Dell™ PowerConnect™ PC8024/8024F CLI Reference Guide Model PC8024/PC8024F w w w . d e l l . c o m | s u p p o r t . d e l l . c o m...
Page 2
Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden. Trademarks used in this text: Dell, the DELL logo, PowerEdge, PowerConnect, and OpenManage are trademarks of Dell Inc.; Microsoft and Windows are either trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries; sFlow is a registered trademark of InMon Corporation.
Contents Command Groups Introduction 47 Command Groups 47 Mode Types 51 Layer 2 Commands 52 Layer 3 Commands 77 Utility Commands 97 Using the CLI Introduction 111 Entering and Editing CLI Commands 111 CLI Command Modes 116 Starting the CLI 125 Using CLI Functions and Tools 132 Layer 2 Commands Introduction 145...
Page 4
enable password 152 ip http authentication 153 ip https authentication 154 login authentication 155 password (Line Configuration) 155 password (User EXEC) 156 show authentication methods 157 show users accounts 158 show users login-history 158 username 159 ACL Commands access-list 161 deny | permit 162 ip access-group 164 no ip access-group 164...
Page 5
bridge multicast forbidden address 173 bridge multicast forbidden forward-unregistered 174 bridge multicast forward-all 174 bridge multicast forward-unregistered 175 clear bridge 176 port security 176 port security max 177 show bridge address-table 178 show bridge address-table count 178 show bridge address-table static 179 show bridge multicast address-table 180 show bridge multicast filtering 181 show ports security 182...
Page 6
show isdp entry 193 show isdp interface 194 show isdp neighbors 196 show isdp traffic 198 Data Center Bridging Commands clear priority-flow-control statistics 201 datacenter-bridging 202 priority-flow-control mode on 202 priority-flow-control priority 203 show interfaces datacenter-bridging 204 10 DHCP Layer 2 Relay Commands dhcp l2relay (Global Configuration) 207 dhcp l2relay (Interface Configuration) 208 dhcp l2relay circuit-id 208...
Page 7
ip dhcp snooping log-invalid 215 ip dhcp snooping trust 216 ip dhcp snooping verify mac-address 216 show ip dhcp snooping 217 show ip dhcp snooping binding 218 show ip dhcp snooping database 219 show ip dhcp snooping interfaces 219 show ip dhcp snooping statistics 220 12 Dynamic ARP Inspection Commands arp access-list 223 clear counters ip arp inspection 224...
Page 8
flowcontrol 237 interface ethernet 238 interface range ethernet 239 mtu 239 negotiation 240 negotiation <capability-list> 241 show interfaces advertise 242 show interfaces configuration 243 show interfaces counters 244 show interfaces description 249 show interfaces detail 250 show interfaces status 253 show statistics ethernet 256 show storm-control 261 shutdown 262...
Page 9
show gvrp configuration 271 show gvrp error-statistics 273 show gvrp statistics 274 15 IGMP Snooping Commands ip igmp snooping (global) 277 ip igmp snooping (interface) 278 ip igmp snooping host-time-out 278 ip igmp snooping leave-time-out 279 ip igmp snooping mrouter-time-out 280 show ip igmp snooping groups 280 show ip igmp snooping interface 281 show ip igmp snooping mrouter 282...
Page 10
17 IP Addressing Commands clear host 295 ip address 296 ip address 297 ip address vlan 298 ip default-gateway 298 ip domain-lookup 299 ip domain-name 300 ip host 300 ip name-server 301 ipv6 address 302 ipv6 enable 303 ipv6 gateway 303 show arp switch 304 show hosts 305 show ip helper-address 306...
Page 12
show lacp ethernet 339 show lacp port-channel 341 23 Link Dependency Commands link-dependency group 343 no link-dependency group 344 add ethernet 344 add port-channel 345 no add port-channel 345 depends-on ethernet 346 no depends-on ethernet 347 depends-on port-channel 347 no depends-on port-channel 348 show link-dependency 348 24 LLDP Commands clear lldp remote-data 351...
Page 13
lldp transmit-mgmt 359 lldp transmit-tlv 359 show lldp 360 show lldp interface 361 show lldp local-device 362 show lldp med 363 show lldp med interface 364 show lldp med local-device 365 show lldp med remote-device 367 show lldp remote-device 370 show lldp statistics 371 25 Port Channel Commands channel-group 375...
Page 14
class 389 class-map 390 class-map rename 390 classofservice dot1p-mapping 391 classofservice ip-dscp-mapping 392 classofservice trust 392 conform-color 393 cos-queue min-bandwidth 394 cos-queue strict 395 diffserv 395 drop 396 mark cos 397 mark ip-dscp 397 mark ip-precedence 398 match class-map 398 match cos 400 match destination-address mac 401 match dstip 401...
Page 15
match srcip6 409 match srcl4port 410 match vlan 410 mirror 411 police-simple 412 policy-map 413 redirect 414 service-policy 414 show class-map 415 show classofservice dot1p-mapping 417 show classofservice ip-dscp-mapping 418 show classofservice trust 421 show diffserv 422 show diffserv service interface ethernet 423 show diffserv service interface port-channel 423 show diffserv service brief 424 show interfaces cos-queue 425...
Page 22
show ipv6 dhcp statistics 576 38 DVMRP Commands ip dvmrp 579 ip dvmrp metric 580 ip dvmrp trapflags 580 show ip dvmrp 581 show ip dvmrp interface 582 show ip dvmrp neighbor 582 show ip dvmrp nexthop 583 show ip dvmrp prune 584 show ip dvmrp route 584 39 IGMP Commands ip igmp 587...
Page 23
show ip igmp interface stats 597 40 IGMP Proxy Commands ip igmp-proxy 599 ip igmp-proxy reset-status 600 ip igmp-proxy unsolicited-report-interval 600 show ip igmp-proxy 601 show ip igmp-proxy interface 602 show ip igmp-proxy groups 603 show ip igmp-proxy groups detail 603 41 IP Helper Commands clear ip helper statistics 605 ip helper-address (global configuration) 606...
Page 24
ip routing 621 routing 621 show ip brief 622 show ip interface 623 show ip protocols 624 show ip route 626 show ip route preferences 627 show ip route summary 627 show ip stats 628 show ip vlan 630 43 IPv6 MLD Snooping Commands ipv6 mld snooping immediate-leave 633 ipv6 mld snooping groupmembership-interval 634 ipv6 mld snooping maxresponse 635...
Page 27
show ipv6 mld traffic 691 show ipv6 neighbors 692 show ipv6 pimdm 693 show ipv6 pimdm interface 694 show ipv6 pimdm neighbor 695 show ipv6 route 695 show ipv6 route preferences 696 show ipv6 route summary 697 show ipv6 traffic 698 show ipv6 vlan 701 traceroute ipv6 701 46 Loopback Interface Commands...
Page 28
ip pimsm register-threshold 713 ip pimsm rp-address 713 ip pimsm rp-candidate 714 ip pimsm spt-threshold 715 ip pimsm ssm 715 show bridge multicast address-table count 716 show ip mcast 717 show ip mcast boundary 718 show ip mcast interface 718 show ip mcast mroute 719 show ip mcast mroute group 720 show ip mcast mroute source 721...
Page 29
area stub 735 area stub no-summary 735 area virtual-link 736 area virtual-link authentication 737 area virtual-link dead-interval 737 area virtual-link hello-interval 738 area virtual-link retransmit-interval 739 area virtual-link transmit-delay 740 auto-cost 741 bandwidth 741 capability opaque 742 clear ip ospf 742 default-information originate 743 default-metric 744 distance ospf 745...
Page 30
ip ospf transmit-delay 755 maximum-paths 755 network area 756 passive-interface default 757 passive-interface 757 redistribute 758 router-id 759 router ospf 759 show ip ospf 760 show ip ospf abr 763 show ip ospf area 763 show ip ospf asbr 765 show ip ospf database 766 show ip ospf database database-summary 769 show ip ospf interface 771...
Page 31
49 OSPFv3 Commands area default-cost 784 area nssa 785 area nssa default-info-originate 786 area nssa no-redistribute 787 area nssa no-summary 787 area nssa translator-role 788 area nssa translator-stab-intv 789 area range 789 area stub 790 area stub no-summary 791 area virtual-link 792 area virtual-link dead-interval 792 area virtual-link hello-interval 793 area virtual-link retransmit-interval 794...
Page 32
ipv6 ospf mtu-ignore 803 ipv6 ospf network 804 ipv6 ospf priority 805 ipv6 ospf retransmit-interval 805 ipv6 ospf transmit-delay 806 ipv6 router ospf 807 maximum-paths 807 passive-interface 808 passive-interface default 809 redistribute 809 router-id 810 show ipv6 ospf 810 show ipv6 ospf abr 812 show ipv6 ospf area 812 show ipv6 ospf asbr 813 show ipv6 ospf database 814...
Page 33
50 PIM-DM Commands ip pimdm 829 show ip pimdm 829 show ip pimdm interface 830 show ip pimdm neighbor 831 51 PIM-SM Commands ip pimsm 833 ip pimsm spt-threshold 834 ip pim-trapflags 834 show ip pimsm 835 show ip pimsm interface 836 show ip pimsm neighbor 836 show ip pimsm rphash 837 52 Router Discovery Protocol Commands...
Page 34
default-metric 846 distance rip 847 distribute-list out 848 enable 848 hostroutesaccept 849 ip rip 850 ip rip authentication 850 ip rip receive version 851 ip rip send version 852 redistribute 852 router rip 853 show ip rip 854 show ip rip interface 855 show ip rip interface brief 856 split-horizon 857 54 Tunnel Interface Commands...
Page 35
ip vrrp mode 866 ip vrrp preempt 866 ip vrrp priority 867 ip vrrp timers advertise 868 ip vrrp track interface 868 ip vrrp track ip route 869 show ip vrrp 870 show ip vrrp interface 871 show ip vrrp interface brief 872 show ip vrrp interface stats 873 56 Utility Commands Introduction 875...
Page 36
show captive-portal status 886 block 887 configuration 888 enable 888 group 889 interface 890 locale 890 name 891 protocol 891 redirect 892 redirect-url 892 session-timeout 893 verification 893 captive-portal client deauthenticate 894 show captive-portal client status 895 show captive-portal configuration client status 896 show captive-portal interface client status 897 show captive-portal interface configuration status 898 clear captive-portal users 899...
Page 37
show captive-portal configuration status 906 show trapflags captive-portal 907 user group 908 user group moveusers 909 user group name 909 59 Clock Commands clock set 911 show clock 912 show sntp configuration 913 show sntp status 914 sntp authenticate 915 sntp authentication-key 916 sntp broadcast client enable 916 sntp client poll timer 917...
Page 38
copy 926 delete backup-config 929 delete backup-image 930 delete startup-config 930 filedescr 931 script apply 932 script delete 932 script list 933 script validate 934 show backup-config 935 show bootvar 936 show dir 937 show running-config 937 show startup-config 940 update bootcode 941 61 Denial of Service Commands dos-control firstfrag 943...
Page 39
ipv6 icmp error-interval 950 ipv6 unreachables 951 show dos-control 951 62 Line Commands exec-timeout 953 history 954 history size 954 line 955 show line 956 speed 957 63 Management ACL Commands deny (management) 959 management access-class 960 management access-list 961 permit (management) 962 show management access-class 963 show management access-list 964...
Page 40
65 PHY Diagnostics Commands show copper-ports cable-length 971 show copper-ports tdr 972 show fiber-ports optical-transceiver 973 test copper-port tdr 974 66 RMON Commands rmon alarm 975 rmon collection history 977 rmon event 978 show rmon alarm 978 show rmon alarm-table 980 show rmon collection history 981 show rmon events 983 show rmon history 984...
Page 42
show sflow destination 1015 show sflow polling 1016 show sflow sampling 1017 69 SNMP Commands show snmp 1019 show snmp engineID 1021 show snmp filters 1021 show snmp groups 1022 show snmp users 1024 show snmp views 1025 show trapflags 1026 snmp-server community 1028 snmp-server community-group 1029 snmp-server contact 1030...
Page 43
70 SSH Commands crypto key generate dsa 1043 crypto key generate rsa 1044 crypto key pubkey-chain ssh 1044 ip ssh port 1045 ip ssh pubkey-auth 1046 ip ssh server 1047 key-string 1047 show crypto key mypubkey 1049 show crypto key pubkey-chain ssh 1050 show ip ssh 1051 user-key 1052 71 Syslog Commands...
Page 44
port 1062 show logging 1063 show logging file 1065 show syslog-servers 1065 72 System Management Commands asset-tag 1068 banner motd 1069 banner motd acknowledge 1069 clear power average 1070 cut-through mode 1071 hostname 1071 low-power 1072 member 1073 movemanagement 1074 ping 1074 reload 1076 set description 1077...
Page 45
show supported switchtype 1087 show switch 1089 show switch chassis-mgmt 1092 show system 1093 show system id 1094 show system power 1095 show system temperature 1096 show tech-support 1097 show users 1102 show version 1103 stack 1104 standby 1105 switch priority 1105 switch renumber 1106 telnet 1107 traceroute 1109...
Page 46
75 Web Server Commands common-name 1117 country 1118 crypto certificate generate 1119 crypto certificate import 1119 crypto certificate request 1121 duration 1122 ip http port 1122 ip http server 1123 ip https certificate 1124 ip https port 1124 ip https server 1125 key-generate 1126 location 1126 organization-unit 1127...
Command Groups Introduction The Command Line Interface (CLI) is a network management application operated through an ASCII terminal without the use of a Graphic User Interface (GUI) driven software application. By directly entering commands, the user has greater configuration flexibility. The CLI is a basic command-line interpreter similar to the UNIX C shell.
Page 48
(continued) Table 1-1. System Command Groups Command Group Description DHCP l2 Relay Enables the Layer 2 DHCP Relay agent for an interface. DHCP Snooping Configures DHCP snooping and whether an interface is trusted for filtering. Dynamic ARP Inspection Configures for rejection of invalid and malicious ARP packets. Ethernet Configuration Configures all port configuration options for example ports, storm control, port speed and auto-negotiation.
Page 49
(continued) Table 1-1. System Command Groups Command Group Description Layer 3 Commands ARP (IPv4) Manages Address Resolution Protocol functions. DHCP and BOOTP Relay Manages DHCP/BOOTP operations on the system. (IPv4) DHCPv6 Configures IPv6 DHCP functions. DVMRP (Mcast) Configures DVMRP operations. IGMP (Mcast) Configures IGMP operations.
Page 50
(continued) Table 1-1. System Command Groups Command Group Description Line Configures the console, SSH, and remote Telnet connection. Management ACL Configures and displays management access-list information. Password Management Provides password management. PHY Diagnostics Diagnoses and displays the interface status. RMON Can be configured through the CLI and displays RMON information.
• VLAN — VLAN Configuration • v6ACL — IPv6 Access List Configuration • v6CMC • v6DP — IPv6 DHCP Pool Configuration Layer 2 Commands Command Description Mode* aaa authentication dot1x Specifies one or more authentication, authorization and accounting (AAA) methods for use on interfaces running IEEE 802.1X.
Page 53
Command Description Mode* access-list Creates an Access Control List (ACL) that is identified by accesslistnumber. the parameter deny|permit The deny command denies traffic if the conditions defined in the deny statement are matched. The permit command allows traffic if the conditions defined in the permit statement are matched.
Page 54
Address Table Command Description Mode* bridge address Adds a static MAC-layer station source address to the bridge table. bridge aging-time Sets the address table aging time. bridge multicast address Registers MAC-layer Multicast addresses to the bridge table, and adds static ports to the group. bridge multicast filtering Enables filtering of Multicast addresses.
Page 55
Auto-VoIP Command Description Mode* show switchport voice Displays the status of auto-voip on an interface or all interfaces. switchport voice detect auto Enables the VoIP Profile on all the interfaces of the switch. GC/IC *NOTE: For the meaning of each Mode abbreviation, see "Mode Types" on page 51. CDP Interoperability Command Description...
Page 56
Data Center Bridging Command Description Mode* clear priority-flow-control statistics Clears all or interface Priority-Flow-Control statistics. datacenter-bridging Enters the Data Center Bridging mode. priority-flow-control mode on Enables Priority-Flow-Control (PFC) on an interface. priority-flow-control priority Enables the priority group for lossless behavior (PFC enabled).
Page 57
DHCP Snooping Command Description Mode* clear ip dhcp snooping binding Clears all DHCP Snooping entries. clear ip dhcp snooping statistics clears all DHCP Snooping statistics. ip dhcp snooping Enables DHCP snooping globally or on a specific VLAN. GC/IC ip dhcp snooping binding Configures a static DHCP Snooping binding.
Page 58
Dynamic ARP Inspection Command Description Mode* arp access-list Creates an ARP ACL. clear counters ip arp inspection Resets the statistics for Dynamic ARP Inspection on all VLANs. ip arp inspection filter Configures the ARP ACL to be used for a single VLAN or a range of VLANs to filter invalid ARP packets.
Page 59
Ethernet Configuration Command Description Mode* clear counters Clears statistics on an interface. description Adds a description to an interface. duplex Configures the full/half duplex operation of a given Ethernet interface when not using auto-negotiation. flowcontrol Configures the flow control on a given interface. interface ethernet Enters the interface configuration mode to configure an Ethernet type interface.
Page 60
GVRP Command Description Mode* clear gvrp statistics Clears all the GVRP statistics information. garp timer Adjusts the GARP application join, leave, and leaveall GARP timer values. gvrp enable (global) Enables GVRP globally. gvrp enable (interface) Enables GVRP on an interface. gvrp registration-forbid De-registers all VLANs, and prevents dynamic VLAN registration on the port.
Page 61
Command Description Mode* ip igmp snooping fast-leave Enables or disables IGMP Snooping fast-leave mode on a VLAN selected VLAN. ip igmp snooping Sets the IGMP Group Membership Interval time on a VLAN groupmembership-interval VLAN. ip igmp snooping maxresponse Sets the IGMP Maximum Response time on a particular VLAN VLAN.
Page 62
Command Description Mode* ip default-gateway Defines a default gateway (router). ip domain-lookup Enables IP DNS-based host name-to-address translation. ip domain-name Defines a default domain name to complete unqualified host names. ip helper-address Allows the device to forward User Datagram Protocol (UDP) broadcasts received on an interface.
Page 63
IPv6 MLD Snooping Command Description Mode* ipv6 mld snooping immediate- Enables or disables MLD Snooping immediate-leave admin leave mode on a selected interface or VLAN. VLAN ipv6 mld snooping Sets the MLD Group Membership Interval time on a VLAN groupmembership-interval or interface.
Page 64
iSCSI Flow Acceleration Command Description Mode* iscsi aging time Sets aging time for iSCSI sessions. iscsi cos Sets the quality of service profile that will be applied to iSCSI flows. iscsi enable Enables Global Configuration mode command globally enables iSCSI awareness. iscsi target port Configures an iSCSI target port (optionally configures target port address and name).
Page 65
Link Dependency Command Description Mode* link-dependency group Enters the link-dependency mode to configure a link-dependency group. no link-dependency group Removes the configuration for a link-dependency group. add ethernet Adds member Ethernet port(s) to the Link Dependency dependency list. no add ethernet Removes member Ethernet port(s) from the Link Dependency dependency list.
Page 66
LLDP Command Description Mode* clear lldp remote data Deletes all data from the remote data table. clear lldp statistics Resets all LLDP statistics. lldp notification Enables remote data change notifications. lldp notification-interval Limits how frequently remote data change notifications are sent.
Port Channel Command Description Mode* channel-group Associates a port with a port-channel. interface port-channel Enters the interface configuration mode of a specific port-channel. interface range port-channel Enters the interface configuration mode to configure multiple port-channels. hashing-mode Sets the hashing algorithm on trunk ports. IC (port- channel) no hashing-mode...
Page 68
Command Description Mode* classofservice trust Sets the class of service trust mode of an interface. GC and conform-color Specifies for each outcome, the only possible actions are PCMC drop, set-cos-transmit, set-sec-cos-transmit, setdscp- transmit, set-prec-transmit, or transmit cos-queue min-bandwidth Specifies the minimum transmission bandwidth for each GC and interface queue.
Page 69
Command Description Mode* match ip dscp Adds to the specified class definition a match condition based on the value of the IP DiffServ Code Point (DSCP) field in a packet. match ip precedence Adds to the specified class definition a match condition based on the value of the IP.
Page 70
Command Description Mode* show classofservice trust Displays the current trust mode setting for a specific interface. show diffserv Displays the DiffServ General Status information. show diffserv service interface Displays policy service information for the specified ethernet in interface and direction. show diffserv service interface Displays policy service information for the specified port-channel in...
Page 71
Command Description Mode* primary Specifies that a configured server should be the primary server in the group of authentication servers which have the same server name. priority Specifies the order in which the servers are to be used, with 0 being the highest priority. radius-server deadtime Improves RADIUS response times when servers are unavailable.
Page 72
Spanning Tree Command Description Mode* clear spanning-tree detected- Restarts the protocol migration process on all interfaces or protocols on the specified interface. exit (mst) Exits the MST configuration mode and applies configuration changes. instance (mst) Maps VLANs to an MST instance. name (mst) Defines the MST configuration name.
Page 73
Command Description Mode* spanning-tree mst cost Configures the path cost for multiple spanning tree (MST) calculations. spanning-tree mst port-priority Configures port priority. spanning-tree mst priority Configures the switch priority for the specified spanning tree instance. spanning-tree pathcost method Configures the spanning tree default pathcost method spanning-tree portfast Enables PortFast mode.
Page 74
VLAN Command Description Mode* dvlan-tunnel ethertype Configures the EtherType for the interface. interface vlan Enters the interface configuration (VLAN) mode. interface range vlan Enters the interface configuration mode to configure multiple VLANs. mode dvlan-tunnel Enables Double VLAN tunneling on the specified interface IC name Configures a name to a VLAN.
Page 75
Command Description Mode* switchport mode Configures the VLAN membership mode of a port. switchport protected Sets the port to Protected mode. switchport protected name Configures a name for a protected group switchport trunk allowed vlan Adds or removes VLANs from a port in general mode. vlan Creates a VLAN.
Page 76
802.1X Command Description Mode* dot1x mac-auth-bypass Enables MAB on an interface. dot1x max-req Sets the maximum number of times the switch sends an EAP-request frame to the client before restarting the authentication process. dot1x max-users Sets the maximum number of clients supported on the port when MAC-based 802.1X authentication is enabled on the port.
Command Description Mode* dot1x guest-vlan Defines a guest VLAN. show dot1x advanced Displays 802.1X advanced features for the switch or specified interface. radius-server attribute 4 Sets the network access server (NAS) IP address for the RADIUS server. *NOTE: For the meaning of each Mode abbreviation, see "Mode Types" on page 51. Layer 3 Commands ARP (IPv4) Command...
Page 78
DHCP and BOOTP Relay (IPv4) Command Description Mode* bootpdhcprelay cidridoptmode Enables the circuit ID option and remote agent ID mode for BootP/DHCP Relay on the system. bootpdhcprelay maxhopcount Configures the maximum allowable relay agent hops for BootP/DHCP Relay on the system. bootpdhcprelay minwaittime Configures the minimum wait time in seconds for BootP/DHCP Relay on the system.
Page 79
DVMRP Command Description Mode* ip dvmrp Sets the administrative mode of DVMRP in the router to active. ip dvmrp metric Configures the metric for an interface. ip dvmrp trapflags Enables the DVMRP trap mode. show ip dvmrp Displays the system-wide information for DVMRP. show ip dvmrp interface Displays the interface information for DVMRP on the specified interface.
Page 80
Command Description Mode* ip igmp startup-query-count Sets the number of queries sent out on startup—at intervals equal to the startup query interval for the interface. ip igmp startup-query-interval Sets the interval between general queries sent at startup on the interface. ip igmp version Configures the version of IGMP for an interface.
Page 81
IP Helper Command Description Mode* clear ip helper statistics Resets (to 0) the statistics displayed in show ip helper statistics. ip helper-address (global Configures the relay of certain UDP broadcast packets configuration) received on any interface. ip helper-address (interface Configures the relay of certain UDP broadcast packets configuration) received on a specific interface.
Command Description Mode* show ip route summary Shows the number of all routes, including best and non- best routes. show ip stats Displays IP statistical information show ip vlan Displays the VLAN routing information for all VLANs with routing enabled. *NOTE: For the meaning of each Mode abbreviation, see "Mode Types"...
Page 83
Command Description Mode* show ipv6 pimsm interface Displays interface config parameters. show ipv6 pimsm neighbor Displays IPv6 PIMSM neighbors learned on the routing interfaces. show ipv6 pimsm rphash Displays which rendezvous point (RP) is being selected for a specified group. show ipv6 pimsm rp mapping Displays all group-to-RP mappings of which the router is aware (either configured or learned from the BSR).
Page 84
Command Description Mode* ipv6 mld query-max-response-time Sets MLD querier's maximum response time for the interface. ipv6 mld router Enables MLD in the router in global configuration mode and for a specific interface in interface configuration mode. ipv6 mtu Sets the maximum transmission unit (MTU) size, in bytes, of IPv6 packets on an interface.
Page 85
Command Description Mode* show ipv6 brief Displays the IPv6 status of forwarding mode and IPv6 unicast routing mode. show ipv6 interface Shows the usability status of IPv6 interfaces. show ipv6 mld groups Displays information about multicast groups that MLD reported. show ipv6 mld interface Displays MLD related information for an interface.
Loopback Interface Command Description Mode* interface loopback Enters the Interface Loopback configuration mode. show interface loopback Displays information about configured loopback interfaces. PE *NOTE: For the meaning of each Mode abbreviation, see "Mode Types" on page 51. Multicast Command Description Mode* ip mcast boundary Adds an administrative scope multicast boundary.
Page 87
Command Description Mode* show bridge multicast Displays statistical information about the entries in the address-table count multicast address table. show ip mcast Displays the system-wide multicast information. show ip mcast boundary Displays the system-wide multicast information. show ip mcast interface Displays the multicast information for the specified interface.
Page 88
Command Description Mode* area range Creates a specified area range for a specified NSSA. ROSPF area stub Creates a stub area for the specified area ID. ROSPF area stub no-summary Prevents Summary LSAs from being advertised into the ROSPF NSSA. area virtual-link Creates the OSPF virtual interface for the specified area-id ROSPF...
Page 89
Command Description Mode* ip ospf authentication Sets the OSPF Authentication Type and Key for the specified interface. ip ospf cost Configures the cost on an OSPF interface. ip ospf dead-interval Sets the OSPF dead interval for the specified interface. ip ospf hello-interval Sets the OSPF hello interval for the specified interface.
Page 90
Command Description Mode* show ip ospf database database- Displays the number of each type of LSA in the database for summary each area and for the router. show ip ospf interface Displays the information for the IFO object or virtual interface tables.
Page 91
Command Description Mode* area nssa translator-stab-intv Configures the translator stability interval of the NSSA. ROSV3 area range Creates an area range for a specified NSSA. ROSV3 area stub Creates a stub area for the specified area ID. ROSV3 area stub no-summary Disables the import of Summary LSAs for the stub area ROSV3 areaid.
Page 92
Command Description Mode* ipv6 ospf retransmit-interval Sets the OSPF retransmit interval for the specified interface. ipv6 ospf transmit-delay Sets the OSPF Transmit Delay for the specified interface. ipv6 router ospf Enters Router OSPFv3 Configuration mode. maximum-paths Sets the number of paths that OSPF can report for a given ROSV3 destination.
Page 93
Command Description Mode* show ipv6 ospf virtual-link brief Displays the OSPFV3 Virtual Interface information for all areas in the system. trapflags Enables OSPF traps ROSV3 *NOTE: For the meaning of each Mode abbreviation, see "Mode Types" on page 51. PIM-DM Command Description Mode*...
Page 94
Command Description Mode* ip pimsm query-interval Configures the transmission frequency of hello messages in seconds between PIM enabled neighbors. ip pimsm register-rate-limit Sets the Register Threshold rate for the RP (Rendezvous Point) router to switch to the shortest path. ip pimsm spt-threshold Configures the threshold rate for the RP router to switch to the shortest path.
Page 95
Routing Information Protocol Command Description Mode* auto-summary Enables the RIP auto-summarization mode. default-information originate Controls the advertisement of default routes. default-metric Sets a default for the metric of distributed routes. distance rip Sets the route preference value of RIP in the router. distribute-list out Specifies the access list to filter routes received from the source protocol.
Page 96
Tunnel Interface Command Description Mode* interface tunnel Enables the interface configuration mode for a tunnel. show interface tunnel Displays the parameters related to tunnel such as tunnel mode, tunnel source address and tunnel destination address. tunnel destination Specifies the destination transport address of the tunnel. tunnel mode ipv6ip Specifies the mode of the tunnel.
Command Description Mode* show ip vrrp interface stats Displays the statistical information about each virtual router configured on the switch. vrrp track interface Alters the priority of the VRRP router based on the availability of its interfaces. vrrp track ip route Tracks route reachability.
Page 98
Command Description Mode* group Configures the group number for a captive portal configuration. interface Associates an interface with a captive portal configuration. CPI locale Associates an interface with a captive portal configuration. CPI name Configures the name for a captive portal configuration. protocol Configures the protocol mode for a captive portal configuration.
Page 99
Command Description Mode* show captive-portal configuration Displays information about all interfaces assigned to a interface captive portal configuration or about a specific interface assigned to a captive portal configuration. show captive-portal configuration Displays locales associated with a specific captive portal locales configuration.
Page 100
Command Description Mode* clock summer-time recurring Sets the summertime offset to UTC recursively every year. clock summer-time date Sets the summertime offset to UTC. no clock summer-time Resets the recurring summertime configuration. show clock Displays the time and date from the system clock. *NOTE: For the meaning of each Mode abbreviation, see "Mode Types"...
Page 101
Denial of Service Command Description Mode* dos-control firstfrag Enables Minimum TCP Header Size Denial of Service protection. dos-control icmp Enables Maximum ICMP Packet Size Denial of Service protections. dos-control l4port Enables L4 Port Denial of Service protection. dos-control sipdip Enables Source IP Address = Destination IP Address (SIP= DIP) Denial of Service protection.
Management ACL Command Description Mode* deny (management) Defines a deny rule. management access-class Defines which management access-list is used. management access-list Defines a management access-list, and enters the access-list for configuration. permit (management) Defines a permit rule. show management access-class Displays the active management access-list.
Page 103
PHY Diagnostics Command Description Mode* show copper-ports cable-length Displays the estimated copper cable length attached to a port. show copper-ports tdr Displays the last TDR (Time Domain Reflectometry) tests on specified ports. show fiber-ports optical- Displays the optical transceiver diagnostics. transceiver test copper-port tdr Diagnoses with TDR (Time Domain Reflectometry)
Page 104
Command Description Mode* debug console Enables the display of debug trace output on the login session in which it is executed. debug dot1x Enables dot1x packet tracing. debug igmpsnooping Enables tracing of IGMP Snooping packets transmitted and/or received by the switch. debug ip acl Enables debug of IP Protocol packets matching the ACL criteria.
Page 105
sFlow Command Description Mode* sflow destination Configures sFlow collector parameters (owner string, receiver timeout, ip address, and port). sflow polling Enables a new sflow poller instance for the data source if rcvr_idx is valid. sflow polling (Interface Mode) Enable a new sflow poller instance for this data source if rcvr_idx is valid.
Page 106
Command Description Mode* snmp-server engineID local Specifies the Simple Network Management Protocol (SNMP) engine ID on the local switch. snmp-server filter Creates or updates an SNMP server filter entry. snmp-server group Configures a new SNMP group or a table that maps SNMP users to SNMP views.
Page 107
Syslog Command Description Mode* clear logging Clears messages from the internal logging buffer. clear logging file Clears messages from the logging file. description Describes the syslog server. level Specifies the importance level of syslog messages. loggin cli-command Enable CLI command logging logging Logs messages to a syslog server logging buffered...
