Rev 1.6.9 Document Revision History Table 1 - Document Revision History – Ethernet Document Date Description Revision Rev 1.6.9 Aug. 2013 Updated the command “destination interface” on page 400 Rev 1.6.8 Aug. 2013 No Ethernet changes. Rev 1.6.7 Jul. 2013 Updated the command “file debug-dump”...
Rev 1.6.9 About this Manual This manual provides general information concerning MLNX-OS® Command Line Interface. Intended Audience This manual is intended for network administrators who are responsible for configuring and man- aging Mellanox Technologies’ MLNX-OS Switch Platforms. Related Documentation The following table lists the documents referenced in this user’s manual. Table 2 - Reference Documents Document Name Description...
Page 15
Rev 1.6.9 Glossary Table 4 - Glossary Term Description Authentication, Authorization, and Accounting: • Authentication - verifies user credentials (username and password) • Authorization - grants or refuses privileges to a user/client for accessing specific services • Accounting - tracks network resources consumption by users Address Resolution Protocol.
Page 16
Rev 1.6.9 Table 4 - Glossary Term Description HA (High Availability) A system design protocol that provides redundancy of system components, thus enables overcoming single or multiple failures in minimal downtime. InfiniBand. LACP Link Aggregation Control Protocol (LACP) provides a method to control the bundling of several physical ports together to form a single logical channel.
Page 17
Rev 1.6.9 Table 4 - Glossary Term Description Secure Copy or SCP is a means of securely transferring computer files between a local and a remote host or between two remote hosts. It is based on the Secure Shell (SSH) protocol. SM (Subnet Manager) An entity that configures and manages the subnet, discovers the network topology, assign LIDs, determines the routing schemes and sets the routing...
Rev 1.6.9 Using the Command Line Interface This chapter explains how to use the command line interface (CLI) of MLNX-OS SwitchX®. 1.1 CLI Modes The CLI can be in one of three modes, and each mode makes available a certain group (or level) of commands for execution.
Rev 1.6.9 1.2 Syntax Conventions To help you identify the parts of a CLI command, this section uses conventions to show the syntax of commands. Table 6 - Syntax Conventions Syntax Convention Description Example < > Angled brackets Indicates a value/variable that <1...65535>...
Rev 1.6.9 exit Log out of the CLI help View description of the interactive help system Negate or clear certain configuration options ping Send ICMP echo requests to a specified host show Display system configuration or statistics slogin Log into another system securely using ssh switch Configure switch on system telnet...
Rev 1.6.9 1.7 Parameter Key This section is a key to the meaning and format of all of the angle-bracketed parameters in all the commands that are listed in this document. Table 8 - Parameter Key Table Parameter Description <domain> A domain name, e.g.
Rev 1.6.9 System Management 2.1 Management Interfaces 2.1.1 Interface This chapter describes the commands should be used to configure and monitor the management interface. interface interface {mgmt0 | mgmt1 | lo | vlan<id>} Enters a management interface context. Syntax Description mgmt0 Management port 0 (out of band).
Rev 1.6.9 interface vlan create interface vlan <id> create no interface vlan <id> create Creates an in-band management interface. The no form of the command deletes the in-band management interface. Syntax Description VLAN ID. Range is 1-4094. Default Configuration Mode Config History 3.3.3500...
Rev 1.6.9 ip address ip address <IP address> <netmask> no ip address Sets the IP address and netmask of this interface. The no form of the command clears the IP address and netmask of this interface. Syntax Description IP address IPv4 address netmask Subnet mask of IP address...
Rev 1.6.9 alias alias <index> ip address < IP address> <netmask> no alias <index> Adds an additional IP address to the specified interface. The secondary address will appear in the output of “show interface” under the data of the primary interface along with the alias.
Page 28
Rev 1.6.9 Related Commands show interfaces <ifname> Note • If DHCP is enabled on the specified interface, then the DHCP IP assignment will hold until DHCP is disabled • More than one additional IP address can be added to the interface Mellanox Technologies Mellanox®...
Rev 1.6.9 mtu <bytes> no mtu <bytes> Sets the Maximum Transmission Unit (MTU) of this interface. The no form of the command resets the MTU to its default. Syntax Description bytes The entry range is 68-1500. Default 1500 Configuration Mode Config Interface Management History 3.1.0000...
Rev 1.6.9 duplex duplex <duplex> no duplex Sets the interface duplex. The no form of the command resets the duplex setting for this interface to its default value. Syntax Description duplex Sets the duplex mode of the interface. The following are the possible values: •...
Page 31
Rev 1.6.9 Related Commands show interfaces <ifname> Note • Setting the duplex to “auto” also sets the speed to “auto” • Setting the duplex to one of the settings “half” or “full” also sets the speed to a manual set- ting which is determined by querying the interface to find out its current auto-detected state Mellanox Technologies Mellanox®...
Rev 1.6.9 speed speed <speed> no speed Sets the interface speed. The no form of the command resets the speed setting for this interface to its default value. Syntax Description speed Sets the speed of the interface. The following are the possible values: •...
Page 33
Rev 1.6.9 Related Commands show interfaces <ifname> Note • Setting the speed to “auto” also sets the duplex to “auto” • Setting the speed to one of the manual settings (generally “10”, “100”, or “1000”) also sets the duplex to a manual setting which is determined by querying the interface to find out its current auto-detected state Mellanox Technologies Mellanox®...
Rev 1.6.9 dhcp dhcp [renew] no dhcp Enables DHCP on the specified interface. The no form of the command disables DHCP on the specified interface. Syntax Description renew Forces a renewal of the IP address. A restart on the DHCP client for the specified interface will be issued. Default Could be enabled or disabled (per part number) manufactured with 3.2.0500 Configuration Mode...
Rev 1.6.9 shutdown shutdown no shutdown Disables the specified interface. The no form of the command enables the specified interface. Syntax Description Default no shutdown Configuration Mode Config Interface Management History 3.1.0000 Role admin Example switch (config interface mgmt0) # no shutdown switch (config) # show interfaces mgmt0 configured Interface mgmt0 configuration Enabled:...
Rev 1.6.9 zeroconf zeroconf no zeroconf Enables zeroconf on the specified interface. It randomly chooses a unique link-local IPv4 address from the 169.254.0.0/16 block. This command is an alternative to DHCP. The no form of the command disables the use of zeroconf on the specified interface. Syntax Description Default no zeroconf...
Rev 1.6.9 comment comment <comment> no comment Adds a comment for an interface. The no form of the command removes a comment for an interface. Syntax Description comment A free-form string that has no semantics other than being displayed when the interface records are listed. Default no comment Configuration Mode...
Rev 1.6.9 ipv6 enable ipv6 enable no ipv6 enable Enables all IPv6 addressing for this interface. The no form of the command disables all IPv6 addressing for this interface. Syntax Description Default IPv6 addressing is disabled Configuration Mode Config Interface Management History 3.1.0000 Role...
Page 39
Rev 1.6.9 Related Commands ipv6 address show interface <ifname> Note • The interface identifier is a 64-bit long modified EUI-64, which is based on the MAC address of the interface • If IPv6 is enabled on an interface, the system will automatically add a link-local address to the interface.
Rev 1.6.9 ipv6 address ipv6 address {<IPv6 address/netmask> | autoconfig [default | privacy]} no ipv6 {<IPv6 address/netmask> | autoconfig [default | privacy]} Configures IPv6 address and netmask to this interface, static or autoconfig options are possible. The no form of the command removes the given IPv6 address and netmask or dis- ables the autoconfig options.
