1583 compatibility mode should be disabled.
Page 782 OSPF Commands...
Page 783: Ospfv3 Commands
OSPFv3 Commands This chapter explains the following commands: • area default-cost • area nssa • area nssa default-info-originate • area nssa no-redistribute • area nssa no-summary • area nssa translator-role • area nssa translator-stab-intv • area range • area stub •...
Page 784: Area Default-Cost
• ipv6 ospf mtu-ignore • ipv6 ospf network • ipv6 ospf priority • ipv6 ospf retransmit-interval • ipv6 ospf transmit-delay • ipv6 router ospf • maximum-paths • passive-interface • passive-interface default • redistribute • router-id • show ipv6 ospf • show ipv6 ospf abr •...
Page 785: Area Nssa
Syntax areaid cost area default-cost areaid no area default-cost areaid — Valid area identifier. • cost — Default cost. (Range: 1-16777215) • Default Configuration This command has no default configuration. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the monetary default cost at 100 for stub area 1.
Page 786: Area Nssa Default-Info-Originate
User Guidelines This command has no user guidelines. Example The following example configures area 1 to function as an NSSA. console(config)#ipv6 router ospf console(config-rtr)#area 1 nssa area nssa default-info-originate Use the area nssa default-info-originate command in Router OSPFv3 Configuration mode to configure the metric value and type for the default route advertised into the NSSA.
Page 787: Area Nssa No-Redistribute
console(config-rtr)#area 1 nssa default-info-originate area nssa no-redistribute Use the area nssa no-redistribute command in Router OSPFv3 Configuration mode to configure the NSSA ABR so that learned external routes will not be redistributed to the NSSA. Use the no form of the command to remove the configuration. Syntax area areaid...
Page 788: Area Nssa Translator-Role
Default Configuration This command has no default configuration. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the area 1 NSSA so that summary LSAs are not advertised into the NSSA. console(config)#ipv6 router ospf console(config-rtr)#area 1 nssa no-summary area nssa translator-role...
Page 789: Area Nssa Translator-Stab-Intv
Example The following example configures the always translator role of the area 1 NSSA. console(config)#ipv6 router ospf console(config-rtr)#area 1 nssa translator-role always area nssa translator-stab-intv Use the area nssa translator-stab-intv command in Router OSPFv3 Configuration mode to configure the translator stability interval of the NSSA. The stability interval is the period of time that an elected translator continues to perform its duties after it determines that its translator status has been deposed by another router.
Page 790: Area Stub
intra-area route as a type 3 summary LSA. Also, an area range can be configured at the edge of an NSSA to summarize external routes reachable within the NSSA. The range is advertised as a type 5 external LSA. Use the no form of the command to remove the summary prefix configuration for routes learned in the specified area.
Page 791: Area Stub No-Summary
Syntax areaid area stub areaid no area stub areaid — Valid OSPFv3 area identifier. • Default Configuration This command has no default configuration. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example creates a stub area for area 1. console(config)#ipv6 router ospf console(config-rtr)#area 1 stub area stub no-summary...
Page 792: Area Virtual-Link Dead-Interval
Example The following example prevents Summary LSAs from being advertised into the area 1 NSSA. console(config)#ipv6 router ospf console(config-rtr)#area 1 stub no-summary area virtual-link Use the area virtual-link command in Router OSPFv3 Configuration mode to create the OSPF areaid neighbor virtual interface for the specified .
Page 793: Area Virtual-Link Hello-Interval
Syntax areaid neighbor seconds area virtual-link dead-interval areaid neighbor no area virtual-link dead-interval areaid — Valid OSPFv3 area identifier. • neighbor — Router ID of neighbor. • seconds — Dead interval. (Range: 1-65535) • Default Configuration seconds 40 is the default value for Command Mode Router OSPFv3 Configuration mode.
Page 794: Area Virtual-Link Retransmit-Interval
Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures a hello interval of 20 seconds for the OSPF virtual interface on the virtual interface identified by area 1 and its neighbor. console(config)#ipv6 router ospf console(config-rtr)#area 1 virtual-link 2 hello-interval 20 area virtual-link retransmit-interval...
Page 795: Area Virtual-Link Transmit-Delay
(config)#ipv6 router ospf (config-rtr)#area 1 virtual-link 2 retransmit-interval 20 area virtual-link transmit-delay Use the area virtual-link transmit-delay command in Router OSPFv3 Configuration mode to configure the transmit delay for the OSPF virtual interface on the virtual interface identified by areaid neighbor Syntax areaid...
Page 796: Default-Metric
Syntax integer default-information originate [always] [metric ] [metric-type {1 | 2}] no default-information originate [metric] [metric-type] always — Always advertise default routes. • integer — The metric (or preference) value of the default route. (Range: 1–16777214) • • 1—External type-1 route. •...
Page 797: Distance Ospf
Default Configuration This command has no default configuration. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets a default of 100 for the metric of distributed routes. console(config)#ipv6 router ospf console(config-rtr)#default-metric 100 distance ospf The distance ospf command sets the preference values of OSPF route types in the router.
Page 798: Enable
Example The following example sets a route preference value of 100 for intra OSPF in the router. console(config)#ipv6 router ospf console(config-rtr)#distance ospf intra 100 enable Use the enable command in Router OSPFv3 Configuration mode to enable administrative mode of OSPF in the router (active). Syntax enable no enable...
Page 799: External-Lsdb-Limit
no exit-overflow-interval seconds — Exit overflow interval for OSPF (Range: 0-2147483647) • Default Configuration seconds 0 is the default value for Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines. Example The following example configures the exit overflow interval for OSPF at 100 seconds. console(config)#ipv6 router ospf console(config-rtr)#exit-overflow-interval 100 external-lsdb-limit...
Page 800: Ipv6 Ospf
User Guidelines This command has no user guidelines. Example The following example sets the external LSDB limit at 100 for OSPF. console(config)#ipv6 router ospf console(config-rtr)#external-lsdb-limit 100 ipv6 ospf Use the ipv6 ospf command in Interface Configuration mode to enable OSPF on a router interface or loopback interface.
Page 801: Ipv6 Ospf Cost
no ipv6 ospf areaid areaid areaid — Is a 32-bit integer, formatted as a 4-digit dotted-decimal number or a decimal value. • It uniquely identifies the area to which the interface connects. Assigning an area id which does not exist on an interface causes the area to be created with default values. (Range: 0- 4294967295).
Page 802: Ipv6 Ospf Dead-Interval
Example The following example configures a cost of 100. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 ospf cost 100 ipv6 ospf dead-interval Use the ipv6 ospf dead-interval command in Interface Configuration mode to set the OSPF dead interval for the specified interface. Syntax seconds ipv6 ospf dead-interval no ipv6 ospf dead-interval...
Page 803: Ipv6 Ospf Mtu-Ignore
Syntax seconds ipv6 ospf hello-interval no ipv6 ospf hello-interval seconds — A valid positive integer which represents the length of time of the OSPF hello • interval. The value must be the same for all routers attached to a network. (Range: 1-65535 seconds) Default Configuration seconds...
Page 804: Ipv6 Ospf Network
Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode. User Guidelines This command has no user guidelines. Example The following example disables OSPF maximum transmission unit (MTU) mismatch detection. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 ospf mtu-ignore ipv6 ospf network Use the ipv6 ospf network command in Interface Configuration mode to change the default OSPF network type for the interface.
Page 805: Ipv6 Ospf Priority
Example The following example changes the default OSPF network type to point-to-point. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 ospf network point-to-point ipv6 ospf priority Use the ipv6 ospf priority command in Interface Configuration mode to set the OSPF priority for the specified router interface. Syntax priority ipv6 ospf priority...
Page 806: Ipv6 Ospf Transmit-Delay
seconds — The number of seconds between link-state advertisement retransmissions for • adjacencies belonging to this router interface. This value is also used when retransmitting database description and link-state request packets. (Range: 0 to 3600 seconds) Default Configuration 5 seconds is the default value. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode.
Page 807: Ipv6 Router Ospf
Example The following example sets the OSPF Transmit Delay at 100 seconds for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 ospf transmit-delay 100 ipv6 router ospf Use the ipv6 router ospf command in Global Configuration mode to enter Router OSPFv3 Configuration mode. Syntax ipv6 router ospf Default Configuration...
Page 808: Passive-Interface
Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets the number of paths that OSPF can report for a destination to 1. console(config)#ipv6 router ospf console(config-rtr)#maximum-paths 1 passive-interface Use the passive-interface command to set the interface or tunnel as passive. It overrides the global passive mode that is currently effective on the interface or tunnel.
Page 809: Passive-Interface Default
passive-interface default The passive-interface default command enables the global passive mode by default for all interfaces. It overrides any interface level passive mode. Use the “no” form of this command to disable the global passive mode by default for all interfaces. Any interface previously configured to be passive reverts to non-passive mode.
Page 810: Show Ipv6 Ospf
User Guidelines This command has no user guidelines. Example The following example configures the OSPFv3 protocol to allow redistribution of routes from the specified source protocol/routers. console(config)#ipv6 router ospf console(config-rtr)#redistribute connected router-id Use the router-id command in Router OSPFv3 Configuration mode to set a 4-digit dotted- decimal number uniquely identifying the Router OSPF ID.
Page 811 Syntax show ipv6 ospf Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example enables OSPF traps. console#show ipv6 ospf Router ID........0.0.0.2 OSPF Admin Mode........ Enable ASBR Mode........
Page 812: Show Ipv6 Ospf Abr
show ipv6 ospf abr This command displays the internal OSPFv3 routes to reach Area Border Routers (ABR). This command takes no options. Syntax show ipv6 ospf abr Default Configuration This command has no default configuration. Command Mode User EXEC mode. User Guidelines This command has no user guidelines.
Page 813: Show Ipv6 Ospf Asbr
Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays information about area 1. console#show ipv6 ospf area 1 AreaID......... 0.0.0.1 External Routing....... Import External LSAs Spf Runs........0 Area Border Router Count....... 0 Area LSA Count.........
Page 814: Show Ipv6 Ospf Database
Type Router Id Cost Area ID Next Hop Next Hop Intf ---- --------- ---- -------- ----------------------- ------- INTRA 1.1.1.1 0.0.0.1 FE80::213:C4FF:FEDB:6C41 vlan10 INTRA 4.4.4.4 0.0.0.1 FE80::210:18FF:FE82:8E1 vlan12 show ipv6 ospf database Use the show ipv6 ospf database command in Privileged EXEC mode to display information about the link state database when OSPFv3 is enabled.
Page 815 Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays information about the link state database when OSPFv3 is enabled. console#show ipv6 ospf database Router Link States (Area 0.0.0.0) Adv Router Link Id Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- ------- ------- 1.1.1.1...
Page 816 -------------- --------------- ----- -------- ---- ------- ------- 1.1.1.1 80000008 2D89 V6E--R- 2.2.2.2 8000000A 6F82 V6E--R- 2.2.2.2 80000001 7782 V6E--R- Intra Prefix States (Area 0.0.0.0) Adv Router Link Id Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- ------- ------- 1.1.1.1 8000003C 9F31 2.2.2.2...
Page 817: Show Ipv6 Ospf Database Database-Summary
Link States (Area 0.0.0.1) Adv Router Link Id Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- ------- ------- 1.1.1.1 80000003 B877 V6E--R- 2.2.2.2 80000003 FE6E V6E--R- Intra Prefix States (Area 0.0.0.1) Adv Router Link Id Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- ------- ------- 1.1.1.1 8000003A 37C4...
Page 818: Show Ipv6 Ospf Interface
console#show ipv6 ospf database database-summary OSPF Router with ID (0.0.0.2) Router database summary Router......... 0 Network........0 Inter-area Prefix......0 Inter-area Router......0 Type-7 Ext........0 Link........... 0 Intra-area Prefix......0 Link Unknown........0 Area Unknown........0 AS Unknown........0 Type-5 Ext........
Page 819: Show Ipv6 Ospf Interface Brief
User Guidelines This command has no user guidelines. Example The following example displays the information in VLAN 11’s virtual interface tables. console#show ipv6 ospf interface vlan 11 IP Address........Err ifIndex........1 OSPF Admin Mode........ Enable OSPF Area ID........0.0.0.0 Router Priority........
Page 820: Show Ipv6 Ospf Interface Stats
User Guidelines This command has no user guidelines. Example The following example displays brief ospf interface information. console#show ipv6 ospf interface brief Hello Dead Retrax Admin Router Int. Int. Int. Retrax Ack Interface Mode Area ID Prior. Cost Val. Val. Val.
Page 821: Show Ipv6 Ospf Interface Vlan
AS Border Router Count......0 Area LSA Count......... 6 IPv6 Address........FE80::202:BCFF:FE00:3146/1283FFE::2/64 OSPF Interface Events......53 Virtual Events......... 13 Neighbor Events........ 6 External LSA Count......0 LSAs Received........660 Originate New LSAs......853 Sent Packets........1013 Received Packets....... 893 Discards........48 Bad Version........
Page 822 Syntax vlan-id show ipv6 ospf interface vlan { | brief } vlan-id — Valid VLAN ID. Range is 1-4093. • brief — Displays a snapshot of configured interfaces. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines.
Page 823: Show Ipv6 Ospf Neighbor
Designated Router......1.1.1.1 Backup Designated Router....2.2.2.2 Number of Link Events....46 show ipv6 ospf neighbor Use the show ipv6 ospf neighbor command in Privileged EXEC mode to display information about OSPF neighbors. If a neighbor IP address is not specified, the output displays summary information in a table.
Page 824: Show Ipv6 Ospf Range
IP Address........Err ifIndex........619 OSPF Admin Mode........ Enable OSPF Area ID........0.0.0.0 Router Priority........ 1 Retransmit Interval......5 Hello Interval......... 10 Dead Interval........40 LSA Ack Interval....... 1 Iftransit Delay Interval....... 1 Authentication Type......None Metric Cost........1 (computed) OSPF Mtu-ignore........
Page 825: Show Ipv6 Ospf Stub Table
Example The following example displays information about the area ranges for area 1. console#show ipv6 ospf range 1 Area ID IPv6 Prefix/Prefix Length Lsdb Type Advertisement --------- ------------------------- --------------- ------------- show ipv6 ospf stub table Use the show ipv6 ospf stub table command in Privileged EXEC mode to display the OSPF stub table.
Page 826: Show Ipv6 Ospf Virtual-Link Brief
areaid — Identifies the OSPF area whose virtual interface information is being displayed. • neighbor — Router ID of neighbor. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays the OSPF Virtual Interface information for area 1 and its neighbor.
Page 827 Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays the OSPF stub table. console(config)#show ipv6 ospf virtual-link brief Hello Dead Retransmit Transit Area ID Neighbor Interval Interval Interval Delay ----------- ----------- ---------- ---------- ---------- -------- OSPFv3 Commands...
Page 828 OSPFv3 Commands...
Page 829: Ip Pimdm
PIM-DM Commands This chapter explains the following commands: • ip pimdm • show ip pimdm • show ip pimdm interface • show ip pimdm neighbor ip pimdm Use the ip pimdm command in Global Configuration mode to enable the administrative mode of PIM-DM in the router.
Page 830: Show Ip Pimdm Interface
Syntax show ip pimdm Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays system-wide information for PIM-DM. console(config)#show ip pimdm Admin Mode........Disable PIM-DM INTERFACE STATUS Interface Interface Mode Protocol State...
Page 831: Show Ip Pimdm Neighbor
Example The following example displays interface information for VLAN 11 PIM-DM. console(config)#show ip pimdm interface vlan 11 Interface Mode......... Disable Hello Interval (secs)......30 show ip pimdm neighbor Use the show ip pimdm neighbor command in Privileged EXEC mode to display the neighbor information for PIM-DM on the specified interface.
Page 832 PIM-DM Commands...
Page 833: Ip Pimsm
PIM-SM Commands This chapter explains the following commands: • ip pimsm • ip pimsm spt-threshold • ip pim-trapflags • show ip pimsm • show ip pimsm interface • show ip pimsm neighbor • show ip pimsm rphash ip pimsm Use the ip pimsm command in Global Configuration mode to set administrative mode of PIM- SM multicast routing across the router to enabled.
Page 834: Ip Pim-Trapflags
ip pimsm spt-threshold Use the ip pimsm spt-threshold command in Global Configuration mode to configure the Data Threshold rate for the last-hop (or leaf) router to switch to the shortest path. The rate is specified in kilobits per second. Syntax threshold ip pimsm spt-threshold no ip pimsm spt-threshold...
Page 835: Show Ip Pimsm
User Guidelines This command has no user guidelines. Example The following example enables PIM trap mode. console(config)#ip pim-trapflags show ip pimsm Use the show ip pimsm command in Privileged EXEC mode to display the system-wide information for PIM-SM. Syntax show ip pimsm Default Configuration This command has no default configuration.
Page 836: Show Ip Pimsm Neighbor
show ip pimsm interface Use the show ip pimsm interface command in Privileged EXEC mode to display interface information for PIM-SM on the specified interface. Syntax vlan-id show ip pimsm interface [ vlan vlan-id — Valid VLAN ID • Default Configuration This command has no default configuration.
Page 837: Show Ip Pimsm Rphash
Syntax vlan-id show ip pimsm neighbor [ interface vlan | all ] vlan-id — Valid VLAN ID • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays neighbor information for PIM-SM on all interfaces.