Page 108
Command Description Mode* member Configures the switch. movemanagement Moves the Management Switch functionality from one switch to another. no cut-through mode Disables the cut-through mode on the switch. ping Sends ICMP echo request packets to another node on the network. reload Reloads the operating system.
Page 109
Command Description Mode* switch priority Configures the ability of the switch to become the Management Switch. switch renumber Changes the identifier for a switch in the stack. telnet Logs into a host that supports Telnet. traceroute Discovers the IP routes that packets actually take when travelling to their destinations.
Page 110
Web Server Command Description Mode* common-name Specifies the common-name for the device. country Specifies the country. crypto certificate generate Generates a HTTPS certificate. crypto certificate import Imports a certificate signed by the Certification Authority for HTTPS crypto certificate request Generates and displays a certificate request for HTTPS duration Specifies the duration in days.
Using the CLI Introduction This chapter describes the basics of entering and editing the Dell™ PowerConnect™ 62xx Series Command Line Interface (CLI) commands and defines the command hierarchy. It also explains how to activate the CLI and implement its major functions.
Page 112
• Show Command • Command Completion • Short Form Commands • Keyboard Shortcuts • Operating on Multiple Objects (Range) • Command Scripting • CLI Command Notation Conventions • Interface Naming Conventions History Buffer Every time a command is entered in the CLI, it is recorded in an internally managed Command First In First Out History buffer.
Page 113
Command Completion CLI can complete partially entered commands when the user presses the <tab> or <space> key. If a command entered is not complete, is not valid, or if some parameters of the command are not valid or missing, an error message is displayed to assist in entering the correct command. By pressing the <tab>...
Page 114
Keyboard Key Description <Ctrl>+<S> Disables serial flow <Ctrl>+<Z> Return to root command prompt <Tab, SPACE> Command-line completion Return to the root command prompt exit Go to next lower command prompt <?> List choices Operating on Multiple Objects (Range) The CLI allows the user to operate on the set of objects at the same time. The guidelines are as follows for range operation: •...
Page 115
Command Scripting The CLI can be used as a programmable management interface. To facilitate this function, any characters entered after the <!> character are treated as a comment and ignored by the CLI. Also, the CLI allows the user to disable session timeouts. CLI Command Notation Conventions When entering commands there are certain command-entry notations which apply to all commands.
CLI Command Modes Since the set of CLI commands is very large, the CLI is structured as a command-tree hierarchy, where related command sets are assigned to command modes for easier access. At each level, only the commands related to that level are available to the user and only those commands are shown in the context sensitive help for that level.
Page 117
User EXEC Mode After logging into the switch, the user is automatically in the User EXEC command mode unless the user is defined as a privileged user. In general, the User EXEC commands allow the user to perform basic tests, and list system information. The user-level prompt consists of the switch host name followed by the angle bracket (>).
Page 118
Router OSPFv3 Configuration — Global configuration mode command ipv6 router ospf is • used to enter into the Router OSPFv3 Configuration mode. IPv6 DHCP Pool Mode — Global configuration mode command ipv6 dhcp pool is used to • enter into the IPv6 DHCP Pool mode. •...
Page 119
TACACS — Configures the parameters for the TACACS server. • • Radius — Configures the parameters for the RADIUS server. • SNMP Host Configuration — Configures the parameters for the SNMP server host. • SNMP v3 Host Configuration — Configures the parameters for the SNMP v3 server host. •...
Page 120
Command Mode Access Method Command Prompt Exit or Access Previous Mode User EXEC The user is logout console> automatically in User EXEC mode unless the user is defined as a privileged user. Privileged EXEC Use the enable Use the exit console# command to enter into command, or press...
Page 121
Command Mode Access Method Command Prompt Exit or Access Previous Mode Class-Map From Global To exit to Global console(config- Configuration mode, Configuration classmap)# use the class-map mode, use the exit command. command, or press <Ctrl>+<Z> to Privileged EXEC mode. MAC Access List From Global To exit to Global console(config-mac-...
Page 122
Command Mode Access Method Command Prompt Exit or Access Previous Mode RADIUS From Global To exit to Global console(config- Configuration mode, Configuration radius)# use the radius-server mode, use the exit host command. command, or press <Ctrl>+<Z> to Privileged EXEC mode. SNMP Host From Global To exit to Global...
Page 123
Command Mode Access Method Command Prompt Exit or Access Previous Mode Stack From Global To exit to Global console(config- Configuration mode, Configuration stack)# use the stack command. mode, use the exit command, or press <Ctrl>+<Z> to Privileged EXEC mode. Logging From Global To exit to Global console(config-...
Page 124
Command Mode Access Method Command Prompt Exit or Access Previous Mode Router OSPFv3 Config From Global To exit to Global console(config- Configuration mode, Configuration rtr)# use the ipv6 router ospf mode, use the exit command. command, or press <Ctrl>+<Z> to Privileged EXEC mode IPv6 DHCP Pool Mode...
Command Mode Access Method Command Prompt Exit or Access Previous Mode Port Channel From Global To exit to Global console (config-if- Configuration mode, Configuration chn)# use the interface port- mode, use the exit channel command. command, or <Ctrl>+<Z> to Privileged EXEC mode.
Page 126
Web, CLI and the remote Dell Network Manager. After initial setup, the user may enter to the system to set up more advanced configurations.
Page 127
If the user chooses not to use the wizard initially, the session defaults to the CLI mode with a warning to refer to the documentation. During a subsequent login, the user may again elect not to run the setup wizard. Once the wizard has established configuration, however, the wizard is presented only if the user resets the switch to the factory default settings.
Page 128
Figure 2-1. Easy Setup Wizard for PC8024/PC8024F Did the user Transfer to CLI mode previously save a startup configuration? Does the user want Transfer to CLI mode to use setup wizard? Request SNMP Is SNMP Management Community String & Required? Server IP Address Request user name, password...
Page 129
The following example contains the sequence of prompts and responses associated with running an example Dell Easy Setup Wizard session, using the input values listed above. Note in this case a static IP address for the management interface is being set up. However it may be requested that the system automatically retrieve an IP address via DHCP.
Page 130
Step 1: The system is not setup for SNMP management by default. To manage the switch using SNMP (required for Dell Network Manager) you can: o Set up the initial SNMP version 2 account now. o Return later and setup other SNMP accounts. (For more information on setting up an SNMP version 1 or 3 account, see the user documentation).
Page 131
To setup a user account: Please enter the user name: admin<Enter> Please enter the user password: ********<Enter> Please reenter the user password: ********<Enter> Step 3: Next, an IP address is setup. The IP address is defined on the default VLAN (VLAN #1), of which all ports are members. This is the IP address you use to access the CLI, Web interface, or SNMP interface for the switch.
If the information is incorrect, select (N) to discard configuration and restart the wizard: [Y/N] y<Enter> Thank you for using the Dell Easy Setup Wizard. You will now enter CLI mode..console>...
Page 133
To use the copy command, the user specifies the source file and the destination file. For tftp://remotehost/pub/backupfile backup-config example, copy copies a file from the remote TFTP server to a local backup configuration file. In this case, if the local configuration file does not exist, then it is created by the command.
Page 134
CLI through Telnet, SSH, Serial Interfaces The CLI is accessible through a local serial interface, a remote telnet, or secure shell sessions. Since the serial interface requires a physical connection for access, it is used if all else fails. The serial interface is the only interface from which the user may access the Easy Setup Wizard.
Page 135
When RADIUS is used, the field returns the access level for the user. Two vendor specific options are supported. These are CISCO-AV-Pairs(Shell:priv- lvl=x) and Dell RADIUS VSA (user-group=x). TACACS+ provides the appropriate level of access. The following rules and specifications apply: •...
Page 136
• If a log server is not specified by the user, the CLI maintains at most the last 1000 critical system events. In this case, less important events are not recorded. Security Logs Security logs are maintained to record all security events including the following: •...
Page 137
For each of these management profiles, the user defines the list of hosts or subnets from which the management profiles may be used. Other CLI Tools and Capabilities The CLI has several other capabilities associated with its primary functions. Terminal Paging The terminal width and length for CLI displays is 79 characters and 25 lines, respectively.
Page 138
Erase Region : 1 Num Blocks : 255 Block Size : 20000 (128 KB) First Block : 0 Last Block : 254 Start Adrs : fe000000 End Adrs : fffdffff Erase Region : 2 Num Blocks : 4 Block Size : 8000 (32 KB) First Block : 255 Last Block : 258 Start Adrs : fffe0000...
Page 139
# of obsolete descriptors: current volume configuration: - volume label: NO LABEL ; (in boot sector: - volume Id: 0x1ce - total number of sectors: 61,076 - bytes per sector: - # of sectors per cluster: 4 - # of reserved sectors: 1 - FAT entry size: FAT16 - # of sectors per FAT copy: 60...
Page 140
Select (1, 2): Boot Menu Version: 3 Mar 2009 Options available 1 - Start operational code 2 - Change baud rate 3 - Retrieve event log using XMODEM 4 - Load new operational code using XMODEM 5 - Display operational code vital product data 6 - Run flash diagnostics 7 - Update boot code 8 - Delete backup image...
Page 141
7 - 57600 8 - 115200 0 - no change The above setting takes effect immediately • Option to retrieve event log using XMODEM (64KB). [Boot Menu] 3 Sending event log, start XMODEM receive..• Option to load new operational code using XMODEM [Boot Menu] 4 Ready to receive the file with XMODEM/CRC..
Page 142
Boot Code FLASH flag......0 Boot Code CRC........0x3CC4 VPD - rel 6 ver 24 maint_lvl 19 build_num 23 Timestamp - Wed Jun 24 19:31:23 2009 File - Dell-Ent-esw-campbell-pct.85xx-V6R-CSxw-6IQHSr6v24m19b23.opr [Boot Menu] • Option to Update Boot Code. [Boot Menu] 7 • Option to Delete Operational Code. The user is not allowed to delete active image.
Page 143
[Boot Menu] 9 Are you SURE you want to reset the system? (y/n):y Boot code..SDRAM 256 Boot Menu Version: Oct 20 2004 Select an option. If no selection in 10 seconds then operational code will start. 1 - Start operational code. 2 - Start Boot Menu.
Page 144
entering the command logging console. Traps generated by the system are dumped to all CLI sessions that have requested monitoring mode to be enabled. The no logging console command disables trap monitoring for the session. By default, console logging is enabled. Using the CLI...
Layer 2 Commands Introduction The chapters that follow describe commands that conform to the OSI model data link layer (Layer 2). Layer 2 commands provide a logical organization for transmitting data bits on a particular medium. This layer defines the framing, addressing, and checksum functions for Ethernet packets.
Keyword Description none Uses no authentication Default Configuration No authentication method is defined. Command Mode Global Configuration mode User Guidelines The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error, specify none as the final method in the command line.
Keyword Source or destination none Uses no authentication. radius Uses the list of all RADIUS servers for authentication. tacacs Uses the list of all TACACS+ servers for authentication. Default Configuration The default enable list is “enableList.” It is used by console, telnet, and SSH and only contains none the method Command Mode...
Page 150
Syntax list-name method1 method2... aaa authentication login {default| list-name no aaa authentication login {default| default — Uses the listed authentication methods that follow this argument as the default • list of methods when a user logs in. list-name — Character string used to name the list of authentication methods activated when •...
Example The following example configures authentication login. console(config)# aaa authentication login default radius local enable none aaa authorization network default radius Use the aaa authorization network default radius command in Global Configuration mode to enable the switch to accept VLAN assignment by the RADIUS server. Syntax aaa authorization network default radius no aaa authorization network default radius...
no enable authentication • default — Uses the default list created with the aaa authentication enable command. list-name — Uses the indicated list created with the aaaa authentication enable command. • (Range: 1-12 characters) Default Configuration Uses the default set with the command aaa authentication enable. Command Mode Line Configuration mode User Guidelines...
User Guidelines This command has no user guidelines. Example The following example defines password “xxxyyyzzz” to control access to user and privilege levels. console(config)# enable password xxxyyyzzz ip http authentication Use the ip http authentication command in Global Configuration mode to specify authentication methods for http server users.
Example The following example configures the http authentication. console(config)# ip http authentication radius local ip https authentication Use the ip https authentication command in Global Configuration mode to specify authentication methods for https server users. To return to the default configuration, use the no form of this command.
login authentication Use the login authentication command in Line Configuration mode to specify the login authentication method list for a line (console, telnet, or SSH). To return to the default specified by the authentication login command, use the no form of this command. Syntax list-name login authentication {default|...
Default Configuration No password is specified. Command Mode Line Configuration mode User Guidelines This command has no user guidelines. Example The following example specifies a password “mcmxxyyy” on a line. console(config-line)# password mcmxxyyy password (User EXEC) Use the password command in User EXEC mode to allow a user to change the password for only that user.
show authentication methods Use the show authentication methods command in Privileged EXEC mode to display information about the authentication methods. Syntax show authentication methods Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the authentication configuration.
HTTPS :local HTTP :local DOT1X :none show users accounts Use the show users accounts command in Privileged EXEC mode to display information about the local user database. Syntax show users accounts [long] Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Syntax show users login-history [long] name — name of user. (Range: 1-20 characters) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example show user login history outputs. console#show users login-history Login Time Username...
Page 160
encrypted — Encrypted password entered, copied from another switch configuration. • Default Configuration No user name is defined. The default privilege level is 1. Command Mode Global Configuration mode User Guidelines This command can be used to unlock a locked user account for an already existing user. Example The following example configures user “bob”...
ACL Commands This chapter explains the following commands: • access-list • deny | permit • ip access-group • mac access-group • mac access-list extended • mac access-list extended rename • show ip access-lists • show mac access-list access-list Use the access-list command in Global Configuration mode to create an Access Control List list-name (ACL) that is identified by the parameter Syntax...
srcmask — Source IP mask. • dstip — Destination IP address. • dstmask — Destination IP mask. • portvalue — The source layer 4 port match condition for the ACL rule is specified by the port • value parameter (Range: 0–65535). portkey —...
The assign-queue and redirect parameters are only valid for permit commands. Example The following example configures a MAC ACL to deny traffic from MAC address 0806.c200.0000. console(config)#mac access-list extended DELL123 console(config-mac-access-list)#deny 0806.c200.0000 ffff.ffff.ffff any ip access-group no ip access-group Use the ip access-group or no ip access-group command to apply/disable an IP based ACL on an Ethernet interface or a group of interfaces.
console(config-if-1/g1)#ip access-group aclname out 2 console(config-if-1/g1)#no ip access-group aclname out mac access-group Use the mac access-group command in Global Configuration or Interface Configuration mode to attach a specific MAC Access Control List (ACL) to an interface in a given direction. Syntax name direction sequence mac access-group...
mac access-list extended Use the mac access-list extended command in Global Configuration mode to create the MAC name Access Control List (ACL) identified by the parameter. Syntax name mac access-list extended name no mac access-list extended name — Name of the access list. (Range: 1-31 characters) •...
Command Mode Global Configuration mode User Guidelines Command fails if the new name is the same as the old one. Example The following example shows the mac access-list extended rename command. console(config)#mac access-list extended rename DELL1 DELL2 show ip access-lists Use the show ip access-lists command in Privileged EXEC mode to display access lists applied on interfaces and all rules that are defined for the access lists.
ACL41 show mac access-list Use the show mac access-list command in Privileged EXEC mode to display a MAC access list and all of the rules that are defined for the ACL. Syntax name show mac access-list name — Identifies a specific MAC access list to display. •...
bridge address Use the bridge address command in Interface Configuration mode to add a static MAC-layer station source address to the bridge table. To delete the MAC address, use the no form of the bridge address command (using the no form of the command without specifying a MAC address deletes all static MAC addresses belonging to this VLAN).
seconds — Time is the number of seconds. (Range: 10–1000000 seconds) • Default Configuration 300 seconds Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example In this example the bridge aging time is set to 400. console(config)#bridge aging-time 400 bridge multicast address Use the bridge multicast address command in Interface Configuration mode to register MAC-...
Command Mode Interface Configuration (VLAN) mode User Guidelines If the command is executed without add or remove, the command registers only the group in the bridge database. Static Multicast addresses can be defined only on static VLANs. Examples The following example registers the MAC address. console(config)#interface vlan 8 console(config-if-vlan8)#bridge multicast address 0100.5e02.0203 The following example registers the MAC address and adds ports statically.
If switches exist on the VLAN and IGMP snooping is not enabled, use the bridge multicast forward-all command to enable forwarding all Multicast packets to the Multicast routers. Example In this example, bridge Multicast filtering is enabled. console(config)#bridge multicast filtering bridge multicast forbidden address Use the bridge multicast forbidden address command in Interface Configuration mode to forbid adding a specific Multicast address to specific ports.
console(config)#interface vlan 8 console(config-if-vlan8)#bridge multicast address 01:00:5e:02:02:03 console(config-if-vlan8)#bridge multicast forbidden address 01:00:5e:02:02:03 add ethernet 2/g9 bridge multicast forbidden forward-unregistered Use the bridge multicast forbidden forward-unregistered command in Interface Configuration mode to forbid Forwarding-unregistered-multicast-addresses. Use the no form of this command to return to the default.
Default Configuration Forward-unregistered Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example In this example all VLAN1 Multicast packets are forwarded. console(config-if-vlan1)#bridge multicast forward-all bridge multicast forward-unregistered Use the bridge multicast forward-unregistered command in Interface Configuration mode to enable the forwarding of unregistered multicast addresses.
clear bridge Use the clear bridge command in Privileged EXEC mode to remove any learned entries from the forwarding database. Syntax clear bridge Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example In this example, the bridge tables are cleared.
Command Mode Interface Configuration (Ethernet, Port-channel) mode User Guidelines When port security is enabled on an interface, all dynamic entries learned up to that point are flushed, and new entries can be learned only to the limit set by the port security max command. The default limit is 100 dynamic MAC addresses.
show bridge address-table Use the show bridge address-table command in Privileged EXEC mode to display all entries in the bridge-forwarding database. Syntax vlan interface | port-channel-number show bridge address-table [vlan ] [ethernet port-channel vlan — Specific valid VLAN, such as VLAN 1. •...
Syntax vlan interface-number show bridge address-table count [vlan |ethernet |port-channel port-channel-number vlan — Specifies a valid VLAN, such as VLAN 1 • interface — Specifies a valid Ethernet port • port-channel-number — Specifies a valid port-channel-number • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
port-channel-number — A valid port-channel number. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example In this example, all static entries in the bridge-forwarding database are displayed. console#show bridge address-table static Vlan Mac Address...
User Guidelines A MAC address can be displayed in IP format only if it is in the range 01:00:5e:00:00:00 through 01:00:5e:7f:ff:ff. Example In this example, Multicast MAC address table information is displayed. console#show bridge multicast address-table Vlan MAC Address Type Ports ------- -------------------...
User Guidelines This command has no user guidelines. Example In this example, the Multicast configuration for VLAN 1 is displayed. console#show bridge multicast filtering 1 Filtering: Disabled VLAN: 1 Mode: Forward-Unregistered show ports security Use the show ports security command in Privileged EXEC mode to display the port-lock status. Syntax interface port-channel-number...
---- ------ ----------------- -------- ------- ------- 1/g1 Locked Discard Enable 1/g2 Unlocked - 1/g3 Locked Discard, Shutdown Disable The following table describes the fields in this example. Field Description Port The port number. Status The status can be one of the following: Locked or Unlocked.
Page 184
Examples The following example displays dynamic addresses for port channel number 1/g1. console#show ports security addresses ethernet 1/g1 Dynamic addresses: 83 Maximum addresses: 100 Learned addresses ------- --------- Address Table Commands...
Auto-VoIP Commands This chapter explains the following commands: • show switchport voice • switchport voice detect auto show switchport voice Use the show switchport voice command to show the status of Auto-VoIP on an interface or all interfaces. Syntax interface index show switchport voice [interface {ethernet | port-channel...
Interface Auto VoIP Mode Traffic Class --------- -------------- ------------- Disabled The command output provides the following information: • AutoVoIP Mode—The Auto VoIP mode on the interface. • Traffic Class—The Cos Queue or Traffic Class to which all VoIP traffic is mapped. This is not configurable and defaults to the highest COS queue available in the system for data traffic.
Example console#clear isdp counters clear isdp table The clear isdp table command clears entries in the ISDP table. Syntax clear isdp table Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#clear isdp table isdp advertise-v2...
Example console(config)#isdp advertise-v2 isdp enable The isdp enable command enables ISDP on the switch. User the “no” form of this command to disable ISDP . Use this command in global configuration mode to enable the ISDP function on the switch. Use this command in interface mode to enable sending ISDP packets on a specific interface.
no isdp holdtime time —The time in seconds (range 10–255 seconds). • Default Configuration The default holdtime is 180 seconds. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example sets isdp holdtime to 40 seconds. console(config)#isdp holdtime 40 isdp timer The isdp timer command sets period of time between sending new ISDP packets.
show isdp The show isdp command displays global ISDP settings. Syntax show isdp Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show isdp Timer..........
Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show isdp entry Switch Device ID Switch Address(es): IP Address: 172.20.1.18 IP Address: 172.20.1.18 Capability Router IGMP Platform...
Syntax interface show isdp interface { all | ethernet • Show ISDP settings for all interfaces. — interface • Specifies a valid interface. The full syntax is unit/port. — Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
User Guidelines There are no user guidelines for this command. Example console#show isdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route, S - Switch, H - Host, I - IGMP, r - Repeater Device ID Intf Hold Cap.
show isdp traffic The show isdp traffic command displays ISDP statistics. Syntax show isdp traffic Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. CDP Interoperability Commands...
Data Center Bridging Commands This chapter explains the following commands: • clear priority-flow-control statistics • datacenter-bridging • priority-flow-control mode on • priority-flow-control priority • show interfaces datacenter-bridging clear priority-flow-control statistics Use the clear priority-flow-control statistics command to clear all or interface Priority-Flow- Control statistics.
datacenter-bridging Use the datacenter-bridging command for an ethernet or port-channel interface in order to enter the DataCenterBridging mode. Priority-Flow-Control is configurable from within the DataCenterBridging mode. Syntax datacenter-bridging Default Configuration This command has no default configuration. Command Mode Interface Configuration (Ethernet, Port-channel) mode User Guidelines This command has no user guidelines.
Command Mode Datacenter-Bridging mode User Guidelines • When you disable priority-flow-control, the interface will default to the 802.3x flow control setting for the interface. • When enabling PFC, the interface will not pause until there is at least one no-drop priority. Example The following example enables PFC.
console(config-if-dcb)#priority-flow-control priority 5 no-drop show interfaces datacenter-bridging Use the show interfaces datacenter-bridging command in Privileged EXEC mode to display the datacenter-bridging configuration, status and counters for a given interface. Syntax interface port-channel-id show interfaces datacenter-bridging [ethernet | port-channel interface — Valid Ethernet port. •...
Page 205
Received PFC Frames:0 Transmit PFC Frames:0 Example #2 console#show interfaces datacenter-bridging port-channel 1 Port Drop No-Drop Priorities Priorities State State ---- ---------- ---------- ----- ----- 1,3-6 Enabled Active Priority Received PFC frames -------- ------------------- Received PFC Frames: 0 Transmit PFC Frames: 0 Example #3 console#show interfaces datacenter-bridging Port...
Page 206
1/g1 1-4,7 Enabled Active 1/g2 1-4,6-7 Disabled Inactive 1/g48 1-4,7 Enabled Active 1-4,7 Enabled Active 1-4,7 Enabled Active ch48 1-4,7 Enabled Active Data Center Bridging Commands...
dhcp l2relay (Interface Configuration) Use the dhcp l2relay command to enable DHCP L2 Relay for an interface. Use the "no" form of this command to disable DHCP L2 Relay for an interface. Syntax dhcp l2relay no dhcp l2relay Default Configuration DHCP L2Relay is disabled on all interfaces by default.
User Guidelines There are no user guidelines for this command. Example console(config)#dhcp l2relay circuit-id vlan 340-350 dhcp l2relay remote-id Use the dhcp l2relay remote-id command to enable setting the DHCP Option 82 Remote ID for a VLAN. When enabled, the supplied string is used for the Remote ID in DHCP Option 82. Use the "no"...
Default Configuration DHCP Option 82 is discarded by default. Configuration Mode Interface Configuration (Ethernet). User Guidelines There are no user guidelines for this command. Example console(config-if-1/g1)#dhcp l2relay trust dhcp l2relay vlan Use the dhcp l2relay vlan command to enable the L2 DHCP Relay agent for a set of VLANs. All DHCP packets which arrive on interfaces in the configured VLAN are subject to L2 Relay processing.
DHCP Snooping Commands This chapter explains the following commands: • clear ip dhcp snooping statistics • ip dhcp snooping • ip dhcp snooping binding • ip dhcp snooping database • ip dhcp snooping database write-delay • ip dhcp snooping limit •...
User Guidelines There are no user guidelines for this command. Example console#clear ip dhcp snooping statistics ip dhcp snooping Use the ip dhcp snooping command to enable DHCP snooping globally or on a specific VLAN. Use the “no” form of this command to disable DHCP snooping. Syntax ip dhcp snooping no ip dhcp snooping...
mac-address —The client's MAC address. • vlan-id —The number of the VLAN the client is authorized to use. • ip-address —The IP address of the client. • interface — The interface on which the client is authorized. The form is unit/port. •...
Example The following example configures the storage location of the snooping database as local. console(config)#ip dhcp snooping database local The following example configures the storage location of the snooping database as remote. console(config)#ip dhcp snooping database tftp://10.131.11.1/db.txt ip dhcp snooping database write-delay Use the ip dhcp snooping database write-delay command to configure the interval in seconds at which the DHCP Snooping database will be stored in persistent storage.
no ip dhcp snooping limit pps —The maximum number of packets per second allowed (Range: 0–300 pps). • seconds — The time allowed for a burst (Range: 1–15 seconds). • Default Configuration The default maximum rate is 15 packets per second (pps). The default burst interval is 1 second.
Example console(config-if-1/g1)#ip dhcp snooping log-invalid console(config-if-1/g1)#no ip dhcp snooping log-invalid ip dhcp snooping trust Use the ip dhcp snooping trust command to configure a port as trusted. Use the “no” form of this command to configure a port as untrusted. Syntax ip dhcp snooping trust no ip dhcp snooping trust...
Default Configuration Source MAC address verification is enabled by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ip dhcp snooping verify mac-address show ip dhcp snooping Use the show ip dhcp snooping command to display the DHCP snooping global and per port configuration.
Interface Trusted Log Invalid Pkts --------- -------- ---------------- 1/g1 1/g2 1/g3 1/g4 1/g6 show ip dhcp snooping binding Use the show ip dhcp snooping binding command to display the DHCP snooping binding entries. Syntax port vlan-id show ip dhcp snooping binding [ { static | dynamic } ] [ interface ] [ vlan •...
------------------ ------------ ---- --------- ------------- 00:02:B3:06:60:80 210.1.1.3 1/g1 86400 00:0F:FE:00:13:04 210.1.1.4 1/g1 86400 show ip dhcp snooping database Use the show ip dhcp snooping database command to display the DHCP snooping configuration related to the database persistence. Syntax show ip dhcp snooping database Default Configuration There is no default configuration for this command.
Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command. Example console#show ip dhcp snooping interfaces Interface Trust State Rate Limit Burst Interval (pps) (seconds) ---------- ------------- ------------- ---------------...
Page 221
Syntax show ip dhcp snooping statistics Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC User Guidelines The following fields are displayed by this command: MAC Verify Failures The number of DHCP messages that were filtered on an untrusted interface because of source MAC address and client MAC address mismatch.
Dynamic ARP Inspection Commands This chapter explains the following commands: • arp access-list • clear counters ip arp inspection • ip arp inspection filter • ip arp inspection limit • ip arp inspection trust • ip arp inspection validate • ip arp inspection vlan •...
User Guidelines There are no user guidelines for this command. Example console(config)#arp access-list tier1 clear counters ip arp inspection Use the clear counters ip arp inspection command to reset the statistics for Dynamic ARP Inspection on all VLANs. Syntax clear counters ip arp inspection Default Configuration There is no default configuration for this command.
Default Configuration No ARP ACL is configured. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ip arp inspection filter tier1 vlan 2-10 static console(config)#ip arp inspection filter tier1 vlan 20-30 ip arp inspection limit Use the ip arp inspection limit command to configure the rate limit and burst interval values for an interface.
User Guidelines There are no user guidelines for this command. Example console(config-if-1/g1)#ip arp inspection limit none console(config-if-1/g1)#ip arp inspection limit rate 100 burst interval 2 ip arp inspection trust The ip arp inspection trust command configures an interface as trusted for Dynamic ARP Inspection.
Syntax ip arp inspection validate {[src-mac] [dst-mac] [ip]} no ip arp inspection validate {[src-mac] [dst-mac] [ip]} src-mac • For validating the source MAC address of an ARP packet. — • dst-mac For validating the destination MAC address of an ARP packet. —...
Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ip arp inspection vlan 200-300 console(config)#ip arp inspection vlan 200-300 logging permit ip host mac host Use the permit ip host mac host command to configure a rule for a valid IP address and MAC address combination used in ARP packet validation.
show arp access-list Use the show arp access-list command to display the configured ARP ACLs with the rules. Giving an ARP ACL name as the argument would display only the rules in that ARP ACL. Syntax acl-name show arp access-list [ acl-name —...
Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC User Guidelines The following fields are displayed for each interface: Interface The interface-id for each displayed row. Trust State Whether interface is trusted or untrusted for DAI. Rate Limit The configured rate limit value in packets per second.
Page 231
Command Mode Privileged EXEC mode User Guidelines The following information is displayed for each VLAN when a VLAN range is supplied: VLAN The Vlan-Id for each displayed row. Forwarded The total number of valid ARP packets forwarded in this Vlan. Dropped The total number of invalid ARP packets dropped in this Vlan.
---- ---------- ---------- ---------- ---------- ---------- ------ ---- --------- show ip arp inspection vlan Use the show ip arp inspection vlan command to display the Dynamic ARP Inspection configuration on all the VLANs in the given VLAN range. It also displays the global configuration values for source MAC validation, destination MAC validation and invalid IP validation.
Page 233
User Guidelines The following global parameters are displayed: Source Mac Validation If Source Mac validation of ARP frame is enabled. Destination Mac Validation If Destination Mac validation of ARP Response frame is enabled. IP Address Validation If IP address validation of ARP frame is enabled. The following fields are displayed for each VLAN: Vlan The Vlan-Id for each displayed row.
Syntax interface port-channel-number clear counters [ethernet | port-channel interface — Valid Ethernet port. The full syntax is: unit/port • port-channel-number — Valid port-channel index. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Example The following example adds a description to the Ethernet port 5. console(config)#interface ethernet 1/g5 console(config-if-1/g5)# description RD_SW#3 duplex Use the duplex command in Interface Configuration mode to configure the full/half duplex operation of a given Ethernet interface when not using auto-negotiation. To restore the default, use the no form of this command.
Syntax flowcontrol no flowcontrol Default Configuration Flow Control is enabled. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example In the following example, flow control is enabled. console(config)# flowcontrol interface ethernet Use the interface ethernet command in Global Configuration mode to enter the interface configuration mode to configure an Ethernet type interface.
interface range ethernet Use the interface range ethernet command in Global Configuration mode to execute a command on multiple ports at the same time. Syntax port-range interface range ethernet { | all} port-range — List of valid ports to configure. Separate non consecutive ports with a comma •...