Page 41
Rev 1.6.9 Example switch (config interface mgmt0) # ipv6 fe80::202:c9ff:fe5e:a5d8/64 switch (config interface mgmt0) # show interfaces mgmt0 Interface mgmt0 state Admin up: Link up: IP address: 172.30.2.2 Netmask: 255.255.0.0 IPv6 enabled: Autoconf enabled: Autoconf route: Autoconf privacy: IPv6 addresses: IPv6 address: fe80::202:c9ff:fe5e:a5d8/64 Speed:...
Rev 1.6.9 show interface show interface {<ifname> [configured | brief]} Displays information about the specified interface, configuration status, and counters. Syntax Description ifname The interface name e.g., “mgmt0”, “mgmt1”, “lo” (loopback), etc. configured Displays the interface configuration. brief Displays a brief info on the interface configuration and status.
Rev 1.6.9 2.1.2 Hostname Resolution hostname hostname <hostname> no hostname Sets a static system hostname. The no form of the command clears the system hostname. Syntax Description hostname A free-form string. Default Default hostname Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # hostname my-switch-hostname...
Rev 1.6.9 ip name-server ip name-server <IPv4/IPv6 address> no name-server <IPv4/IPv6 address> Sets the static name server. The no form of the command clears the name server. Syntax Description IPv4/v6 address IPv4 or IPv6 address. Default No server name Configuration Mode Config History 3.1.0000...
Rev 1.6.9 ip domain-list ip domain-list <domain-name> no ip domain-list <domain-name> Sets the static domain name. The no form of the command clears the domain name. Syntax Description domain-name The domain name in a string form. A domain name is an identification string that defines a realm of administrative autonomy, authority, or control in the Internet.
Rev 1.6.9 ip/ipv6 host {ip | ipv6} host <hostname> <IP Address> no {ip | ipv6} host <hostname> <IP Address> Configures the static hostname IPv4 or IPv6 address mappings. The no form of the command clears the static mapping. Syntax Description hostname The hostname in a string form.
Rev 1.6.9 ip/ipv6 map-hostname {ip |ipv6} map-hostname no {ip | ipv6} map-hostname Maps between the currently-configured hostname and the loopback address 127.0.0.1. The no form of the command clears the mapping. Syntax Description Default IPv4 mapping is enabled by default IPv6 mapping is disabled by default Configuration Mode Config...
Rev 1.6.9 show hosts show hosts Displays hostname, DNS configuration, and static host mappings. Syntax Description Default Configuration Mode Any Command Mode History 3.1.0000 Role admin Example switch (config) # show hosts Hostname: my-host-name Name server: 9.9.9.9 (configured) Name server: 10.211.0.121 (dynamic) Name server: 172.30.0.126 (dynamic) Name server: 10.4.0.135 (dynamic) Domain name: mydomain.com (configured)
Rev 1.6.9 2.1.3 Routing ip/ipv6 route {ip | ipv6} route <network-prefix> <netmask> {<nexthop-address> | <ifname>} no ip route <network-prefix> <netmask> {<nexthop-address> | <ifname>} Sets a static route for a given IP. The no form of the command deletes the static route. Syntax Description network-prefix IPv4 or IPv6 network prefix.
Rev 1.6.9 ipv6 default-gateway ipv6 default-gateway {<ip-address> | <ifname>} no ipv6 default-gateway Sets a static default gateway. The no form of the command deletes the default gateway. Syntax Description ip address The default gateway IP address (IPv4 or IPv6). ifname The interface name (e.g., mgmt0, mgmt1).
Rev 1.6.9 show ip/ipv6 route show {ip | ipv6} route [static] Displays the routing table in the system. Syntax Description static Filters the table with the static route entries. Default Configuration Mode Any Command Mode History 3.1.0000 Role admin Example switch (config) # show ip route Destination Mask...
Rev 1.6.9 show ip/ipv6 default-gateway show {ip | ipv6} default-gateway [static] Displays the default gateway. Syntax Description static Displays the static configuration of the default gateway. Default Configuration Mode Any Command Mode History 3.1.0000 Role admin Example switch (config) # ip default-gateway 10.10.10.10 switch (config) # show ip default-gateway Active default gateways: 172.30.0.1 (interface: mgmt0)
Rev 1.6.9 2.1.4 Network to Media Resolution (ARP & NDP) IPv4 network use Address Resolution Protocol (ARP) to resolve IP address to MAC address, while IPv6 network uses Network Discovery Protocol (NDP) that performs basically the same as ARP. ip arp ip arp <IP address>...
Rev 1.6.9 ip arp timeout ip arp timeout <timeout-value> no ip arp timeout Sets the dynamic ARP cache timeout. The no form of the command sets the timeout to default. Syntax Description timeout-value Time (in seconds) that an entry remains in the ARP cache.
Rev 1.6.9 show ip arp show ip arp [interface <type>| <ip-address> | count] Displays ARP table. Syntax Description interface type Filters the table according to a specific interface (i.e. mgmt0) ip-address Filters the table to the specific ip-address count Shows ARP statistics Default Configuration Mode Any Command Mode...
Rev 1.6.9 ipv6 neighbor ipv6 neighbor <IPv6 address> <ifname> <MAC address> no ipv6 neighbor <IPv6 address> <ifname> <MAC address> Adds a static neighbor entry. The no form of the command deletes the static entry. Syntax Description IPv6 address The IPv6 address. ifname The management interface (i.e.
Rev 1.6.9 show ipv6 neighbors show ipv6 neighbors [static] Displays the Neighbor Discovery Protocol (NDP) table. Syntax Description static Filters only the table of the static entries. Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show ipv6 neighbors IPv6 Address Age MAC Address State...
Rev 1.6.9 2.1.5 DHCP ip dhcp ip dhcp {default-gateway yield-to-static| hostname <hostname>| primary-intf <ifname> | send-hostname } no ip dhcp {default-gateway yield-to-static| hostname | | primary-intf | send-host- name} Sets global DHCP configuration. The no form of the command deletes the DHCP configuration. Syntax Description yield-to-static| Does not allow you to install a default gateway from...
Rev 1.6.9 show ip dhcp show ip dhcp Displays the DHCP configuration and status. Syntax Description Default Configuration Mode Any Command Mode History 3.1.0000 Role admin Example switch (config) # show ip dhcp DHCP primary interface: Configured: mgmt0 Active: mgmt0 DHCP: yield default gateway to static configuration: yes DHCP Client Options: Send Hostname:...
Rev 1.6.9 2.1.6 General IPv6 Commands ipv6 enable ipv6 enable no ipv6 enable Enables IPv6 globally on the management interface. The no form of the command disables IPv6 globally on the management interface. Syntax Description Default IPv6 is disabled Configuration Mode Config History 3.1.0000...
Page 65
Rev 1.6.9 Syntax Description Uses IPv4. Uses IPv6. Enables socket level debugging. Sets DF (do not fragment bit) on. Uses ICMP ECHO for tracerouting. Uses TCP SYN for tracerouting. Uses UDP datagram (default) for tracerouting. Does not resolve IP addresses to their domain names. Bypasses the normal routing and send directly to a host on an attached network.