Page 838 User Guidelines This command has no user guidelines. Example The following example displays the RP router being selected from the set of active RP routers. console#show ip pimsm rphash 224.5.5.5 There are no static RPs for that group on the router. PIM-SM Commands...
Page 839: Router Discovery Protocol Commands
Router Discovery Protocol Commands This chapter explains the following commands: • ip irdp • ip irdp address • ip irdp holdtime • ip irdp maxadvertinterval • ip irdp minadvertinterval • ip irdp preference • show ip irdp ip irdp Use the ip irdp command in Interface Configuration mode to enable Router Discovery on an interface.
Page 840: Ip Irdp Address
ip irdp address Use the ip irdp address command in Interface Configuration mode to configure the address that the interface uses to send the router discovery advertisements. Use the no form of the command to return the address to the default. Syntax ip-address ip irdp address...
Page 841: Ip Irdp Maxadvertinterval
Default Configuration 1800 seconds is the default value. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example sets hold time at 2000 seconds for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip irdp holdtime 2000 ip irdp maxadvertinterval Use the ip irdp maxadvertinterval command in Interface Configuration mode to configure the maximum time, in seconds, allowed between sending router advertisements from the interface.
Page 842: Ip Irdp Minadvertinterval
console(config)#interface vlan 15 console(config-if-vlan15)#ip irdp maxadvertinterval 600 ip irdp minadvertinterval Use the ip irdp minadvertinterval command in Interface Configuration mode to configure the minimum time, in seconds, allowed between sending router advertisements from the interface. Use the no form of the command to set the time to the default value. Syntax integer ip irdp minadvertinterval...
Page 843: Show Ip Irdp
integer — Preference of the address as a default router address, relative to other router • addresses on the same subnet. (Range: -2147483648 to 2147483647) Default Configuration 0 is the default value. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines.
Page 844 console#show ip irdp vlan 15 Interface Ad Mode Advertise Address Max Int Min Int Hold Time Preference --------- ------- ----------------- ------- ------- -------- ---------- vlan15 Enable 224.0.0.1 1800 Router Discovery Protocol Commands...
Page 845: Auto-Summary
Routing Information Protocol Commands This chapter explains the following commands: • auto-summary • default-information originate • default-metric • distance rip • distribute-list out • enable • hostroutesaccept • ip rip • ip rip authentication • ip rip receive version • ip rip send version •...
Page 846: Default-Information Originate
Default Configuration Disabled is the default configuration. Command Mode Router RIP Configuration mode. User Guidelines This command has no user guidelines. Example console(config-router)#auto-summary default-information originate Use the default-information originate command in Router RIP Configuration mode to control the advertisement of default routes. Syntax default-information originate no default-information originate...
Page 847: Distance Rip
Syntax integer default-metric no default-metric integer — Metric for the distributed routes. (Range: 1-15) • Default Configuration Default metric is not configured by default. Command Mode Router RIP Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets a default of 12 for the metric of distributed routes. console(config-router)#default-metric 12 distance rip Use the distance rip command in Router RIP Configuration mode to set the route preference...
Page 848: Distribute-List Out
Example The following example sets the route preference value of RIP in the router at 100. console(config-router)#distance rip 100 distribute-list out Use the distribute-list out command in Router RIP Configuration mode to specify the access list to filter routes received from the source protocol. Use the no form of the command to remove the access list from the specified source protocol.
Page 849: Hostroutesaccept
Syntax enable no enable Default Configuration Enabled is the default configuration. Command Mode Router RIP Configuration mode. User Guidelines This command has no user guidelines. Example console(config-router)#enable hostroutesaccept Use the hostroutesaccept command in Router RIP Configuration mode to enable the RIP hostroutesaccept mode.
Page 850: Ip Rip Authentication
ip rip Use the ip rip command in Interface Configuration mode to enable RIP on a router interface. Use the no form of the command to disable RIP on the interface. Syntax ip rip no ip rip Default Configuration Disabled is the default configuration. Command Mode Interface Configuration (VLAN) mode.
Page 851: Ip Rip Receive Version
Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example sets the RIP Version 2 Authentication Type and Key for VLAN 11. console(config-if-vlan11)#ip rip authentication encrypt pass123 35 ip rip receive version Use the ip rip receive version command in Interface Configuration mode to configure the interface to allow RIP control packets of the specified version(s) to be received.
Page 852: Ip Rip Send Version
ip rip send version Use the ip rip sent version command in Interface Configuration mode to configure the interface to allow RIP control packets of the specified version to be sent. Use the no form of the command to return the version to the default value. Syntax ip rip send version {rip1 | rip1c | rip2 | none} no ip rip send version...
Page 853: Router Rip
integer — Specifies the metric to use when redistributing the route. Range: 0-15. • metric • match internal — Adds internal matches to any match types presently being redistributed. • match external 1 — Adds routes imported into OSPF as Type-1 external routes into any match types presently being redistributed.
Page 854: Show Ip Rip
Command Mode Global Configuration mode. User Guidelines This command has no user guidelines. Example The following example enters Router RIP mode. console(config)#router rip console(config-router)# show ip rip Use the show ip rip command in Privileged EXEC mode to display information relevant to the RIP router.
Page 855: Show Ip Rip Interface
Global route changes......0 Global queries......... 0 Default Metric......... 12 Default Route Advertise......0 Redistributing......... Source......... Connected Metric......... 2 Distribute List........ Not configured Redistributing......... Source......... ospf Metric......... 10 Match Value........'nssa-external 1' Distribute List........ Not configured show ip rip interface Use the show ip rip interface command in Privileged EXEC mode to display information related to a particular RIP interface.
Page 856: Show Ip Rip Interface Brief
console#show ip rip interface vlan 15 Interface........15 IP Address........----- Send version........RIP-2 Receive version........ Both RIP Admin Mode......... Disable Link State........----- Authentication Type......MD5 Authentication Key......"pass123" Authentication Key ID......35 Bad Packets Received......----- Bad Routes Received......----- Updates Sent........
Page 857: Split-Horizon
Send Receive Link Interface IP Address Version Version Mode State ---------- ---------- -------- ----------- --------- ---------- vlan1 0.0.0.0 RIP-2 Both Disable Down vlan2 0.0.0.0 RIP-2 Both Disable Down split-horizon Use the split-horizon command in Router RIP Configuration mode to set the RIP split horizon mode.
Page 858 Routing Information Protocol Commands...
Page 859: Interface Tunnel
Tunnel Interface Commands This chapter explains the following commands: • interface tunnel • show interfaces tunnel • tunnel destination • tunnel mode ipv6ip • tunnel source interface tunnel Use the interface tunnel command in Global Configuration mode to enter the interface configuration mode for a tunnel.
Page 860: Show Interfaces Tunnel
show interfaces tunnel Use the show interfaces tunnel command in Privileged EXEC mode to display the parameters related to tunnel such as tunnel mode, tunnel source address and tunnel destination address. Syntax tunnel-id show interfaces tunnel [ tunnel-id — Tunnel identifier. (Range: 0–7) •...
Page 861: Tunnel Mode Ipv6Ip
no tunnel destination ipv4addr — Valid ipv4 address. • Default Configuration This command has no default configuration. Command Mode Interface Configuration (Tunnel) mode. User Guidelines This command has no user guidelines. Example The following example specifies the destination transport address of tunnel 1. console(config)#interface tunnel 1 console(config-if-tunnel1)#tunnel destination 10.1.1.1 tunnel mode ipv6ip...
Page 862: Tunnel Source
console(config)#interface tunnel 1 console(config-if-tunnel1)#tunnel mode ipv6ip console(config-if-tunnel1)#tunnel mode ipv6ip 6to4 tunnel source Use the tunnel source command in Interface Configuration mode to specify the source transport address of the tunnel, either explicitly or by reference to an interface. Syntax ipv4addr vlan-id tunnel source { | vlan...
Page 863: Virtual Router Redundancy Protocol
Virtual Router Redundancy Protocol Commands This chapter explains the following commands: • ip vrrp • ip vrrp authentication • ip vrrp ip • ip vrrp mode • ip vrrp preempt • ip vrrp priority • ip vrrp timers advertise • ip vrrp track interface •...
Page 864: Ip Vrrp Authentication