Default Configuration The default number of bytes is 1518 (1522 bytes of VLAN-tagged frames). Command Mode Interface Configuration (Ethernet) mode User Guidelines The value set allows an additional four bytes for the VLAN tag. Example The following example of the mtu command increases maximum packet size to 9216 bytes. console(config-if-1/g5)#mtu 9216 negotiation Use the negotiation command in Interface Configuration mode to enable auto-negotiation...
console(config)#interface ethernet 1/g5 console(config-if-1/g5)#negotiation negotiation <capability-list> Use the negotiation <capability-list> command in Interface Configuration mode in order to limit auto-negotiation capabilities. Syntax negotiation <capability-list> • capabilitity-list — Specify one or more of the following values, separated by a space: 100f, 1000f and 10000f.
Example console(config-if-1/xg17)#negotiation 1000f 10000f show interfaces advertise Use the show interfaces advertise command in Privileged EXEC mode to display information about auto-negotiation advertisement. Syntax interface show interfaces advertise [ethernet interface — A valid Ethernet port. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Admin Local Link ------ ------ ------ ------ ------ Advertisement yes show interfaces configuration Use the show interfaces configuration command in User EXEC mode to display the configuration for all configured interfaces. Syntax interface port-channel-number show interfaces configuration [ethernet | port-channel interface —...
1/g8 Gigabit - Level Unknown Auto 1/g9 Gigabit - Level Unknown Auto 1/g10 Gigabit - Level Unknown Auto 1/g11 Gigabit - Level Unknown Auto 1/g12 Gigabit - Level Unknown Auto 1/g13 Gigabit - Level Unknown Auto 1/g14 Gigabit - Level Unknown Auto 1/g15...
Page 245
port-channel-number — A valid port-channel index. • Default Configuration This command has no default configuration. Command Mode User EXEC mode and Privileged EXEC mode User Guidelines This command has no user guidelines. The following table describes the fields shown in the display: Field Description InOctets...
Page 246
Field Description Oversize Packets Counted frames received that exceed the maximum permitted frame size. Internal MAC Rx Errors A count of frames for which reception fails due to an internal MAC sublayer receive error. Received Pause Frames A count of MAC Control frames received with an opcode indicating the PAUSE operation.
Page 247
OutOctets OutUcastPkts ---- ---------- --------- 23739 Example #2 The following example displays counters for Ethernet port 1/g1. console#show interfaces counters ethernet 1/g1 Port InOctets InUcastPkts ---- ---------- --------- 1/g1 183892 1289 Port OutOctets OutUcastPkts ---- ---------- --------- 1/g1 9188 Alignment Errors: 17 FCS Errors: 8 Single Collision Frames: 0 Multiple Collision Frames: 0...
Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the description for the interface 1/g1. console>show interfaces description Port Description ---- ----------------------------------------------------------- 1/g1 Port that should be used for management only 2/g1 2/g2 Description...
Page 251
port-channel-number — A valid port-channel index. • Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example console#show interfaces detail Ethernet 1/xg1 Port Type Duplex Speed Admin Link State State ----- ---------------...
Page 252
Port 1/xg1 is member in: VLAN Name Egress rule Type ---- --------- ----------- ----- default untagged System VLAN008 tagged Dynamic VLAN0011 tagged Static IPv6 VLAN untagged Static VLAN0072 untagged Static Static configuration: PVID: 1 (default) Ingress Filtering: Enabled Acceptable Frame Type: All Port 1/xg1 is statically configured to: VLAN Name...
------------------ Port 1 (1/xg1) enabled State: Forwarding Role: Root Port id: 128.1 Port cost: 20000 Port Fast: No (configured:no) Designated bridge Priority: 32768 Address: 00:01:42:97:e0:00 Designated port id: 128.25 Designated path cost: 0 BPDU: sent 2, received 120638 show interfaces status Use the show interfaces status command in User EXEC mode to display the status for all configured interfaces.
Page 254
1/g2 Gigabit - Level Unknown Auto Down Inactive 1/g3 Gigabit - Level Unknown Auto Down Inactive 1/g4 Gigabit - Level Unknown Auto Down Inactive 1/g5 Gigabit - Level Unknown Auto Down Inactive 1/g6 Gigabit - Level Unknown Auto Down Inactive 1/g7 Gigabit - Level Unknown...
Page 255
Link Aggregate Down Link Aggregate Down Link Aggregate Down Link Aggregate Down Link Aggregate Down --More-- or (q)uit ch10 Link Aggregate Down ch11 Link Aggregate Down ch12 Link Aggregate Down ch13 Link Aggregate Down ch14 Link Aggregate Down ch15 Link Aggregate Down ch16 Link Aggregate Down...
ch40 Link Aggregate Down ch41 Link Aggregate Down ch42 Link Aggregate Down ch43 Link Aggregate Down ch44 Link Aggregate Down ch45 Link Aggregate Down ch46 Link Aggregate Down ch47 Link Aggregate Down ch48 Link Aggregate Down Flow Control:Disabled console# The displayed port status information includes the following: Field Description Port...
switchport — Displays statistics for the entire switch. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Examples The following examples show statistics for port 1/g1 and for the entire switch. console#show statistics ethernet 1/g1 Total Packets Received (Octets)....
Page 258
Multicast Packets Received..... 48339 --More-- or (q)uit Broadcast Packets Received..... 76702 Total Packets Received with MAC Errors..0 Jabbers Received....... 0 Fragments/Undersize Received....0 Alignment Errors....... 0 FCS Errors........0 Overruns........0 Total Received Packets Not Forwarded... 91 Local Traffic Frames......0 802.3x Pause Frames Received....
Page 260
Maximum VLAN Entries......1024 Most VLAN Entries Ever Used....6 Static VLAN Entries......6 Dynamic VLAN Entries......0 VLAN Deletes........0 Time Since Counters Last Cleared....1 day 0 hr 42 min 13 sec console# Ethernet Configuration Commands...
show storm-control Use the show storm-control command in Privileged EXEC mode to display the configuration of storm control. Syntax interface show storm-control [all | interface — Valid Ethernet port. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
shutdown Use the shutdown command in Interface Configuration mode to disable an interface. To restart a disabled interface, use the no form of this command. Syntax shutdown no shutdown Default Configuration The interface is enabled. Command Mode Interface Configuration (Ethernet, Port-Channel, Tunnel, Loopback) mode User Guidelines This command has no user guidelines.
speed Use the speed command in Interface Configuration mode to configure the speed of a given Ethernet interface when not using auto-negotiation. To restore the default, use the no form of this command. Syntax speed [10 | 100 ] no speed •...
no storm-control broadcast rate — Percentage of port bandwidth to allow. (Range: 0-100) • Default Configuration The default value is 5. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example console(config-if-1/g1)#storm-control broadcast level 5 storm-control multicast Use the storm-control multicast command in Interface Configuration mode to enable multicast storm recovery mode for an interface.
Example console(config-if-1/g1)#storm-control multicast level 5 storm-control unicast Use the storm-control unicast command in Interface Configuration mode to enable unknown unicast storm control for an interface. If the mode is enabled, unicast storm recovery is active, and if the rate of unknown L2 unicast (destination lookup failure) traffic ingressing on an interface increases beyond the configured threshold, the traffic will be dropped.
Example The following example clears all the GVRP statistics information on port 1/g8. console# clear gvrp statistics ethernet 1/g8 garp timer Use the garp timer command in Interface Configuration mode to adjust the GARP application join, leave, and leaveall GARP timer values. To reset the timer to default values, use the no form of this command.
Example The following example sets the leave timer for port 1/g8 to 90 centiseconds. console (config)# interface ethernet 1/g8 console (config-if-1/g8)# garp timer leave 90 gvrp enable (global) Use the gvrp enable (global) command in Global Configuration mode to enable GVRP globally on the switch.
Command Mode Interface Configuration (Ethernet, Port-Channel) mode User Guidelines An Access port cannot join dynamically to a VLAN because it is always a member of only one VLAN. Membership in untagged VLAN would be propagated in a same way as a tagged VLAN. In such cases it is the administrator’s responsibility to set the PVID to be the untagged VLAN VID.
gvrp vlan-creation-forbid Use the gvrp vlan-creation-forbid command in Interface Configuration mode to disable dynamic VLAN creation. To disable dynamic VLAN creation, use the no form of this command. Syntax gvrp vlan-creation-forbid no gvrp vlan-creation-forbid Default Configuration By default, dynamic VLAN creation is enabled. Command Mode Interface Configuration (Ethernet, Port-Channel) mode User Guidelines...
Page 272
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example shows how to display GVRP configuration information: GVRP Commands...
Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example The following example displays GVRP error statistics information. console>show gvrp error-statistics GVRP error statistics: ---------------- Legend: INVPROT: Invalid Protocol Id INVATYP: Invalid Attribute Type INVALEN: Invalid Attribute Length INVAVAL: Invalid Attribute Value INVEVENT: Invalid Event...
Page 275
Syntax interface port-channel-number show gvrp statistics [ethernet | port-channel interface — A valid Ethernet interface. • port-channel-number — A valid port channel index. • Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example This example shows output of the show gvrp statistics command.
IGMP Snooping Commands This chapter explains the following commands: • ip igmp snooping (global) • ip igmp snooping (interface) • ip igmp snooping host-time-out • ip igmp snooping leave-time-out • ip igmp snooping mrouter-time-out • show ip igmp snooping groups •...
User Guidelines IGMP snooping is enabled on static VLANs only and is not enabled on Private VLANs or their community VLANs. Example The following example enables IGMP snooping. console(config)# ip igmp snooping ip igmp snooping (interface) Use the ip igmp snooping command in Interface Configuration mode to enable Internet Group Management Protocol (IGMP) snooping on a specific interface.
Syntax time-out ip igmp snooping host-time-out no ip igmp snooping host-time-out time-out — Host timeout in seconds. (Range: 2- 3600) • Default Configuration The default host-time-out is 260 seconds. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines The timeout should be more than sum of response time and twice the query interval. Example The following example configures the host timeout to 300 seconds.
User Guidelines The leave timeout should be set greater than the maximum time that a host is allowed to respond to an IGMP Query. Use immediate leave only where there is only one host connected to a port. Example The following example configures the host leave-time-out to 60 seconds. console(config-if-1/g1)#ip igmp snooping leave-time-out 60 ip igmp snooping mrouter-time-out Use the ip igmp snooping mrouter-time-out command in Interface Configuration mode to...
Syntax vlan-id ip-multicast-address show ip igmp snooping groups [vlan ] [address vlan_id — Specifies a VLAN ID value. • ip-multicast-address — Specifies an IP Multicast address. • Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines To see the full Multicast address table (including static addresses) use the show bridge address- table command.
Syntax interface interface port-channel- show ip igmp snooping interface {ethernet | port-channel number interface — Valid Ethernet port. The full syntax is unit/port. • port-channel-number — Valid port-channel index. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example shows IGMP snooping mrouter information. console#show igmp snooping mrouter Port........1/g1 ip igmp snooping (VLAN) Use the ip igmp snooping command in VLAN Configuration mode to enable IGMP snooping on a particular interface or on all interfaces participating in a VLAN.
ip igmp snooping fast-leave This command enables or disables IGMP Snooping fast-leave mode on a selected VLAN. Enabling fast-leave allows the switch to immediately remove the layer 2 LAN interface from its forwarding table entry upon receiving an IGMP leave message for that multicast group without first sending out MAC-based general queries to the interface.
Page 285
Syntax vlan-id seconds ip igmp snooping groupmembership-interval no ip igmp snooping groupmembership-interval vlan-id — Number assigned to the VLAN • • seconds — IGMP group membership interval time in seconds. (Range: 2–3600) Default Configuration The default group membership interval time is 260 seconds. Command Mode VLAN Configuration mode User Guidelines...
ip igmp snooping maxresponse This command sets the IGMP Maximum Response time on a particular VLAN. The Maximum Response time is the amount of time in seconds that a switch will wait after sending a query on an interface because it did not receive a report for a particular group in that interface. This value must be less than the IGMP Query Interval time value.
ip igmp snooping mcrtrexpiretime This command sets the Multicast Router Present Expiration time. The time is set on a particular VLAN. This is the amount of time in seconds that a switch waits for a query to be received on an interface before the interface is removed from the list of interfaces with multicast routers attached.
IGMP Snooping Querier Commands This chapter explains the following commands: • ip igmp snooping querier • ip igmp snooping querier election participate • ip igmp snooping querier query-interval • ip igmp snooping querier timer expiry • ip igmp snooping querier version •...
Command Mode Global Configuration mode VLAN Configuration mode User Guidelines When using the command in Global Configuration mode to configure a snooping querier source address, the IPv4 address is the global querier address. When using the command in VLAN Configuration mode to configure a snooping querier source address, the IPv4 address is the querier address for the VLAN.
Example The following example configures the snooping querier to participate in the querier election. console(config-vlan)#ip igmp snooping querier election participate ip igmp snooping querier query-interval This command sets the IGMP Querier Query Interval time, which is the amount of time in seconds that the switch waits before sending another periodic query.
seconds — The time in seconds that the switch remains in Non-Querier mode after it has • discovered that there is a multicast querier in the network. The range is 60–300 seconds. Default Configuration The query interval default is 60 seconds. Command Mode Global Configuration mode User Guidelines...
show igmp snooping querier This command displays IGMP Snooping Querier information. Configured information is displayed whether or not IGMP Snooping Querier is enabled. vlan_id When the optional argument is not used, the command shows the following information: • Admin Mode — Indicates whether or not IGMP Snooping Querier is active on the switch. •...
Page 294
Syntax vlan_id show ip igmp snooping querier [{detail | vlan vlan_id — Number assigned to the VLAN. • Default Configuration This command has no default configuration Command Mode Privileged Exec mode User Guidelines This command has no user guidelines. Example The following example shows querier information for VLAN 2.
IP Addressing Commands This chapter explains the following commands: • clear host • ip address • ip address vlan • ip default-gateway • ip domain-lookup • ip domain-name • ip host • ip name-server • ipv6 address • ipv6 enable •...
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example deletes all entries from the host name-to-address cache. console#clear host * ip address Use the ip address command in Global Configuration mode to set an IP address. To remove an IP address, use the no form of this command.
Examples The following example acquires an IP address for the switch management interface from DHCP . console(config)#ip address dhcp The following examples configure the IP address 131.108.1.27 and subnet mask 255.255.255.0 and the same IP address with prefix length of 24 bits. console(config)#ip address 131.108.1.27 255.255.255.0 console(config)#ip address 131.108.1.27 /24 ip address...
console(config-if)#ip address dhcp console(config-if)#ip address none console(config)#interface out-of-band console(config-if)#ip address 10.240.4.115 255.255.255.0 10.240.4.1 ip address vlan Use the ip address vlan command in Global Configuration mode to set the management VLAN. Syntax vlanid ip address vlan no ip address vlan vlanid —...
Default Configuration No default gateway is defined. Command Mode Global Configuration mode User Guidelines A static IP address must be configured using the ip address command before setting the default gateway. The default gateway should reside on the subnet defined by the ip address command. NOTE: For management traffic forwarding decisions, a default-route configured on the switch (CLI, Web, SNMP, or learned via routing protocol such as OSPF), takes precedence over the ip default-gateway setting.
Global Configuration mode User Guidelines This command has no user guidelines. Example The following example defines a default domain name of dell.com. console(config)#ip domain-name dell.com ip host Use the ip host command in Global Configuration mode to define static host name-to-address mapping in the host cache.
This command has no user guidelines. Example The following example defines a static host name-to-address mapping in the host cache. console(config)#ip host accounting.dell.com 176.10.23.1 ip name-server Use the ip name-server command in Global Configuration mode to define available IPv4 or IPv6 name servers.
ipv6 address Use the ipv6 address command to set the IPv6 address of the management interface. Use the "no" form of this command to reset the IPv6 address to the default. Syntax prefix/prefix-length ipv6 address { [eui64] | autoconfig | dhcp } no ipv6 address prefix —...
console(config)#no ipv6 address dhcp console(config)#no ipv6 address autoconfig console(config)#no ipv6 address 2003::6/64 console(config)#no ipv6 address 2001::/64 eui64 console(config)#no ipv6 address ipv6 enable Use the ipv6 enable command to enable IPv6 on the management interface. Use the "no" form of this command to disable IPv6 on the management interface. Syntax ipv6 enable no ipv6 enable...
Syntax gateway-address ipv6 gateway no ipv6 gateway gateway-address —The gateway address in IPv6 global or link-local address format. Default Configuration There is no IPv6 gateway configured by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 gateway 2003::1 console(config)#no ipv6 gateway...
Example The following example displays ARP table information. console#show arp switch MAC Address IP Address Interface ------------------- ---------------- ------------ 0016.9CE1.D800 10.27.6.1 1/g37 show hosts Use the show hosts command in User EXEC mode to display the default domain name, a list of name server hosts, and the static and cached list of host names and addresses.
Cache: TTL (Hours) Host Total Elapsed Type Addresses ---------------- ----- ------- ------- ------------- www.stanford.edu 171.64.14.203 show ip helper-address Use the show ip helper-address command in Privileged EXEC mode to display IP helper addresses configuration. Syntax intf-address show ip helper-address [ intf-address —...
show ip interface management Use the show ip interface management command to display the management interface configuration. Syntax show ip interface management Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the management interface configuration.
IPv6 Access List Commands This chapter explains the following commands: • {deny | permit} • ipv6 access-list • ipv6 access-list rename • ipv6 traffic-filter • show ipv6 access-lists {deny | permit} This command creates a new rule for the current IPv6 access list. Each rule is appended to the list of configured rules for the list.
Page 310
eq — Equal. Refers to the Layer 4 port number being used as a match criteria. The first • reference is source match criteria, the second is destination match criteria. portkey — Or you can specify the portkey, which can be one of the following keywords: •...
console(Config-ipv6-acl)# ipv6 access-list The ipv6 access-list command creates an IPv6 Access Control List (ACL) consisting of classification fields defined for the IP header of an IPv6 frame. The <name> parameter is a case-sensitive alphanumeric string from 1 to 31 characters uniquely identifying the IPv6 access list.
name — the name of an existing IPv6 ACL. • newname — alphanumeric string from 1 to 31 characters uniquely identifying the IPv6 access • list. Default Configuration There is no default configuration for this command. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
Default Configuration This command has no default configuration. Command Modes Global Configuration mode Interface Configuration (Ethernet, Port-channel, VLAN) mode User Guidelines This command specified in 'Interface Config' mode only affects a single interface, whereas the 'Global Config' mode setting is applied to all interfaces. Example •...
Page 314
Example The following example displays configuration information for the IPv6 ACLs. console#show ipv6 access-lists Current number of all ACLs: 1 Maximum number of all ACLs: 100 IPv6 ACL Name Rules Direction Interface(s) VLAN(s) ------------------------------- ----- --------- -------------------- ------------- STOP_HTTP inbound 1/g1 console#show ipv6 access-lists STOP_HTTP ACL Name: STOP_HTTP...
Page 315
Source L4 Port This field displays the source port for this rule. Keyword Destination IP This displays the destination IP address for this rule. Address Destination L4 This field displays the destination port for this rule. Port Keyword IP DSCP This field indicates the value specified for IP DSCP .
ipv6 mld snooping querier (VLAN mode) Use the ipv6 mld snooping querier command in VLAN mode to enable MLD Snooping Querier on a VLAN. Use the "no" form of this command to disable MLD Snooping Querier on a VLAN. Syntax vlan-id ipv6 mld snooping querier vlan-id...
Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 mld snooping querier address Fe80::5 ipv6 mld snooping querier election participate Use the ipv6 mld snooping querier election participate command to enable the Snooping Querier to participate in the Querier Election process when it discovers the presence of another Querier in the VLAN.
ipv6 mld snooping querier query-interval Use the ipv6 mld snooping querier query-interval command to set the MLD Querier Query Interval time. It is the amount of time in seconds that the switch waits before sending another general query. Use the "no" form of this command to reset the Query Interval to the default. Syntax interval ipv6 mld snooping querier query-interval...
Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 mld snooping querier timer expiry 222 show ipv6 mld snooping querier Use the show ipv6 mld snooping querier command to display MLD Snooping Querier information.
Page 322
When the optional argument vlan vlan-id is used, the following additional information appears: MLD Snooping Querier VLAN Indicates whether MLD Snooping Querier is active on the VLAN. Mode Querier Election Participate Mode Indicates whether the MLD Snooping Querier participates in querier election if it discovers the presence of a querier in the VLAN.
Page 323
When the optional argument detail is used, the command shows the global information and the information for all Querier enabled VLANs as well as the following information: Last Querier Address Indicates the IP address of the most recent Querier from which a Query was received.
IP Source Guard Commands This chapter explains the following commands: • ip verify source • ip verify source port-security • ip verify binding • show ip verify interface • show ip verify source interface • show ip source binding ip verify source Use the ip verify source command in Interface Configuration mode to enable filtering of IP packets matching the source IP address.
Syntax ip verify source port-security Default Configuration By default, IPSG is disabled on all interfaces. Command Mode Interface Configuration mode User Guidelines This command has no user guidelines. Example console(config-if-1/g1)#ip verify source port-security ip verify binding Use the ip verify binding command in Global Configuration mode to configure static bindings. Syntax ip verify binding <macaddr>...
Syntax show ip verify interface Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example console#show ip verify interface 1/g1 show ip verify source interface Use the show ip verify source interface command in Privileged EXEC mode to display the bindings configured on a particular interface.
Page 328
Syntax show ip source binding Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example console#show ip source binding IP Source Guard Commands...
iSCSI Flow Acceleration Commands This chapter explains the following commands: • iscsi aging time • iscsi cos • iscsi enable • iscsi target port • show iscsi • show iscsi sessions iscsi aging time The iscsi aging time command sets the time out value for iSCSI sessions. To reset the aging time to the default value, use the no form of this command.
Example The following example sets the aging time for iSCSI sessions to 100 minutes. console(config)#iscsi aging time 100 iscsi cos The iscsi cos command sets the quality of service profile that will be applied to iSCSI flows. To return to the default value, use the no form of this command. Syntax dscp iscsi cos {vpt...
iscsi enable The iscsi enable command globally enables iSCSI awareness. To disable iSCSI awareness use the no form of this command. Syntax iscsi enable no iscsi enable Default Configuration The default configuration is disabled. Command Mode Global Configuration mode. User Guidelines When you issue the no iscsi enable command, iSCSI resources are released.
Default Configuration iSCSI well-known ports 3260 and 860 are configured as default but can be removed as any other configured target. Command Mode Global Configuration mode. User Guidelines When working with private iSCSI ports (not IANA assigned iSCSI ports 3260/860), it is recommended to specify the target IP address as well.
User Guidelines There are no user guidelines for this command. Example The following example displays the iSCSI settings. console#show iscsi iSCSI enabled iSCSI vpt is 5, remark Session aging time: 10 min Maximum number of sessions is 192 ------------------------------------------------ iSCSI Targets and TCP Ports: ------------------------------------------------ TCP Port Target IP Address...
Page 334
Example The following examples show summary and detailed information about the iSCSI sessions. console#show iscsi sessions Session 0: ------------------------------------------------------------------ Target: iqn.2001-05.com.equallogic:0-8a0906-0e70c2002- 10a0018426a48c94-iom010 Initiator: iqn.1991-05.com.microsoft:win-x9l8v27yajg ISID: 400001370000 Session 1: ------------------------------------------------------------------ Target: iqn.2001-05.com.equallogic:0-8a0906-0f60c2002- 0360018428d48c94-iom011 Initiator: iqn.1991-05.com.microsoft:win-x9l8v27yajg ISID: 400001370000 Session 2: ------------------------------------------------------------------ Target: iqn.2001-05.com.equallogic:0-8a0906-1080c2002- 336001842b348c94-iom012 Initiator: iqn.1991-05.com.microsoft:win-x9l8v27yajg ISID: 400001370000...
Page 335
Initiator Initiator Target Target IP Address TCP Port IP Address TCP Port 192.168.2.125 49272 192.168.2.20 3260 Session 1: ----------------------------------------------------------------- Target: iqn.2001-05.com.equallogic:0-8a0906-0f60c2002- 0360018428d48c94-iom011 Initiator: iqn.1991-05.com.microsoft:win-x9l8v27yajg Up Time: 00:00:00:13 (DD:HH:MM:SS) Time for aging out: 47 secs ISID: 400001370000 Initiator Initiator Target Target IP Address TCP Port IP Address...
LACP Commands This chapter explains the following commands: • lacp port-priority • lacp system-priority • lacp timeout • show lacp ethernet • show lacp port-channel lacp port-priority Use the lacp port-priority command in Interface Configuration mode to configure the priority value for physical ports.
lacp system-priority Use the lacp system-priority command in Global Configuration mode to configure the Link Aggregation system priority. To reset to default, use the no form of this command. Syntax value lacp system-priority no lacp system-priority value — Port priority value. (Range: 1–65535) •...
Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example The following example assigns an administrative LACP timeout for port 1/g8 to a long timeout value. console(config)#interface ethernet 1/g8 console(config-if-1/g8)#lacp timeout long show lacp ethernet Use the show lacp ethernet command in Privileged EXEC mode to display LACP information for Ethernet ports.
Page 340
system mac addr: 00:00:12:34:56:78 port Admin key: port Oper key: port Oper priority: port Admin timeout: LONG port Oper timeout: LONG LACP Activity: ACTIVE Aggregation: AGGREGATABLE synchronization: FALSE collecting: FALSE distributing: FALSE expired: FALSE Partner system priority: system mac addr: 00:00:00:00:00:00 port Admin key: port Oper key:...
show lacp port-channel Use the show lacp port-channel command in Privileged EXEC mode to display LACP information for a port-channel. Syntax port_channel_number show lacp port-channel [ port_channel_number — The port-channel number. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Link Dependency Commands This chapter explains the following commands: • link-dependency group • no link-dependency group • add ethernet • add port-channel • add port-channel • no add port-channel • depends-on ethernet • no depends-on ethernet • depends-on port-channel • no depends-on port-channel •...
Example console(config)#link-dependency group 1 console(config-linkDep-group-1)# no link-dependency group Use the no link-dependency group command to remove the configuration for a link- dependency group. Syntax no link-dependency group GroupId GroupId — Link dependency group identifier. (Range: 1–16) • Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines...
Command Mode Link Dependency mode User Guidelines No specific guidelines Example console(config-depend-1)#add ethernet 1/g1 add port-channel Use the add port-channel command to add member port-channels to the dependency list. Syntax port-channel-list add port-channel port-channel-list — List of port-channel interfaces. Separate nonconsecutive ports with a •...
port-channel-list — List of port-channel interfaces. Separate nonconsecutive ports with a • comma and no spaces. Use a hyphen to designate the range of ports. (Range: Valid port- channel interface list or range) Default Configuration This command has no default configuration. Command Mode Link Dependency mode User Guidelines...
no depends-on ethernet Use the no depends-on ethernet command to remove the dependent Ethernet ports list. Syntax intf-list no depends-on ethernet intf-list — List of Ethernet interfaces. Separate nonconsecutive ports with a comma and no • spaces. Use a hyphen to designate the range of ports. (Range: Valid Ethernet interface list or range) Default Configuration This command has no default configuration.
User Guidelines No specific guidelines Example console(config-linkDep-group-1)#depends-on port-channel 6 no depends-on port-channel Use the no depends-on port-channel command to remove the dependent port-channels list. Syntax port-channel-list no depends-on port-channel port-channel-list — List of port-channel interfaces. Separate nonconsecutive ports with a •...
Page 349
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines No specific guidelines Example The following command shows link dependencies for all groups. console#show link-dependency GroupId Member Ports Ports Depended On ------- --------------------- ---------------------------------- 1/g1-1/g4 1/g8-1/g9 1/g5 1/g3-1/g4...
Syntax clear lldp remote-data Default Configuration By default, data is removed only on system reset. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays how to clear the LLDP remote data. console#clear lldp remote-data clear lldp statistics Use the clear lldp statistics command in Privileged EXEC mode to reset all LLDP statistics.
lldp med This command is used to enable/disable LLDP-MED on an interface. By enabling MED, the transmit and receive functions of LLDP are effectively enabled. Syntax Description lldp med no lldp med Parameter Ranges Not applicable Command Mode Interface (Ethernet) Configuration Default Value LLDP-MED is disabled on all supported interfaces.
Default Value By default, notifications are disabled on all supported interfaces. Usage Guidelines No specific guidelines. Example console(config)#lldp med confignotification lldp med faststartrepeatcount This command is used to set the value of the fast start repeat count. Syntax Description count lldp med faststartrepeatcount no lldp med faststartrepeatcount count —...
Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example The following example displays how to enable remote data change notifications. console(config-if-1/g3)#lldp notification lldp notification-interval Use the lldp notification-interval command in Global Configuration mode to limit how frequently remote data change notifications are sent.
Syntax lldp receive no lldp receive Default Configuration The default lldp receive mode is disabled. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example The following example displays how to enable the LLDP receive capability. console(config-if-1/g3)#lldp receive lldp timers Use the lldp timers command in Global Configuration mode to set the timing parameters for...
Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Examples The following example displays how to configure LLDP to transmit local information every 1000 seconds. console(config)#lldp timers interval 1000 The following example displays how to set the timing parameter at 1000 seconds with a hold multiplier of 8 and a 5 second delay before re-initialization.
lldp transmit-mgmt Use the lldp transmit-mgmt command in Interface Configuration mode to include transmission of the local system management address information in the LLDPDUs. To cancel inclusion of the management information, use the no form of this command. Syntax lldp transmit-mgmt no lldp transmit-mgmt Default Configuration By default, management address information is not included.
Default Configuration By default, no optional TLVs are included. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example The following example shows how to include the system description TLV in local data transmit. console(config-if-1/g3)#lldp transmit-tlv sys-desc show lldp Use the show lldp command in Privileged EXEC mode to display the current LLDP configuration summary.
Notification Interval: limited to every 5 seconds console#show lldp LLDP transmit and receive disabled on all interfaces show lldp interface Use the show lldp interface command in Privileged EXEC mode to display the current LLDP interface state. Syntax interface show lldp interface { | all } interface —...
Interface Link Transmit Receive Notify TLVs Mgmt --------- ---- -------- -------- -------- ------- ---- 1/g1 Enabled Enabled Enabled 0,1,2,3 TLV Codes: 0 – Port Description, 1 – System Name, 2 – System Description, 3 – System Capability show lldp local-device Use the show lldp local-device command in Privileged EXEC mode to display the advertised LLDP local data.
Interface: 1/g1 Chassis ID Subtype: MAC Address Chassis ID: 00:62:48:00:00:00 Port ID Subtype: MAC Address Port ID: 00:62:48:00:00:02 System Name: System Description: Routing Port Description: System Capabilities Supported: bridge, router System Capabilities Enabled: bridge Management Address: Type: IPv4 Address: 192.168.17.25 show lldp med This command displays a summary of the current LLDP MED configuration.
LLDP MED Global Configuration Fast Start Repeat Count: 3 Device Class: Network Connectivity show lldp med interface This command displays a summary of the current LLDP MED configuration for a specific interface. Syntax Description unit/port show lldp med interface {< >...
Info: xxx xxx xxx Extended POE Device Type: pseDevice Extended POE PSE Available: 0.3 watts Source: primary Priority: critical Extended POE PD Required: 0.2 watts Source: local Priority: low show lldp med remote-device This command displays the current LLDP MED remote data. This command can display summary information or detail for each interface.
Page 368
Default Value Not applicable Example Console#show lldp med remote-device all LLDP MED Remote Device Summary Local InterfaceDevice Class --------------------- 1/g1Class I 1/g2 Not Defined 1/g3Class II 1/g4Class III 1/g5Network Con Console#show lldp med remote-device detail 1/g1 LLDP MED Remote Device Detail Local Interface: 1/g1 Capabilities MED Capabilities Supported: capabilities, networkpolicy, location,...
Extended POE PSE Available: 0.3 Watts Source: primary Priority: critical Extended POE PD Required: 0.2 Watts Source: local Priority: low show lldp remote-device Use the lldp remote-device command in Privileged EXEC mode to display the current LLDP remote data. This command can display summary information or detail for each interface. Syntax interface interface...