Page 66
Rev 1.6.9 Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # traceroute 192.168.10.70 traceroute to 192.168.10.70 (192.168.10.70), 30 hops max, 40 byte pack- 1 172.30.0.1 (172.30.0.1) 3.632 ms 2.849 ms 3.544 ms 2 10.222.128.46 (10.222.128.46) 3.176 ms 3.289 ms 3.656 ms 3 10.158.128.30 (10.158.128.30) 15.331 ms 15.819 ms 16.388 ms 4 10.158.128.65 (10.158.128.65) 20.468 ms 7.893 ms 12.27 ms 5 10.7.34.115 (10.7.34.115) 16.405 ms 11.985 ms 12.264 ms...
Rev 1.6.9 clear counters clear counters [all | interface <type> <number>] Clears switch counters. Syntax Description Clears all switch counters. type A specific interface type number The interface number. Default Configuration Mode Config Interface Ethernet Config Interface Port Channel History 3.2.3000 Role admin...
Rev 1.6.9 2.2 License Keys license license {delete <license number> | install <license key>} no license install <license key> Activates features using license keys. The no form of the command uninstalls an existing license key. If the key specified was not already installed, an error is returned. Syntax Description delete Uninstalls an existing license key.
Rev 1.6.9 show licenses show licenses Displays a list of all installed licenses. For each license, the following is displayed: • a unique ID which is a small integer • the text of the license key as it was added •...
Rev 1.6.9 2.3 NTP, Clock & Time Zones clock set clock set <hh:mm:ss> [<yyyy/mm/dd>] Sets the time and date. Syntax Description hh:mm:ss Time. yyyy/mm/dd Date. Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # clock set 23:23:23 2010/08/19 switch (config) # show clock Time: 23:23:26...
Rev 1.6.9 clock timezone clock timezone [<zone word> [<zone word> [<zone word>] [<zone word>]]] Sets the system time zone. The time zone may be specified in one of three ways: • A nearby city whose time zone rules to follow. The system has a large list of cities which can be displayed by the help and completion system.
Rev 1.6.9 ntpdate ntpdate <IP address> Sets the system clock using the specified SNTP server. Syntax Description IP address Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # ntpdate 192.168.10.10 26 Feb 17:25:40 ntpdate[15206]: adjust time server 192.168.10.10 offset -0.000092 sec switch (config) # Related Commands...
Rev 1.6.9 show clock show clock Displays the current system time, date and time zone. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show clock Time: 04:21:44‘ Date: 2012/02/26 Time zone: America North United_States Other New_York switch (config) # Related Commands Note...
Rev 1.6.9 show ntp show ntp Displays the current NTP settings. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show ntp NTP is enabled. Clock is unsynchronized. No NTP peers or servers configured. switch (config) # Related Commands Note Mellanox Technologies...
Rev 1.6.9 2.4 Software Management This chapter displays all the relevant commands used to manage the system software image. image boot image boot {location <location ID> | next} Specifies the default location where the system should be booted from. Syntax Description location ID Specifies the default destination location.
Rev 1.6.9 boot next boot next fallback-reboot enable no boot next fallback-reboot enable Sets the default setting for next boot. Normally, if the system fails to apply the config- uration on startup (after attempting upgrades or downgrades, as appropriate), it will reboot to the other partition as a fallback.
Rev 1.6.9 image fetch image fetch <URL> [<filename>] Downloads an image from the specified URL or via SCP. Syntax Description HTTP, HTTPS, FTP, TFTP, SCP and SFTP are sup- ported. Example: scp://username[:password]@host- name/path/filename. filename Specifies a filename for this image to be stored as locally.
Rev 1.6.9 image move image move <src image name> <dest image name> Renames the specified image file. Syntax Description src image name Specifies the old image name. dest image name Specifies the new image name. Default Configuration Mode Config History 3.1.0000 Role admin...
Rev 1.6.9 image options image options require-sig no image options require-sig Requires from all the installed images a valid signature. The no form of the command does not require a signature. However if one is present, it must be valid. Syntax Description require-sig Requires images to be signed by a trusted signature.
Rev 1.6.9 show bootvar show bootvar Displays the installed system images and the boot parameters. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show bootvar Installed images: Partition 1: SX_PPC_M460EX 3.0.0000-dev-HA 2012-01-22 08:47:59 ppc Last dobincp: 2012/01/23 14:54:23 Partition 2: SX_PPC_M460EX 3.0.0000-dev-HA 2012-01-18 09:52:41 ppc...
Rev 1.6.9 show images show image Displays information about the system images and boot parameters. Syntax Description Default Configuration Mode Any Command Mode History 3.1.0000 Role admin Example switch (config) # show images Images available to be installed: image-SX_PPC_M460EX-ppc-m460ex-20120122-084759.img SX_PPC_M460EX 3.0.0000-dev-HA 2012-01-22 08:47:59 ppc Installed images: Partition 1: SX_PPC_M460EX 3.0.0000-dev-HA 2012-01-22 08:47:59 ppc...
Rev 1.6.9 show files debug-dump show files debug-dump [<filename>] Displays a list of debug dump files. Syntax Description filename Displays a summary of the contents of a particular debug dump file. Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show files debug-dump sysdump-switch-112104-20114052- 091707.tgz System information:...
Rev 1.6.9 show files stats show files stats <filename> Displays a list of statistics report files. Syntax Description filename Display the contents of a particular statistics report file. Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show files stats memory-201140524-111745.csv switch (config) # Related Commands...
Rev 1.6.9 show files system show files system [detail] Displays usage information of the file systems on the system. Syntax Description detail Displays more detailed information on file-system. Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show files system Statistics for /config filesystem: Bytes Total 100 MB...
Rev 1.6.9 show files tcpdump show files tcpdump Displays a list of statistics report files. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show files stats test dump3 switch (config) # Related Commands file tcpdump tcpdump Note Mellanox Technologies...
Rev 1.6.9 2.5.2 Configuration File configuration audit configuration audit max-changes <number> Chooses settings related to configuration change auditing. Syntax Description max-changes Set maximum number of audit messages to log per change. Default 1000 Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # configuration audit max-changes 100 switch (config) # show configuration audit...
Rev 1.6.9 configuration copy configuration copy <source name> <dest name> Copies a configuration file. Syntax Description source name Name of source file. dest name Name of destination file. If the file of specified file- name does not exist a new file will be created with said filename.
Rev 1.6.9 configuration delete configuration delete <filename> Deletes a configuration file. Syntax Description filename Name of file to delete. Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show configuration files example initial initial.bak initial.prev switch (config) # configuration delete example switch (config) # show configuration files initial initial.bak...
Rev 1.6.9 configuration fetch configuration fetch <URL or scp or sftp://username:password@ hostname[:port]/path/filename> [<name>] Downloads a configuration file from a remote host. Syntax Description name The configuration file name. Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # configuration fetch scp://root:password@ 192.168.10.125/tmp/conf1 switch (config) # Related Commands...
Rev 1.6.9 configuration jump-start configuration jump-start Runs the initial-configuration wizard. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # configuration jump-start Mellanox configuration wizard Step 1: Hostname? [switch-3cc29c] Step 2: Use DHCP on mgmt0 interface? y Step 3: Admin password (Enter to leave unchanged)? You have entered the following information: 1.
Rev 1.6.9 configuration merge configuration merge <filename> Merges the “shared configuration” from one configuration file into the running con- figuration. Syntax Description filename Name of file from which to merge settings. Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # configuration merge new-config-file switch (config) # Related Commands...
Rev 1.6.9 configuration move configuration move <source name> <dest name> Moves a configuration file. Syntax Description source name Old name of file to move. dest name New name for moved file. Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show configuration files example1 initial...