no ip vrrp vr-id • vr-id — Virtual router identification. (Range: 1-255) Default Configuration This command has no default configuration. Command Mode Global Configuration or Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example enables VRRP protocol on the router. console(config)#ip vrrp The following example in Interface Configuration mode enables VRRP protocol on VLAN 15.
Page 865: Ip Vrrp Ip
Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example sets the authorization details value for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip vrrp 5 authentication simple test123 ip vrrp ip Use the ip vrrp ip command in Interface Configuration mode to set the virtual router IP address value for an interface.
Page 866: Ip Vrrp Mode
console(config-if-vlan15)#ip vrrp 5 ip 192.168.5.25 ip vrrp mode Use the ip vrrp mode command in Interface Configuration mode to enable the virtual router configured on an interface. Enabling the status field starts a virtual router. Use the no form of the command to disable the virtual router.
Page 867: Ip Vrrp Priority
Default Configuration Enabled is the default configuration. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example sets the preemption mode value for the virtual router for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip vrrp 5 preempt ip vrrp priority Use the ip vrrp priority command in Interface Configuration mode to set the priority value for...
Page 868: Ip Vrrp Timers Advertise
console(config-if-vlan15)#ip vrrp 5 priority 20 ip vrrp timers advertise Use the ip vrrp timers advertise command in Interface Configuration mode to set the frequency, in seconds, that an interface on the specified virtual router sends a virtual router advertisement. Use the no form of the command to return the advertisement frequency to the default value.
Page 869: Ip Vrrp Track Ip Route
A VRRP configured interface can track more than one interface. When a tracked interface goes down, then the priority of the router will be decreased by 10 (default priority decrement) for each downed interface. The default priority decrement is changed using the priority argument. The default priority of the virtual router is 100, and the default decrement priority is 10.
Page 870: Show Ip Vrrp
priority of the router is decreased by 10 (default priority decrement) for each downed route. By default no routes are tracked. If we specify just the route to be tracked without giving the priority which is optional then the default priority will be set. Use the “no”...
Page 871: Show Ip Vrrp Interface
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays VRRP’s enabled status. console#show ip vrrp Admin Mode........Enable Router Checksum Errors......0 Router Version Errors......0 Router VRID Errors......
Page 872: Show Ip Vrrp Interface Brief
Example The following example displays all configuration information about the VLAN 15 virtual router. console#show ip vrrp interface vlan 7 1 Primary IP Address......192.168.5.55 VMAC Address........0000.5E00.0101 Authentication Type......None Priority........60 Advertisement Interval (secs)....10 Pre-empt Mode........Enable Administrative Mode......
Page 873: Show Ip Vrrp Interface Stats
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays all configuration information about the virtual router on the selected interface. console#show ip vrrp interface brief Interface VRID IP Address Mode State...
Page 874 Example The following example displays all statistical information about the VLAN 15 virtual router. console#show ip vrrp interface stats vlan 15 5 UpTime......0 days 0 hrs 0 mins 0 secs Protocol........IP State Transitioned to Master....0 Advertisement Received......0 Advertisement Interval Errors....
Page 875: Introduction
Utility Commands Introduction The chapters that follow describe commands that provide a variety of switch services, including commands that help you manage the switch. This section of the document contains the following topics: • Autoconfig Commands • Captive Portal Commands •...
Page 876 Utility Commands...
Page 877: Boot Host Auto-Save
Autoconfig Commands This chapter explains the following commands: • boot host auto-save • boot host dhcp • boot host retry-count • show boot boot host auto-save The boot host auto-save command enables/disables the option to automatically save configuration files downloaded to the switch by Auto Config. Syntax boot host auto-save no boot host auto-save...
Page 878: Boot Host Retry-Count
Syntax boot host dhcp no boot host dhcp Default Configuration Auto Config is enabled. Command Mode Global Configuration. User Guidelines This command has no user guidelines Example console#no boot host dhcp boot host retry-count The boot host retry-count command sets the number of attempts to download a configuration. Use the "no"...
Page 879: Show Boot
show boot The show autoconfig command displays the current status of the Auto Config process. Syntax show boot Default Configuration Not applicable Command Mode Privileged EXEC. User Guidelines This command has no user guidelines. Example console#show boot Config Download via DHCP: enabled Auto Config State : Waiting for boot options Auto Config State...
Page 880 Autoconfig Commands...
Page 881: Captive Portal Commands
Captive Portal Commands This chapter explains the following commands: Captive Portal Global Commands • authentication timeout • captive-portal • enable • http port • https port • show captive-portal • show captive-portal status Captive Portal Configuration Commands • block • configuration •...
Page 882 • show captive-portal interface configuration status Captive Portal Interface Commands • clear captive-portal users Captive Portal Local User Commands • clear captive-portal users • no user • show captive-portal user • user group • user name • user password • user session-timeout Captive Portal Status Commands •...
Page 883: Authentication Timeout
Captive Portal Global Commands authentication timeout Use the authentication timeout command to configure the authentication timeout. If the user does not enter valid credentials within this time limit, the authentication page needs to be served again in order for the client to gain access to the network. Use the “no” form of this command to reset the authentication timeout to the default.
Page 884: Http Port
Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#captive-portal console(config-CP)# enable Use the enable command to globally enable captive portal. Use the “no” form of this command to globally disable captive portal. Syntax enable no enable...
Page 885: Https Port
no http port port-num — The port number to monitor (Range: 1–65535). • Default Configuration Captive portal only monitors port 80 by default. Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command. Example console(config-CP)#http port 81 console(config-CP)#no http port https port...
Page 886: Show Captive-Portal
console(config-CP)#no https port show captive-portal Use the show captive-portal command to display the status of the captive portal feature. Syntax show captive-portal Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Example console#show captive-portal Administrative Mode.......
Page 887: Block
User Guidelines There are no user guidelines for this command. Example console#show captive-portal status Additional HTTP Port......81 Additional HTTP Secure Port....1443 Authentication Timeout......300 Supported Captive Portals...... 10 Configured Captive Portals..... 1 Active Captive Portals......0 Local Supported Users......128 Configured Local Users......
Page 888: Configuration
User Guidelines There are no user guidelines for this command. Example console(config-CP 2)#block configuration Use the configuration command to enter the captive portal instance mode. The captive portal configuration identified by CP ID 1 is the default CP configuration. The system supports a total of ten CP configurations.
Page 889: Group
no enable Default Configuration Configurations are enabled by default Command Mode Captive Portal Instance mode. User Guidelines There are no user guidelines for this command. Example console(config-CP 2)#no enable group Use the group command to configure the group number for a captive portal configuration. If a group number is configured, the user entry (Local or RADIUS) must be configured with the same name and the group to authenticate to this captive portal instance.
Page 890: Interface
interface Use the interface command to associate an interface with a captive portal configuration. Use the “no” form of this command to remove an association. Syntax interface interface interface no interface interface —An interface or range of interfaces. Default Configuration No interfaces are associated with a configuration by default.
Page 891: Protocol
User Guidelines There are no user guidelines for this command. name Use the name command to configure the name for a captive portal configuration. Use the “no” form of this command to remove a configuration name. Syntax cp-name name no name cp-name —CP configuration name (Range: 1–32 characters).
Page 892: Redirect-Url
User Guidelines There are no user guidelines for this command. Example console(config-CP 2)#protocol http redirect Use the redirect command to enable the redirect mode for a captive portal configuration. Use the “no” form of this command to disable redirect mode. Syntax redirect no redirect...
Page 893: Session-Timeout