--------- ----------------- ----------------- ---------- 1/g1 01:23:45:67:89:AB 01:23:45:67:89:AC 60 seconds 1/g2 01:23:45:67:89:CD 01:23:45:67:89:CE 120 seconds 1/g3 01:23:45:67:89:EF 01:23:45:67:89:FG 80 seconds console# show lldp remote-device detail 1/g1 Ethernet1/g1, Remote ID: 01:23:45:67:89:AB System Name: system-1 System Description: System Capabilities: Bridge Port ID: 01:23:45:67:89:AC Port Description: 1/g4 Management Address: 192.168.112.1 TTL: 60 seconds...
Page 372
Examples The following examples shows an example of the display of current LLDP traffic statistics. console#show lldp statistics all LLDP Device Statistics Last Update........0 days 22:58:29 Total Inserts........ 1 Total Deletes........ 0 Total Drops........0 Total Ageouts........ 1 Interface Total Total Discards Errors Ageout Discards Unknowns MED 802.1 802.3 --------- ----- ----- -------- ------ ------ -------- -------- ---- ----- ----- 1/g11...
Page 373
Parameter Description Transmit Total Total number of LLDP frames transmitted on the indicated port. Receive Total Total number of valid LLDP frames received on the indicated port. Discards Number of LLDP frames received on the indicated port and discarded for any reason. Errors Number of non-valid LLDP frames received on the indicated port.
Port Channel Commands This chapter explains the following commands: • channel-group • interface port-channel • interface range port-channel • hashing-mode • no hashing-mode • show interfaces port-channel • show statistics port-channel channel-group Use the channel-group command in Interface Configuration mode to configure a port-to-port channel.
Example The following example shows how port 1/g5 is configured to port-channel number 1 without LACP . console(config)# interface ethernet 1/g5 console(config-if-1/g5)# channel-group 1 mode on interface port-channel Use the interface port-channel command in Global Configuration mode to configure a port-channel type and enter port-channel configuration mode.
port-channel-range — List of port-channels to configure. Separate non-consecutive port- • channels with a comma and no spaces. A hyphen designates a range of port-channels. (Range: valid port-channel) • all — All the channel-ports. Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines...
Default Configuration This command has no default configuration. Command Mode Interface Configuration (port-channel) User Guidelines No specific guidelines. Example console(config)#interface port-channel l console(config-if-ch1)#hashing-mode 4 no hashing-mode Use the no hashing-mode command to set the hashing algorithm on Trunk ports to the default (3).
Page 379
Syntax Description port-channel number show interfaces port-channel [ port-channel-number ] — Number of the port channel to show. This parameter is optional. If • the port channel number is not given, all the channel groups are displayed. (Range: Valid port- channel number, 1 to 48) Default Configuration This command has no default configuration.
Page 380
5 - Source/Destination MAC, VLAN, EtherType and source MODID/port 6 - Source/Destination IP and source/destination TCP/UDP port Port Channel Commands...
show statistics port-channel Use the show statistics port-channel command in Privileged EXEC mode to display statistics about a specific port-channel. Syntax port-channel-number show statistics port-channel port-channel-number — Valid port-channel number channel to display. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 382
Unicast Packets Received....... 0 Multicast Packets Received..... 0 Broadcast Packets Received..... 0 Total Packets Received with MAC Errors..0 Jabbers Received....... 0 Fragments/Undersize Received....0 Alignment Errors....... 0 --More-- or (q)uit FCS Errors........0 Overruns........0 Total Received Packets Not Forwarded... 0 Local Traffic Frames......
Page 383
Underrun Errors........ 0 Total Transmit Packets Discarded....0 Single Collision Frames......0 Multiple Collision Frames...... 0 Excessive Collision Frames..... 0 Port Membership Discards....... 0 802.3x Pause Frames Transmitted....0 GVRP PDUs received......0 GVRP PDUs Transmitted......0 GVRP Failed Registrations...... 0 Time Since Counters Last Cleared....
Port Monitor Commands This chapter explains the following commands: • monitor session • show monitor session monitor session Use the monitor session command in Global Configuration mode to configure a probe port and a monitored port for monitor session (port monitoring). Use the src-interface parameter to specify the interface to monitor.
Example The following examples shows various port monitoring configurations. console(config)#monitor session 1 source interface 1/g8 console(config)#monitor session 1 destination interface 1/g10 console(config)#monitor session 1 mode show monitor session Use the show monitor session command in Privileged EXEC mode to display status of port monitoring.
• match protocol • match source-address mac • match srcip • match srcip6 • match srcl4port • match vlan • mirror • police-simple • policy-map • redirect • service-policy • show class-map • show classofservice dot1p-mapping • show classofservice ip-dscp-mapping •...
This command causes the specified policy to create a reference to the class definition. The command mode is changed to Policy-Class-Map Configuration when this command is executed successfully. Example The following example shows how to specify the DiffServ class name of “DELL.” QoS Commands...
Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example creates a class-map named “DELL” which requires all ACE’s to be matched. console(config)#class-map DELL console(config-cmap)# class-map rename Use the class-map rename command in Global Configuration mode to change the name of a DiffServ class.
Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example displays how to change the name of a DiffServ class from “DELL ” to “DELL1.” console(config)#class-map rename DELL DELL1 console(config)# classofservice dot1p-mapping Use the classofservice dot1p-mapping command in Global Configuration mode to map an 802.1p priority to an internal traffic class.
Example The following example configures mapping for user priority 1 and traffic class 2. console(config)#classofservice dot1p-mapping 1 2 classofservice ip-dscp-mapping Use the classofservice ip-dscp-mapping command in Global Configuration mode to map an IP DSCP value to an internal traffic class. Syntax ipdscp trafficclass classofservice ip-dscp-mapping...
dot1p — Specifies that the mode be set to trust dot1p (802.1p) packet markings. • • untrusted — Sets the Class of Service Trust Mode for all interfaces to Untrusted. • ip-dscp — Specifies that the mode be set to trust IP DSCP packet markings. Default Configuration This command has no default configuration.
User Guidelines This command has no user guidelines. Example The following example displays how to specify the conform-color command. console(config-policy-classmap)#conform-color test_class (test_class is <class-map-name> cos-queue min-bandwidth Use the cos-queue min-bandwidth command in either Global Configuration mode or Interface Configuration mode to specify the minimum transmission bandwidth for each interface queue. To restore the default for each queue’s minimum bandwidth value, use the no form of this command.
cos-queue strict Use the cos-queue strict command in either Global Configuration mode or Interface Configuration mode to activate the strict priority scheduler mode for each specified queue. To restore the default weighted scheduler mode for each specified queue, use the no form of this command.
Syntax diffserv no diffserv Default Configuration This command default is enabled. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example displays how to set the DiffServ operational mode to active. console(Config)#diffserv drop Use the drop command in Policy-Class-Map Configuration mode to specify that all packets for the associated traffic stream are to be dropped at ingress.
mark cos Use the mark cos command in Policy-Class-Map Configuration mode to mark all packets for the associated traffic stream with the specified class of service value in the priority field of the 802.1p header. If the packet does not already contain this header, one is inserted. Syntax cos-value mark cos...
User Guidelines This command has no user guidelines. Example The following example displays how to mark all packets with an IP DSCP value of “cs4.” console(config-policy-classmap)#mark ip-dscp cs4 mark ip-precedence Use the mark ip-precedence command in Policy-Class-Map Configuration mode to mark all packets for the associated traffic stream with the specified IP precedence value.
Page 399
Example The following example adds match conditions defined for the Dell class to the class currently being configured. console(config-classmap)#match class-map Dell The following example deletes the match conditions defined for the Dell class from the class currently being configured.
match cos Use the match cos command in Class-Map Configuration mode to add to the specified class definition a match condition for the class of service value (the only tag in a single-tagged packet or the first or outer 802.1Q tag of a double-VLAN tagged packet). Syntax match cos •...
match destination-address mac Use the match destination-address mac command in Class-Map Configuration mode to add to the specified class definition a match condition based on the destination MAC address of a packet. Syntax macaddr macmask match destination-address mac macaddr — Specifies any valid layer 2 MAC address formatted as six two-digit hexadecimal •...
Default Configuration This command has no default configuration. Command Mode Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example displays adding a match condition using the specified IP address and bit mask. console(config-classmap)#match dstip 10.240.1.1 10.240.0.0 match dstip6 The match dstip6 command adds to the specified class definition a match condition based on the destination IPv6 address of a packet.
match dstl4port Use the match dstl4port command in Class-Map Configuration mode to add to the specified class definition a match condition based on the destination layer 4 port of a packet using a single keyword or a numeric notation. Syntax portkey port-number match dstl4port {...
Default Configuration This command has no default configuration. Command Mode Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example displays how to add a match condition based on ethertype. console(config-classmap)#match ethertype arp match ip6flowlbl The match ip6flowlbl command adds to the specified class definition a match condition based on the IPv6 flow label of a packet.
match ip dscp Use the match ip dscp command in Class-Map Configuration mode to add to the specified class definition a match condition based on the value of the IP DiffServ Code Point (DSCP) field in a packet. This field is defined as the high-order six bits of the Service Type octet in the IP header.
Default Configuration This command has no default configuration. Command Mode Class-Map Configuration mode User Guidelines The ip dscp, ip precedence, and ip tos match conditions are alternative ways to specify a match criterion for the same Service Type field in the IP header but with a slightly different user notation.
User Guidelines The ip dscp, ip precedence, and ip tos match conditions are alternative ways to specify a match criterion for the same Service Type field in the IP header but with a slightly different user notation. free form This specification is the version of the IP DSCP/Precedence/TOS match specification in that you have complete control of specifying which bits of the IP Service Type field are checked.
match source-address mac Use the match source-address mac command in Class-Map Configuration mode to add to the specified class definition a match condition based on the source MAC address of the packet. Syntax address macmask match source-address mac macaddr — Specifies any valid layer 2 MAC address formatted as six two-digit hexadecimal •...
Default Configuration This command has no default configuration. Command Mode Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example displays adding a match condition for the specified IP address and address bit mask. console(config-classmap)#match srcip 10.240.1.1 10.240.0.0 match srcip6 The match srcip6 command adds to the specified class definition a match condition based on the source IPv6 address of a packet.
match srcl4port Use the match srcl4port command in Class-Map Configuration mode to add to the specified class definition a match condition based on the source layer 4 port of a packet using a single keyword or a numeric notation. Syntax portkey port-number match srcl4port {...
Command Mode Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example displays adding a match condition for the VLAN ID “2.” console(config-classmap)#match vlan 2 mirror Use the mirror command in Policy-Class-Map Configuration mode to mirror all the data that matches the class defined to the destination port specified.
police-simple Use the police-simple command in Policy-Class-Map Configuration mode to establish the traffic policing style for the specified class. The simple form of the police command uses a single data rate and burst size, resulting in two outcomes: conform and nonconform. Syntax datarate burstsize...
The CLI mode is changed to Policy-Class-Map Configuration when this command is successfully executed. The policy type dictates which of the individual policy attribute commands are valid within the policy definition. Example The following example shows how to establish a new DiffServ policy named “DELL.” console(config)#policy-map DELL console(config-policy-classmap)# QoS Commands...
redirect Use the redirect command in Policy-Class-Map Configuration mode to specify that all incoming packets for the associated traffic stream are redirected to a specific egress interface (physical port or port-channel). Syntax interface redirect interface — Specifies any valid interface. Interface is Ethernet port or port-channel (Range: •...
Example The following example shows how to attach a service policy named “DELL” to all interfaces. console(config)#service-policy DELL show class-map Use the show class-map command in Privileged EXEC mode to display all configuration information for the specified class.
Page 416
Example The following example displays all the configuration information for the class named “Dell”. console#show class-map Class L3 Class Name Type Proto Reference Class Name ------------------------------- ----- ----- ---------------------- ------- ipv4 ipv4 ipv6 ipv6 stop_http_class ipv6 match_icmp6 ipv6 console#show class-map ipv4 Class Name........
Match Criteria Values ---------------------------- ------------------------------------- Source IP Address 2001:DB8::/32 Source Layer 4 Port 80(http/www) show classofservice dot1p-mapping Use the show classofservice dot1p-mapping command in Privileged EXEC mode to display the current Dot1p (802.1p) priority mapping to internal traffic classes for a specific interface. Syntax unit>/<port-type><port>...
The following table lists the parameters in the example and gives a description of each. Parameter Description User Priority The 802.1p user priority value. Traffic Class The traffic class internal queue identifier to which the user priority value is mapped. show classofservice ip-dscp-mapping Use the show classofservice ip-dscp-mapping command in Privileged EXEC mode to display the current IP DSCP mapping to internal traffic classes for a specific interface.
56(cs7) console# show classofservice trust Use the show classofservice trust command in Privileged EXEC mode to display the current trust mode setting for a specific interface. Syntax unit>/<port-type><port> port-channel number show classofservice trust [< |port-channel <unit>/<port-type><port> — Specifies a valid unit/port combination: •...
Example The following example displays the current trust mode settings for the specified port. console#show classofservice trust 1/g2 Class of Service Trust Mode: Dot1P show diffserv Use the show diffserv command in Privileged EXEC mode to display the DiffServ general information, which includes the current administrative mode setting as well as the current and maximum number of DiffServ components.
show diffserv service interface ethernet Use the show diffserv service interface ethernet command in Privileged EXEC mode to display policy service information for the specified interface. Syntax <unit>/<port-type><port> show diffserv service interface ethernet {in|out} unit>/<port-type><port> — A valid < unit>/<port-type><port> in the system. •...
out— Outbound direction. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC User Guidelines Not applicable Example console#show diffserv service interface port-channel 1 in DiffServ Admin Mode......Enable Interface........ch1 Direction........In No policy is attached to this interface in this direction show diffserv service brief Use the show diffserv service brief command in Privileged EXEC mode to display all interfaces in the system to which a DiffServ policy has been attached.
Direction OperStatus Policy Name ----------- ----------- ------------ ------------------- 1/g1 Down DELL show interfaces cos-queue Use the show interfaces cos-queue command in Privileged EXEC mode to display the class-of-service queue configuration for the specified interface. Syntax unit>/<port-type><port> port-channel number show interfaces cos-queue [<...
Page 426
Global Configuration Interface Shaping Rate......0 Queue Id Min. Bandwidth Scheduler Type Queue Management Type -------- -------------- -------------- --------------------- Weighted Tail Drop Weighted Tail Drop Weighted Tail Drop Weighted Tail Drop Weighted Tail Drop Weighted Tail Drop Weighted Tail Drop This example displays the COS configuration for the specified interface 1/g1.
Parameter Description Interface The port of the interface. If displaying the global configuration, this output line is replaced with a global configuration indication. Intf Shaping Rate The maximum transmission bandwidth limit for the interface as a whole. It is independent of any per-queue maximum bandwidth values in effect for the interface.
This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the statistics information for port 1/g1. console#show policy-map interface 1/g1 in Interface........1/g1 Operational Status......Down Policy Name........DELL QoS Commands...
Class Name........test In Discarded Packets......0 Class Name........DELL1 In Discarded Packets......0 Class Name........DELL In Discarded Packets......0 show service-policy Use the show service-policy command in Privileged EXEC mode to display a summary of policy-oriented statistics information for all interfaces.
------ ----- ------------------------------- 1/g1 Down DELL 1/g2 Down DELL 1/g3 Down DELL 1/g4 Down DELL 1/g5 Down DELL 1/g6 Down DELL 1/g7 Down DELL 1/g8 Down DELL 1/g9 Down DELL 1/g10 Down DELL traffic-shape Use the traffic-shape command in Global Configuration mode and Interface Configuration mode to specify the maximum transmission bandwidth limit for the interface as a whole.
Page 431
Example The following example displays the setting of traffic-shape to a maximum bandwidth of 1024 Kpbs. console(config-if-1/g1)#traffic-shape 1024 kbps QoS Commands...
Syntax aaa accounting network default start-stop group radius no aaa accounting network default start-stop group radius Default Configuration RADIUS accounting is disabled by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#aaa accounting network default start-stop group radius acct-port...
console(config)#radius-server host acct 3.2.3.2 console(Config-acct-radius)#acct-port 56 auth-port Use the auth-port command in RADIUS mode to set the port number for authentication requests of the designated RADIUS server. Syntax auth-port-number auth-port auth-port-number — Port number for authentication requests. (Range: 1 - 65535) •...
deadtime Use the deadtime command in RADIUS mode to improve RADIUS response times when a server is unavailable by causing the unavailable server to be skipped. Syntax deadtime deadtime deadtime — The amount of time that the unavailable server is skipped over. (Range: 0-2000 •...
User Guidelines There are no user guidelines for this command. Example lion-king The following example specifies an authentication and encryption key of “ ”. console(config)#radius-server host acct 3.2.3.2 console(Config-acct-radius)#key keyacct msgauth Use the msgauth command to enable the message authenticator attribute to be used for the RADIUS Authenticating server being configured.
name Use the name command to assign a name to a RADIUS server. Use the "no" form of this command to reset the name to the default. Syntax servername name no name servername — The name for the RADIUS server (Range: 1 - 32 characters). Default Configuration The default RADIUS server name is Default-RADIUS-Server.
Command Mode RADIUS mode User Guidelines There are no user guidelines for this command. Example console(Config-auth-radius)#primary priority Use the priority command in RADIUS mode to specify the order in which the servers are to be used, with 0 being the highest priority. Syntax priority priority...
radius-server deadtime Use the radius-server deadtime command in Global Configuration mode to improve RADIUS response times when servers are unavailable. The command is used to cause the unavailable servers to be skipped. To set the deadtime to 0, use the no form of this command. Syntax deadtime radius-server deadtime...
Default Configuration The default server type is authentication. The default server name is “Default RADIUS Server”. The default port number is 1812 for an authentication server and 1813 for an accounting server. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example specifies a RADIUS server host with the following characteristics: Server host IP address —...
Example The following example sets the authentication and encryption key for all RADIUS .” communications between the device and the RADIUS server to “dell-server console(config)#radius-server key dell-server radius-server retransmit Use the radius-server retransmit command in Global Configuration mode to specify the number of times the RADIUS client will retransmit requests to the RADIUS server.
radius-server source-ip Use the radius-server source-ip command in Global Configuration mode to specify the source IP address used for communication with RADIUS servers. To return to the default, use the no form of this command. 0.0.0.0 is interpreted as a request to use the IP address of the outgoing IP interface.
Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example sets the interval for which a switch waits for a server host to reply to 5 seconds. console(config)#radius-server timeout 5 retransmit Use the retransmit command in RADIUS mode to specify the number of times the RADIUS client retransmits requests to the RADIUS server.
show radius-servers Use the show radius-servers command to display the list of configured RADIUS servers and the values configured for the global parameters of the RADIUS client. Syntax servername show radius-servers [ accounting | authentication ] [ name [ accounting — This optional parameter will cause accounting servers to be displayed. authentication —...
Page 446
Field Description RADIUS Attribute 4 Mode A Global parameter to indicate whether the NAS-IP-Address attribute has been enabled to use in RADIUS requests. RADIUS Attribute 4 Value A Global parameter that specifies the IP address to be used in NAS-IP- Address attribute to be used in RADIUS requests.
Timeout........5 Deadtime........0 Port........... 1812 Source IP........0.0.0.0 Secret Configured......No Message Authenticator......Enable show radius-servers statistics Use the show radius-servers statistics command to show the statistics for an authentication or accounting server. Syntax ipaddress hostname show radius-servers statistics [ accounting | authentication ] { | name servername •...
Page 448
Field Description Retransmissions The number of RADIUS Accounting Request packets retransmitted to this RADIUS accounting server. Responses The number of RADIUS packets received on the accounting port from this server. Malformed Responses The number of malformed RADIUS Accounting Response packets received from this server.
Page 449
Field Description Bad Authenticators The number of RADIUS Access Response packets containing invalid authenticators or signature attributes received from this server. Pending Requests The number of RADIUS Access Request packets destined for this server that have not yet timed out or received a response. Timeouts The number of authentication timeouts to this server.
Access Rejects........ 0 Access Challenges......0 Malformed Access Responses....0 Bad Authenticators......0 Pending Requests......0 Timeouts........0 Unknown Types......... 0 Packets Dropped....... 0 source-ip Use the source-ip command in RADIUS mode to specify the source IP address to be used for communication with RADIUS servers.
Syntax timeout timeout timeout — Timeout value in seconds for the specified server. (Range: 1-30 seconds.) • Default Configuration The default value is 15 seconds. Command Mode RADIUS mode User Guidelines User must enter the mode corresponding to a specific RADIUS server before executing this command.
Page 452
Example login The following example specifies usage type console(config)#radius-server host 192.143.120.123 console(config-radius)#usage login RADIUS Commands...
• spanning-tree portfast default • spanning-tree port-priority • spanning-tree priority • spanning-tree tcnguard • spanning-tree transmit hold-count clear spanning-tree detected-protocols Use the clear spanning-tree detected-protocols command in Privileged EXEC mode to restart the protocol migration process (force the renegotiation with neighboring switches) on all interfaces or on the specified interface.
Syntax exit Default Configuration MST configuration. Command Mode MST mode User Guidelines This command has no user guidelines. Example The following example shows how to exit the MST configuration mode and save changes. console(config)#spanning-tree mst configuration console(config-mst)#exit instance (mst) Use the instance command in MST mode to map VLANS to an MST instance. Syntax instance-id vlan-range...
For two or more switches to be in the same MST region, they must have the same VLAN mapping, the same configuration revision number, and the same name. Example The following example maps VLANs 10-20 to MST instance 1. console(config)#spanning-tree mst configuration console(config-mst)#instance 1 add vlan 10-20 name (mst) Use the name command in MST mode to define the configuration name.
no revision value — Configuration revision number. (Range: 0-65535) • Default Configuration Revision number is 0. Command Mode MST mode User Guidelines This command has no user guidelines. Example The following example sets the configuration revision to 1. console(config)#spanning-tree mst configuration console(config-mst)#revision 1 show spanning-tree Use the show spanning-tree command in Privileged EXEC mode to display the spanning-tree...
Page 458
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Examples The following examples display spanning-tree information. console#show spanning-tree Spanning tree Disabled BPDU Flooding disabled Portfast BPDU filtering Disabled mode rstp CST Regional Root: 80:00:00:FC:E3:90:00:5D Regional Root Path Cost: ROOT ID Address 80:00:00:FC:E3:90:00:5D...
Page 461
Bridge ID Priority 32768 Address 80:00:00:FC:E3:90:00:5D Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Interfaces Name State Prio.Nbr Cost Role PortFast Restricted ------ -------- --------- ---------- ---- ----- -------- ------- --More-- or (q)uit Name State Prio.Nbr Cost Role PortFast Restricted...
Page 464
Path Cost 20000 Root Port 1/g1 Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 Address 80:00:00:FC:E3:90:00:5D Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Interfaces Name State Prio.Nbr Cost Role PortFast RestrictedPort...
Page 465
Regional Root Path Cost: ###### MST 0 Vlan Mapped: 1, 3001 ROOT ID Address 40:00:00:FC:E3:90:06:0F Path Cost 20000 Root Port 1/g1 Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 Address 80:00:00:FC:E3:90:00:5D Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Interfaces Name State...
show spanning-tree summary Use the show spanning-tree summary command to display spanning tree settings and parameters for the switch. Syntax show spanning-tree summary Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines The following fields are displayed: Spanning Tree Admin Mode Enabled or disabled...
BPDU Filter Mode....Disabled BPDU Flooding Mode....Disabled Configuration Name....00-11-88-2B-40-91 Configuration Revision Level..0 Configuration Digest Key..0xac36177f50283cd4b83821d8ab26de62 Configuration Format Selector..0 No MST instances to display. spanning-tree Use the spanning-tree command in Global Configuration mode to enable spanning-tree functionality.
Syntax spanning-tree auto-portfast no spanning-tree auto-portfast Default Configuration Auto portfast mode is disabled by default. Command Mode Interface Configuration (Ethernet, Port Channel) mode Usage Guidelines There are no user guidelines for this command. Example The following example enables spanning-tree functionality on ethernet interface 4/g1. console#config console(config)#interface ethernet 4/g1 console(config-if-4/g1)#spanning-tree auto-portfast...
Example console#spanning-tree bpdu flooding spanning-tree bpdu-protection Use the spanning-tree bpdu-protection command in Global Configuration mode to enable BPDU protection on a switch. Use the no form of this command to resume the default status of BPDU protection function. For an access layer device, the access port is generally connected to the user terminal (such as a desktop computer) or file server directly and configured as an edge port to implement the fast transition.
spanning-tree cost Use the spanning-tree cost command in Interface Configuration mode to configure the spanning-tree path cost for a port. To return to the default port path cost, use the no form of this command. Syntax cost spanning-tree cost no spanning-tree cost cost —...
no spanning-tree disable Default Configuration By default, all ports are enabled for spanning-tree. Command Mode Interface Configuration (Ethernet, Port-Channel) mode User Guidelines This command has no user guidelines. Example The following example disables spanning-tree on 1/g5. console(config)#interface ethernet 1/g5 console(config-if-1/g5)#spanning-tree disable spanning-tree forward-time Use the spanning-tree forward-time command in Global Configuration mode to configure the spanning-tree bridge forward time, which is the amount of time a port remains in the listening...
Example The following example configures spanning-tree bridge forward time to 25 seconds. console(config)#spanning-tree forward-time 25 spanning-tree guard The spanning-tree guard command selects whether loop guard or root guard is enabled on an interface. If neither is enabled, the port operates in accordance with the multiple spanning tree protocol.
Syntax spanning-tree loopguard default no spanning-tree loopguard default Default Configuration Loop guard is disabled by default. Command Mode Global Configuration mode Usage Guidelines There are no usage guidelines for this command. Example The following example enables spanning-tree loopguard functionality on all ports. console(config)#spanning-tree loopguard default spanning-tree max-age Use the spanning-tree max-age command in Global Configuration mode to configure the...
Max-Age >= 2*(Hello-Time + 1) Example The following example configures the spanning-tree bridge maximum-age to 10 seconds. console(config)#spanning-tree max-age 10 spanning-tree max-hops Use the spanning-tree max-hops command to set the MSTP Max Hops parameter to a new value for the common and internal spanning tree. Use the “no” form of this command to reset the Max Hops to the default.
rstp — Rapid Spanning Tree Protocol (RSTP) is enabled. • • mstp — Multiple Spanning Tree Protocol (MSTP) is enabled. Default Configuration Rapid Spanning Tree Protocol (RSTP) is supported. Command Mode Global Configuration mode User Guidelines In RSTP mode the switch would use STP when the neighbor switch is using STP . In MSTP mode the switch would use RSTP when the neighbor switch is using RSTP and would use STP when the neighbor switch is using STP.
Command Mode Interface Configuration (Ethernet, Port Channel) mode User Guidelines There are no user guidelines for this command. Example The following example configures the spanning-tree mst 0 external-cost at 20000. console(config-if-4/g1)#spanning-tree mst 0 external-cost 20000 spanning-tree mst configuration Use the spanning-tree mst configuration command in Global Configuration mode to enable configuring an MST region by entering the multiple spanning-tree (MST) mode.
spanning-tree mst cost Use the spanning-tree mst cost command in Interface Configuration mode to configure the path cost for multiple spanning tree (MST) calculations. If a loop occurs, the spanning tree considers path cost when selecting an interface to put in the forwarding state. To return to the default port path cost, use the no form of this command.
Syntax instance-id priority spanning-tree mst port-priority instance-id no spanning-tree mst port-priority instance-ID — ID of the spanning-tree instance. (Range: 1-15) • priority — The port priority. (Range: 0–240 in multiples of 16) • Default Configuration The default port-priority for IEEE MSTP is 128. Command Mode Interface Configuration (Ethernet, Port-Channel) mode User Guidelines...
Command Mode Global Configuration mode User Guidelines The priority value must be a multiple of 4096. The switch with the lowest priority is selected as the root of the spanning tree. Example The following example configures the spanning tree priority of instance 1 to 4096. console(config)#spanning-tree mst 1 priority 4096 spanning-tree portfast Use the spanning-tree portfast command in Interface Configuration mode to enable PortFast...
console(config-if-1/g5)#spanning-tree portfast spanning-tree portfast bpdufilter default The spanning-tree portfast bpdufilter default command discards BPDUs received on spanning- tree ports in portfast mode. Use the “no” form of the command to disable discarding. Syntax spanning-tree portfast bpdufilter default no spanning-tree portfast bpdufilter default Default Configuration This feature is disabled by default.
Usage Guidelines There are no usage guidelines for this command. Example The following example enables Portfast mode on all ports. console(config)#spanning-tree portfast default spanning-tree port-priority Use the spanning-tree port-priority command in Interface Configuration mode to configure port priority. To reset the default port priority, use the no form of this command. Syntax priority spanning-tree port-priority...
Syntax priority spanning-tree priority no spanning-tree priority priority — Priority of the bridge. (Range: 0–61440) • Default Configuration The default bridge priority for IEEE STP is 32768. Command Mode Global Configuration mode User Guidelines The priority value must be a multiple of 4096. The switch with the lowest priority is the root of the spanning tree.
Page 483
Example The following example configures spanning-tree tcnguard on 4/g1. console(config-if-4/g1)#spanning-tree tcnguard Spanning Tree Commands...
spanning-tree transmit hold-count Use the spanning-tree transmit hold-count command to set the maximum number of BPDUs that a bridge is allowed to send within a hello time window (2 seconds). Use the “no” form of this command to reset the hold count to the default value. Syntax value spanning-tree transmit hold-count [...
Page 485
TACACS+ Commands This chapter explains the following commands: • • port • priority • show tacacs • tacacs-server host • tacacs-server key • tacacs-server timeout • timeout Use the key command in TACACS Configuration mode to specify the authentication and encryption key for all TACACS communications between the device and the TACACS server.
console(config-tacacs)#key 12 port Use the port command in TACACS Configuration mode to specify a server port number. Syntax port [ port-number ] port-number — The server port number. If left unspecified, the default port number is 49. • (Range: 0–65535) Default Configuration The default port number is 49.
User Guidelines This command has no user guidelines. Example The following example shows how to specify a server priority of 10000. console(config-tacacs)#priority 10000 show tacacs Use the show tacacs command in Privileged EXEC mode to display the configuration and statistics of a TACACS+ server. Syntax ip-address show tacacs [...
tacacs-server host Use the tacacs-server host command in Global Configuration mode to configure a TACACS+ server. This command enters into the TACACS+ configuration mode. To delete the specified hostname or IP address, use the no form of this command. Syntax ip-address hostname tacacs-server host {...
This command has no user guidelines. Example The following example sets the authentication encryption key. console(config)#tacacs-server key dell-s tacacs-server timeout Use the tacacs-server timeout command in Global Configuration mode to set the interval during which a switch waits for a server host to reply. To restore the default, use the no form of this command.
timeout Use the timeout command in TACACS Configuration mode to specify the timeout value in seconds. If no timeout value is specified, the global value is used. Syntax timeout [ timeout ] timeout — The timeout value in seconds. (Range: 1–30) •...
VLAN Commands This chapter explains the following commands: • dvlan-tunnel ethertype • interface vlan • interface range vlan • mode dvlan-tunnel • name • protocol group • protocol vlan group • protocol vlan group all • show dvlan-tunnel • show dvlan-tunnel interface •...
• vlan • vlan association mac • vlan association subnet • vlan database • vlan makestatic • vlan protocol group • vlan protocol group add protocol ethertype • vlan protocol group remove dvlan-tunnel ethertype Use the dvlan-tunnel ethertype command in Global Configuration mode to configure the ethertype for the specified interface.
interface vlan Use the interface vlan command in Global Configuration mode to configure a VLAN type and to enter Interface Configuration mode. Syntax vlan-id interface vlan vlan-id — The ID of a valid VLAN (Range: 1–4093). • Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines...