Rev 1.6.9 configuration new configuration new <filename> [factory [keep-basic] [keep-connect]] Creates a new configuration file under the specified name. The parameters specify what configuration, if any, to carry forward from the current running configuration. Syntax Description filename Names for new configuration file. factory Creates new file with only factory defaults.
Rev 1.6.9 configuration revert configuration revert {factory [keep-basic | keep-connect]| saved} Reverts the system configuration to a previous state. Syntax Description factory Reverts running and saved configurations to factory defaults. If no parameter is set the default is to keep licenses and host keys.
Rev 1.6.9 configuration switch-to configuration switch-to <filename> Loads the configuration from the specified file and makes it the active configuration file. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show configuration files initial (active) newcon initial.prev initial.bak...
Rev 1.6.9 configuration text file configuration text file <filename> {apply [fail-continue] [verbose] | delete | rename <filename> | upload < URL>} Performs operations on text-based configuration files. Syntax Description filename <file> Specifies the filename. apply Applies the configuration on the system. fail-continue Continues execution of the commands even if some commands fail.
Rev 1.6.9 configuration text generate configuration text generate {active {running | saved} | file <filename> } {save <filename> | upload <URL>} Generates a new text-based configuration file from this system's configuration. Syntax Description active Generates from currently active configuration. running Uses running configuration.
Rev 1.6.9 configuration upload configuration upload {active | <name>} <URL or scp or sftp://username:pass- word@hostname[:port]/path/filename> Uploads a configuration file to a remote host. Syntax Description active Upload the active configuration file. Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # configuration upload active scp://root:password@ 192.168.10.125/tmp/conf1 switch (config) #...
Rev 1.6.9 write write {memory [local] | terminal} Saves or displays the running configuration. Syntax Description memory Saves running configuration to the active configuration file. It is the same as “configuration write”. local Saves the running configuration only on the local node. It is the same as “configuration write local”.
Rev 1.6.9 show configuration show configuration [audit | | files [<filename>] | full | running [full] | text files] Displays a list of CLI commands that will bring the state of a fresh system up to match the current persistent state of this system. Syntax Description audit Displays settings for configuration change auditing.
Rev 1.6.9 show running-config show running-config [full] Displays commands to recreate current running configuration. Syntax Description full Does not exclude commands that set default values. Default Configuration Mode Config History 3.1.0000 Role monitor/admin Example switch (config) # show running-config ## Running database "initial" ## Generated at 2012/02/28 14:59:02 +0000 ## Hostname: switch-5ea5d8 ## License keys...
Rev 1.6.9 2.6 Local and Remote Logging logging local logging local <log-level> no logging local Sets the minimum severity of log messages to be saved in log files on local persistent storage. The no form disables the ability to log messages locally and remotely. Syntax Description log-level •...
Rev 1.6.9 logging local override logging local override [class <class> priority <log-level>] no logging local override [class <class> priority <log-level>] Enables class-specific overrides to the local log level. The no form of the command disables all class-specific overrides to the local log level without deleting them from the configuration, but disables them so that the log- ging level for all classes is determined solely by the global setting.
Page 114
Rev 1.6.9 Example switch (config) # logging local override class mgmt-front priority warning switch (config) # show logging Local logging level: info Override for class mgmt-front: warning Default remote logging level: notice No remote syslog servers configured. Allow receiving of messages from remote hosts: no Number of archived log files to keep: 10 Log rotation size threshold: 5.000% of partition (43 megabytes) Log format: standard...
Rev 1.6.9 logging <syslog IP address> logging <syslog IP address> [trap {<log-level> | override class <class> priority <log-level>}] no logging <syslog IP address> [trap {<log-level> | override class <class> prior- ity <log-level>}] Enables (by setting the IP address) sending logging messages, with ability to filter the logging messages according to their classes.
Page 116
Rev 1.6.9 Example switch (config) # logging local info switch (config) # show logging Local logging level: info Default remote logging level: notice No remote syslog servers configured. Allow receiving of messages from remote hosts: no Number of archived log files to keep: 10 Log rotation size threshold: 5.000% of partition (43 megabytes) Log format: standard Subsecond timestamp field: disabled...
Rev 1.6.9 logging receive logging receive no logging receive Enables receiving logging messages from a remote host. The no form of the command disables the option of receiving logging messages from a remote host. Syntax Description Default Receiving logging is disabled Configuration Mode Config History...
Rev 1.6.9 logging format logging format {standard | welf [fw-name <hostname>]} no logging format {standard | welf [fw-name <hostname>]} Sets the format of the logging messages. The no form of the command resets the format to its default. Syntax Description standard Standard format.
Rev 1.6.9 logging fields logging fields seconds {enable | fractional-digits <f-digit> | whole-digits <w- digit>} no logging fields seconds {enable | fractional-digits <f-digit> | whole-digits <w- digit>} Specifies whether to include an additional field in each log message that shows the number of seconds since the Epoch or not.
Page 120
Rev 1.6.9 Related Commands show logging Note This is independent of the standard syslog date and time at the beginning of each message in the format of “July 15 18:00:00”. Aside from indicating the year at full precision, its main purpose is to provide subsecond precision. Mellanox Technologies Mellanox®...
Rev 1.6.9 logging level logging level {cli commands <log-level> | audit mgmt <log-level>} Sets the severity level at which CLI commands or the management audit message that the user executes are logged. This includes auditing of both configuration changes and actions. Syntax Description cli commands Sets the severity level at which CLI commands which...
Rev 1.6.9 logging files delete logging files delete {current | oldest [<number of files>]} Deletes the current or oldest log files. Syntax Description current Deletes current log file. oldest Deletes oldest log file. number of files Sets the number of files to be deleted. Default CLI commands and audit message are set to notice logging level Configuration Mode...
Rev 1.6.9 logging files rotation logging files rotation {criteria { frequency <freq> | size <size-mb>| size-pct <size- percentage>} | force | max-number <number-of-files>} Sets the rotation criteria of the logging files. Syntax Description freq Sets rotation criteria according to time. Possible options are: •...
Page 124
Rev 1.6.9 Example switch (config) # logging files rotation criteria size-pct 6 switch (config) # show logging Local logging level: info Override for class mgmt-front: warning Default remote logging level: notice No remote syslog servers configured. Allow receiving of messages from remote hosts: no Number of archived log files to keep: 10 Log rotation size threshold: 6.000% of partition (51.60 megabytes) Log format: standard...
Rev 1.6.9 logging files upload logging files upload {current | <file-number>} <url> Uploads a log file to a remote host. Syntax Description current The current log file. The current log file will have the name “messages” if you do not specify a new name for it in the upload URL.
Rev 1.6.9 logging monitor logging monitor <facility> <priority-level> no logging monitor <facility> <priority-level> Sets monitor log facility and level to print to the terminal. The no form of the command disables printing logs of facilities to the terminal. Syntax Description facility •...
Rev 1.6.9 show logging show logging Displays the logging configurations. Syntax Description Default Configuration Mode Any Command Mode History 3.1.0000 Role admin Example switch (config) # show logging Local logging level: info Override for class mgmt-front: warning Default remote logging level: notice No remote syslog servers configured.
Rev 1.6.9 show log show log [continues | files [<file-number>] ] [ [not] matching <reg-exp>] Displays the log file with optional filter criteria. Syntax Description continues Displays the last few lines of the current log file and then continues to display new lines as they come in until the user hits Ctrl+C, similar to LINUX “tail”...