User Guidelines There are no user guidelines for this command. Example console(config-CP 2)#redirect-url www.dell.com session-timeout Use the session-timeout command to configure the session timeout for a captive portal configuration. Use the “no” form of this command to reset the session timeout to the default.
Page 894: Captive-Portal Client Deauthenticate
Syntax verification { guest | local | radius } • guest— Allows access for unauthenticated users (users that do not have assigned user names and passwords). • local— Authenticates users against a local user database. • radius— Authenticates users against a remote RADIUS database. Default Configuration The default verification mode is guest.
Page 895: Show Captive-Portal Client Status
User Guidelines There are no user guidelines for this command. Example console#captive-portal client deauthenticate 0002.BC00.1290 show captive-portal client status Use the show captive-portal client status command to display client connection details or a connection summary for connected captive portal users. Syntax macaddr show captive-portal client [...
Page 896: Show Captive-Portal Configuration Client Status
Verification Mode......Local CP ID........1 CP Name........cp1 Interface......... 1/g1 Interface Description..... Unit: 1 Slot: 0 Port: 1 Gigabit - Level User Name......... user123 Session Time......0d:00:00:13 show captive-portal configuration client status Use the show captive-portal configuration client status command to display the clients authenticated to all captive portal configurations or a to specific configuration.
Page 897: Show Captive-Portal Interface Client Status
console#show captive-portal configuration 1 client status CP ID........1 CP Name........cp1 Client Client MAC Address IP Address Interface Interface Description -------------- --------------- --------- -------------------------------- 0002.BC00.1290 10.254.96.47 1/g1 Unit: 1 Slot: 0 Port: 1 Gigabit 0002.BC00.1291 10.254.96.48 1/g2 Unit: 1 Slot: 0 Port: 2 Gigabit show captive-portal interface client status Use the show captive-portal interface client status command to display information about clients authenticated on all interfaces or a specific interface.
Page 898: Show Captive-Portal Interface Configuration Status
console#show captive-portal interface 1/g1 client status Interface......... 1/g1 Interface Description..... Unit: 1 Slot: 0 Port: 1 Gigabit Client Client MAC Address IP Address CP ID CP Name Protocol Verification ----------------- --------------- ----- ----------------- -------- ------------ 0002.BC00.1290 10.254.96.47 http local 0002.BC00.1291 10.254.96.48 http local...
Page 899: Clear Captive-Portal Users
CP Name........cp1 Interface Interface Description Type --------- ----------------------------------- -------- 1/g1 Unit: 1 Slot: 0 Port: 1 Gigabit ... Physical Captive Portal Local User Commands clear captive-portal users Use the clear captive-portal users command to delete all captive portal user entries. Syntax clear captive-portal users Default Configuration...
Page 900: Show Captive-Portal User
Command Mode Captive Portal Configuration mode. User Guidelines There are no user guidelines for this command. Example console(config-CP)#no user 1 show captive-portal user Use the show captive-portal user command to display all configured users or a specific user in the captive portal local user database. Syntax show captive-portal user [ user-id ] user-id —User ID (Range: 1–128).
Page 901: User Group
console#show captive-portal user 1 User ID........1 User Name........user123 Password Configured......Yes Session Timeout........ 0 Group ID Group Name -------- -------------------------------- Default group2 user group Use the user group command to associate a group with a captive portal user. Use the “no” form of this command to disassociate a group and user.
Page 902: User Name
user name Use the user name command to modify the user name for a local captive portal user. Syntax user-id name user name user-id —User ID (Range: 1–128). • name —user name (Range: 1–32 characters). • Default Configuration There is no name for a user by default. Command Mode Captive Portal Configuration mode.
Page 903: User Session-Timeout
User Guidelines There are no user guidelines for this command. Example console(Config-CP)#user 1 password Enter password (8 to 64 characters): ******** Re-enter password: ******** user session-timeout Use the user session-timeout command to set the session timeout value for a captive portal user. Use the “no”...
Page 904: Show Captive-Portal Configuration
Captive Portal Status Commands show captive-portal configuration Use the show captive-portal configuration command to display the operational status of each captive portal configuration. Syntax cp-id show captive-portal configuration cp-id —Captive Portal ID. Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode.
Page 905 cp-id — Captive Portal ID. • interface — Interface in unit/port format. • Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Example console#show captive-portal configuration 1 interface CP ID........
Page 906: Show Captive-Portal Configuration Locales
show captive-portal configuration locales Use the show captive-portal configuration locales command to display locales associated with a specific captive portal configuration. Syntax cp-id show captive-portal configuration locales cp-id — Captive Portal Configuration ID. • Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode.
Page 907: Show Trapflags Captive-Portal
Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Example console#show captive-portal configuration status CP ID CP Name Mode Protocol Verification ----- --------------- -------- -------- ------------ Enable https Guest Enable http Local Disable https Guest console#show captive-portal configuration 1 status CP ID..........
Page 908: User Group
Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Example console#show trapflags captive-portal Client Authentication Failure Traps.... Disable Client Connection Traps......Disable Client Database Full Traps..... Disable Client Disconnection Traps.....
Page 909: User Group Moveusers
User Guidelines There are no user guidelines for this command. Example console(config-CP)#user group 2 console(config-CP)#no user group 2 user group moveusers Use the user group moveusers command to move a group's users to a different group. Syntax group-id new-group-id user group moveusers group-id —...
Page 910 Default Configuration User groups have no names by default. Command Mode Captive Portal Configuration mode. User Guidelines There are no user guidelines for this command. Example console(config-CP)#user group 2 name group2 Captive Portal Commands...
Page 911: Clock Set
Clock Commands This chapter explains the following commands: • clock set • show clock • show sntp configuration • show sntp status • sntp authenticate • sntp authentication-key • sntp broadcast client enable • sntp client poll timer • sntp server •...
Page 912: Show Clock
Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Examples console>clock ? time Configure current date and time. summer-time Configure the summer-time parameters. timezone Configure the timezone parameters. console(config)#clock set 10/10/2008 console(config)#clock set 16:13.06 show clock Use the show clock command to display the time and date from the system clock.
Page 913: Show Sntp Configuration
Time source is SNTP When SNTP client Admin Mode is disabled and Real Time Clock is enabled, the command displays Local as shown in the following example: console# show clock 04:49:00 (UTC+0:00) May 9 2005 Time source is local. The following example shows the time, date, timezone, and summertime configuration. console# show clock detail 15:29:03 PDT(UTC-7) Jun 17 2005 Time source is SNTP...
Page 914: Show Sntp Status
User Guidelines This command has no user guidelines. Example The following example displays the current SNTP configuration of the device. console#show sntp configuration Polling interval: 64 seconds MD5 Authentication keys: Authentication is not required for synchronization. Trusted keys: No trusted keys. Unicast clients: Disable Unicast servers: Server...
Page 915: Sntp Authenticate
User Guidelines This command has no user guidelines. Examples The following example shows the status of the SNTP. console#show sntp status Client Mode: Unicast Last Update Time: MAR 30 21:21:20 2009 Unicast servers: Server Status Last response --------- ----------- -------------------------- 192.168.0.1 21:21:20 Mar 30 2009 sntp authenticate...
Page 916: Sntp Authentication-Key
console(config)# sntp authentication-key 8 md5 ClkKey console(config)# sntp trusted-key 8 console(config)# sntp authenticate sntp authentication-key Use the sntp authentication-key command in Global Configuration mode to define an authentication key for Simple Network Time Protocol (SNTP). To remove the authentication key for SNTP , use the no form of this command. Syntax key-number value...
Page 917: Sntp Client Poll Timer
Syntax sntp broadcast client enable no sntp broadcast client enable Default Configuration The SNTP Broadcast client is disabled. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example enables a Simple Network Time Protocol (SNTP) Broadcast client. console(config)# sntp broadcast client enable sntp client poll timer Use the sntp client poll timer command in Global Configuration mode to set the polling time...
Page 918: Sntp Server