Command Mode Global Configuration mode User Guidelines Commands used in the interface range context are executed independently on each interface in the range. If the command returns an error on one of the interfaces, an error message is displayed and execution continues on other interfaces. Example The following example groups VLAN 221 till 228 and VLAN 889 to receive the same command.
name Use the name command in Interface Configuration mode to add a name to a VLAN. To remove the VLAN name, use the no form of this command. NOTE: This command cannot be configured for a range of interfaces (range context). Syntax string name...
groupid — The protocol-based VLAN group ID, which is automatically generated when you • create a protocol-based VLAN group with the vlan protocol group command. To see the group ID associated with the name of a protocol group, use the show port protocol all command.
groupid — The protocol-based VLAN group ID, which is automatically generated when you • create a protocol-based VLAN group with the vlan protocol group command. To see the group ID associated with the name of a protocol group, use the show port protocol all command.
Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example displays how to add all physical interfaces to the protocol-based group identified by group ID "2." console(config)#protocol vlan group all 2 show dvlan-tunnel Use the show dvlan-tunnel command in Privileged EXEC mode to display all interfaces enabled...
show dvlan-tunnel interface Use the show dvlan-tunnel interface command in Privileged EXEC mode to display detailed information about Double VLAN Tunneling for the specified interface or all interfaces. Syntax unit/port show dvlan-tunnel interface { |all} unit/port — A valid unit and port number separated by forward slashes (/). •...
show interfaces switchport Use the show interfaces switchport command in Privileged EXEC mode to display switchport configuration. Syntax interface port-channel-number show interfaces switchport {ethernet |port-channel Interface — Specific interface, such as ethernet 1/g8. • port-channel-number — Valid port-channel trunk index. •...
Page 501
VLAN008 tagged Dynamic VLAN0011 tagged Static IPv6 VLAN untagged Static VLAN0072 untagged Static Static configuration: PVID: 1 (default) Ingress Filtering: Enabled Acceptable Frame Type: All Port 1/g1 is statically configured to: VLAN Name Egress rule ---- --------- ----------- VLAN0011 tagged IPv6 VLAN untagged VLAN0072...
Page 502
IP Telephony tagged Static Static configuration: PVID: 8 Ingress Filtering: Disabled Acceptable Frame Type: All Port 1/g2 is statically configured to: VLAN Name Egress rule ---- --------- ----------- VLAN0072 untagged IP Telephony tagged Forbidden VLANS: VLAN Name ---- --------- The following example displays switchport configuration individually for 2/g19. console#show interfaces switchport ethernet 2/g19 Port 2/g19: Operating parameters:...
Ingress Filtering: Enabled Acceptable Frame Type: Untagged GVRP status: Disabled Port 2/g19 is member in: VLAN Name Egress rule Type ---- --------- ----------- ----- 2921 Primary A untagged Static 2922 Community A1 untagged Static show port protocol Use the show port protocol command in Privileged EXEC mode to display the Protocol-Based VLAN information for either the entire system or for the indicated group.
test 1/g1 show switchport protected Use the show switchport protected command in Privileged EXEC mode to display the status of all the interfaces, including protected and unprotected interfaces. Syntax groupid show switchport protected groupid — Identifies which group the port is to be protected in. (Range: 0-2) •...
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays all VLAN information. console#show vlan VLAN Name Ports Type Authorization -------- --------------- ------ ----- -------------- default 1/g1-1/g2 Other Required 2/g1-1/g4 VLAN0010 1/g3-1/g4 dynamic Required VLAN0011...
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example shows no entry in MAC address to VLAN cross-reference. console#show vlan association mac MAC Address VLAN ID ----------------------- ------- 0001.0001.0001.0001 console# show vlan association subnet Use the show vlan association subnet command in Privileged EXEC mode to display the VLAN associated with a specific configured IP-Address and netmask.
Example The following example shows the case if no IP Subnet to VLAN association exists. console#show vlan association subnet IP Address IP Mask VLAN ID ---------------- ---------------- ------- The IP Subnet to VLAN association does not exist. switchport access vlan Use the switchport access vlan command in Interface Configuration mode to configure the VLAN ID when the interface is in access mode.
switchport forbidden vlan Use the switchport forbidden vlan command in Interface Configuration mode to forbid adding specific VLANs to a port. To revert to allowing the addition of specific VLANs to the port, use the remove parameter of this command. Syntax vlan-list vlan-list...
Default Configuration All frame types are accepted at ingress. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines This command has no user guidelines. Example The following example configures 1/g8 to discard untagged frames at ingress. console(config)#interface ethernet 1/g8 console(config-if-1/g8)#switchport general acceptable-frame-type tagged-only switchport general allowed vlan Use the switchport general allowed vlan command in Interface Configuration mode to add...
User Guidelines You can use this command to change the egress rule (for example, from tagged to untagged) without first removing the VLAN from the list. Example The following example shows how to add VLANs 1, 2, 5, and 8 to the allowed list. console(config-if-1/g8)#switchport general allowed vlan add 1,2,5,8 tagged switchport general ingress-filtering disable...
switchport general pvid Use the switchport general pvid command in Interface Configuration mode to configure the Port VLAN ID (PVID) when the interface is in general mode. Use the switchport mode general command to set the VLAN membership mode of a port to "general." To configure the default value, use the no form of this command.
access — An access port connects to a single end station belonging to a single VLAN. An • access port is configured with ingress filtering enabled and will accept either an untagged frame or a packet tagged with the access port VLAN. An access port only egresses untagged packets.
Default Configuration No protected switchports are defined. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example The following example configures Ethernet port 1/g1 as a member of protected group 1. console(config)#interface ethernet 1/g1 console(config-if-1/g1)#switchport protected 1 switchport protected name Use the switchport protected name command in Global Configuration mode to adds the port to the protected group 1 and also sets the group name to "protected".
switchport trunk allowed vlan Use the switchport trunk allowed vlan command in Interface Configuration mode to add VLANs to or remove VLANs from a trunk port. Syntax vlan-list vlan-list switchport trunk allowed vlan {add |remove vlan-list — List of VLAN IDs to add. Separate non-consecutive VLAN IDs with a comma •...
Command Mode VLAN Database mode User Guidelines This command has no user guidelines. Example The following example shows how to create (add) VLAN of IDs 22, 23, and 56. console(config-vlan)#vlan 22,23,56 console(config-vlan)# vlan association mac Use the vlan association mac command in VLAN Database mode to associate a MAC address to a VLAN.
vlan association subnet Use the vlan association subnet command in VLAN Database mode to associate a VLAN to a specific IP-subnet. Syntax ip-address subnet-mask vlanid vlan association subnet ip-address subnet-mask no vlan association subnet ip-address — Source IP address. (Range: Any valid IP address) •...
Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example enters the VLAN database mode. console(config)#vlan database console(config-vlan)# vlan makestatic This command changes a dynamically created VLAN (one that is created by GVRP registration) to a static VLAN (one that is permanently configured and defined).
vlan protocol group Use the vlan protocol group <groupid> command in Global Configuration mode to add multiple vlan protocol groups to the system. When a protocol group is created, it is assigned a unique group ID number. The group ID is used for both configuration and script generation to identify the group in subsequent commands.
Syntax groupid> value vlan protocol group add protocol < ethertype < > groupid> value no vlan protocol group add protocol < ethertype < > groupid — The protocol-based VLAN group ID, which is automatically generated when you • create a protocol-based VLAN group with the vlan protocol group command. To see the group ID associated with the name of a protocol group, use the show port protocol all command.
groupName — The group name you want to add.The group name can be up to 16 characters • in length using any valid alphanumeric characters. Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
Voice VLAN Commands This chapter explains the following commands: • voice vlan • voice vlan (Interface) • show voice vlan voice vlan This command is used to enable the voice vlan capability on the switch. Syntax voice vlan no voice vlan Parameter Ranges Not applicable Command Mode...
Page 525
Voice VLAN IdThe voice VLAN ID. Voice VLAN PriorityThe Dot1p priority for the voice VLAN on the port. Voice VLAN Untagged The tagging option foe the voice VLAN traffic. Voice VLAN COS Override The Override option for the voice traffic arriving on the port. Voice VLAN Status The operational status of voice VLAN on the port.
Syntax dot1x mac-auth-bypass no dot1x mac-auth-bypass Default Configuration MAC Authentication Bypass is disabled by default. Command Mode Interface Configuration (Ethernet) mode User Guidelines There are no user guidelines for this command. Example The following example sets MAC Authentication Bypass on interface 1/2: console(config-if-1/g2)#dot1x mac-auth-bypass dot1x max-req Use the dot1x max-req command in Interface Configuration mode to set the maximum number...
User Guidelines Change the default value of this command only to adjust for unusual circumstances, such as unreliable links or specific behavioral problems with certain clients and authentication servers. Example The following example sets the number of times that the switch sends an EAP-request/identity frame to 6.
dot1x port-control Use the dot1x port-control command in Interface Configuration mode to enable the IEEE 802.1X operation on the port. Syntax dot1x port-control {force-authorized | force-unauthorized | auto | mac-based} no dot1x port-control • auto — Enables 802.1X authentication on the interface and causes the port to transition to the authorized or unauthorized state based on the 802.1X authentication exchange between the switch and the client.
dot1x re-authenticate Use the dot1x re-authenticate command in Privileged EXEC mode to enable manually initiating a re-authentication of all 802.1X-enabled ports or the specified 802.1X-enabled port. Syntax interface dot1x re-authenticate [ethernet interface — Specifies a valid interface number. The full syntax is unit/port . •...
User Guidelines This command has no user guidelines. Example The following example enables periodic re-authentication of the client. console(config)# interface ethernet 1/g16 console(config-if-1/g16)# dot1x re-authentication dot1x system-auth-control Use the dot1x system-auth-control command in Global Configuration mode to enable 802.1X globally. To disable 802.1X globally, use the no form of this command. Syntax dot1x system-auth-control no dot1x system-auth-control...
Syntax seconds dot1x timeout quiet-period no dot1x timeout quiet-period seconds — Time in seconds that the switch remains in the quiet state following a failed • authentication exchange with the client. (Range: 0–65535 seconds) Default Configuration The switch remains in the quiet state for 60 seconds. Command Mode Interface Configuration (Ethernet) mode User Guidelines...
Default Configuration Re-authentication period is 3600 seconds. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example The following example sets the number of seconds between re-authentication attempts to 300. console(config)# interface ethernet 1/g16 console(config-if-1/g16)# dot1x timeout re-authperiod 300 dot1x timeout server-timeout Use the dot1x timeout server-timeout command in Interface Configuration mode to set the time that the switch waits for a response from the authentication server.
Example The following example sets the time for the retransmission to the authentication server to 3600 seconds. console(config-if-1/g1)# dot1x timeout server-timeout 3600 dot1x timeout supp-timeout Use the dot1x timeout supp-timeout command in Interface Configuration mode to set the time that the switch waits for a response before retransmitting an Extensible Authentication Protocol (EAP)-request frame to the client.
Syntax seconds dot1x timeout tx-period no dot1x timeout tx-period seconds — Time in seconds that the switch should wait for a response to an • EAP-request/identity frame from the client before resending the request. (Range: 1–65535) Default Configuration The period of time is set to 30 seconds. Command Mode Interface Configuration (Ethernet) mode User Guidelines...
Page 537
User Guidelines This command has no user guidelines. Example The following example displays 802.1X port 1/g8 status. console#show dot1x ethernet 1/g8 Administrative Mode....Disabled Port Admin Oper Reauth Reauth Mode Mode Control Period ------- ------------------ ------------ -------- ---------- 1/g8 auto Authorized FALSE 3600...
Field Description Port The port number. Admin mode The port admin mode. Possible values are: Force-auth, Force-unauth, Auto, and mac-based. Oper mode The control mode under which this port is operating. Possible values are: Authorized or Unauthorized. Reauth Control Indicates whether re-authentication is enabled on this port. Reauth Period The timer used by the authenticator state machine on this port to determine when reauthentication of the supplicant takes place.
Field Description Backend Authentication State Current state of the backend authentication state machine. Possible values are Request, Response, Success, Fail, Timeout, Idle, and Initialize. Authentication success Counts the number of times the state machine has received a Success message from the Authentication Server. Authentication fails Counts the number of times the state machine has received a Failure message from the Authentication Server.
Page 540
User Name........guest1 Supp MAC Address....... 0012.1756.76EA Session Time........118 Filter Id........VLAN Assigned........1 Interface........1/g9 User Name........guest1 Supp MAC Address....... 0012.1756.796B Session Time........80 Filter Id........VLAN Assigned........1 The following table describes the significant fields shown in the display: Field Description Interface...
show dot1x ethernet Use the show dot1x ethernet command in Privileged EXEC mode to show the dot1x status. The command also displays a VLAN ID or name as required when RADIUS indicates the Tunnel- Private-Group-ID for a supplicant. Syntax interface show dot1x ethernet interface —...
MAB mode (operational)......Enabled Logical Supplicant AuthPAE Backend VLAN Username Filter Port MAC-Address State State ------- ----------------- ------------ ----------- ----- -------- -------- 0012.43D1.D19F Authenticated Idle The following example shows port-based or auto Admin Mode and therefore does not list the supplicants which were shown in the previous example.
Page 543
interface — Ethernet port name. The full syntax is unit/port . • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays 802.1X statistics for the specified interface. console#show dot1x statistics ethernet 1/g2 Port...........
Field Description EapolFramesTx The number of EAPOL frames of any type that have been transmitted by this Authenticator. EapolStartFramesRx The number of EAPOL Start frames that have been received by this Authenticator. EapolLogoffFramesRx The number of EAPOL Logoff frames that have been received by this Authenticator.
User Guidelines This command has no user guidelines. Example The following example displays 802.1X users. console#show dot1x users Port Username --------- --------- 1/g1 1/g2 John Switch# show dot1x users username Bob Port Username --------- --------- 1/g1 The following table describes the significant fields shown in the display: Field Description Username...
Default Configuration The guest VLAN is disabled on the interface by default. Command Mode Interface Configuration (Ethernet) mode User Guidelines Configure the guest VLAN before using this command. Example The following example sets the guest VLAN on port 1/g2 to VLAN 10. console(config-if-1/g2)#dot1x guest-vlan 10 dot1x unauth-vlan Use the dot1x unauth-vlan command in Interface Configuration mode to specify the...
show dot1x advanced Use the show dot1x advanced command in Privileged EXEC mode to display 802.1X advanced features for the switch or for the specified interface. The output of this command has been updated in release 2.1 to remove the Multiple Hosts column and add an Unauthenticated VLAN column, which indicates whether an unauthenticated VLAN is configured on a port.
console#show dot1x advanced ethernet 1/g2 Port Guest Unauthenticated VLAN Vlan --------- --------- --------------- 1/g2 radius-server attribute 4 Use the radius-server attribute 4 command in Global Configuration mode to set the network access server (NAS) IP address for the RADIUS server. Use the no version of the command to set the value to the default.
Layer 3 Commands Introduction The chapters that follow describe commands that conform to the OSI model’s Network Layer (Layer 3). Layer 3 commands perform a series of exchanges over various data links to deliver data between any two nodes in a network. These commands define the addressing and routing structure of the Internet.
User Guidelines This command has no user guidelines. Example The following example creates an ARP entry consisting of an IP address and a MAC address. console(config)#arp 192.168.1.2 00A2.64B3.A245 arp cachesize Use the arp cachesize command in Global Configuration mode to configure the maximum number of entries in the ARP cache.
no arp dynamicrenew Default Configuration The default state is enabled. Command Mode Global Configuration mode User Guidelines When an ARP entry reaches its maximum age, the system must decide whether to retain or delete the entry. If the entry has recently been used to forward data packets, the system will renew the entry by sending an ARP request to the neighbor.
ip-address — The IP address to be removed from ARP cache. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example removes the specified IP address from arp cache. console#arp purge 192.168.1.10 arp resptime Use the arp resptime command in Global Configuration mode to configure the ARP request...
arp retries Use the arp retries command in Global Configuration mode to configure the ARP count of maximum requests for retries. To return to the default value, use the no form of this command. Syntax integer arp retries no arp retries integer —...
User Guidelines This command has no user guidelines. Example The following example defines 900 seconds as the timeout. console(config)#arp timeout 900 clear arp-cache Use the clear arp-cache command in Privileged EXEC mode to remove all ARP entries of type dynamic from the ARP cache. Syntax clear arp-cache [gateway] •...
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example console#clear arp-cache management ip proxy-arp Use the ip proxy-arp command in Interface Configuration mode to enable proxy ARP on a router interface.
console(config-if-vlan15)#ip proxy-arp show arp Use the show arp command in Privileged EXEC mode to display the Address Resolution Protocol (ARP) cache. The displayed results are not the total ARP entries. To view the total ARP entries, the operator should view the show ARP results in conjunction with the show ARP switch results.
Page 559
IP Address MAC Address Interface Type ---------- ---------------- ------------- ------- ----------- console# ARP Commands...
DHCP and BOOTP Relay Commands This chapter explains the following commands: • bootpdhcprelay cidridoptmode • bootpdhcprelay maxhopcount • bootpdhcprelay minwaittime bootpdhcprelay cidridoptmode Use the bootpdhcprelay cidridoptmode command in Global Configuration mode to enable the circuit ID option and remote agent ID mode for BootP/DHCP Relay on the system. Use the no form of the command to disable the circuit ID option and remote agent ID mode for BootP/DHCP Relay.
bootpdhcprelay maxhopcount Use the bootpdhcprelay maxhopcount command in Global Configuration mode to configure the maximum allowable relay agent hops for BootP/DHCP Relay on the system. Use the no form of the command to set the maximum hop count to the default value. Syntax integer bootpdhcprelay maxhopcount...
Page 563
Default Configuration integer 0 is the default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example defines a minimum wait time of 10 seconds. console(config)#bootpdhcprelay minwaittime 10 DHCP and BOOTP Relay Commands...
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Examples The following examples clears DHCPv6 statistics for VLAN 11. console#clear ipv6 dhcp interface vlan 11 statistics dns-server Use the dns-server command in IPv6 DHCP Pool Configuration mode to set the ipv6 DNS server address which is provided to a DHCPv6 client by the DHCPv6 server.
domain-name Use the domain-name command in IPv6 DHCP Pool Configuration mode to set the DNS domain name which is provided to a DHCPv6 client by the DHCPv6 server. DNS domain name is configured for stateless server support. Syntax dns-domain-name domain-name dns-domain-name no domain-name dns-domain-name —...
Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example enters IPv6 DHCP Pool Configuration mode. console(config)#ipv6 dhcp pool addrpool console(config-dhcp6s-pool)# ipv6 dhcp relay Use the ipv6 dhcp relay command in Interface Configuration mode to configure an interface for DHCPv6 relay functionality.
User Guidelines relay-address relay-interface relay-address is an IPv6 global address, then is not required. If is a relay-interface relay-address link-local or multicast address, then is required. Finally, a value for relay-interface is not specified, then a value for must be specified and the DHCPV6- ALLAGENTS multicast address (i.e.
ipv6 dhcp relay-agent-info-remote-id-subopt Use the ipv6 dhcp relay-agent-info-remote-id-subopt command in Global Configuration mode to configure a number to represent the DHCPv6 the “remote-id” sub-option. Syntax suboption ipv6 dhcp relay-agent-info-remote-id-subopt suboption — Remote ID suboption. (Range: 1-65535) • Default Configuration suboption The default value for is 1.
Default Configuration This command has no default configuration. Command Mode Interface Configuration (VLAN, Tunnel) mode User Guidelines This command has no user guidelines. Example The following example configures DHCPv6 server functionality. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 dhcp server pool prefix-delegation Use the prefix-delegation command in IPv6 DHCP Pool Configuration mode to define Multiple IPv6 prefixes within a pool for distributing to specific DHCPv6 Prefix delegation clients.
User Guidelines This command has no user guidelines. Example The following example defines a Multiple IPv6 prefix and client DUID within a pool for distributing to specific DHCPv6 Prefix delegation clients. console(config)#ipv6 dhcp pool addrpool console(config-dhcp6s-pool)#prefix-delegation 2020:1::1/64 00:01:00:09:f8:79:4e:00:04:76:73:43:76 service dhcpv6 Use the service dhcpv6 command in Global Configuration mode to enable DHCPv6 configuration on the router.
Syntax show ipv6 dhcp Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the DHCPv6 server name and status. console#show ipv6 dhcp DHCPv6 is disabled Server DUID: show ipv6 dhcp binding Use the show ipv6 dhcp binding command in Privileged EXEC mode to display the configured...
Example The following example displays the configured DHCP pool based on the entered IPv6 address. console#show ipv6 dhcp binding 2020:1:: show ipv6 dhcp interface Use the show ipv6 dhcp interface command in User EXEC mode to display DHCPv6 information for all relevant interfaces or a specified interface. If an interface is specified, the optional statistics parameter is available to view statistics for the specified interface.
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the configured DHCP pool. console#show ipv6 dhcp pool test DHCPv6 Pool: test show ipv6 dhcp statistics Use the show ipv6 dhcp statistics command in User EXEC mode to display the DHCPv6 server name and status.
DVMRP Commands This chapter explains the following commands: • ip dvmrp • ip dvmrp metric • ip dvmrp trapflags • show ip dvmrp • show ip dvmrp interface • show ip dvmrp neighbor • show ip dvmrp nexthop • show ip dvmrp prune •...
The following example sets VLAN 15’s administrative mode of DVMRP to active. console(config)#interface vlan 15 console(config-if-vlan15)#ip dvmrp ip dvmrp metric Use the ip dvmrp metric command in Interface Configuration mode to configure the metric for an interface. This value is used in the DVMRP messages as the cost to reach this network. Syntax metric ip dvmrp metric...
Default Configuration Disabled is the default state. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following command enables DVMRP trap mode. console#configure console(config)#ip dvmrp trapflags console(config)#no ip dvmrp trapflags show ip dvmrp Use the show ip dvmrp command in Privileged EXEC mode to display the system-wide information for DVMRP .
Total Number of Routes......0 Reachable Routes ......0 DVMRP INTERFACE STATUS Interface Interface Mode Protocol State --------- -------------- -------------- show ip dvmrp interface Use the show ip dvmrp interface command in Privileged EXEC mode to display the interface information for DVMRP on the specified interface. Syntax vlan-id show ip dvmrp interface vlan...
Default Configuration This command has no default condition. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the neighbor information for DVMRP. console(config)#show ip dvmrp neighbor No neighbors available. show ip dvmrp nexthop Use the show ip dvmrp nexthop command in Privileged EXEC mode to display the next hop information on outgoing interfaces for routing multicast datagrams.
show ip dvmrp prune Use the show ip dvmrp prune command in Privileged EXEC mode to display the table that lists the router’s upstream prune information. Syntax show ip dvmrp prune Default Configuration This command has no default condition. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
Page 585
User Guidelines This command has no user guidelines. Example The following example displays the multicast routing information for DVMRP. console#show ip dvmrp route Upstream Expiry Up Time Source Address Neighbor Interface Metric Time(secs) (secs) -------------- -------- ---------------- ---------- --------- DVMRP Commands...
IGMP Commands This chapter explains the following commands: • ip igmp • ip igmp last-member-query-count • ip igmp last-member-query-interval • ip igmp query-interval • ip igmp query-max-response-time • ip igmp robustness • ip igmp startup-query-count • ip igmp startup-query-interval • ip igmp version •...
User Guidelines This command has no user guidelines. Example The following example globally enables IGMP. console(config)#ip igmp ip igmp last-member-query-count Use the ip igmp last-member-query-count command in Interface Configuration mode to set the number of Group-Specific Queries sent before the router assumes that there are no local members on the interface.
ip igmp last-member-query-interval Use the ip igmp last-member-query-interval command in Interface Configuration mode to configure the Maximum Response Time inserted in Group-Specific Queries which are sent in response to Leave Group messages. Syntax tenthsofseconds ip igmp last-member-query-interval no ip igmp last-member-query-interval tenthsofseconds —...
Default Configuration The default query interval value is 125 seconds. Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example configures a 10-second query interval for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp query-interval 10 ip igmp query-max-response-time Use the ip igmp query-max-response-time command in Internet Configuration mode to configure the maximum response time interval for the specified interface.
console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp query-max-response-time 10 ip igmp robustness Use the ip igmp robustness command in Interface Configuration mode to configure the robustness that allows tuning of the interface, that is, tuning for the expected packet loss on a subnet.
count — The number of startup queries. (Range: 1-20) • Default Configuration The default count value is 2. Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example sets for VLAN 15 the number of queries sent out on startup at 10. console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp startup-query-count 10 ip igmp startup-query-interval...
console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp startup-query-interval 10 ip igmp version Use the ip igmp version command in Interface Configuration mode to configure the version of IGMP for an interface. Syntax version ip igmp version version — IGMP version. (Range: 1-3) •...
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays system-wide IGMP information. console#show ip igmp IGMP Admin Mode........ Enabled IGMP Router-Alert check......Disabled IGMP INTERFACE STATUS Interface Interface-Mode Operational-Status --------- -------------- ---------------- vlan 3 Enabled Non-Operational...
Example The following example displays the registered multicast groups for VLAN 1. console#show ip igmp groups interface vlan 3 detail REGISTERED MULTICAST GROUP DETAILS Version1 Version2 Group Multicast Last Expiry Host Host Compat IP Address Reporter Time Time Timer Timer Mode --------------- ------------ ----------...
Query Interval (secs)......125 Query Max Response Time (1/10 of a second)..100 Robustness........2 Startup Query Interval (secs) ....31 Startup Query Count......2 Last Member Query Interval (1/10 of a second).. 10 Last Member Query Count......2 show ip igmp interface membership Use the show ip igmp interface membership command in Privileged EXEC mode to display the list of interfaces that have registered in the multicast group.
console(config)#show ip igmp interface membership 224.5.5.5 detail IGMP INTERFACE DETAILED MEMBERSHIP INFO Interface Group Compat Source Filter Source Hosts Expiry Time Mode Mode ---------- ------------- -------------- -------------- ----------- show ip igmp interface stats Use the show ip igmp interface stats command in User EXEC mode to display the IGMP statistical information for the interface.
Page 598
Number of Joins........ 7 Number of Groups....... 1 IGMP Commands...
IGMP Proxy Commands This chapter explains the following commands: • ip igmp-proxy • ip igmp-proxy reset-status • ip igmp-proxy unsolicited-report-interval • show ip igmp-proxy • show ip igmp-proxy interface • show ip igmp-proxy groups • show ip igmp-proxy groups detail ip igmp-proxy Use the ip igmp-proxy command in Interface Configuration mode to enable the IGMP Proxy on the router.
console(config-if-vlan15)#ip igmp-proxy ip igmp-proxy reset-status Use the ip igmp-proxy reset-status command in Interface Configuration mode to reset the host interface status parameters of the IGMP Proxy router. This command is valid only when IGMP Proxy is enabled on the interface. Syntax ip igmp-proxy reset-status Default Configuration...
Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example sets 10 seconds as the unsolicited report interval for the IGMP Proxy router. console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp-proxy unsolicited-report- interval 10 show ip igmp-proxy Use the show ip igmp-proxy command in Privileged EXEC mode to display a summary of the host interface status parameters.
Version........3 Number of Multicast Groups..... 0 Unsolicited Report Interval....1 Querier IP Address on Proxy Interface..0.0.0.0 Older Version 1 Querier Timeout....0 Older Version 2 Querier Timeout....0 Proxy Start Frequency......1 show ip igmp-proxy interface Use the show ip igmp-proxy interface command in Privileged EXEC mode to display a detailed list of the host interface status parameters.
show ip igmp-proxy groups Use the show ip igmp-proxy groups command in Privileged EXEC mode to display a table of information about multicast groups that IGMP Proxy reported. It displays status parameters only when IGMP Proxy is enabled. Syntax show ip igmp-proxy groups Default Configuration This command has no default configuration.
Page 604
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays complete information about multicast groups that IGMP Proxy has reported. console#show ip igmp-proxy groups detail Interface Index........
IP Helper Commands This chapter explains the following commands: • clear ip helper statistics • ip helper-address (global configuration) • ip helper-address (interface configuration) • ip helper enable • show ip helper-address • show ip helper statistics clear ip helper statistics Use the clear ip helper statistics command to reset to 0 the statistics displayed in show ip helper statistics.
ip helper-address (global configuration) Use the ip helper-address (global configuration) command to configure the relay of certain UDP broadcast packets received on any interface. To delete an IP helper entry, use the no form of this command. Syntax server-address dest-udp-port ip helper-address | dhcp | domain | isakmp | mobile-ip | nameserver | netbios-dgm | netbios-ns | ntp | pim-auto-rp | rip | tacacs | tftp | time ]...
console(config)#ip helper-address 10.1.1.1 dhcp console(config)#ip helper-address 10.1.2.1 dhcp To relay UDP packets received on any interface for all default ports (Table 4) to the server at 20.1.1.1, use the following commands: console#config console(config)#ip helper-address 20.1.1.1 ip helper-address (interface configuration) Use the ip helper-address (interface configuration) command to configure the relay of certain UDP broadcast packets received on a specific interface.
Page 608
Command Mode Interface Configuration (VLAN) mode. User Guidelines This command can be invoked multiple times on routing interface, either to specify multiple server addresses for a given port number or to specify multiple port numbers handled by a specific server. The command no ip helper-address with no arguments clears all helper addresses on the interface.
console(config)#interface vlan 5 console(config-if-vlan5)#ip helper-address 192.168.40.2 dhcp console(config-if-vlan5)#ip helper-address 192.168.40.2 domain console(config-if-vlan5)#exit console(config)#interface 2/6 console(config-if-vlan6)#ip helper-address 192.168.23.1 162 console(config-if-vlan6)#ip helper-address discard dhcp ip helper enable Use the ip helper enable command to enable relay of UDP packets. To disable relay of all UDP packets, use the “no”...
Page 610
Syntax interface show ip helper-address [ interface — Optionally specify an interface to limit the output to the configuration of a single • interface. The interface is identified as vlan vlan-id. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode IP Helper Commands...
User Guidelines Field Descriptions: Interface The relay configuration is applied to packets that arrive on this interface. This field is set to “any” for global IP helper entries. UDP Port The relay configuration is applied to packets whose destination UDP port is this port.
Page 612
Command Mode Privileged EXEC mode User Guidelines Field descriptions: DHCP client messages The number of valid messages received from a DHCP client. The count is only received incremented if IP helper is enabled globally, the ingress routing interface is up, and the packet passes a number of validity checks, such as having a TTL >...
Page 613
Example console#show ip helper statistics DHCP client messages received....8 DHCP client messages relayed....2 DHCP server messages received....2 DHCP server messages relayed....2 UDP client messages received....8 UDP client messages relayed....2 DHCP message hop count exceeded max.... 0 DHCP message with secs field below min..
IP Routing Commands This chapter explains the following commands: • encapsulation • ip address • ip mtu • ip netdirbcast • ip route • ip route default • ip route distance • ip routing • routing • show ip brief •...
Default Configuration Ethernet encapsulation is the default configuration. Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example applies SNAP encapsulation for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#encapsulation snap ip address Use the ip address command in Interface Configuration mode to configure an IP address on an interface.
Page 617
User Guidelines This command also implicitly enables the interface for routing (i.e. as if the user had issued the ‘routing’ interface command). Example The following example defines the IP address and subnet mask for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip address 192.168.10.10 255.255.255.0 ip mtu Use the ip mtu command in Interface Configuration mode to set the IP Maximum Transmission Unit (MTU) on a routing interface.
console(config)#interface vlan 15 console(config-if-vlan15)#ip mtu 1480 ip netdirbcast Use the ip netdirbcast command in Interface Configuration mode to enable the forwarding of network-directed broadcasts. When enabled, network directed broadcasts are forwarded. When disabled they are dropped. Use the no form of the command to disable the broadcasts. Syntax ip netdirbcast no ip netdirbcast...
no ip route ip addr subnetmask prefix length nextHopRtr preference ip-address — IP address of destination interface. • subnet-mask — Subnet mask of destination interface. • prefix-length — Length of prefix. Must be preceded with a forward slash (/). (Range: 0-32 •...
preference — Specifies the preference value, a.k.a administrative distance, of an individual • static route. (Range: 1-255) Default Configuration Default value of preference is 1. Command Mode Global Configuration mode User Guidelines For routed management traffic: 1. Router entries are checked for applicable destinations. 2.