Page 129
Rev 1.6.9 Related Commands logging fields logging files rotation logging level logging local logging receive logging <syslog IP address> show logging Note Mellanox Technologies Mellanox® Technologies Confidential...
Rev 1.6.9 2.7 Maintenance Tools reload reload [force | halt [noconfirm] | noconfirm] Reboots or shuts down the system. Syntax Description force Forces an immediate reboot of the system even if the system is busy. halt Shuts down the system. noconfirm Reboots the system without asking about unsaved changes.
Rev 1.6.9 reset factory reset factory [keep-all-config | keep-basic | only-config] [halt] Clears the system and resets it entirely to its factory state. Syntax Description keep-all-cofig Preserves everything in the running configuration file. The user will be prompted for confirmation before hon- oring this command, unless confirmation is disabled with the command: “no cli default prompt confirm- reset”.
Rev 1.6.9 2.8 mDNS ha dns enable ha dns enable no ha dns enable Allows mDNS traffic. The no form of the command blocks mDNS traffic from being sent from mgmt0. Syntax Description Default Enabled. Configuration Mode Config History 3.3.4000 Role admin Example...
Rev 1.6.9 2.9 User Management and AAA 2.9.1 User Accounts username username <username> [capability <cap> | disable [login | password] | full-name <name> | nopassword | password [0 | 7] <password>] no username <username> [capability | disable [login | password] | full-name] Creates a user and sets its capabilities, password and name.
Page 134
Rev 1.6.9 Related Commands show usernames show users Note • To enable a user account, just set a password on it (or use the “... nopassword” command to enable it with no password required for login) • Removing a user account does not terminate any current sessions that user has open; it just prevents new sessions from being established •...
Rev 1.6.9 show usernames show usernames Displays list of users and their capabilities. Syntax Description Default Configuration Mode Any Command Mode History 3.1.0000 Role admin Example switch (config) # show usernames USERNAME FULL NAME CAPABILITY ACCOUNT STATUS USERID System Administrator admin Password set admin...
Rev 1.6.9 show users show users [history] Displays logged in users and related information such as idle time and what host they have connected from. Syntax Description history Displays current and historical sessions. Default Configuration Mode Any Command Mode History 3.1.0000 Role admin...
Rev 1.6.9 show whoami show whoami Displays username and capabilities of user currently logged in. Syntax Description Default Configuration Mode Any Command Mode History 3.1.0000 Role admin Example switch (config) # show whoami Current user: admin Capabilities: admin switch (config) # Related Commands username show usernames...
Rev 1.6.9 2.9.2 AAA Methods aaa accounting aaa accounting changes default stop-only tacacs+ no aaa accounting changes default stop-only tacacs+ Enables logging of system changes to an AAA accounting server. The no form of the command disables the accounting. Syntax Description Default Configuration Mode Config...
Rev 1.6.9 aaa authentication login aaa authentication login default <auth method> [<auth method> [<auth method> [<auth method> [<auth method>]]]] no aaa authentication login Sets a sequence of authentication methods. Up to four methods can be configured. The no form of the command resets the configuration to its default. Syntax Description auth-method •...
Rev 1.6.9 aaa authentication attempts track enable aaa authentication attempts track enable no aaa authentication attempts track enable Enables tracking of authentication failures. The no form of the command disables tracking of authentication failures. Syntax Description Default Configuration Mode Config History 3.2.3000 Role...
Rev 1.6.9 aaa authentication attempts lockout aaa authentication attempts lockout {enable | lock-time | max-fail | unlock-time} no aaa authentication attempts lockout {enable | lock-time | max-fail | unlock- time} Configures lockout of accounts based on failed authentication attempts. The no form of the command clears configuration for lockout of accounts based on failed authentication attempts.
Page 142
Rev 1.6.9 Syntax Description enable Enables locking out of user accounts based on authenti- cation failures. This both suspends enforcement of any existing lock- outs, and prevents any new lockouts from being recorded. If lockouts are later re-enabled, any lockouts that had been recorded previously resume being enforced;...
Page 143
Rev 1.6.9 Default Configuration Mode Config History 3.2.3000 Role admin Example switch (config) # aaa authentication attempts lockout enable Related Commands Note Mellanox Technologies Mellanox® Technologies Confidential...
Rev 1.6.9 aaa authentication attempts class-override aaa authentication attempts class-override {admin [no-lockout] | unknown {no- track | hash-username}} no aaa authentication attempts class-override {admin | unknown {no-track | hash-username}} Overrides the global settings for tracking and lockouts for a type of account. The no form of the command removes this override and lets the admin be handled according to the global settings.
Rev 1.6.9 aaa authentication attempts reset aaa authentication attempts reset {all | user <username>} [{no-clear-history | no- unlock}] Clears the authentication history for and/or unlocks specified users. Syntax Description Applies function to all users. user Applies function to specified user. no-clear-history Leaves the history of login failures but unlocks the account.
Rev 1.6.9 clear aaa authentication attempts clear aaa authentication attempts {all | user <username>} [no-clear-history | no- unlock] Clears the authentication history for and/or unlocks specified users Syntax Description Applies function to all users. user Applies function to specified user. no-clear-history Clears the history of login failures.
Rev 1.6.9 aaa authorization aaa authorization map [default-user <username> | order <policy>] no aaa authorization map [default-user | order] Sets the mapping permissions of a user in case a remote authentication is done. The no form of the command resets the attributes to default. Syntax Description username Specifies what local account the authenticated user will...
Page 148
Rev 1.6.9 Related Commands show aaa username Note If, for example, the user is locally defined to have admin permission, but in a remote server such as RADIUS the user is authenticated as monitor and the order is remote- first, then the user will be given monitor permissions. Mellanox Technologies Mellanox®...
Rev 1.6.9 show aaa show aaa Displays the AAA configuration. Syntax Description Default Configuration Mode Any Command Mode History 3.1.0000 Role admin Example switch (config) # show aaa AAA authorization: Default User: admin Map Order: remote-first Authentication method(s): local Accounting method(s): tacacs+ switch (config) # Related Commands...
Rev 1.6.9 show aaa authentication attempts show aaa authentication attempts [configured | status user <username>]] Shows the current authentication, authorization and accounting settings. Syntax Description authentication attempts Displays configuration and history of authentication failures. configured Displays configuration of authentication failure track- ing.
Rev 1.6.9 2.9.3 RADIUS radius-server radius-server {key <secret>| retransmit <retries> | timeout <seconds>} no radius-server {key | retransmit | timeout} Sets global RADIUS server attributes. The no form of the command resets the attributes to their default values. Syntax Description secret Sets a secret key (shared hidden text string), known to the system and to the RADIUS server.
Rev 1.6.9 radius-server host radius-server host <IP address> {enable | auth-port <port> | key <secret>| retransmit <retries> | timeout <seconds>} no radius-server host <IP address> {enable | auth-port } Configures RADIUS server attributes. The no form of the command resets the attributes to their default values and deletes the RADIUS server.
Rev 1.6.9 2.9.4 TACACS+ tacacs-server tacacs-server {key <secret>| retransmit <retries> | timeout <seconds>} no tacacs-server {key | retransmit | timeout} Sets global TACACS+ server attributes. The no form of the command resets the attributes to default values. Syntax Description secret Set a secret key (shared hidden text string), known to the system and to the TACACS+ server.
Rev 1.6.9 tacacs-server host tacacs-server host <IP address> {enable | auth-port <port> | auth-type <type> | key <secret> | retransmit <retries> | timeout <seconds>} no tacacs-server host <IP address> {enable | auth-port} Configures TACACS+ server attributes. The no form of the command resets the attributes to their default values and deletes the TACACS+ server.