Example The following example sets the polling time for the Simple Network Time Protocol (SNTP) client to 1024 seconds. console(config)# sntp client poll timer 1024 sntp server Use the sntp server command in Global Configuration mode to configure the device to use Simple Network Time Protocol (SNTP) to request and accept SNTP traffic from a specified server.
Page 919: Sntp Trusted-Key
console(config)# sntp server 192.1.1.1 sntp trusted-key Use the sntp trusted-key command in Global Configuration mode to authenticate the identity of a system to which Simple Network Time Protocol (SNTP) will synchronize. To disable authentication of the identity of the system, use the no form of this command. Syntax sntp trusted-key key-number...
Page 920: Clock Timezone Hours-Offset
Default Configuration The SNTP Unicast client is disabled. Command Mode Global Configuration mode User Guidelines Use the sntp server command to define SNTP servers. Examples The following example enables the device to use Simple Network Time Protocol (SNTP) to request and accept SNTP traffic from servers. console(config)# sntp unicast client enable clock timezone hours-offset minutes-offset...
Page 921: No Clock Timezone
no clock timezone Use the no clock timezone command to reset the time zone settings. Syntax no clock timezone Default Configuration This command has no default configuration. Command Mode Global Configuration User Guidelines This command has no specific user guidelines. Example console(config)#no clock timezone clock summer-time recurring...
Page 922: Clock Summer-Time Date
Default Value No default setting Command Mode Global Configuration User Guidelines No specific guidelines Examples console(config)# clock summer-time recurring 1 sun jan 00:10 2 mon mar 10:00 offset 1 zone ABC clock summer-time date year hh:mm Use the clock summer-time date {date|month} {month|date} {date|month} year hh:mm offset...
Page 923: No Clock Summer-Time
User Guidelines No specific guidelines Examples console(config)# clock summer-time date 1 Apr 2007 02:00 28 Oct 2007 offset 90 zone EST console(config)# clock summer-time date Apr 1 2007 02:00 Oct 28 2007 offset 90 zone EST no clock summer-time Use the no clock summer-time command to reset the summertime configuration. Syntax Description no clock summer-time Default Configuration...
Page 924 Clock Commands...
Page 925: Boot System
Configuration and Image File Commands This chapter explains the following commands: • boot system • clear config • copy • delete backup-config • delete backup-image • delete startup-config • filedescr • script apply • script delete • script list • script show •...
Page 926: Clear Config
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines Use the show bootvar command to find out which image is the active image. Example The following example loads system image image1 for the next device startup. console# boot system image1 clear config Use the clear config command in Privileged EXEC mode to restore the switch to the default...
Page 927 Syntax source-url destination-url //ipaddr/filepath/filename copy {xmodem | tftp: //username ipaddr/filepath/filename hostname sftp|scp: source-url — The location URL or reserved keyword of the source file being copied. (Range: • 1–160 characters.) • destination-url — The URL or reserved keyword of the destination file. (Range: 1–160 characters.) ipaddr —...
Page 928 Command Mode Privileged EXEC mode User Guidelines The location of a file system dictates the format of the source or destination URL. The entire copying process may take several minutes and differs from protocol to protocol and from network to network. Understanding Invalid Combinations of Source and Destination Some combinations of source and destination are not valid.
Page 929: Delete Backup-Config
Saving the Running Configuration to the Startup Configuration Use the copy running-config startup-config command to copy the running configuration to the startup configuration. Backing up the Running Configuration or Startup Configuration to the Backup Configuration Use the copy running-config backup-config command to back up the running configuration to the backup configuration file.
Page 930: Delete Backup-Image
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example deletes the backup-config file. console#delete backup-config Delete backup-config (Y/N)?y delete backup-image Use the delete backup-image command in Privileged EXEC mode to delete a file from a flash memory device.
Page 931: Filedescr
Syntax delete startup-config Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines If the startup-config file is not present when system reboots, it reboots with default settings. Example The following example deletes the startup-config file. console# delete startup-config Delete startup-config (y/n)? filedescr...
Page 932: Script Apply
Example The following example attaches a file description to image2. console#filedescr image2 “backedup on 03-22-05” script apply Use the script apply command in Privileged EXEC mode to apply the commands in the script to the switch. Syntax scriptname script apply scriptname —...
Page 933: Script List
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example deletes all scripts from the switch. console#script delete all script list Use the script list command in Privileged EXEC mode to list all scripts present on the switch as well as the remaining available space.
Page 934: Script Validate
script show Use the script show command in Privileged EXEC mode to display the contents of a script file. Syntax scriptname script show scriptname — Name of the script file to be displayed. (Range: 1-31 characters) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 935: Show Backup-Config
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example config.scr The following example validates the contents of the script file console#script validate config.scr show backup-config Use the show backup-config command in Privileged EXEC mode to display the contents of the backup configuration file.
Page 936: Show Bootvar
exit interface ethernet 1/g2 ip address 176.243.100.100 255.255.255.0 duplex full speed 1000 exit show bootvar Use the show bootvar command in User EXEC mode to display the active system image file that the device loads at startup. Syntax unit show bootvar [ •...
Page 937: Show Dir
------------------------------------------------------------------------- unit image1 image2 current-active next-active ------------------------------------------------------------------------- 0.31.0.0 0.31.0.0 image2 image2 show dir Use the show dir command to list all the files available on the flash file system (TrueFlashFileSystem). The user can view the file names, the size of each file, and the date of the last modification.
Page 938 Syntax all | scriptname ] show running-config [ all -—To display or capture the commands with settings and configuration that are equal • all option. to the default value, include the scriptname -—If the optional scriptname is provided, the output is redirected to a script •...
Page 939 Example The following example displays the contents of the running-config file. console#show running-config !Current Configuration: !System Description “PowerConnect 8024, 3.1.0.1, VxWorks 6.5" !System Software Version 3.1.0.1 configure vlan database vlan 10,20,30 exit stack member 1 2 exit ip address dhcp...
Page 940: Show Startup-Config
Example The following example displays the contents of the startup-config file. console#show startup-config 1 : !Current Configuration: 2 : !System Description “PowerConnect 8024, 3.1.0.x, VxWorks6.5” 3 : !System Software Version 3.1.0.x 4 : ! 5 : configure 6 : vlan database...
Page 941: Update Bootcode
13 : ip address vlan 1001 14 : interface vlan 3 15 : routing 16 : exit 17 : username “lvl7” password fb3604df5a109405b2d79ecb06c47ab5 level 15 encrypted 18 : ! 19 : interface ethernet 1/g17 20 : switchport mode general 21 : switchport general pvid 1001 22 : no switchport general acceptable-frame-type tagged-only 23 : switchport general allowed vlan add 1000-1001 24 : switchport general allowed vlan remove 1...
Page 942 Syntax unit update bootcode [ unit —Unit number. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines unit is not specified, all units are updated. Example The following example updates the bootcode on unit 2. console#update bootcode 2 Configuration and Image File Commands...
Page 943: Dos-Control Firstfrag
Denial of Service Commands This chapter explains the following commands: • dos-control firstfrag • dos-control icmp • dos-control l4port • dos-control sipdip • dos-control tcpflag • dos-control tcpfrag • ip icmp echo-reply • ip icmp error-interval • ip unreachables • ip redirects •...
Page 944: Dos-Control Icmp
Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example defines a minimum TCP header size of 20. Packets entering with a smaller header size are dropped. console(config)#dos-control firstfrag 20 dos-control icmp Use the dos-control icmp command in Global Configuration mode to enable Maximum ICMP Packet Size Denial of Service protections.
Page 945: Dos-Control L4Port
dos-control l4port Use the dos-control l4port command in Global Configuration mode to enable L4 Port Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress having Source TCP/UDP Port Number equal to Destination TCP/UDP Port Number, the packets are dropped.
Page 946: Dos-Control Tcpflag
Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example activates SIP=DIP Denial of Service protection. console(config)#dos-control sipdip dos-control tcpflag Use the dos-control tcpflag command in Global Configuration mode to enable TCP Flag Denial of Service protections.
Page 947: Dos-Control Tcpfrag
dos-control tcpfrag Use the dos-control tcpfrag command in Global Configuration mode to enable TCP Fragment Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress having IP Fragment Offset equal to one (1), the packets are dropped.
Page 948: Ip Icmp Error-Interval
User Guidelines There are no user guidelines for this command. Example console(config)#ip icmp echo-reply ip icmp error-interval Use the ip icmp error-interval command to limit the rate at which IPv4 ICMP error messages are sent. The rate limit is configured as a token bucket with two configurable parameters: Burst- size and burst-interval.
Page 949: Ip Unreachables
ip unreachables Use the ip unreachables command to enable the generation of ICMP Destination Unreachable messages. Use the “no” form of this command to prevent the generation of ICMP Destination Unreachable messages. Syntax ip unreachables no ip unreachables Default Configuration ICMP Destination Unreachable messages are enabled.
Page 950: Ipv6 Icmp Error-Interval
User Guidelines There are no user guidelines for this command. Example console(config-if-vlan10)#ip redirects ipv6 icmp error-interval Use the icmp error-interval command to limit the rate at which ICMP error messages are sent. The rate limit is configured as a token bucket with two configurable parameters: Burst-size and burst interval.
Page 951: Ipv6 Unreachables
ipv6 unreachables Use the ipv6 unreachables command to enable the generation of ICMPv6 Destination Unreachable messages. Use the “no” form of this command to prevent the generation of ICMPv6 Destination Unreachable messages. Syntax ipv6 unreachables no ipv6 unreachables Default Configuration ICMPv6 Destination Unreachable messages are enabled by default.
Page 952 Example The following example displays Denial of Service configuration information. console#show dos-control SIPDIP Mode.......Disable First Fragment Mode.......Disable Min TCP Hdr Size......20 TCP Fragment Mode......Disable TCP Flag Mode......Disable L4 Port Mode......Disable ICMP Mode.........Disable Max ICMP Pkt Size......512 Denial of Service Commands...
Page 953: Exec-Timeout
Line Commands This chapter explains the following commands: • exec-timeout • history • history size • line • show line • speed exec-timeout Use the exec-timeout command in Line Configuration mode to set the interval that the system waits for user input before timeout. To restore the default setting, use the no form of this command.
Page 954: History
Example The following example configures the interval that the system waits until user input is detected to 20 minutes. console(config)#line console console(config-line)#exec-timeout 20 history Use the history command in Line Configuration mode to enable the command history function. To disable the command history function, use the no form of this command. Syntax history no history...
Page 955: Line
number-of-commands — Specifies the number of commands the system may record in its • command history buffer. (Range: 0-216) Default Configuration The default command history buffer size is 10. Command Mode Line Configuration mode User Guidelines This command has no user guidelines. Example The following example configures the command history buffer size to 20 commands for the current terminal session.
Page 956: Show Line
Examples The following example enters Line Configuration mode to configure Telnet. console(config)#line telnet console(config-line)# show line Use the show line command in User EXEC mode to display line parameters. Syntax show line [console|telnet|ssh] • console — Console terminal line. • telnet —...
Page 957: Speed
Telnet configuration: Interactive timeout: 10 minutes 10 seconds History: 10 SSH configuration: Interactive timeout: 10 minutes 10 seconds History: 10 speed Use the speed command in Line Configuration mode to set the line baud rate. Use the no form of the command to restore the default settings. Syntax speed { no speed...
Page 958 Line Commands...
Page 959: Deny (Management)
Management ACL Commands This chapter explains the following commands: • deny (management) • management access-class • management access-list • permit (management) • show management access-class • show management access-list deny (management) Use the deny command in Management Access-List Configuration mode to set conditions for the management access list.
Page 960: Management Access-Class
Default Configuration This command has no default configuration. Command Mode Management Access-list Configuration mode User Guidelines Rules with ethernet, vlan, and port-channel parameters are valid only if an IP address is defined on the appropriate interface. Ensure that each rule has a unique priority. Example mlist The following example shows how all ports are denied in the access-list called...
Page 961: Management Access-List
console(config)# management access-class mlist management access-list Use the management access-list command in Global Configuration mode to define an access list for management, and enter the access-list for configuration. Once in the access-list configuration mode, the denied or permitted access conditions are configured with the deny and permit commands.
Page 962: Permit (Management)
The following example shows how to configure all the interfaces to be management interfaces except for two interfaces, Ethernet 1/g1 and Ethernet 2/g9. console(config)# management access-list mlist console(config-macl)# deny ethernet 1/g1 priority <1-64> console(config-macl)# deny ethernet 2/g9 priority <1-64> console(config-macl)# permit priority <1-64> console(config-macl)# exit console(config) # management access-class mlist permit (management)
Page 963: Show Management Access-Class
Command Mode Management Access-list Configuration mode User Guidelines Rules with ethernet, vlan, and port-channel parameters are valid only if an IP address is defined on the appropriate interface. Ensure that each rule has a unique priority. Examples The following example shows how to configure two management interfaces, Ethernet 1/g1 and Ethernet 2/g9.
Page 964: Show Management Access-List
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the management access-list information. console# show management access-class Management access-class is enabled, using access list mlist show management access-list Use the show management access-list command in Privileged EXEC mode to display management access-lists.
Page 965 ! (Note: all other access implicitly denied) Management ACL Commands...
Page 966 Management ACL Commands...
Page 967: Passwords Aging
Password Management Commands This chapter explains the following commands: • passwords aging • passwords history • passwords lock-out • passwords min-length • show passwords configuration passwords aging Use the passwords aging command in Global Configuration mode to implement expiration date on the passwords.
Page 968: Passwords History
passwords history As administrator, use the passwords history command in Global Configuration mode to set the number of previous passwords that are stored. This setting ensures that users do not reuse their passwords often. Use the no form of this command to disable the password history function. Syntax historylength passwords history...
Page 969: Passwords Min-Length
Default Configuration The user lockout feature is disabled. Command Mode Global Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets the number of user attempts before lockout at 2. console(config)#passwords lock-out 2 passwords min-length Use the passwords min-length command in Global Configuration mode to configure the minimum length required for passwords in the local database.
Page 970: Show Passwords Configuration
show passwords configuration Use the show passwords configuration command in Privileged EXEC mode to show the parameters for password configuration. Syntax show passwords configuration Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the command output.
Page 971: Show Copper-Ports Cable-Length
PHY Diagnostics Commands This chapter explains the following commands: • show copper-ports cable-length • show copper-ports tdr • show fiber-ports optical-transceiver • test copper-port tdr show copper-ports cable-length Use the show copper-ports cable-length command in Privileged EXEC mode to display the estimated copper cable length attached to a port.
Page 972: Show Copper-Ports Tdr
1/g1 <50 1/g2 Copper not active 1/g3 110-140 1/g4 Fiber show copper-ports tdr Use the show copper-ports tdr command in Privileged EXEC mode to display the last Time Domain Reflectometry (TDR) tests on specified ports. Syntax interface show copper-ports tdr [ interface —...
Page 973: Show Fiber-Ports Optical-Transceiver
1/g4 Open 13:32:08 23 July 2004 1/g5 Fiber show fiber-ports optical-transceiver Use the show fiber-ports optical-transceiver command in Privileged EXEC mode to display the optical transceiver diagnostics. Syntax interface show fiber-ports optical-transceiver [ interface — A valid Ethernet port. The full syntax is unit / port. •...
Page 974: Test Copper-Port Tdr