Command Mode Global Configuration mode User Guidelines Lower route distance values are preferred when determining the best route. Example The following example sets the default route metric to 80. console(config)#ip route distance 80 ip routing To globally enable IPv4 routing on the router, use the "ip routing" command in Global Configuration mode.
Syntax routing no routing Default Configuration Disabled is the default configuration. Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example enables IPv4 and IPv6 routing for VLAN 15 console(config)#interface vlan 15 console(config-if-vlan15)#routing show ip brief Use the show ip brief command in Privileged EXEC mode to display all the summary...
Default Time to Live......30 Routing Mode........Disabled IP Forwarding Mode......Enabled Maximum Next Hops......2 show ip interface Use the show ip interface command in Privileged EXEC mode to display all pertinent information about one or more IP interfaces. Syntax show ip interface [vlan vlan-id | loopback loopback -id] vlan-id —...
Netdir Multi Interface IP Address IP Mask Bcast CastFwd ---------- --------------- --------------- -------- -------- vlan1 192.168.10.10 255.255.255.0 Disable Disable vlan2 0.0.0.0 0.0.0.0 Enable Disable loopback2 0.0.0.0 0.0.0.0 Disable Disable console#show ip interface vlan 15 Primary IP Address......192.168.10.10/255.255.255.0 Secondary IP Address(es)....... 192.168.20.20/255.255.255.0 Routing Mode........
Page 625
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays parameters and current state of active routing protocols. console#show ip protocols Routing Protocol is "rip" Sending updates every 30 seconds Invalid after 180 seconds, hold down 120, flushed after 300 Redistributing: RIP, Static, OSPF Default version control: send version 1, receive version 1 Interfaces:...
Gateway State 176.1.1.2 Full External Preference: 60 Internal Preference: 20 show ip route Use the show ip route command in Privileged EXEC mode to display the routing table. Syntax protocol ip-address subnet-mask prefix-length show ip route [ |address ] [longer-prefixes]] protocol —...
N1 - OSPF NSSA External Type 1, N2 - OSPF NSSA external type 2 show ip route preferences Use the show ip route preferences command in Privileged EXEC mode displays detailed information about the route preferences. Route preferences are used in determining the best route.
Syntax show ip route summary [all] • all — Shows the number of all routes, including best and non-best routes. To include only the number of best routes, do not use this optional parameter. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 629
Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example The following example displays IP route preferences. console>show ip stats IpInReceives........24002 IpInHdrErrors........1 IpInAddrErrors......... 925 IpForwDatagrams........ 0 IpInUnknownProtos......
Page 631
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays VLAN routing information. console#show ip vlan MAC Address used by Routing VLANs: 00:00:00:01:00:02 VLAN ID IP Address Subnet Mask ------- --------------- --------------- 0.0.0.0...
Command Mode Interface Configuration (Ethernet, port-channel) Mode. VLAN Database Mode. User Guidelines This command has no user guidelines. Example console(config-vlan)#ipv6 mld snooping immediate-leave 4 ipv6 mld snooping groupmembership-interval The ipv6 mld snooping groupmembership-interval command sets the MLD Group Membership Interval time on a VLAN or interface. The Group Membership Interval time is the amount of time in seconds that a switch waits for a report from a particular group on a particular interface before deleting the interface from the entry.
ipv6 mld snooping maxresponse The ipv6 mld snooping maxresponse command sets the MLD Maximum Response time for an interface or VLAN. The Maximum Response time is the amount of time in seconds that a switch will wait after sending a query on an interface because it did not receive a report for a particular group in that interface.
Default Configuration The default multicast router present expiration time is 300 seconds. Command Mode Interface Configuration mode. VLAN Database mode. User Guidelines This command has no user guidelines Example console(config-if-4/g1)#ipv6 mld snooping mcrtrexpiretime 60 ipv6 mld snooping (Global) The ipv6 mld snooping (Global) command enables MLD Snooping on the system (Global Config Mode).
ipv6 mld snooping (Interface) The ipv6 mld snooping (Interface) command enables MLD Snooping on an interface. If an interface has MLD Snooping enabled and it becomes a member of a port-channel (LAG), MLD Snooping functionality is disabled on that interface. MLD Snooping functionality is re-enabled if the interface is removed from a port-channel (LAG).
User Guidelines There are no user guidelines for this command. Example console(config-vlan)#ipv6 mld snooping 1 show ipv6 mld snooping The show ipv6 mld snooping command displays MLD Snooping information. Configured information is displayed whether or not MLD Snooping is enabled. Syntax interface port-channel-number...
• Max Response Time — Displays the amount of time the switch waits after it sends a query on an interface, participating in the VLAN, because it did not receive a report for a particular group on that interface. This value may be configured. •...
Default Configuration IPv6 PIMSM is disabled on the router by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 pimsm ipv6 pimsm (VLAN Interface config) Use the ipv6 pimsm command in VLAN Interface configuration mode to administratively enable PIM-SM multicast routing mode on a particular IPv6 router interface.
Syntax ipv6 pimsm bsr-border no ipv6 pimsm bsr-border Default Configuration BSR-border is disabled by default. Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 pimsm bsr-border ipv6 pimsm bsr-candidate Use the ipv6 pimsm bsr-candidate command to configure the router to announce its candidacy as a bootstrap router (BSR).
Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 pimsm bsr-candidate vlan 9 10 34 ipv6 pimsm dr-priority Use the ipv6 pimsm dr-priority command to set the priority value for which a router is elected as the designated router (DR).
no ipv6 pimsm hello-interval • interval—The hello interval (Range: 0–65535 seconds). Default Configuration The default hello interval is 30 seconds. Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 pimsm hello-interval 45 ipv6 pimsm join-prune-interval Use the ipv6 pimsm join-prune-interval command to configure the interface join/prune interval for the PIM-SM router.
ipv6 pimsm register-threshold Use the ipv6 pimsm register-threshold command to configure the Register Threshold rate for the RP router to switch to the shortest path. Use the "no" form of this command to set the register threshold rate to the default. Syntax threshold ipv6 pimsm register-threshold...
Default Configuration There are no static RP addresses configured by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 pimsm rp-address 2001::1 ff1e::/64 ipv6 pimsm rp-candidate Use the ipv6 pimsm rp-candidate command to configure the router to advertise itself as a PIM candidate rendezvous point (RP) to the bootstrap router (BSR).
ipv6 pimsm spt-threshold Use the ipv6 pimsm spt-threshold command to configure the Data Threshold rate for the last- hop router to switch to the shortest path. Use the "no" form of this command to set the data threshold to the default. Syntax threshold ipv6 pimsm spt-threshold...
Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 pimsm ssm ff1e::/64 show ipv6 pimsm Use the show ipv6 pimsm command to display global status of IPv6 PIMSM and its IPv6 routing interfaces. Syntax show ipv6 pimsm Default Configuration...
FF1E::/64 PIM-SM INTERFACE STATUS Interface Interface-Mode Operational-Status --------- -------------- ---------------- vlan 3 Enabled Operational vlan 6 Enabled Operational vlan 9 Enabled Operational show ipv6 pimsm bsr Use the show ipv6 pimsm bsr command to display the bootstrap router (BSR) information. The output includes elected BSR information and information about the locally configured candidate rendezvous point (RP) advertisement.
show ipv6 pimsm interface Use the show ipv6 pimsm interface command to display interface config parameters. If no interface is specified, all interfaces are displayed. Syntax vlan-id show ipv6 pimsm interface [ vlan • vlan-id—A valid VLAN ID value. Default Configuration There is no default configuration for this command.
Syntax vlan-id show ipv6 pimsm neighbor [ all | interface vlan vlan-id — A valid VLAN ID value. • Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show ipv6 pimsm neighbor all Slot/Port........
User Guidelines There are no user guidelines for this command. Example console#show ipv6 pimsm rphash ff1e::/64 Type Address ------------------------ ----- 3001::1 show ipv6 pimsm rp mapping Use the show ipv6 pimsm rp mapping command to display all group-to-RP mappings of which the router is aware (either configured or learned from the bootstrap router (BSR)).
Page 654
origin......... Static Group Address........FF1E::/64 RP Address........3001::1 origin......... BSR IPv6 Multicast Commands...
Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example clears all entries in the IPv6 neighbor table. console(config)#clear ipv6 neighbors clear ipv6 statistics Use the clear ipv6 statistics command in Privileged EXEC mode to clear IPv6 statistics for all interfaces or for a specific interface, including loopback and tunnel interfaces.
ipv6 address Use the ipv6 address command in Interface Configuration mode to configure an IPv6 address on an interface (including tunnel and loopback interfaces) and to enable IPv6 processing on this interface. Multiple globally reachable addresses can be assigned to an interface by using this command.
console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 address 2020:1::1/64 ipv6 enable Use the ipv6 enable command in Interface Configuration mode to enable IPv6 routing on an interface (including tunnel and loopback interfaces) that has not been configured with an explicit IPv6 address. Command execution automatically configures the interface with a link- local address.
— Host name. • ipv6-address — IPv6 address of the host. • Default Configuration No IPv6 hosts are defined. Command Mode Global Configuration mode. User Guidelines This command has no user guidelines. Example console(config)#ipv6 host Dell 2001:DB8::/32 IPv6 Routing Commands...
ipv6 mld last-member-query-count The ipv6 mld last-member-query-count command sets the number of listener-specific queries sent before the router assumes that there are no local members on the interface. Use the “no” form of this command to set the last member query count to the default. Syntax last-member-query-count ipv6 mld last-member-query-count...
Command Mode Interface Configuration (VLAN) mode. User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 mld last-member-query-interval 5000 ipv6 mld-proxy Use the ipv6 mld-proxy command to enable MLD Proxy on the router. To enable MLD Proxy on the router, you must also enable multicast forwarding. Also, ensure that there are no other multicast routing protocols enabled on the router.
Syntax ipv6 mld-proxy reset-status Command Mode Interface Configuration (VLAN) mode. Default Configuration There is no default configuration for this command. User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 mld-proxy reset-status ipv6 mld-proxy unsolicit-rprt-interval Use the ipv6 mld-proxy unsolicit-rprt-interval command to set the unsolicited report interval for the MLD Proxy router.
ipv6 mld query-interval The ipv6 mld query-interval command sets the MLD router's query interval for the interface. The query-interval is the amount of time between the general queries sent when the router is querying on that interface. Use the “no” form of this command to set the query interval to the default.
Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 mld query-max-response-time 4500 ipv6 mld router The ipv6 mld router command is used to enable MLD in the router in global configuration mode and for a specific interface in interface configuration mode.
Syntax ipv6 mtu no ipv6 mtu mtu — Is the maximum transmission unit. (Range: 1280-1500) • Default Configuration The default MTU is 1500. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines. Example The following example sets the maximum transmission unit (MTU) size, in bytes, of IPv6 packets.
User Guidelines This command has no user guidelines. Example The following example sets at 10 the number of duplicate address detection probes transmitted while doing neighbor discovery. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 nd dad attempts 10 ipv6 nd managed-config-flag Use the ipv6 nd managed-config-flag command in Interface Configuration mode to set the “managed address configuration”...
Syntax milliseconds ipv6 nd ns-interval no ipv6 nd ns-interval milliseconds — Interval duration. (Range: 0, 1000–4294967295) • Default Configuration milliseconds 0 is the default value for Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines. Example The following example sets the interval between router advertisements for advertised neighbor solicitations at 5000 ms.
Example The following example sets to true the “other stateful configuration” flag in router advertisements console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 nd other-config-flag ipv6 nd prefix Use the ipv6 nd prefix command to configure parameters associated with prefixes that the router advertises in its router advertisements. Syntax prefix/prefix-length valid-lifetime...
The ipv6 nd prefix command will allow you to preconfigure RA prefix values before you configure the associated interface address. In order for the prefix to be included in RAs, you must configure an address that matches the prefix using the ipv6 address command. Prefixes specified using ipv6 nd prefix without an associated interface address will not be included in RAs and will not be committed to the device configuration.
ipv6 nd ra-lifetime Use the ipv6 nd ra-lifetime command in Interface Configuration mode to set the value that is placed in the Router Lifetime field of the router advertisements sent from the interface. Syntax seconds ipv6 nd ra-lifetime no ipv6 nd ra-lifetime seconds —...
Default Configuration The default value for neighbor discovery reachable times is 0 milliseconds. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines. Example The following example sets the router advertisement time at 5000 milliseconds to consider a neighbor reachable after neighbor discovery confirmation.
ipv6 pimdm Use the ipv6 pimdm command to enable PIM-DM Multicast Routing Mode across the router in global configuration mode or on a specific routing interface in interface mode. Use the “no” form of this command to disable PIM-DM. Syntax ipv6 pimdm no ipv6 pimdm Default Configuration...
User Guidelines There are no user guidelines for this command. Example console(config-if-vlan5)#ipv6 pimdm hello-interval 500 ipv6 route Use the ipv6 route command in Global Configuration mode to configure an IPv6 static route. Syntax ipv6-prefix prefix-length tunnel-id vlan-id next- ipv6 route [Null | interface {tunnel | vlan hop-address...
console(config)#ipv6 route 2020:1::1/64 2030:1::2 ipv6 route distance Use the ipv6 route distance command in Global Configuration mode to set the default distance (preference) for static routes. Lower route preference values are preferred when determining the best route. The ipv6 route and ipv6 route default commands allow optional setting of the distance of an individual static route.
Default Configuration Disabled is the default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example globally enables Ipv6 unicast datagram forwarding. console(config)#ipv6 unicast-routing console(config)#no ipv6 unicast-routing ping ipv6 Use ping ipv6 command in Privileged EXEC mode to determine whether another computer is on the network.
Example The following example determines whether another computer is on the network at the IPv6 address specified. console(config)#ping ipv6 2030:1::1/64 Send count=3, Receive count=0 from 2030:1::1/64 Average round trip time = 0.00 ms ping ipv6 interface Use ping ipv6 interface command in the Privileged EXEC mode to determine whether another computer is on the network.
Example The following example determines whether another computer is on the network at the IPv6 address specified. console(config)#ping ipv6 interface loopback 1 FE80::202:BCFF:FE00:3068/128 Send count=3, Receive count=0 from FE80::202:BCFF:FE00:3068/128 Average round trip time = 0.00 ms show ipv6 brief Use the show ipv6 brief command in Privileged EXEC mode to display the IPv6 status of forwarding mode and IPv6 unicast routing mode.
Page 679
Syntax loopback-id tunnel-id vlan-id show ipv6 interface {brief|loopback | tunnel |vlan [ prefix ] } loopback-id — Valid loopback interface ID • tunnel-id — Valid tunnel interface ID • vlan-id — Valid VLAN ID. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Page 681
Command Mode Privileged EXEC mode User Guidelines vlan-id The following fields are displayed as a table when vlan is specified: Number of (*, G) entries Displays the number of groups present in the MLD Table. Number of (S, G) entries Displays the number of include and exclude mode sources present in the MLD Table.
Page 682
Example console#show ipv6 mld groups ff1e::5 Interface........vlan 6 Group Address........FF1E::5 Last Reporter........FE80::200:FF:FE00:22 Up Time (hh:mm:ss)......00:03:43 Expiry Time (hh:mm:ss)......------ Filter Mode........Include Version1 Host Timer......------ Group compat mode......v2 Source Address ExpiryTime ----------------- ----------- 4001::6 00:03:15 4001::7 00:03:15...
Page 683
Group Address........FF1E::3 Interface........vlan 6 Up Time (hh:mm:ss)......00:04:23 Expiry Time (hh:mm:ss)......------ Group Address........FF1E::4 Interface........vlan 6 Up Time (hh:mm:ss)......00:04:23 Expiry Time (hh:mm:ss)......------ IPv6 Routing Commands...
show ipv6 mld interface The show ipv6 mld interface command is used to display MLD related information for an interface. Syntax vlan-id show ipv6 mld interface { vlan | all } vlan-id — A valid VLAN id. • Default Configuration There is no default configuration for this command.
Page 685
Last Member Query This value indicates the configured number of Group-Specific Queries sent Count before the router assumes that there are no local members. The following information is displayed if the operational mode of the MLD interface is enabled: Querier Status This value indicates whether the interface is a MLD querier or non-querier on the subnet with which it is associated.
show ipv6 mld-proxy Use the show ipv6 mld-proxy command to display a summary of the host interface status parameters. Syntax show ipv6 mld-proxy Command Mode Privileged EXEC mode Default Configuration There is no default configuration for this command. User Guidelines The command displays the following parameters only when you enable MLD Proxy: Interface Index The interface number of the MLD Proxy interface.
Version........3 Num of Multicast Groups......0 Unsolicited Report Interval....1 Querier IP Address on Proxy Interface..fe80::1:2:5 Older Version 1 Querier Timeout....00:00:00 Proxy Start Frequency......1 show ipv6 mld-proxy groups Use the show ipv6 mld-proxy groups command to display information about multicast groups that the MLD Proxy reported.
Example console#show ipv6 mld-proxy groups Interface........ vlan 10 Group Address Last Reporter Up Time Member State Filter Mode Sources ------------- -------------- ---------- ----------------- ------------ ------- FF1E::1 FE80::100:2.3 00:01:40 DELAY_MEMBER Exclude FF1E::2 FE80::100:2.3 00:02:40 DELAY_MEMBER Include FF1E::3 FE80::100:2.3 00:01:40 DELAY_MEMBER Exclude FF1E::4 FE80::100:2.3 00:02:44...
Page 689
Sources The number of sources attached to the multicast group. Group Source List The list of IP addresses of the sources attached to the multicast group. Expiry Time The time left for a source to get deleted. Example console#show ipv6 igmp-proxy groups Interface........
show ipv6 mld-proxy interface Use the show ipv6 mld-proxy interface command to display a detailed list of the host interface status parameters. Syntax show ipv6 mld-proxy interface Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC User Guidelines The following parameters are displayed only when MLD Proxy is enabled: nterface...
Example console#show ipv6 mld-proxy interface Interface........ vlan 10 Ver Query Rcvd Report Rcvd Report Sent Leave Rcvd Leave Sent ------------------------------------------------------------------ ----- ----- show ipv6 mld traffic The show ipv6 mld traffic command is used to display MLD statistical information for the router.
Bad Checksum MLD Packets The number of bad checksum MLD packets received by the router. Malformed MLD Packets The number of malformed MLD packets received by the router. Example console#show ipv6 mld traffic Valid MLD Packets Received..... 52 Valid MLD Packets Sent......7 Queries Received.......
Neighbor Last IPv6 Address MAC Address isRtr State Updated Interface -------------------- ----------------- ----- ------- --------- show ipv6 pimdm The show ipv6 pimdm command is used to display PIM-DM Global Configuration parameters and PIM DM interface status. Syntax show ipv6 pimdm Command Mode Privileged EXEC mode.
show ipv6 pimdm interface The show ipv6 pimdm interface command is used to display PIM-DM Configuration information for all interfaces or for the specified interface. If no interface is specified, Configuration of all interfaces is displayed. Syntax vlan-id show ipv6 pimdm interface [ vlan | all ] vlan-id —...
192.168.36.129 vlan 20 10.1.37.2 vlan 24 show ipv6 pimdm neighbor The show ipv6 pimdm neighbor command is used to display PIM-DM Neighbor information including Neighbor Address, Uptime and Expiry time for all interfaces or for the specified interface. Syntax vlan-id show ipv6 pimdm neighbor [ interface vlan | all ] vlan-id —...
ipv6-address — Specifies an IPv6 address for which the best-matching route would be • displayed. protocol — Specifies the protocol that installed the routes. Is one of the following keywords: • connected, ospf, static. ipv6-prefix/ipv6 prefix-length — Specifies a IPv6 network for which the matching route would •...
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example shows the preference value associated with the type of route. console#show ipv6 route preferences Local.......... 0 Static.........
User Guidelines This command has no user guidelines. Example The following example displays a summary of the routing table. console#show ipv6 route summary IPv6 Routing Table Summary - 0 entries Connected Routes....... 0 Static Routes........0 OSPF Routes........0 Intra Area Routes......0 Inter Area Routes......
Page 699
User Guidelines This command has no user guidelines. Examples The following examples show traffic and statistics for IPv6 and ICMPv6, first for all interfaces and an individual VLAN. console> show ipv6 traffic IPv6 STATISTICS Total Datagrams Received........0 Received Datagrams Locally Delivered...... 0 Received Datagrams Discarded Due To Header Errors..
Page 700
Interface ........11 IPv6 STATISTICS Total Datagrams Received........0 Received Datagrams Locally Delivered...... 0 Received Datagrams Discarded Due To Header Errors..0 Received Datagrams Discarded Due To MTU....0 Received Datagrams Discarded Due To No Route....0 Received Datagrams With Unknown Protocol....0 Received Datagrams Discarded Due To Invalid Address..
show ipv6 vlan Use the show ipv6 vlan command in Privileged EXEC mode to display IPv6 VLAN routing interface addresses. Syntax show ipv6 vlan Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays IPv6 VLAN routing interface addresses.
Page 702
Default Configuration 33434 is the default port value. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example discovers the packet routes on a hop-by-hop basis. console#traceroute ipv6 2020:1::1 Tracing route over a maximum of 20 hops 1 * N * N * N IPv6 Routing Commands...
Loopback Interface Commands This chapter explains the following commands: • interface loopback • show interfaces loopback interface loopback Use the interface loopback command in Global Configuration mode to enter the Interface Loopback configuration mode. Syntax loopback-id interface loopback loopback-id no interface loopback •...
Page 704
Syntax loopback-id show interfaces loopback [ loopback-id — Loopback identifier. (Range: 0-7) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Examples The following examples display information about configured loopback interfaces. console# show interfaces loopback Loopback Id Interface...
Multicast Commands This chapter explains the following commands: • ip mcast boundary • ip mroute • ip multicast • ip multicast ttl-threshold • ip pimsm • ip pimsm bsr-border • ip pimsm bsr-candidate • ip pimsm dr-priority • ip pimsm hello-interval •...
• show ip pimsm rp mapping ip mcast boundary Use the ip mcast boundary command in Interface Configuration mode to add an administrative groupipaddr mask scope multicast boundary specified by for which this multicast groupipaddr mask administrative boundary is applicable. is a group IP address and is a group IP mask.
source-address — The IP address of the multicast data source. • source-mask — The IP subnet mask of the multicast data source. • rpf-address — The IP address of the next hop towards the source. • preference — The cost of the route (Range: 1 - 255). •...
Example The following example enables IP multicast on the router. console#configure console(config)#ip multicast console(config)#no ip multicast ip multicast ttl-threshold Use the ip multicast ttl-threshold command in Interface Configuration mode to apply a ttlvalue ttlvalue to a routing interface. is the TTL threshold which is applied to the multicast Data packets forwarded through the interface.
ip pimsm The ip pimsm command is used to administratively enable PIM-SM multicast routing mode on a particular router interface. Use the “no” form of this command to disable PIM SM on an interface. This command deprecates the ip pimsm mode command. Syntax ip pimsm no ip pimsm...
User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ip pimsm bsr-border ip pimsm bsr-candidate The ip pimsm bsr-candidate command is used to configure the router to announce its candidacy as a bootstrap router (BSR). Use the “no” form of this command to stop the router from announcing its candidacy as a bootstrap router.
ip pimsm dr-priority The ip pimsm dr-priority command is used to set the priority value for which a router is elected as the designated router (DR). Use the “no” form of this command to set the priority to the default. Syntax priority ip pimsm dr-priority...
User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ip pimsm hello-interval 60 ip pimsm join-prune-interval The ip pimsm join-prune-interval command is used to configure the interface join/prune interval for the PIM-SM router. Use the “no” form of this command to set the join/prune interval to the default.
ip pimsm register-threshold The ip pimsm register-threshold command is used to configure the Register Threshold rate for the RP router to switch to the shortest path. Use the “no” form of this command to set the register threshold rate to the default. This command deprecates the ip pimsm register rate limit command.
Default Configuration There are no static RP addresses configured by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ip pimsm rp-address 192.168.20.1 225.1.0.0 255.255.255.0 ip pimsm rp-candidate The ip pimsm rp-candidate command is used to configure the router to advertise itself as a PIM candidate rendezvous point (RP) to the bootstrap router (BSR).
ip pimsm spt-threshold The ip pimsm spt-threshold command is used to configure the Data Threshold rate for the last- hop router to switch to the shortest path. Use the “no” form of this command to set the data threshold to the default. Syntax threshold ip pimsm spt-threshold...
Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ip pimsm ssm default console(config)#ip pimsm ssm 224.1.0.0 255.255.0.0 show bridge multicast address-table count Use the show bridge multicast address-table count command to view statistical information about the entries in the multicast address table.
The following table shows the information the command displays: Field Description Capacity The maximum number of addresses that can be stored in the multicast address table. Used The total number of addresses in the multicast address table. Static addresses The number of addresses in the multicast address table that are static IP addresses. Dynamic addresses The number of addresses in the multicast address table that were learned dynamically.
show ip mcast boundary Use the show ip mcast boundary command in Privileged EXEC mode to display all the configured administrative scoped multicast boundaries. Syntax vlan-id show ip mcast boundary {vlan | all} vlan-id — Valid VLAN ID. • Default Configuration This command has no default configuration.
Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays the multicast information for VLAN 15. console#show ip mcast interface vlan 15 Interface --------- ----- show ip mcast mroute Use the show ip mcast mroute command in Privileged EXEC mode to display a summary or all the details of the multicast table.
console#show ip mcast mroute detail Multicast Route Table Expiry Up Time Source Ip Group Ip Time(secs) (secs) RPF Neighbor Flags --------- ----------- ---------- ----------- --------------- ----- show ip mcast mroute group Use the show ip mcast mroute group command in Privileged EXEC mode to display the multicast configuration settings such as flags, timer settings, incoming and outgoing interfaces, RPF neighboring routers, and expiration times of all the entries in the multicast mroute table groupipaddr...
console#show ip mcast mroute group 224.5.5.5 detail Multicast Route Table Expiry Up Time Source Ip Group Ip Time(secs) (secs) RPF Neighbor Flags --------- --------- ----------- --------- --------------- ----- show ip mcast mroute source Use the show ip mcast mroute source command in Privileged EXEC mode to display the multicast configuration settings such as flags, timer settings, incoming and outgoing interfaces, RPF neighboring routers, and expiration times of all the entries in the multicast mroute table sourceipaddr...
console#show ip mcast mroute source 10.1.1.1 224.5.5.5 Multicast Route Table Expiry Up Time Source IP Group IP Time(secs) (secs) RPF Neighbor Flags --------- --------- ----------- ----------- ------------ ----- show ip mcast mroute static Use the show ip mcast mroute static command in Privileged EXEC mode to display all the static routes configured in the static mcast table if it is specified or display the static route sourceipaddr associated with the particular...
show ip pimsm bsr The show ip pimsm bsr command displays the bootstrap router (BSR) information. The output includes elected BSR information and information about the locally configured candidate rendezvous point (RP) advertisement. This command deprecates the show ip pimsm componenttable command.
Example console#show ip pimsm bsr BSR Address........1.1.1.1 BSR Priority........20 BSR Hash Mask Length......Next bootstrap message(hh:mm:ss)....00:00:11 Next Candidate RP advertisement(hh:mm:ss)..00:00:00 show ip pimsm interface The show ip pimsm interface command displays interface config parameters. If no interface is specified, all interfaces are displayed.
Join Prune Interval (secs)..... 60 Neighbor Count ........ 0 Designated Router......1.1.1.1 DR Priority........1 BSR Border........Disabled show ip pimsm rphash The show ip pimsm rphash command displays which rendezvous point (RP) is being selected for a specified group. Syntax group-address show ip pimsm rphash...
show ip pimsm rp mapping The show ip pimsm rp mapping command is used to display all group-to-RP mappings of which the router is aware (either configured or learned from the bootstrap router (BSR)). If no RP is specified, all active RPs are displayed. This command deprecates the show ip pimsm rp candidate, show ip pimsm staticrp and show ip pimsm rp commands.
OSPF Commands This chapter explains the following commands: • area default-cost • area nssa • area nssa default-info-originate • area nssa no-redistribute • area nssa no-summary • area nssa translator-role • area nssa translator-stab-intv • area range • area stub •...
Page 728
• external-lsdb-limit • ip ospf area • ip ospf authentication • ip ospf cost • ip ospf dead-interval • ip ospf hello-interval • ip ospf mtu-ignore • ip ospf network • ip ospf priority • ip ospf retransmit-interval • ip ospf transmit-delay •...
• timers spf • 1583compatibility area default-cost Use the area default-cost command in Router OSPF Configuration mode to configure the monetary default cost for the stub area. Use the no form of the command to return the cost to the default value. Syntax area-id integer...
no area area-id nssa area-id — Identifies the OSPF not-so-stubby-area. (Range: 0–4294967295) • Default Configuration This command has no default configuration. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures not-so-stubby-area 10 as an NSSA. console(config)#router ospf console(config-router)#area 10 nssa area nssa default-info-originate...
Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the metric value and type for the default route advertised into the NSSA. console(config-router)#area 20 nssa default-info-originate 250 non-comparable area nssa no-redistribute Use the area nssa no-redistribute command in Router OSPF Configuration mode to configure the NSSA Area Border router (ABR) so that learned external routes are not redistributed to the NSSA.
area nssa no-summary Use the area nssa no-summary command in Router OSPF Configuration mode to configure the NSSA so that summary LSAs are not advertised into the NSSA. Syntax area-id area nssa no-summary area-id no area nssa no-summary area-id — Identifies the OSPF NSSA to configure. (Range: 0–4294967295) •...
Default Configuration The default role is candidate. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the translator role of the NSSA. console(config-router)#area 20 nssa translator-role always area nssa translator-stab-intv Use the area nssa translator-stab-intv command in Router OSPF Configuration mode to configure the translator stability interval of the NSSA.
area range Use the area range command in Router OSPF Configuration mode to configure a summary prefix for routes learned in a given area. There are two types of area ranges. An area range can be configured to summarize intra-area routes. An ABR advertises the range rather than the specific intra-area route as a type 3 summary LSA.
area stub Use the area stub command in Router OSPF Configuration mode to create a stub area for the specified area ID. A stub area is characterized by the fact that AS External LSAs are not propagated into the area. Removing AS External LSAs and Summary LSAs can significantly reduce the link state database of routers within the stub area.
Default Configuration Disabled is the default configuration. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example prevents the Summary LSA from being advertised into the area 3 NSSA. console(config-router)#area 3 stub no-summary area virtual-link Use the area virtual-link command in Router OSPF Configuration mode to create the OSPF virtual interface for the specified area-id and neighbor router.
area virtual-link authentication Use the area virtual-link authentication command in Router OSPF Configuration mode to configure the authentication type and key for the OSPF virtual interface identified by the area ID and neighbor ID. Use the no form of the command to return the authentication type to the default value.
Syntax area-id neighbor-id seconds area virtual-link dead-interval area-id neighbor-id no area virtual-link dead-interval area-id — Identifies the OSPF area to configure. (Range: IP address or decimal from • 0–4294967295) neighbor-id — Identifies the Router ID of the neighbor. • seconds — Number of seconds to wait before the OSPF virtual interface on the virtual •...
seconds — Number of seconds to wait before sending hello packets to the OSPF virtual • interface. (Range: 1–65535) Default Configuration 10 seconds is the default configuration. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures a 50-second wait interval.