Page 156
Rev 1.6.9 Related Commands aaa authorization show tacacs tacacs-server Note • TACACS+ servers are tried in the order they are configured • A PAP auth-type similar to an ASCII login, except that the username and password arrive at the network access server in a PAP protocol packet instead of being typed in by the user, so the user is not prompted •...
Rev 1.6.9 2.9.5 LDAP ldap base-dn ldap base-dn <string> no ldap base-dn Sets the base distinguished name (location) of the user information in the schema of the LDAP server. The no form of the command resets the attribute to its default values. Syntax Description string A case-sensitive string that specifies the location in the...
Rev 1.6.9 ldap bind-dn/bind-password ldap {bind-dn | bind-password} <string> no ldap {bind-dn | bind-password} Gives the distinguished name or password to bind to on the LDAP server. This can be left empty for anonymous login (the default). The no form of the command resets the attribute to its default values. Syntax Description string A case-sensitive string that specifies distinguished...
Rev 1.6.9 ldap group-attribute/group-dn ldap {group-attribute {<group-att> |member | uniqueMember} | group-dn <group-dn>} no ldap {group-attribute | group-dn} Sets the distinguished name or attribute name of a group on the LDAP server. The no form of the command resets the attribute to its default values. Syntax Description group-att Specifies a custom attribute name.
Rev 1.6.9 ldap host ldap host <IP Address> [order <number> last] no ldap host <IP Address> Adds an LDAP server to the set of servers used for authentication. The no form of the command deletes the LDAP host. Syntax Description IP Address IPv4 or IPv6 address.
Rev 1.6.9 ldap login-attribute ldap login-attribute {<string> | uid | sAMAccountName} no ldap login-attribute Sets the attribute name which contains the login name of the user. The no form of the command resets this attribute to its default. Syntax Description string Custom attribute name.
Rev 1.6.9 ldap port ldap port <port> no ldap port Sets the TCP port on the LDAP server to connect to for authentication. The no form of the command resets this attribute to its default value. Syntax Description port TCP port number. Default Configuration Mode Config...
Rev 1.6.9 ldap referrals ldap referrals no ldap referrals Enables LDAP referrals. The no form of the command disables LDAP referrals. Syntax Description Default LDAP referrals are enabled Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # no ldap referrals switch (config) # show ldap User base DN : ou=department,dc=example,dc=com...
Rev 1.6.9 ldap scope ldap scope <scope> no ldap scope Specifies the extent of the search in the LDAP hierarchy that the server should make when it receives an authorization request. The no form of the command resets the attribute to its default value. Syntax Description scope •...
Rev 1.6.9 ldap ssl ldap ssl {ca-list <options> | cert-verify | mode <mode>| port <port-number>} no ldap ssl {cert-verify | mode | port} Sets SSL parameter for LDAP. The no form of the command resets the attribute to its default value. Syntax Description options This command specifies the list of supplemental certifi-...
Page 167
Rev 1.6.9 History 3.1.0000 Initial version 3.2.3000 Added ca-list argument. Role admin Example switch (config) # ldap ssl mode ssl switch (config) # show ldap User base DN : ou=department,dc=example,dc=com User search scope : subtree Login attribute : uid Bind DN : my-dn Bind password : my-password...
Rev 1.6.9 ldap timeout ldap {timeout-bind | timeout-search} <seconds> no ldap {timeout-bind | timeout-search} Sets a global communication timeout in seconds for all LDAP servers to specify the extent of the search in the LDAP hierarchy that the server should make when it receives an authorization request.
Rev 1.6.9 ldap version ldap version <version> no ldap version Sets the LDAP version. The no form of the command resets the attribute to its default value. Syntax Description version Sets the LDAP version. Possible values are 2 and 3. Default Configuration Mode Config...
Rev 1.6.9 show ldap show ldap Displays LDAP configurations. Syntax Description Default Configuration Mode Any Command Mode History 3.1.0000 Role admin Example switch (config) # show ldap User base DN : ou=department,dc=example,dc=com User search scope : subtree Login attribute : uid Bind DN : my-dn Bind password...
Rev 1.6.9 2.10 Cryptographic (X.509, IPSec) This chapter displays X.509 and IPSec related commands. crypto ipsec peer local crypto ipsec peer <IPv4 or IPv6 address> local <IPv4 or IPv6 address> {enable | keying {ike [auth {hmac-md5 | hmac-sha1 | hmac-sha256 | null} | dh-group | dis- able | encrypt | exchange-mode | lifetime | local | mode | peer-identity | pfs-group | preshared-key | prompt-preshared-key | transform-set] | manual [auth | disable | encrypt | local-spi | mode | remote-spi]}}...
Page 172
Rev 1.6.9 Syntax Description enable Enables IPSec peering. Configures IPSec peering using IKE ISAKMP to man- age SA keys. It has the following optional parameters: • auth: Configures the authentication algorithm for IPSec peering • dh-group: Configures the phase1 Diffie-Hellman group proposed for secure IKE key exchange •...
Rev 1.6.9 crypto certificate ca-list crypto certificate ca-list [default-ca-list name {<cert-name> | system-self- signed}] no crypto certificate ca-list [default-ca-list name {<cert-name> | system-self- signed}] Adds the specified CA certificate to the default CA certificate list. The no form of the command removes the certificate from the default CA certificate list.
Rev 1.6.9 crypto certificate default-cert crypto certificate default-cert name {<cert-name> | system-self-signed} no crypto certificate default-cert name {<cert-name> | system-self-signed} Designates the named certificate as the global default certificate role for authentica- tion of this system to clients. The no form of the command reverts the default-cert name to “system-self-signed” (the “cert-name”...
Rev 1.6.9 crypto certificate name crypto certificate name {<cert-name> | system-self-signed} {comment <new comment> | generate self-signed | private-key pem <PEM string> | public-cert [comment <comment string> | pem <PEM string>] | regenerate days-valid <days> | rename <new name>} no crypto certificate name <cert-name> Configures default values for certificate generation.
Page 178
Rev 1.6.9 Example switch (config) # crypto certificate name system-self-signed comment test Related Commands Note The certificate parameter of the no form of this command deletes the comment on the certificate. Mellanox Technologies Mellanox® Technologies Confidential...
Rev 1.6.9 crypto certificate system-self-signed crypto certificate system-self-signed regenerate [days-valid <days>] Configures default values for certificate generation. Syntax Description days-valid Specifies the number of days the certificate is valid Default Configuration Mode Config History 3.2.1000 Role admin Example switch (config) # crypto certificate system-self-signed regenerate days-valid 3 Related Commands Note...
Rev 1.6.9 show crypto certificate show crypto certificate [detail | public-pem | default-cert [detail | public-pem] | [name <cert-name> [detail | public-pem] | ca-list [default-ca-list]] Displays information about all certificates in the certificate database. Syntax Description ca-list Displays the list of supplemental certificates configured for the global default system CA certificate role.
Page 181
Rev 1.6.9 Example switch (config)# show crypto certificate Certificate with name 'system-self-signed' (default-cert) Comment: system-generated self-signed certif- icate Private Key: present Serial Number: 0x546c935511bcafc21ac0e8249fbe0844 SHA-1 Fingerprint: fe6df38dd26801971cb2d44f62dbe492b6063c5f Validity: Starts: 2012/12/02 13:45:05 Expires: 2013/12/02 13:45:05 Subject: Common Name: IBM-DEV-Bay4 Country: State or Province: Locality: Organization: Organizational Unit:...