test copper-port tdr Use the test copper-port tdr command in Privileged EXEC mode to diagnose with Time Domain Reflectometry (TDR) technology the quality and characteristics of a copper cable attached to a port. Syntax interface test copper-port tdr interface — A valid Ethernet port. The full syntax is unit / port . •...
Page 975: Rmon Alarm
RMON Commands This chapter explains the following commands: • rmon alarm • rmon collection history • rmon event • show rmon alarm • show rmon alarm-table • show rmon collection history • show rmon events • show rmon history • show rmon log •...
Page 976 revent — The index of the Event that is used when a rising threshold is crossed. (Range: 1- • 65535) fevent — The Event index used when a falling threshold is crossed. (Range: 1- 65535) • type — The sampling method for the selected variable and calculating the value to be •...
Page 977: Rmon Collection History
console(config)#rmon alarm 1 1.3.6.1.2.1.2.2.1.1.10.5 10 50000 10 1 1 rmon collection history Use the rmon collection history command in Interface Configuration mode to enable a Remote Monitoring (RMON) MIB history statistics group on an interface. To remove a specified RMON history statistics group, use the no form of this command.
Page 978: Rmon Event
rmon event Use the rmon event command in Global Configuration mode to configure an event. To remove an event, use the no form of this command. Also see the show rmon events command. Syntax index type text text name rmon event [community ] [description ] [owner...
Page 979 number — Alarm index. (Range: 1–65535) • Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example The following example displays RMON 1 alarms. console> show rmon alarm 1 Alarm 1 ------- OID: 1.3.6.1.2.1.2.2.1.10.1...
Page 980: Show Rmon Alarm-Table
Field Description Last Sample Value The statistic value during the last sampling period. For example, if the sample type is delta, this value is the difference between the samples at the beginning and end of the period. If the sample type is absolute, this value is the sampled value at the end of the period.
Page 981: Show Rmon Collection History
User Guidelines This command has no user guidelines. Example The following example displays the alarms summary table: console> show rmon alarm-table Index Owner ----- ---------------------- ------- 1.3.6.1.2.1.2.2.1.10.1 1.3.6.1.2.1.2.2.1.10.1 Manager 1.3.6.1.2.1.2.2.1.10.9 The following table describes the significant fields shown in the display: Field Description Index...
Page 982 User Guidelines This command has no user guidelines. Example The following example displays all RMON group statistics. console> show rmon collection history Index Interface Interval Requested Granted Owner Samples Samples ---------------------------------------------------------- 1/g1 1/g1 1800 Manager RMON Commands...
Page 983: Show Rmon Events
The following table describes the significant fields shown in the display: Field Description Index An index that uniquely identifies the entry. Interface The sampled Ethernet interface. Interval The interval in seconds between samples. Requested Samples The requested number of samples to be saved. Granted Samples The granted number of samples to be saved.
Page 984: Show Rmon History
The following table describes the significant fields shown in the display: Field Description Index An index that uniquely identifies the event. Description A comment describing this event. Type The type of notification that the device generates about this event. Can have the following values: none, log, trap, log-trap.
Page 985 Examples The following example displays RMON Ethernet Statistics history for “throughput” on index number 1. console> show rmon history 1 throughput Sample Set: 1 Owner: CLI Interface: 1/g1 interval: 1800 Requested samples: 50 Granted samples: 50 Maximum table size: 270 Time Octets Packets...
Page 986 The following example displays RMON Ethernet Statistics history for "other" on index number console> show rmon history 1 other Sample Set: 1 Owner: Me Interface: 1/g1 Interval: 1800 Requested samples: 50 Granted samples: 50 Maximum table size: 270 Time Dropped Collisions ------------------- ----------- -----------...
Page 987: Show Rmon Log
Field Description Fragments The total number of packets received during this sampling interval that were less than 64 octets in length (excluding framing bits but including FCS octets) had either a bad Frame Check Sequence (FCS) with an integral number of octets (FCS Error), or a bad FCS with a non-integral number of octets (AlignmentError).
Page 988: Show Rmon Statistics
----- ----------- -------------------- Errors Jan 18 2005 23:48:19 Errors Jan 18 2005 23:58:17 High Broadcast Jan 18 2005 23:59:48 console> show rmon log Maximum table size: 100 (100 after reset) Event Description Time ----- ----------- -------------------- Errors Jan 18 2005 23:48:19 Errors Jan 18 2005...
Page 989 User Guidelines This command has no user guidelines. Example The following example displays RMON Ethernet Statistics for port 1/g1. console> show rmon statistics ethernet 1/g1 Port 1/g1 Dropped: 8 Octets: 878128 Packets: 978 Broadcast: 7 Multicast: 1 CRC Align Errors: 0 Collisions: 0 Undersize Pkts: 0 Oversize Pkts: 0 Fragments: 0 Jabbers: 0 64 Octets: 98 65 to 127 Octets: 0...
Page 990 Field Description CRC Align Errors The total number of packets received with a length (excluding framing bits, but including FCS octets) of between 64 and 1518 octets, inclusive, but with either a bad Frame Check Sequence (FCS) with an integral number of octets (FCS Error) or a bad FCS with a non-integral number of octets (Alignment Error).
Page 991: Serviceability Tracing Packet Commands
Serviceability Tracing Packet Commands This chapter explains the following commands: • debug arp • debug auto-voip • debug clear • debug console • debug dot1x • debug igmpsnooping • debug ip acl • debug ip dvmrp • debug ip igmp •...
Page 992: Debug Arp
• show debugging NOTE: Debug commands are not persistent across resets. debug arp Use the debug arp command to enable tracing of ARP packets. Use the “no” form of this command to disable tracing of ARP packets. Syntax debug arp no debug arp Default Configuration ARP packet tracing is disabled by default.
Page 993: Debug Clear
User Guidelines There are no usage guidelines for this command. Example console#debug auto-voip debug clear Use the debug clear command to disable all debug traces. Syntax debug clear Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode.
Page 994: Debug Dot1X
Command Mode Privileged EXEC mode. User Guidelines There are no usage guidelines for this command. Example console#debug console debug dot1x Use the debug dot1x command to enable dot1x packet tracing. Use the “no” form of this command to disable dot1x packet tracing. Syntax debug dot1x packet [ receive | transmit ] no debug dot1x packet [ receive | transmit ]...
Page 995: Debug Ip Acl
Default Configuration Display of IGMP Snooping traces is disabled by default. Command Mode Privileged EXEC mode. User Guidelines There are no usage guidelines for this command. Example console#debug igmpsnooping packet debug ip acl Use the debug ip acl command to enable debug of IP Protocol packets matching the ACL criteria.
Page 996: Debug Ip Igmp
dumped. Vital information such as source address, destination address, control packet type, packet length, and the interface on which the packet is received or transmitted is displayed on the console. Syntax debug ip dvmrp packet [ receive | transmit ] no debug ip dvmrp packet [ receive | transmit ] Default Configuration Display of DVMRP traces is disabled by default.
Page 997: Debug Ip Mcache
User Guidelines There are no usage guidelines for this command. Example console#debug ip igmp packet debug ip mcache Use the debug ip mcache command for tracing MDATA packet reception and transmission. The receive option traces only received data packets and the transmit option traces only transmitted data packets.
Page 998: Debug Ip Pimsm
Syntax debug ip pimdm packet [ receive | transmit ] no debug ip pimdm packet [ receive | transmit ] Default Configuration Display of PIMDM traces is disabled by default. Command Mode Privileged EXEC mode. User Guidelines There are no usage guidelines for this command. Example console#debug ip pimdm packet debug ip pimsm...
Page 999: Debug Ip Vrrp
Example console#debug ip pimsm packet debug ip vrrp Use the debug ip vrrp command to enable VRRP debug protocol messages. Use the “no” form of this command to disable VRRP debug protocol messages. Syntax debug ip vrrp no debug ip vrrp Default Configuration Display of VRRP traces is disabled by default.
Page 1000: Debug Ipv6 Mld
Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example console#debug ipv6 mcache packet debug ipv6 mld Use the debug ipv6 mld command to trace MLD packet reception and transmission. The receive option traces only received MLD packets and the transmit option traces only transmitted MLD packets.

This manual is also suitable for:

Powerconnect 8024f Powerconnect pc8024 Powerconnect pc8024f

Dell PowerConnect 8024 Cli Reference Manual

Table of Contents

Command Groups

Port Monitor

Layer 3 Commands

Ipv6 Multicast

Loopback Interface

Utility Commands

Password Management

AAA Commands

Address Table Commands

Show IP Igmp Snooping Mrouter

IP Addressing Commands

Ipv6 Mld Snooping Querier

Qos Commands

Spanning Tree Commands

Voice Vlan (Interface)

Quick Links

CLI Reference Guide

Chapters

Related Manuals for Dell PowerConnect 8024

Summary of Contents for Dell PowerConnect 8024