User Guidelines This command has no user guidelines. Example The following example configures a 500-second retransmit wait interval. console(config-router)#area 10 virtual-link 192.168.2.2 retransmit-interval 500 area virtual-link transmit-delay Use the area virtual-link transmit-delay command in Router OSPF Configuration mode to configure the transmit delay for the OSPF virtual interface identified by the area ID and neighbor ID.
auto-cost By default, OSPF computes the link cost of each interface from the interface bandwidth. The link cost is computed as the ratio of a “reference bandwidth” to the interface bandwidth (ref_bw / interface bandwidth), where interface bandwidth is defined by the “bandwidth” command. Because the default reference bandwidth is 100 Mbps, OSPF uses the same default link cost for all interfaces whose bandwidth is 100 Mbps or greater.
Default Configuration The default reference bandwidth is 10 Mbps Command Mode Interface Configuration (VLAN) mode. User Guidelines There are no user guidelines for this command. Example The following example configures the interface bandwidth to 500000 Kbps. console(config-if-vlan1)#bandwidth 500000 capability opaque Use the capability opaque command to enable Opaque Capability on the router.
Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets a value of 50 for the default metric. console(config-router)#default-metric 50 distance ospf The distance ospf command sets the preference values of OSPF route types in the router. Lower route preference values are preferred when determining the best route.
distribute-list out Use the distribute-list out command in Router OSPF Configuration mode to specify the access list to filter routes received from the source protocol. Use the no form of the command to remove the specified source protocol from the access list. Syntax accesslistname distribute-list...
Default Configuration Enabled is the default configuration. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example enables OSPF router mode. console(config-router)#enable exit-overflow-interval Use the exit-overflow-interval command in Router OSPF Configuration mode to configure the exit overflow interval for OSPF.
external-lsdb-limit Use the external-lsdb-limit command in Router OSPF Configuration mode to configure the external LSDB limit for OSPF. If the value is -1, then there is no limit. When the number of non-default AS-external-LSAs in a router's link-state database reaches the external LSDB limit, the router enters overflow state.
area-id — The ID of the area (Range: IP address or decimal from 0 –4294967295). • Default Configuration OSPFv2 is disabled by default. Command Mode Interface Configuration (VLAN) mode. User Guidelines There are no user guidelines for this command. Example console(config-if-vlan1)#ip ospf area 192.168.1.10 ip ospf authentication Use the ip ospf authentication command in the Interface Configuration mode to set the OSPF...
Example The following example sets the OSPF Authentication Type and Key for VLAN 15. console(config-if-vlan15)#ip ospf authentication encrypt test123 ip ospf cost Use the ip ospf cost command in Interface Configuration mode to configure the cost on an OSPF interface. Use the no form of the command to return the cost to the default value. Syntax integer ip ospf cost...
seconds — Number of seconds that a router's Hello packets have not been seen before its • neighbor routers declare that the router is down. (Range: 1–65535) Default Configuration 40 is the default number of seconds. Command Mode Interface Configuration (VLAN) mode User Guidelines The value for the length of time must be the same for all routers attached to a common network.
Example The following example sets the OSPF hello interval at 30 seconds. console(config-if-vlan15)#ip ospf hello-interval 30 ip ospf mtu-ignore Use the ip ospf mtu-ignore command in Interface Configuration mode to disable OSPF maximum transmission unit (MTU) mismatch detection. OSPF Database Description packets specify the size of the largest IP packet that can be sent without fragmentation on the interface.
no ip ospf network broadcast — Set the network type to broadcast. • point-to-point — Set the network type to point-to-point • Default Configuration Interfaces operate in broadcast mode by default. Command Mode Interface Configuration (VLAN) mode. Usage Guidelines OSPF treats interfaces as broadcast interfaces by default. Loopback interfaces have a special loopback network type, which cannot be changed.
Command Mode Interface Configuration (VLAN) mode. User Guidelines A value of 1 is the highest router priority. A value of 0 indicates that the interface is not eligible to become the designated router on this network. Example The following example sets the OSPF priority for the VLAN 15 router at 100. console(config-if-vlan15)#ip ospf priority 100 ip ospf retransmit-interval Use the ip ospf retransmit-interval command in Interface Configuration mode to set the OSPF...
ip ospf transmit-delay Use the ip ospf transmit-delay command in Interface Configuration mode to set the OSPF Transit Delay for the specified interface. Use the no form of the command to return the delay to the default value. Syntax seconds ip ospf transmit-delay no ip ospf transmit-delay seconds —...
Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets the number of paths at 2 that OSPF can report for a given destination. console(config-router)#maximum-paths 2 network area The network area command enables OSPFv2 on an interface and sets its area ID if the ip- address of an interface is covered by this network command.
passive-interface default The passive-interface default command enables the global passive mode by default for all interfaces. It overrides any interface level passive mode. Use the “no” form of this command to disable the global passive mode by default for all interfaces. Any interface previously configured to be passive reverts to non-passive mode.
User Guidelines There are no user guidelines for this command. Example console(config-router)#passive-interface vlan 1 redistribute Use the redistribute command in Router OSPF Configuration mode to configure OSPF protocol to allow redistribution of routes from the specified source protocol/routers. Use the no version of the command to disable redistribution from the selected source or to reset options to their default values.
Example The following example configures OSPF protocol to allow redistribution of routes from the specified source protocol/routers. console(config-router)#redistribute rip metric 90 metric-type 1 tag 555 subnets router-id Use the router-id command in Router OSPF Configuration mode to set a 4-digit dotted- decimal number uniquely identifying the router OSPF ID.
Command Mode Global Configuration mode. User Guidelines The command prompt changes when the router ospf command executes. Example The following example enters into router OSPF mode. console(config)#router ospf console(config-router)# show ip ospf Use the show ip ospf command to display information relevant to the OSPF router. This command has been modified to show additional fields.
Page 761
RFC 1583 Reflects whether 1583 compatibility is enabled or disabled. This is a configured Compatibility value. Opaque Capability Shows whether router is capable of sending Opaque LSA's. This is a configured value. ABR Status Shows whether the router is an OSPF Area Border Router. Exit Overflow Interval Shows the number of seconds that, after entering OverflowState, a router will attempt to leave OverflowState.
Page 762
Example The following example displays OSPF router information. console#show ip ospf Router ID........5.5.5.5 OSPF Admin Mode........ Enable ASBR Mode........Enable RFC 1583 Compatibility......Enable ABR Status........Disable Exit Overflow Interval......0 Spf Delay Time......... 20 Spf Hold Time........30 External LSA Count......
show ip ospf abr The show ip ospf abr command displays the internal OSPF routing table entries to Area Border Routers (ABR). This command takes no options. Syntax show ip ospf abr Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode.
Page 764
Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays OSPF router information. console#show ip ospf area 10 AreaID......... 0.0.0.10 External Routing....... Import External LSAs Spf Runs........0 Area Border Router Count....... 0 Area LSA Count.........
Translator Stability Interval....2000 Translator State....... Disabled show ip ospf asbr The show ip ospf asbr command displays the internal OSPF routing table entries to Autonomous System Boundary Routes (ASBR). This command takes no options. Syntax show ip ospf asbr Default Configuration This command has no default configuration.
show ip ospf database Use the show ip ospf database command in Privileged EXEC mode to display information about the link state database when OSPF is enabled. If parameters are entered, the command displays the LSA headers. Use the optional parameters to specify the type of link state advertisements to display.
Page 767
Example The following example displays information about the link state database when OSPF is enabled. console#show ip ospf database Router Link States (Area 0.0.0.0) Link Id Adv Router Sequence Chksm Options Rtr Opt --------------- --------------- ----- -------- ------ ------- ------- 5.2.0.0 0.0.0.0 1360...
Page 768
5.2.0.0 0.0.0.0 1361 80000006 183a ------ Link Opaque States (Area 0.0.0.0) Link Id Adv Router Sequence Chksm Options Rtr Opt --------------- --------------- ----- -------- ------ ------- ------- 5.2.0.0 0.0.0.0 1361 80000005 ef59 ------ Area Opaque States (Area 0.0.0.0) Link Id Adv Router Sequence Chksm Options Rtr Opt...
show ip ospf database database-summary Use the show ip ospf database database-summary command to display the number of each type of LSA in the database for each area and for the router. The command also displays the total number of LSAs in the database. This command has been modified. Syntax show ip ospf database database-summary Default Configuration...
Page 770
Example The following example displays the number of each type of LSA in the database for each area and for the router. console#show ip ospf database database-summary OSPF Router with ID (5.5.5.5) Area 0.0.0.0 database summary Router......... 0 Network........0 Summary Net........
Summary ASBR........0 Type-7 Ext........0 Opaque Link........0 Opaque Area........0 Type-5 Ext........0 Self-Originated Type-5 Ext..... 0 Opaque AS........0 Total.......... 0 show ip ospf interface Use the show ip ospf interface command in Privileged EXEC mode to display the information for the VLAN or loopback interface.
Page 772
Example The following example displays the information for the IFO object or virtual interface tables associated with VLAN 3. console#show ip ospf interface vlan 10 IP Address........1.1.1.1 Subnet Mask........255.255.255.0 Secondary IP Address(es)....... OSPF Admin Mode........ Enable OSPF Area ID........0.0.0.0 OSPF Network Type......
show ip ospf interface brief Use the show ip ospf interface brief command in Privileged EXEC mode to display brief information for the IFO object or virtual interface tables. Syntax show ip ospf interface brief Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode.
show ip ospf interface stats Use the show ip ospf interface stats command in User EXEC mode to display the statistics for a specific interface. The information is only displayed if OSPF is enabled. Syntax vlan-id show ip ospf interface stats vlan vlan-id —...
show ip ospf neighbor Use the show ip ospf neighbor command in Privileged EXEC mode to display information about OSPF neighbors. The information below only displays if OSPF is enabled and the interface has a neighbor. Syntax vlan-id ip-address show ip ospf neighbor [interface vlan vlan-id —...
show ip ospf range Use the show ip ospf range command in Privileged EXEC mode to display information about the area ranges for the specified area-id. Syntax area-id show ip ospf range area-id — Identifies the OSPF area whose ranges are being displayed. (Range: IP address or •...
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example console>show ip ospf statistics Area 0.0.0.0: SPF algorithm executed 0 times Delta T SPF Duration (msec) Reason -------- ------------------- --------------- 26:01:45...
Example The following example displays the OSPF stub table. console(config)#show ip ospf stub table AreaId TypeofService Metric Val Import SummaryLSA ------------- ------------- ---------- ----------------- 0.0.0.1 Normal Enable show ip ospf virtual-link Use the show ip ospf virtual-link command in Privileged EXEC mode to display the OSPF Virtual Interface information for a specific area and neighbor.
Hello Interval......... 10 Dead Interval........655555 Iftransit Delay Interval....... 1 Retransmit Interval......5 State.......... down Metric......... 0 Neighbor State......... down Authentication Type......MD5 Authentication Key......"test123" Authentication Key ID......100 show ip ospf virtual-link brief Use the show ip ospf virtual-link brief command in Privileged EXEC mode to display the OSPF Virtual Interface information for all areas in the system.
Example The following example displays the OSPF Virtual Interface information in the system. console#show ipv6 ospf virtual-link brief Hello Dead Retransmit Transit Area ID Neighbor Interval Interval Interval Delay ------- -------- -------- -------- ---------- -------- 0.0.0.2 5.5.5.5 timers spf Use the timers spf command in Router OSPF Configuration mode to configure the SPF delay and hold time.
1583compatibility Use the 1583compatibility command in Router OSPF Configuration mode to enable OSPF 1583 compatibility. Use the no form of the command to disable it. Syntax 1583compatibility no 1583compatibility Default Configuration Enabled is the default configuration. Command Mode Router OSPF Configuration mode. User Guidelines If all OSPF routers in the routing domain are capable of operating according to RFC 2328, OSPF 1583 compatibility mode should be disabled.
OSPFv3 Commands This chapter explains the following commands: • area default-cost • area nssa • area nssa default-info-originate • area nssa no-redistribute • area nssa no-summary • area nssa translator-role • area nssa translator-stab-intv • area range • area stub •...
Syntax areaid cost area default-cost areaid no area default-cost areaid — Valid area identifier. • cost — Default cost. (Range: 1-16777215) • Default Configuration This command has no default configuration. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the monetary default cost at 100 for stub area 1.
User Guidelines This command has no user guidelines. Example The following example configures area 1 to function as an NSSA. console(config)#ipv6 router ospf console(config-rtr)#area 1 nssa area nssa default-info-originate Use the area nssa default-info-originate command in Router OSPFv3 Configuration mode to configure the metric value and type for the default route advertised into the NSSA.
console(config-rtr)#area 1 nssa default-info-originate area nssa no-redistribute Use the area nssa no-redistribute command in Router OSPFv3 Configuration mode to configure the NSSA ABR so that learned external routes will not be redistributed to the NSSA. Use the no form of the command to remove the configuration. Syntax area areaid...
Default Configuration This command has no default configuration. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the area 1 NSSA so that summary LSAs are not advertised into the NSSA. console(config)#ipv6 router ospf console(config-rtr)#area 1 nssa no-summary area nssa translator-role...
Example The following example configures the always translator role of the area 1 NSSA. console(config)#ipv6 router ospf console(config-rtr)#area 1 nssa translator-role always area nssa translator-stab-intv Use the area nssa translator-stab-intv command in Router OSPFv3 Configuration mode to configure the translator stability interval of the NSSA. The stability interval is the period of time that an elected translator continues to perform its duties after it determines that its translator status has been deposed by another router.
intra-area route as a type 3 summary LSA. Also, an area range can be configured at the edge of an NSSA to summarize external routes reachable within the NSSA. The range is advertised as a type 5 external LSA. Use the no form of the command to remove the summary prefix configuration for routes learned in the specified area.
Syntax areaid area stub areaid no area stub areaid — Valid OSPFv3 area identifier. • Default Configuration This command has no default configuration. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example creates a stub area for area 1. console(config)#ipv6 router ospf console(config-rtr)#area 1 stub area stub no-summary...
Example The following example prevents Summary LSAs from being advertised into the area 1 NSSA. console(config)#ipv6 router ospf console(config-rtr)#area 1 stub no-summary area virtual-link Use the area virtual-link command in Router OSPFv3 Configuration mode to create the OSPF areaid neighbor virtual interface for the specified .
Syntax areaid neighbor seconds area virtual-link dead-interval areaid neighbor no area virtual-link dead-interval areaid — Valid OSPFv3 area identifier. • neighbor — Router ID of neighbor. • seconds — Dead interval. (Range: 1-65535) • Default Configuration seconds 40 is the default value for Command Mode Router OSPFv3 Configuration mode.
Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures a hello interval of 20 seconds for the OSPF virtual interface on the virtual interface identified by area 1 and its neighbor. console(config)#ipv6 router ospf console(config-rtr)#area 1 virtual-link 2 hello-interval 20 area virtual-link retransmit-interval...
(config)#ipv6 router ospf (config-rtr)#area 1 virtual-link 2 retransmit-interval 20 area virtual-link transmit-delay Use the area virtual-link transmit-delay command in Router OSPFv3 Configuration mode to configure the transmit delay for the OSPF virtual interface on the virtual interface identified by areaid neighbor Syntax areaid...
Default Configuration This command has no default configuration. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets a default of 100 for the metric of distributed routes. console(config)#ipv6 router ospf console(config-rtr)#default-metric 100 distance ospf The distance ospf command sets the preference values of OSPF route types in the router.
Example The following example sets a route preference value of 100 for intra OSPF in the router. console(config)#ipv6 router ospf console(config-rtr)#distance ospf intra 100 enable Use the enable command in Router OSPFv3 Configuration mode to enable administrative mode of OSPF in the router (active). Syntax enable no enable...
no exit-overflow-interval seconds — Exit overflow interval for OSPF (Range: 0-2147483647) • Default Configuration seconds 0 is the default value for Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines. Example The following example configures the exit overflow interval for OSPF at 100 seconds. console(config)#ipv6 router ospf console(config-rtr)#exit-overflow-interval 100 external-lsdb-limit...
User Guidelines This command has no user guidelines. Example The following example sets the external LSDB limit at 100 for OSPF. console(config)#ipv6 router ospf console(config-rtr)#external-lsdb-limit 100 ipv6 ospf Use the ipv6 ospf command in Interface Configuration mode to enable OSPF on a router interface or loopback interface.
no ipv6 ospf areaid areaid areaid — Is a 32-bit integer, formatted as a 4-digit dotted-decimal number or a decimal value. • It uniquely identifies the area to which the interface connects. Assigning an area id which does not exist on an interface causes the area to be created with default values. (Range: 0- 4294967295).
Example The following example configures a cost of 100. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 ospf cost 100 ipv6 ospf dead-interval Use the ipv6 ospf dead-interval command in Interface Configuration mode to set the OSPF dead interval for the specified interface. Syntax seconds ipv6 ospf dead-interval no ipv6 ospf dead-interval...
Syntax seconds ipv6 ospf hello-interval no ipv6 ospf hello-interval seconds — A valid positive integer which represents the length of time of the OSPF hello • interval. The value must be the same for all routers attached to a network. (Range: 1-65535 seconds) Default Configuration seconds...
Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode. User Guidelines This command has no user guidelines. Example The following example disables OSPF maximum transmission unit (MTU) mismatch detection. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 ospf mtu-ignore ipv6 ospf network Use the ipv6 ospf network command in Interface Configuration mode to change the default OSPF network type for the interface.
Example The following example changes the default OSPF network type to point-to-point. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 ospf network point-to-point ipv6 ospf priority Use the ipv6 ospf priority command in Interface Configuration mode to set the OSPF priority for the specified router interface. Syntax priority ipv6 ospf priority...
seconds — The number of seconds between link-state advertisement retransmissions for • adjacencies belonging to this router interface. This value is also used when retransmitting database description and link-state request packets. (Range: 0 to 3600 seconds) Default Configuration 5 seconds is the default value. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode.
Example The following example sets the OSPF Transmit Delay at 100 seconds for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 ospf transmit-delay 100 ipv6 router ospf Use the ipv6 router ospf command in Global Configuration mode to enter Router OSPFv3 Configuration mode. Syntax ipv6 router ospf Default Configuration...
Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets the number of paths that OSPF can report for a destination to 1. console(config)#ipv6 router ospf console(config-rtr)#maximum-paths 1 passive-interface Use the passive-interface command to set the interface or tunnel as passive. It overrides the global passive mode that is currently effective on the interface or tunnel.
passive-interface default The passive-interface default command enables the global passive mode by default for all interfaces. It overrides any interface level passive mode. Use the “no” form of this command to disable the global passive mode by default for all interfaces. Any interface previously configured to be passive reverts to non-passive mode.
User Guidelines This command has no user guidelines. Example The following example configures the OSPFv3 protocol to allow redistribution of routes from the specified source protocol/routers. console(config)#ipv6 router ospf console(config-rtr)#redistribute connected router-id Use the router-id command in Router OSPFv3 Configuration mode to set a 4-digit dotted- decimal number uniquely identifying the Router OSPF ID.
Page 811
Syntax show ipv6 ospf Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example enables OSPF traps. console#show ipv6 ospf Router ID........0.0.0.2 OSPF Admin Mode........ Enable ASBR Mode........
show ipv6 ospf abr This command displays the internal OSPFv3 routes to reach Area Border Routers (ABR). This command takes no options. Syntax show ipv6 ospf abr Default Configuration This command has no default configuration. Command Mode User EXEC mode. User Guidelines This command has no user guidelines.
Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays information about area 1. console#show ipv6 ospf area 1 AreaID......... 0.0.0.1 External Routing....... Import External LSAs Spf Runs........0 Area Border Router Count....... 0 Area LSA Count.........
Type Router Id Cost Area ID Next Hop Next Hop Intf ---- --------- ---- -------- ----------------------- ------- INTRA 1.1.1.1 0.0.0.1 FE80::213:C4FF:FEDB:6C41 vlan10 INTRA 4.4.4.4 0.0.0.1 FE80::210:18FF:FE82:8E1 vlan12 show ipv6 ospf database Use the show ipv6 ospf database command in Privileged EXEC mode to display information about the link state database when OSPFv3 is enabled.
Page 815
Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays information about the link state database when OSPFv3 is enabled. console#show ipv6 ospf database Router Link States (Area 0.0.0.0) Adv Router Link Id Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- ------- ------- 1.1.1.1...
User Guidelines This command has no user guidelines. Example The following example displays the information in VLAN 11’s virtual interface tables. console#show ipv6 ospf interface vlan 11 IP Address........Err ifIndex........1 OSPF Admin Mode........ Enable OSPF Area ID........0.0.0.0 Router Priority........
User Guidelines This command has no user guidelines. Example The following example displays brief ospf interface information. console#show ipv6 ospf interface brief Hello Dead Retrax Admin Router Int. Int. Int. Retrax Ack Interface Mode Area ID Prior. Cost Val. Val. Val.
AS Border Router Count......0 Area LSA Count......... 6 IPv6 Address........FE80::202:BCFF:FE00:3146/1283FFE::2/64 OSPF Interface Events......53 Virtual Events......... 13 Neighbor Events........ 6 External LSA Count......0 LSAs Received........660 Originate New LSAs......853 Sent Packets........1013 Received Packets....... 893 Discards........48 Bad Version........
Page 822
Syntax vlan-id show ipv6 ospf interface vlan { | brief } vlan-id — Valid VLAN ID. Range is 1-4093. • brief — Displays a snapshot of configured interfaces. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines.
Designated Router......1.1.1.1 Backup Designated Router....2.2.2.2 Number of Link Events....46 show ipv6 ospf neighbor Use the show ipv6 ospf neighbor command in Privileged EXEC mode to display information about OSPF neighbors. If a neighbor IP address is not specified, the output displays summary information in a table.
Example The following example displays information about the area ranges for area 1. console#show ipv6 ospf range 1 Area ID IPv6 Prefix/Prefix Length Lsdb Type Advertisement --------- ------------------------- --------------- ------------- show ipv6 ospf stub table Use the show ipv6 ospf stub table command in Privileged EXEC mode to display the OSPF stub table.
areaid — Identifies the OSPF area whose virtual interface information is being displayed. • neighbor — Router ID of neighbor. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays the OSPF Virtual Interface information for area 1 and its neighbor.
Page 827
Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays the OSPF stub table. console(config)#show ipv6 ospf virtual-link brief Hello Dead Retransmit Transit Area ID Neighbor Interval Interval Interval Delay ----------- ----------- ---------- ---------- ---------- -------- OSPFv3 Commands...
PIM-DM Commands This chapter explains the following commands: • ip pimdm • show ip pimdm • show ip pimdm interface • show ip pimdm neighbor ip pimdm Use the ip pimdm command in Global Configuration mode to enable the administrative mode of PIM-DM in the router.
Syntax show ip pimdm Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays system-wide information for PIM-DM. console(config)#show ip pimdm Admin Mode........Disable PIM-DM INTERFACE STATUS Interface Interface Mode Protocol State...
Example The following example displays interface information for VLAN 11 PIM-DM. console(config)#show ip pimdm interface vlan 11 Interface Mode......... Disable Hello Interval (secs)......30 show ip pimdm neighbor Use the show ip pimdm neighbor command in Privileged EXEC mode to display the neighbor information for PIM-DM on the specified interface.
PIM-SM Commands This chapter explains the following commands: • ip pimsm • ip pimsm spt-threshold • ip pim-trapflags • show ip pimsm • show ip pimsm interface • show ip pimsm neighbor • show ip pimsm rphash ip pimsm Use the ip pimsm command in Global Configuration mode to set administrative mode of PIM- SM multicast routing across the router to enabled.
ip pimsm spt-threshold Use the ip pimsm spt-threshold command in Global Configuration mode to configure the Data Threshold rate for the last-hop (or leaf) router to switch to the shortest path. The rate is specified in kilobits per second. Syntax threshold ip pimsm spt-threshold no ip pimsm spt-threshold...
User Guidelines This command has no user guidelines. Example The following example enables PIM trap mode. console(config)#ip pim-trapflags show ip pimsm Use the show ip pimsm command in Privileged EXEC mode to display the system-wide information for PIM-SM. Syntax show ip pimsm Default Configuration This command has no default configuration.
show ip pimsm interface Use the show ip pimsm interface command in Privileged EXEC mode to display interface information for PIM-SM on the specified interface. Syntax vlan-id show ip pimsm interface [ vlan vlan-id — Valid VLAN ID • Default Configuration This command has no default configuration.
Syntax vlan-id show ip pimsm neighbor [ interface vlan | all ] vlan-id — Valid VLAN ID • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays neighbor information for PIM-SM on all interfaces.
Page 838
User Guidelines This command has no user guidelines. Example The following example displays the RP router being selected from the set of active RP routers. console#show ip pimsm rphash 224.5.5.5 There are no static RPs for that group on the router. PIM-SM Commands...
Router Discovery Protocol Commands This chapter explains the following commands: • ip irdp • ip irdp address • ip irdp holdtime • ip irdp maxadvertinterval • ip irdp minadvertinterval • ip irdp preference • show ip irdp ip irdp Use the ip irdp command in Interface Configuration mode to enable Router Discovery on an interface.
ip irdp address Use the ip irdp address command in Interface Configuration mode to configure the address that the interface uses to send the router discovery advertisements. Use the no form of the command to return the address to the default. Syntax ip-address ip irdp address...
Default Configuration 1800 seconds is the default value. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example sets hold time at 2000 seconds for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip irdp holdtime 2000 ip irdp maxadvertinterval Use the ip irdp maxadvertinterval command in Interface Configuration mode to configure the maximum time, in seconds, allowed between sending router advertisements from the interface.
console(config)#interface vlan 15 console(config-if-vlan15)#ip irdp maxadvertinterval 600 ip irdp minadvertinterval Use the ip irdp minadvertinterval command in Interface Configuration mode to configure the minimum time, in seconds, allowed between sending router advertisements from the interface. Use the no form of the command to set the time to the default value. Syntax integer ip irdp minadvertinterval...
integer — Preference of the address as a default router address, relative to other router • addresses on the same subnet. (Range: -2147483648 to 2147483647) Default Configuration 0 is the default value. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines.
Page 844
console#show ip irdp vlan 15 Interface Ad Mode Advertise Address Max Int Min Int Hold Time Preference --------- ------- ----------------- ------- ------- -------- ---------- vlan15 Enable 224.0.0.1 1800 Router Discovery Protocol Commands...
Routing Information Protocol Commands This chapter explains the following commands: • auto-summary • default-information originate • default-metric • distance rip • distribute-list out • enable • hostroutesaccept • ip rip • ip rip authentication • ip rip receive version • ip rip send version •...
Default Configuration Disabled is the default configuration. Command Mode Router RIP Configuration mode. User Guidelines This command has no user guidelines. Example console(config-router)#auto-summary default-information originate Use the default-information originate command in Router RIP Configuration mode to control the advertisement of default routes. Syntax default-information originate no default-information originate...
Syntax integer default-metric no default-metric integer — Metric for the distributed routes. (Range: 1-15) • Default Configuration Default metric is not configured by default. Command Mode Router RIP Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets a default of 12 for the metric of distributed routes. console(config-router)#default-metric 12 distance rip Use the distance rip command in Router RIP Configuration mode to set the route preference...
Example The following example sets the route preference value of RIP in the router at 100. console(config-router)#distance rip 100 distribute-list out Use the distribute-list out command in Router RIP Configuration mode to specify the access list to filter routes received from the source protocol. Use the no form of the command to remove the access list from the specified source protocol.
Syntax enable no enable Default Configuration Enabled is the default configuration. Command Mode Router RIP Configuration mode. User Guidelines This command has no user guidelines. Example console(config-router)#enable hostroutesaccept Use the hostroutesaccept command in Router RIP Configuration mode to enable the RIP hostroutesaccept mode.
ip rip Use the ip rip command in Interface Configuration mode to enable RIP on a router interface. Use the no form of the command to disable RIP on the interface. Syntax ip rip no ip rip Default Configuration Disabled is the default configuration. Command Mode Interface Configuration (VLAN) mode.
Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example sets the RIP Version 2 Authentication Type and Key for VLAN 11. console(config-if-vlan11)#ip rip authentication encrypt pass123 35 ip rip receive version Use the ip rip receive version command in Interface Configuration mode to configure the interface to allow RIP control packets of the specified version(s) to be received.
ip rip send version Use the ip rip sent version command in Interface Configuration mode to configure the interface to allow RIP control packets of the specified version to be sent. Use the no form of the command to return the version to the default value. Syntax ip rip send version {rip1 | rip1c | rip2 | none} no ip rip send version...
integer — Specifies the metric to use when redistributing the route. Range: 0-15. • metric • match internal — Adds internal matches to any match types presently being redistributed. • match external 1 — Adds routes imported into OSPF as Type-1 external routes into any match types presently being redistributed.
Command Mode Global Configuration mode. User Guidelines This command has no user guidelines. Example The following example enters Router RIP mode. console(config)#router rip console(config-router)# show ip rip Use the show ip rip command in Privileged EXEC mode to display information relevant to the RIP router.
Global route changes......0 Global queries......... 0 Default Metric......... 12 Default Route Advertise......0 Redistributing......... Source......... Connected Metric......... 2 Distribute List........ Not configured Redistributing......... Source......... ospf Metric......... 10 Match Value........'nssa-external 1' Distribute List........ Not configured show ip rip interface Use the show ip rip interface command in Privileged EXEC mode to display information related to a particular RIP interface.
Send Receive Link Interface IP Address Version Version Mode State ---------- ---------- -------- ----------- --------- ---------- vlan1 0.0.0.0 RIP-2 Both Disable Down vlan2 0.0.0.0 RIP-2 Both Disable Down split-horizon Use the split-horizon command in Router RIP Configuration mode to set the RIP split horizon mode.
Tunnel Interface Commands This chapter explains the following commands: • interface tunnel • show interfaces tunnel • tunnel destination • tunnel mode ipv6ip • tunnel source interface tunnel Use the interface tunnel command in Global Configuration mode to enter the interface configuration mode for a tunnel.
show interfaces tunnel Use the show interfaces tunnel command in Privileged EXEC mode to display the parameters related to tunnel such as tunnel mode, tunnel source address and tunnel destination address. Syntax tunnel-id show interfaces tunnel [ tunnel-id — Tunnel identifier. (Range: 0–7) •...
no tunnel destination ipv4addr — Valid ipv4 address. • Default Configuration This command has no default configuration. Command Mode Interface Configuration (Tunnel) mode. User Guidelines This command has no user guidelines. Example The following example specifies the destination transport address of tunnel 1. console(config)#interface tunnel 1 console(config-if-tunnel1)#tunnel destination 10.1.1.1 tunnel mode ipv6ip...
console(config)#interface tunnel 1 console(config-if-tunnel1)#tunnel mode ipv6ip console(config-if-tunnel1)#tunnel mode ipv6ip 6to4 tunnel source Use the tunnel source command in Interface Configuration mode to specify the source transport address of the tunnel, either explicitly or by reference to an interface. Syntax ipv4addr vlan-id tunnel source { | vlan...
Virtual Router Redundancy Protocol Commands This chapter explains the following commands: • ip vrrp • ip vrrp authentication • ip vrrp ip • ip vrrp mode • ip vrrp preempt • ip vrrp priority • ip vrrp timers advertise • ip vrrp track interface •...
no ip vrrp vr-id • vr-id — Virtual router identification. (Range: 1-255) Default Configuration This command has no default configuration. Command Mode Global Configuration or Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example enables VRRP protocol on the router. console(config)#ip vrrp The following example in Interface Configuration mode enables VRRP protocol on VLAN 15.
Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example sets the authorization details value for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip vrrp 5 authentication simple test123 ip vrrp ip Use the ip vrrp ip command in Interface Configuration mode to set the virtual router IP address value for an interface.
console(config-if-vlan15)#ip vrrp 5 ip 192.168.5.25 ip vrrp mode Use the ip vrrp mode command in Interface Configuration mode to enable the virtual router configured on an interface. Enabling the status field starts a virtual router. Use the no form of the command to disable the virtual router.