Rev 1.6.9 show crypto ipsec show crypto ipsec [brief | configured | ike | policy | sa ] Displays information ipsec configuration. Syntax Description Default Configuration Mode Config History 3.2.1000 Role admin Example switch (config)# show crypto ipsec IPSec Summary ------------- Crypto IKE is using pluto (Openswan) daemon.
Rev 1.6.9 2.11 CLI Session This chapter displays all the relevant commands used to manage CLI session terminal. cli clear-history cli clear-history Clears the command history of the current user. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # cli clear-history switch (config) #...
Rev 1.6.9 show cli show cli Displays the CLI configuration and status. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show cli CLI current session settings: Maximum line size: 8192 Terminal width: 171 columns Terminal length: 38 rows Terminal type:...
Rev 1.6.9 2.12 Banner banner login banner {login | login-remote | login-local} <string> no banner login Sets the CLI welcome banner message. The login-remote refers to the SSH connec- tions banner, while the login-local refers to the serial connection banner. The no form of the command resets the system login banner to its default.
Rev 1.6.9 banner login-local banner login-local <string> no banner login-local Sets system login local banner. The no form of the command resets the banner. Syntax Description string Text string. Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # banner login-local Testing switch (config) # Related Commands show banner...
Rev 1.6.9 banner login-remote banner login-remote <string> no banner login-remote Sets system login remote banner. The no form of the command resets the banner. Syntax Description string Text string. Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # banner login-remote Testing switch (config) # Related Commands show banner...
Rev 1.6.9 banner motd banner motd <string> no banner motd Sets the contents of the /etc/motd file. The no form of the command resets the system Message of the Day banner. Syntax Description string Text string. Default “Mellanox Switch” Configuration Mode Config History 3.1.0000...
Rev 1.6.9 2.13 SSH ssh server enable ssh server enable no ssh server enable Enables the SSH server. The no form of the command disables the SSH server. Syntax Description Default SSH server is enabled Configuration Mode Config History 3.1.0000 Role admin Example...
Rev 1.6.9 ssh server listen ssh server listen {enable | interface <inf>} no ssh server listen {enable | interface <inf>} Enables the listen interface restricted list for SSH. If enabled, and at least one non- DHCP interface is specified in the list, the SSH connections are only accepted on those specified interfaces.
Rev 1.6.9 ssh server min-version ssh server min-version <version> no ssh server min-version Sets the minimum version of the SSH protocol that the server supports. The no form of the command resets the minimum version of SSH protocol supported. Syntax Description version Possible versions are 1 and 2.
Rev 1.6.9 ssh server ports ssh server ports {<port1> [<port2>...]} Specifies which ports the SSH server listens on. Syntax Description port Port number in [1...65535]. Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # ssh server ports 22 switch (config) # show ssh server SSH server configuration: SSH server enabled:...
Rev 1.6.9 ssh server x11-forwarding ssh server x11-forwarding enable no ssh server x11-forwarding enable Enables X11 forwarding on the SSH server. The no form of the command disables X11 forwarding. Syntax Description Default X11-forwarding is disabled. Configuration Mode Config History 3.1.0000 Role admin...
Rev 1.6.9 ssh client global ssh client global {host-key-check <policy>} | known-host <known-host-entry>} no ssh client global {host-key-check | known-host localhost} Configures global SSH client settings. The no form of the command negates global SSH client settings. Syntax Description host-key-check <policy> Sets SSH client configuration to control how host key checking is performed.
Page 202
Rev 1.6.9 Related Commands show ssh client Note Mellanox Technologies Mellanox® Technologies Confidential...
Rev 1.6.9 ssh client user ssh client user <username> {authorized-key sshv2 <public key> | identity <key type> {generate | private-key [<private key>] | public-key [<public key>]} | known-host <known host> remove} no ssh client user admin {authorized-key sshv2 <public key ID> | identity <key type>} Adds an entry to the global known-hosts configuration file, either by generating new key, or by adding manually a public or private key.
Rev 1.6.9 show ssh client show ssh client Displays the client configuration of the SSH server. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show ssh client SSH client Strict Hostkey Checking: ask SSH Global Known Hosts: Entry 1: 72.30.2.2 Finger Print: 1e:b7:8b:ec:ab:35:98:be:6b:d6:12:c2:18:72:12:d6 No SSH user identities configured.
Rev 1.6.9 show ssh server show ssh server Displays SSH server configuration. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show ssh server SSH server configuration: SSH server enabled: Minimum protocol version: 2 X11 forwarding enabled: SSH server ports: Interface listen enabled: yes No Listen Interfaces.
Rev 1.6.9 2.14 Remote Login telnet-server enable telnet-server enable no telnet-server enable Enables the telnet server. The no form of the command disables the telnet server. Syntax Description Default Telnet server is disabled Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # telnet-server enable switch (config) # show telnet-server...
Rev 1.6.9 show telnet-server show telnet-server Displays telnet server settings. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show telnet-server Telnet server enabled: switch (config) # Related Commands telnet-server enable Note Mellanox Technologies Mellanox® Technologies Confidential...
Rev 1.6.9 2.15 XML Gateway xml-gw enable xml-gw enable no xml-gw enable Enables the XML gateway. The no form of the command disables the XML gateway. Syntax Description Default XML Gateway is enabled Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # xml-gw enable switch (config) # show xml-gw...
Rev 1.6.9 show xml-gw show xml-gw Displays the XML gateway setting. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show xml-gw XML Gateway enabled: switch (config) # Related Commands xml-gw enable Note Mellanox Technologies Mellanox®...
Rev 1.6.9 2.16 Web Server web auto-logout web auto-logout <number of minutes> no web auto-logout <number of minutes> Configures length of user inactivity before auto-logout of a web session. The no form of the command disables the web auto-logout (web sessions will never logged out due to inactivity).
Rev 1.6.9 web client cert-verify web client cert-verify no web client cert-verify Enables verification of server certificates during HTTPS file transfers. The no form of the command disables verification of server certificates during HTTPS file transfers. Syntax Description Default Configuration Mode Config History 3.2.3000...
Rev 1.6.9 web client ca-list web client ca-list {<ca-list-name> | default-ca-list | none} no web client ca-list Configures supplemental CA certificates for verification of server certificates during HTTPS file transfers. The no form of the command uses no supplemental certificates. Syntax Description ca-list-name Specifies CA list to configure.
Rev 1.6.9 web enable web enable no web enable Enables the web-based management console. The no form of the command disables the web-based management console. Syntax Description Default enable Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # web enable switch (config) # show web Web-based management console enabled: yes HTTP enabled:...
Rev 1.6.9 web http web http {enable | port <port number> | redirect} no web http {enable | port | redirect} Configures HTTP access to the web-based management console. The no form of the command negates HTTP settings for the web-based management console.
Page 216
Rev 1.6.9 Related Commands show web web enable Note Enabling HTTP is meaningful if the WebUI as a whole is enabled. Mellanox Technologies Mellanox® Technologies Confidential...
Rev 1.6.9 web httpd web httpd listen {enable | interface <ifName> } no web httpd listen {enable | interface <ifName> } Enables the listen interface restricted list for HTTP and HTTPS. The no form of the command disables the HTTP server listen ability. Syntax Description enable Enables Web interface restrictions on access to this sys-...