Default Configuration Enabled is the default configuration. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example sets the preemption mode value for the virtual router for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip vrrp 5 preempt ip vrrp priority Use the ip vrrp priority command in Interface Configuration mode to set the priority value for...
console(config-if-vlan15)#ip vrrp 5 priority 20 ip vrrp timers advertise Use the ip vrrp timers advertise command in Interface Configuration mode to set the frequency, in seconds, that an interface on the specified virtual router sends a virtual router advertisement. Use the no form of the command to return the advertisement frequency to the default value.
A VRRP configured interface can track more than one interface. When a tracked interface goes down, then the priority of the router will be decreased by 10 (default priority decrement) for each downed interface. The default priority decrement is changed using the priority argument. The default priority of the virtual router is 100, and the default decrement priority is 10.
priority of the router is decreased by 10 (default priority decrement) for each downed route. By default no routes are tracked. If we specify just the route to be tracked without giving the priority which is optional then the default priority will be set. Use the “no”...
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays VRRP’s enabled status. console#show ip vrrp Admin Mode........Enable Router Checksum Errors......0 Router Version Errors......0 Router VRID Errors......
Example The following example displays all configuration information about the VLAN 15 virtual router. console#show ip vrrp interface vlan 7 1 Primary IP Address......192.168.5.55 VMAC Address........0000.5E00.0101 Authentication Type......None Priority........60 Advertisement Interval (secs)....10 Pre-empt Mode........Enable Administrative Mode......
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays all configuration information about the virtual router on the selected interface. console#show ip vrrp interface brief Interface VRID IP Address Mode State...
Page 874
Example The following example displays all statistical information about the VLAN 15 virtual router. console#show ip vrrp interface stats vlan 15 5 UpTime......0 days 0 hrs 0 mins 0 secs Protocol........IP State Transitioned to Master....0 Advertisement Received......0 Advertisement Interval Errors....
Utility Commands Introduction The chapters that follow describe commands that provide a variety of switch services, including commands that help you manage the switch. This section of the document contains the following topics: • Autoconfig Commands • Captive Portal Commands •...
Autoconfig Commands This chapter explains the following commands: • boot host auto-save • boot host dhcp • boot host retry-count • show boot boot host auto-save The boot host auto-save command enables/disables the option to automatically save configuration files downloaded to the switch by Auto Config. Syntax boot host auto-save no boot host auto-save...
Syntax boot host dhcp no boot host dhcp Default Configuration Auto Config is enabled. Command Mode Global Configuration. User Guidelines This command has no user guidelines Example console#no boot host dhcp boot host retry-count The boot host retry-count command sets the number of attempts to download a configuration. Use the "no"...
show boot The show autoconfig command displays the current status of the Auto Config process. Syntax show boot Default Configuration Not applicable Command Mode Privileged EXEC. User Guidelines This command has no user guidelines. Example console#show boot Config Download via DHCP: enabled Auto Config State : Waiting for boot options Auto Config State...
Captive Portal Commands This chapter explains the following commands: Captive Portal Global Commands • authentication timeout • captive-portal • enable • http port • https port • show captive-portal • show captive-portal status Captive Portal Configuration Commands • block • configuration •...
Page 882
• show captive-portal interface configuration status Captive Portal Interface Commands • clear captive-portal users Captive Portal Local User Commands • clear captive-portal users • no user • show captive-portal user • user group • user name • user password • user session-timeout Captive Portal Status Commands •...
Captive Portal Global Commands authentication timeout Use the authentication timeout command to configure the authentication timeout. If the user does not enter valid credentials within this time limit, the authentication page needs to be served again in order for the client to gain access to the network. Use the “no” form of this command to reset the authentication timeout to the default.
Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#captive-portal console(config-CP)# enable Use the enable command to globally enable captive portal. Use the “no” form of this command to globally disable captive portal. Syntax enable no enable...
no http port port-num — The port number to monitor (Range: 1–65535). • Default Configuration Captive portal only monitors port 80 by default. Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command. Example console(config-CP)#http port 81 console(config-CP)#no http port https port...
console(config-CP)#no https port show captive-portal Use the show captive-portal command to display the status of the captive portal feature. Syntax show captive-portal Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Example console#show captive-portal Administrative Mode.......
User Guidelines There are no user guidelines for this command. Example console#show captive-portal status Additional HTTP Port......81 Additional HTTP Secure Port....1443 Authentication Timeout......300 Supported Captive Portals...... 10 Configured Captive Portals..... 1 Active Captive Portals......0 Local Supported Users......128 Configured Local Users......
User Guidelines There are no user guidelines for this command. Example console(config-CP 2)#block configuration Use the configuration command to enter the captive portal instance mode. The captive portal configuration identified by CP ID 1 is the default CP configuration. The system supports a total of ten CP configurations.
no enable Default Configuration Configurations are enabled by default Command Mode Captive Portal Instance mode. User Guidelines There are no user guidelines for this command. Example console(config-CP 2)#no enable group Use the group command to configure the group number for a captive portal configuration. If a group number is configured, the user entry (Local or RADIUS) must be configured with the same name and the group to authenticate to this captive portal instance.
interface Use the interface command to associate an interface with a captive portal configuration. Use the “no” form of this command to remove an association. Syntax interface interface interface no interface interface —An interface or range of interfaces. Default Configuration No interfaces are associated with a configuration by default.
User Guidelines There are no user guidelines for this command. name Use the name command to configure the name for a captive portal configuration. Use the “no” form of this command to remove a configuration name. Syntax cp-name name no name cp-name —CP configuration name (Range: 1–32 characters).
User Guidelines There are no user guidelines for this command. Example console(config-CP 2)#protocol http redirect Use the redirect command to enable the redirect mode for a captive portal configuration. Use the “no” form of this command to disable redirect mode. Syntax redirect no redirect...
User Guidelines There are no user guidelines for this command. Example console(config-CP 2)#redirect-url www.dell.com session-timeout Use the session-timeout command to configure the session timeout for a captive portal configuration. Use the “no” form of this command to reset the session timeout to the default.
Syntax verification { guest | local | radius } • guest— Allows access for unauthenticated users (users that do not have assigned user names and passwords). • local— Authenticates users against a local user database. • radius— Authenticates users against a remote RADIUS database. Default Configuration The default verification mode is guest.
User Guidelines There are no user guidelines for this command. Example console#captive-portal client deauthenticate 0002.BC00.1290 show captive-portal client status Use the show captive-portal client status command to display client connection details or a connection summary for connected captive portal users. Syntax macaddr show captive-portal client [...
Verification Mode......Local CP ID........1 CP Name........cp1 Interface......... 1/g1 Interface Description..... Unit: 1 Slot: 0 Port: 1 Gigabit - Level User Name......... user123 Session Time......0d:00:00:13 show captive-portal configuration client status Use the show captive-portal configuration client status command to display the clients authenticated to all captive portal configurations or a to specific configuration.
console#show captive-portal configuration 1 client status CP ID........1 CP Name........cp1 Client Client MAC Address IP Address Interface Interface Description -------------- --------------- --------- -------------------------------- 0002.BC00.1290 10.254.96.47 1/g1 Unit: 1 Slot: 0 Port: 1 Gigabit 0002.BC00.1291 10.254.96.48 1/g2 Unit: 1 Slot: 0 Port: 2 Gigabit show captive-portal interface client status Use the show captive-portal interface client status command to display information about clients authenticated on all interfaces or a specific interface.
Command Mode Captive Portal Configuration mode. User Guidelines There are no user guidelines for this command. Example console(config-CP)#no user 1 show captive-portal user Use the show captive-portal user command to display all configured users or a specific user in the captive portal local user database. Syntax show captive-portal user [ user-id ] user-id —User ID (Range: 1–128).
console#show captive-portal user 1 User ID........1 User Name........user123 Password Configured......Yes Session Timeout........ 0 Group ID Group Name -------- -------------------------------- Default group2 user group Use the user group command to associate a group with a captive portal user. Use the “no” form of this command to disassociate a group and user.
user name Use the user name command to modify the user name for a local captive portal user. Syntax user-id name user name user-id —User ID (Range: 1–128). • name —user name (Range: 1–32 characters). • Default Configuration There is no name for a user by default. Command Mode Captive Portal Configuration mode.
User Guidelines There are no user guidelines for this command. Example console(Config-CP)#user 1 password Enter password (8 to 64 characters): ******** Re-enter password: ******** user session-timeout Use the user session-timeout command to set the session timeout value for a captive portal user. Use the “no”...
Captive Portal Status Commands show captive-portal configuration Use the show captive-portal configuration command to display the operational status of each captive portal configuration. Syntax cp-id show captive-portal configuration cp-id —Captive Portal ID. Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode.
Page 905
cp-id — Captive Portal ID. • interface — Interface in unit/port format. • Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Example console#show captive-portal configuration 1 interface CP ID........
show captive-portal configuration locales Use the show captive-portal configuration locales command to display locales associated with a specific captive portal configuration. Syntax cp-id show captive-portal configuration locales cp-id — Captive Portal Configuration ID. • Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode.
Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Example console#show captive-portal configuration status CP ID CP Name Mode Protocol Verification ----- --------------- -------- -------- ------------ Enable https Guest Enable http Local Disable https Guest console#show captive-portal configuration 1 status CP ID..........
Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Example console#show trapflags captive-portal Client Authentication Failure Traps.... Disable Client Connection Traps......Disable Client Database Full Traps..... Disable Client Disconnection Traps.....
User Guidelines There are no user guidelines for this command. Example console(config-CP)#user group 2 console(config-CP)#no user group 2 user group moveusers Use the user group moveusers command to move a group's users to a different group. Syntax group-id new-group-id user group moveusers group-id —...
Page 910
Default Configuration User groups have no names by default. Command Mode Captive Portal Configuration mode. User Guidelines There are no user guidelines for this command. Example console(config-CP)#user group 2 name group2 Captive Portal Commands...
Clock Commands This chapter explains the following commands: • clock set • show clock • show sntp configuration • show sntp status • sntp authenticate • sntp authentication-key • sntp broadcast client enable • sntp client poll timer • sntp server •...
Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Examples console>clock ? time Configure current date and time. summer-time Configure the summer-time parameters. timezone Configure the timezone parameters. console(config)#clock set 10/10/2008 console(config)#clock set 16:13.06 show clock Use the show clock command to display the time and date from the system clock.
Time source is SNTP When SNTP client Admin Mode is disabled and Real Time Clock is enabled, the command displays Local as shown in the following example: console# show clock 04:49:00 (UTC+0:00) May 9 2005 Time source is local. The following example shows the time, date, timezone, and summertime configuration. console# show clock detail 15:29:03 PDT(UTC-7) Jun 17 2005 Time source is SNTP...
User Guidelines This command has no user guidelines. Example The following example displays the current SNTP configuration of the device. console#show sntp configuration Polling interval: 64 seconds MD5 Authentication keys: Authentication is not required for synchronization. Trusted keys: No trusted keys. Unicast clients: Disable Unicast servers: Server...
User Guidelines This command has no user guidelines. Examples The following example shows the status of the SNTP. console#show sntp status Client Mode: Unicast Last Update Time: MAR 30 21:21:20 2009 Unicast servers: Server Status Last response --------- ----------- -------------------------- 192.168.0.1 21:21:20 Mar 30 2009 sntp authenticate...
console(config)# sntp authentication-key 8 md5 ClkKey console(config)# sntp trusted-key 8 console(config)# sntp authenticate sntp authentication-key Use the sntp authentication-key command in Global Configuration mode to define an authentication key for Simple Network Time Protocol (SNTP). To remove the authentication key for SNTP , use the no form of this command. Syntax key-number value...
Syntax sntp broadcast client enable no sntp broadcast client enable Default Configuration The SNTP Broadcast client is disabled. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example enables a Simple Network Time Protocol (SNTP) Broadcast client. console(config)# sntp broadcast client enable sntp client poll timer Use the sntp client poll timer command in Global Configuration mode to set the polling time...
Example The following example sets the polling time for the Simple Network Time Protocol (SNTP) client to 1024 seconds. console(config)# sntp client poll timer 1024 sntp server Use the sntp server command in Global Configuration mode to configure the device to use Simple Network Time Protocol (SNTP) to request and accept SNTP traffic from a specified server.
console(config)# sntp server 192.1.1.1 sntp trusted-key Use the sntp trusted-key command in Global Configuration mode to authenticate the identity of a system to which Simple Network Time Protocol (SNTP) will synchronize. To disable authentication of the identity of the system, use the no form of this command. Syntax sntp trusted-key key-number...
Default Configuration The SNTP Unicast client is disabled. Command Mode Global Configuration mode User Guidelines Use the sntp server command to define SNTP servers. Examples The following example enables the device to use Simple Network Time Protocol (SNTP) to request and accept SNTP traffic from servers. console(config)# sntp unicast client enable clock timezone hours-offset minutes-offset...
no clock timezone Use the no clock timezone command to reset the time zone settings. Syntax no clock timezone Default Configuration This command has no default configuration. Command Mode Global Configuration User Guidelines This command has no specific user guidelines. Example console(config)#no clock timezone clock summer-time recurring...
Default Value No default setting Command Mode Global Configuration User Guidelines No specific guidelines Examples console(config)# clock summer-time recurring 1 sun jan 00:10 2 mon mar 10:00 offset 1 zone ABC clock summer-time date year hh:mm Use the clock summer-time date {date|month} {month|date} {date|month} year hh:mm offset...
User Guidelines No specific guidelines Examples console(config)# clock summer-time date 1 Apr 2007 02:00 28 Oct 2007 offset 90 zone EST console(config)# clock summer-time date Apr 1 2007 02:00 Oct 28 2007 offset 90 zone EST no clock summer-time Use the no clock summer-time command to reset the summertime configuration. Syntax Description no clock summer-time Default Configuration...
Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines Use the show bootvar command to find out which image is the active image. Example The following example loads system image image1 for the next device startup. console# boot system image1 clear config Use the clear config command in Privileged EXEC mode to restore the switch to the default...
Page 927
Syntax source-url destination-url //ipaddr/filepath/filename copy {xmodem | tftp: //username ipaddr/filepath/filename hostname sftp|scp: source-url — The location URL or reserved keyword of the source file being copied. (Range: • 1–160 characters.) • destination-url — The URL or reserved keyword of the destination file. (Range: 1–160 characters.) ipaddr —...
Page 928
Command Mode Privileged EXEC mode User Guidelines The location of a file system dictates the format of the source or destination URL. The entire copying process may take several minutes and differs from protocol to protocol and from network to network. Understanding Invalid Combinations of Source and Destination Some combinations of source and destination are not valid.
Saving the Running Configuration to the Startup Configuration Use the copy running-config startup-config command to copy the running configuration to the startup configuration. Backing up the Running Configuration or Startup Configuration to the Backup Configuration Use the copy running-config backup-config command to back up the running configuration to the backup configuration file.
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example deletes the backup-config file. console#delete backup-config Delete backup-config (Y/N)?y delete backup-image Use the delete backup-image command in Privileged EXEC mode to delete a file from a flash memory device.
Syntax delete startup-config Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines If the startup-config file is not present when system reboots, it reboots with default settings. Example The following example deletes the startup-config file. console# delete startup-config Delete startup-config (y/n)? filedescr...
Example The following example attaches a file description to image2. console#filedescr image2 “backedup on 03-22-05” script apply Use the script apply command in Privileged EXEC mode to apply the commands in the script to the switch. Syntax scriptname script apply scriptname —...
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example deletes all scripts from the switch. console#script delete all script list Use the script list command in Privileged EXEC mode to list all scripts present on the switch as well as the remaining available space.
script show Use the script show command in Privileged EXEC mode to display the contents of a script file. Syntax scriptname script show scriptname — Name of the script file to be displayed. (Range: 1-31 characters) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example config.scr The following example validates the contents of the script file console#script validate config.scr show backup-config Use the show backup-config command in Privileged EXEC mode to display the contents of the backup configuration file.
exit interface ethernet 1/g2 ip address 176.243.100.100 255.255.255.0 duplex full speed 1000 exit show bootvar Use the show bootvar command in User EXEC mode to display the active system image file that the device loads at startup. Syntax unit show bootvar [ •...
------------------------------------------------------------------------- unit image1 image2 current-active next-active ------------------------------------------------------------------------- 0.31.0.0 0.31.0.0 image2 image2 show dir Use the show dir command to list all the files available on the flash file system (TrueFlashFileSystem). The user can view the file names, the size of each file, and the date of the last modification.
Page 938
Syntax all | scriptname ] show running-config [ all -—To display or capture the commands with settings and configuration that are equal • all option. to the default value, include the scriptname -—If the optional scriptname is provided, the output is redirected to a script •...
Page 939
Example The following example displays the contents of the running-config file. console#show running-config !Current Configuration: !System Description “PowerConnect 8024, 3.1.0.1, VxWorks 6.5" !System Software Version 3.1.0.1 configure vlan database vlan 10,20,30 exit stack member 1 2 exit ip address dhcp...
13 : ip address vlan 1001 14 : interface vlan 3 15 : routing 16 : exit 17 : username “lvl7” password fb3604df5a109405b2d79ecb06c47ab5 level 15 encrypted 18 : ! 19 : interface ethernet 1/g17 20 : switchport mode general 21 : switchport general pvid 1001 22 : no switchport general acceptable-frame-type tagged-only 23 : switchport general allowed vlan add 1000-1001 24 : switchport general allowed vlan remove 1...
Page 942
Syntax unit update bootcode [ unit —Unit number. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines unit is not specified, all units are updated. Example The following example updates the bootcode on unit 2. console#update bootcode 2 Configuration and Image File Commands...
Denial of Service Commands This chapter explains the following commands: • dos-control firstfrag • dos-control icmp • dos-control l4port • dos-control sipdip • dos-control tcpflag • dos-control tcpfrag • ip icmp echo-reply • ip icmp error-interval • ip unreachables • ip redirects •...
Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example defines a minimum TCP header size of 20. Packets entering with a smaller header size are dropped. console(config)#dos-control firstfrag 20 dos-control icmp Use the dos-control icmp command in Global Configuration mode to enable Maximum ICMP Packet Size Denial of Service protections.
dos-control l4port Use the dos-control l4port command in Global Configuration mode to enable L4 Port Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress having Source TCP/UDP Port Number equal to Destination TCP/UDP Port Number, the packets are dropped.
Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example activates SIP=DIP Denial of Service protection. console(config)#dos-control sipdip dos-control tcpflag Use the dos-control tcpflag command in Global Configuration mode to enable TCP Flag Denial of Service protections.
dos-control tcpfrag Use the dos-control tcpfrag command in Global Configuration mode to enable TCP Fragment Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress having IP Fragment Offset equal to one (1), the packets are dropped.
User Guidelines There are no user guidelines for this command. Example console(config)#ip icmp echo-reply ip icmp error-interval Use the ip icmp error-interval command to limit the rate at which IPv4 ICMP error messages are sent. The rate limit is configured as a token bucket with two configurable parameters: Burst- size and burst-interval.
ip unreachables Use the ip unreachables command to enable the generation of ICMP Destination Unreachable messages. Use the “no” form of this command to prevent the generation of ICMP Destination Unreachable messages. Syntax ip unreachables no ip unreachables Default Configuration ICMP Destination Unreachable messages are enabled.
User Guidelines There are no user guidelines for this command. Example console(config-if-vlan10)#ip redirects ipv6 icmp error-interval Use the icmp error-interval command to limit the rate at which ICMP error messages are sent. The rate limit is configured as a token bucket with two configurable parameters: Burst-size and burst interval.
ipv6 unreachables Use the ipv6 unreachables command to enable the generation of ICMPv6 Destination Unreachable messages. Use the “no” form of this command to prevent the generation of ICMPv6 Destination Unreachable messages. Syntax ipv6 unreachables no ipv6 unreachables Default Configuration ICMPv6 Destination Unreachable messages are enabled by default.
Page 952
Example The following example displays Denial of Service configuration information. console#show dos-control SIPDIP Mode.......Disable First Fragment Mode.......Disable Min TCP Hdr Size......20 TCP Fragment Mode......Disable TCP Flag Mode......Disable L4 Port Mode......Disable ICMP Mode.........Disable Max ICMP Pkt Size......512 Denial of Service Commands...
Line Commands This chapter explains the following commands: • exec-timeout • history • history size • line • show line • speed exec-timeout Use the exec-timeout command in Line Configuration mode to set the interval that the system waits for user input before timeout. To restore the default setting, use the no form of this command.
Example The following example configures the interval that the system waits until user input is detected to 20 minutes. console(config)#line console console(config-line)#exec-timeout 20 history Use the history command in Line Configuration mode to enable the command history function. To disable the command history function, use the no form of this command. Syntax history no history...
number-of-commands — Specifies the number of commands the system may record in its • command history buffer. (Range: 0-216) Default Configuration The default command history buffer size is 10. Command Mode Line Configuration mode User Guidelines This command has no user guidelines. Example The following example configures the command history buffer size to 20 commands for the current terminal session.
Examples The following example enters Line Configuration mode to configure Telnet. console(config)#line telnet console(config-line)# show line Use the show line command in User EXEC mode to display line parameters. Syntax show line [console|telnet|ssh] • console — Console terminal line. • telnet —...
Telnet configuration: Interactive timeout: 10 minutes 10 seconds History: 10 SSH configuration: Interactive timeout: 10 minutes 10 seconds History: 10 speed Use the speed command in Line Configuration mode to set the line baud rate. Use the no form of the command to restore the default settings. Syntax speed { no speed...
Management ACL Commands This chapter explains the following commands: • deny (management) • management access-class • management access-list • permit (management) • show management access-class • show management access-list deny (management) Use the deny command in Management Access-List Configuration mode to set conditions for the management access list.
Default Configuration This command has no default configuration. Command Mode Management Access-list Configuration mode User Guidelines Rules with ethernet, vlan, and port-channel parameters are valid only if an IP address is defined on the appropriate interface. Ensure that each rule has a unique priority. Example mlist The following example shows how all ports are denied in the access-list called...
console(config)# management access-class mlist management access-list Use the management access-list command in Global Configuration mode to define an access list for management, and enter the access-list for configuration. Once in the access-list configuration mode, the denied or permitted access conditions are configured with the deny and permit commands.
The following example shows how to configure all the interfaces to be management interfaces except for two interfaces, Ethernet 1/g1 and Ethernet 2/g9. console(config)# management access-list mlist console(config-macl)# deny ethernet 1/g1 priority <1-64> console(config-macl)# deny ethernet 2/g9 priority <1-64> console(config-macl)# permit priority <1-64> console(config-macl)# exit console(config) # management access-class mlist permit (management)
Command Mode Management Access-list Configuration mode User Guidelines Rules with ethernet, vlan, and port-channel parameters are valid only if an IP address is defined on the appropriate interface. Ensure that each rule has a unique priority. Examples The following example shows how to configure two management interfaces, Ethernet 1/g1 and Ethernet 2/g9.
Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the management access-list information. console# show management access-class Management access-class is enabled, using access list mlist show management access-list Use the show management access-list command in Privileged EXEC mode to display management access-lists.
Page 965
! (Note: all other access implicitly denied) Management ACL Commands...
Password Management Commands This chapter explains the following commands: • passwords aging • passwords history • passwords lock-out • passwords min-length • show passwords configuration passwords aging Use the passwords aging command in Global Configuration mode to implement expiration date on the passwords.
passwords history As administrator, use the passwords history command in Global Configuration mode to set the number of previous passwords that are stored. This setting ensures that users do not reuse their passwords often. Use the no form of this command to disable the password history function. Syntax historylength passwords history...
Default Configuration The user lockout feature is disabled. Command Mode Global Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets the number of user attempts before lockout at 2. console(config)#passwords lock-out 2 passwords min-length Use the passwords min-length command in Global Configuration mode to configure the minimum length required for passwords in the local database.
show passwords configuration Use the show passwords configuration command in Privileged EXEC mode to show the parameters for password configuration. Syntax show passwords configuration Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the command output.
PHY Diagnostics Commands This chapter explains the following commands: • show copper-ports cable-length • show copper-ports tdr • show fiber-ports optical-transceiver • test copper-port tdr show copper-ports cable-length Use the show copper-ports cable-length command in Privileged EXEC mode to display the estimated copper cable length attached to a port.
1/g1 <50 1/g2 Copper not active 1/g3 110-140 1/g4 Fiber show copper-ports tdr Use the show copper-ports tdr command in Privileged EXEC mode to display the last Time Domain Reflectometry (TDR) tests on specified ports. Syntax interface show copper-ports tdr [ interface —...
1/g4 Open 13:32:08 23 July 2004 1/g5 Fiber show fiber-ports optical-transceiver Use the show fiber-ports optical-transceiver command in Privileged EXEC mode to display the optical transceiver diagnostics. Syntax interface show fiber-ports optical-transceiver [ interface — A valid Ethernet port. The full syntax is unit / port. •...
test copper-port tdr Use the test copper-port tdr command in Privileged EXEC mode to diagnose with Time Domain Reflectometry (TDR) technology the quality and characteristics of a copper cable attached to a port. Syntax interface test copper-port tdr interface — A valid Ethernet port. The full syntax is unit / port . •...
RMON Commands This chapter explains the following commands: • rmon alarm • rmon collection history • rmon event • show rmon alarm • show rmon alarm-table • show rmon collection history • show rmon events • show rmon history • show rmon log •...
Page 976
revent — The index of the Event that is used when a rising threshold is crossed. (Range: 1- • 65535) fevent — The Event index used when a falling threshold is crossed. (Range: 1- 65535) • type — The sampling method for the selected variable and calculating the value to be •...
console(config)#rmon alarm 1 1.3.6.1.2.1.2.2.1.1.10.5 10 50000 10 1 1 rmon collection history Use the rmon collection history command in Interface Configuration mode to enable a Remote Monitoring (RMON) MIB history statistics group on an interface. To remove a specified RMON history statistics group, use the no form of this command.
rmon event Use the rmon event command in Global Configuration mode to configure an event. To remove an event, use the no form of this command. Also see the show rmon events command. Syntax index type text text name rmon event [community ] [description ] [owner...
Page 979
number — Alarm index. (Range: 1–65535) • Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example The following example displays RMON 1 alarms. console> show rmon alarm 1 Alarm 1 ------- OID: 1.3.6.1.2.1.2.2.1.10.1...
Field Description Last Sample Value The statistic value during the last sampling period. For example, if the sample type is delta, this value is the difference between the samples at the beginning and end of the period. If the sample type is absolute, this value is the sampled value at the end of the period.
User Guidelines This command has no user guidelines. Example The following example displays the alarms summary table: console> show rmon alarm-table Index Owner ----- ---------------------- ------- 1.3.6.1.2.1.2.2.1.10.1 1.3.6.1.2.1.2.2.1.10.1 Manager 1.3.6.1.2.1.2.2.1.10.9 The following table describes the significant fields shown in the display: Field Description Index...
Page 982
User Guidelines This command has no user guidelines. Example The following example displays all RMON group statistics. console> show rmon collection history Index Interface Interval Requested Granted Owner Samples Samples ---------------------------------------------------------- 1/g1 1/g1 1800 Manager RMON Commands...
The following table describes the significant fields shown in the display: Field Description Index An index that uniquely identifies the entry. Interface The sampled Ethernet interface. Interval The interval in seconds between samples. Requested Samples The requested number of samples to be saved. Granted Samples The granted number of samples to be saved.
The following table describes the significant fields shown in the display: Field Description Index An index that uniquely identifies the event. Description A comment describing this event. Type The type of notification that the device generates about this event. Can have the following values: none, log, trap, log-trap.
Page 985
Examples The following example displays RMON Ethernet Statistics history for “throughput” on index number 1. console> show rmon history 1 throughput Sample Set: 1 Owner: CLI Interface: 1/g1 interval: 1800 Requested samples: 50 Granted samples: 50 Maximum table size: 270 Time Octets Packets...
Page 986
The following example displays RMON Ethernet Statistics history for "other" on index number console> show rmon history 1 other Sample Set: 1 Owner: Me Interface: 1/g1 Interval: 1800 Requested samples: 50 Granted samples: 50 Maximum table size: 270 Time Dropped Collisions ------------------- ----------- -----------...
Field Description Fragments The total number of packets received during this sampling interval that were less than 64 octets in length (excluding framing bits but including FCS octets) had either a bad Frame Check Sequence (FCS) with an integral number of octets (FCS Error), or a bad FCS with a non-integral number of octets (AlignmentError).
----- ----------- -------------------- Errors Jan 18 2005 23:48:19 Errors Jan 18 2005 23:58:17 High Broadcast Jan 18 2005 23:59:48 console> show rmon log Maximum table size: 100 (100 after reset) Event Description Time ----- ----------- -------------------- Errors Jan 18 2005 23:48:19 Errors Jan 18 2005...
Page 989
User Guidelines This command has no user guidelines. Example The following example displays RMON Ethernet Statistics for port 1/g1. console> show rmon statistics ethernet 1/g1 Port 1/g1 Dropped: 8 Octets: 878128 Packets: 978 Broadcast: 7 Multicast: 1 CRC Align Errors: 0 Collisions: 0 Undersize Pkts: 0 Oversize Pkts: 0 Fragments: 0 Jabbers: 0 64 Octets: 98 65 to 127 Octets: 0...
Page 990
Field Description CRC Align Errors The total number of packets received with a length (excluding framing bits, but including FCS octets) of between 64 and 1518 octets, inclusive, but with either a bad Frame Check Sequence (FCS) with an integral number of octets (FCS Error) or a bad FCS with a non-integral number of octets (Alignment Error).
• show debugging NOTE: Debug commands are not persistent across resets. debug arp Use the debug arp command to enable tracing of ARP packets. Use the “no” form of this command to disable tracing of ARP packets. Syntax debug arp no debug arp Default Configuration ARP packet tracing is disabled by default.
User Guidelines There are no usage guidelines for this command. Example console#debug auto-voip debug clear Use the debug clear command to disable all debug traces. Syntax debug clear Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode.
Command Mode Privileged EXEC mode. User Guidelines There are no usage guidelines for this command. Example console#debug console debug dot1x Use the debug dot1x command to enable dot1x packet tracing. Use the “no” form of this command to disable dot1x packet tracing. Syntax debug dot1x packet [ receive | transmit ] no debug dot1x packet [ receive | transmit ]...
Default Configuration Display of IGMP Snooping traces is disabled by default. Command Mode Privileged EXEC mode. User Guidelines There are no usage guidelines for this command. Example console#debug igmpsnooping packet debug ip acl Use the debug ip acl command to enable debug of IP Protocol packets matching the ACL criteria.
dumped. Vital information such as source address, destination address, control packet type, packet length, and the interface on which the packet is received or transmitted is displayed on the console. Syntax debug ip dvmrp packet [ receive | transmit ] no debug ip dvmrp packet [ receive | transmit ] Default Configuration Display of DVMRP traces is disabled by default.
User Guidelines There are no usage guidelines for this command. Example console#debug ip igmp packet debug ip mcache Use the debug ip mcache command for tracing MDATA packet reception and transmission. The receive option traces only received data packets and the transmit option traces only transmitted data packets.
Syntax debug ip pimdm packet [ receive | transmit ] no debug ip pimdm packet [ receive | transmit ] Default Configuration Display of PIMDM traces is disabled by default. Command Mode Privileged EXEC mode. User Guidelines There are no usage guidelines for this command. Example console#debug ip pimdm packet debug ip pimsm...
Example console#debug ip pimsm packet debug ip vrrp Use the debug ip vrrp command to enable VRRP debug protocol messages. Use the “no” form of this command to disable VRRP debug protocol messages. Syntax debug ip vrrp no debug ip vrrp Default Configuration Display of VRRP traces is disabled by default.
Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example console#debug ipv6 mcache packet debug ipv6 mld Use the debug ipv6 mld command to trace MLD packet reception and transmission. The receive option traces only received MLD packets and the transmit option traces only transmitted MLD packets.