Rev 1.6.9 web https web https {certificate {regenerate | name | default-cert} | enable | port <port number>} no web https {enable | port <port number>} Configures HTTPS access to the web-based management console. The no form of the command negates HTTPS settings for the web-based management console.
Page 219
Rev 1.6.9 Related Commands show web web enable Note • Enabling HTTPS is meaningful if the WebUI as a whole is enabled. • See the command “crypto certificate default-cert name” for how to change the default cer- tificate if inheriting the configured default certificate is preferred Mellanox Technologies Mellanox®...
Rev 1.6.9 web session web session {renewal <minutes> | timeout <minutes>} no web session {renewal | timeout} Configures session settings. The no form of the command resets session settings to default. Syntax Description renewal <minutes> Configures time before expiration to renew a session. timeout <minutes>...
Rev 1.6.9 web proxy auth web proxy auth {authtype <type>| basic [password <password> | username <username>]} no web proxy auth {authtype | basic {password | username } Configures authentication settings for web proxy authentication. The no form of the command resets the attributes to their default values. Syntax Description type Configures the type of authentication to use with web...
Page 222
Rev 1.6.9 Related Commands show web web proxy host Note Mellanox Technologies Mellanox® Technologies Confidential...
Rev 1.6.9 web proxy host web proxy host <IP address> [port <port number>] no web proxy Adds and enables a proxy to be used for any HTTP or FTP downloads. The no form of the command disables the web proxy. Syntax Description IP address IPv4 or IPv6 address.
Rev 1.6.9 show web show web Displays the web configuration. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show web Web-based management console enabled: yes HTTP enabled: HTTP port: HTTP redirect to HTTPS: no HTTPS enabled: HTTPS port: Listen enabled:...
Rev 1.6.9 2.17 SNMP The commands in this section are used to manage the SNMP server. snmp-server auto-refresh snmp-server auto-refresh {enable | interval} no snmp-server auto-refresh enable Configures SNMPD refresh settings. The no form of the command disables SNMPD refresh mechanism. Syntax Description enable Enables SNMPD refresh mechanism.
Rev 1.6.9 snmp-server community snmp-server community <community> [ ro | rw] no snmp-server community <community> Sets a community name for either read-only or read-write SNMP requests. The no form of the command sets the community string to default. Syntax Description community Community name.
Rev 1.6.9 snmp-server contact snmp-server contact <contact name> no snmp-server contact Sets a value for the sysContact variable in MIB-II. The no form of the command resets the parameter to its default value. Syntax Description contact name Contact name. Default “”...
Rev 1.6.9 snmp-server host snmp-server host <IP address> {disable | {traps | informs} [<community> | <port> | version <snmp version>]} no snmp-server host <IPv4 or IPv6 address> {disable | {traps| informs} [<com- munity> | <port>]} Configures hosts to which to send SNMP traps. The no form of the commands removes a host from which SNMP traps should be sent.
Page 230
Rev 1.6.9 Example switch (config) # snmp-server host 10.10.10.10 traps version 1 switch (config) # show snmp SNMP enabled: SNMP port: System contact: System location: Read-only communities: public Read-write communities: (none) Interface listen enabled: yes No Listen Interfaces. Traps enabled: Default trap community: public Default trap port:...
Rev 1.6.9 snmp-server listen snmp-server listen {enable | interface <ifName>} no snmp-server listen {enable | interface <ifName> } Configures SNMP server interface access restrictions. The no form of the command disables the listen interface restricted list for SNMP server. Syntax Description enable Enables SNMP interface restrictions on access to this system.
Rev 1.6.9 snmp-server location snmp-server location <system location> no snmp-server location Sets a value for the sysLocation variable in MIB-II. The no form of the command clears the contents of the sysLocation variable. Syntax Description system location String. Default “” Configuration Mode Config History...
Rev 1.6.9 snmp-server notify snmp-server notify {community <community> | event <event name> | port <port> | send-test} no snmp-server notify {community | event <event name> | port} Configures SNMP notifications (traps and informs). The no form of the commands negate the SNMP notifications. Syntax Description community Sets the default community for traps sent to hosts...
Rev 1.6.9 snmp-server port snmp-server port <port> no snmp-server port Sets the UDP listening port for the SNMP agent. The no form of the command resets the parameter to its default value. Syntax Description port UDP port. Default Configuration Mode Config History 3.1.0000...
Rev 1.6.9 2.18 Scheduled Jobs Use the commands in this section to manage and schedule the execution of jobs. job <job ID> no job <job ID> Creates a job. The no form of the command deletes the job. Syntax Description job ID An integer.
Rev 1.6.9 command command <sequence #> | <command> no command <sequence #> Adds a CLI command to the job. The no form of the command deletes the command from the job. Syntax Description sequence # An integer that controls the order the command is exe- cuted relative to other commands in this job.
Rev 1.6.9 comment comment <comment> no comment Adds a comment to the job. The no form of the command deletes the comment. Syntax Description comment The comment to be added (string). Default “” Configuration Mode Config job History 3.1.0000 Role admin Example switch (config)# job 100...
Rev 1.6.9 enable enable no enable Enables the specified job. The no form of the command disables the specified job. Syntax Description Default Configuration Mode Config job History 3.1.0000 Role admin Example switch (config)# job 100 switch (config job 100) # enable switch (config job 100) # Related Commands show jobs...
Rev 1.6.9 execute execute Forces an immediate execution of the job. Syntax Description Default Configuration Mode Config job History 3.1.0000 Role admin Example switch (config)# job 100 switch (config job 100) # execute switch (config job 100) # Related Commands show jobs Note •...
Rev 1.6.9 fail-continue fail-continue no fail-continue Continues the job execution regardless of any job failures. The no form of the command returns fail-continue to its default. Syntax Description Default A job will halt execution as soon as any of its commands fails Configuration Mode Config job History...
Rev 1.6.9 name name <job name> no name Configures a name for this job. The no form of the command resets the name to its default. Syntax Description name Specifies a name for the job (string). Default “”. Configuration Mode Config job History 3.1.0000...
Rev 1.6.9 schedule type schedule type <recurrence type> no schedule type Sets the type of schedule the job will automatically execute on. The no form of the command resets the schedule type to its default. Syntax Description recurrence type The available schedule types are: •...
Rev 1.6.9 schedule <recurrence type> schedule <recurrence type> <interval and date> no schedule Sets the type of schedule the job will automatically execute on. The no form of the command resets the schedule type to its default. Syntax Description recurrence type The available schedule types are: •...
Rev 1.6.9 show jobs show jobs [<job-id>] Displays configuration and state (including results of last execution, if any exist) of all jobs, or of one job if a job ID is specified. Syntax Description job-id Job ID. Default Configuration Mode Config History 3.1.0000...
Rev 1.6.9 2.19 Event Notification email autosupport email autosupport {enable | event <event name>} no email autosupport enable Enables the support of the email notification and specifies which events will be sent as email notifications. The no form of the command disables sending of email notifications globally or per event.
Rev 1.6.9 email autosupport ssl mode email autosupport ssl mode {none | tls | tls-none} no email autosupport ssl mode Configures type of security to use for auto-support email. The no form of the command resets auto-support email security mode to its default. Syntax Description none Does not use TLS to secure auto-support email.
Rev 1.6.9 email autosupport ssl cert-verify email autosupport ssl cert-verify no email autosupport ssl cert-verify Verifies server certificates. The no form of the command does not verify server certificates. Syntax Description Default Configuration Mode Config History 3.2.3000 Role admin Example switch (config) # email autosupport ssl cert-verify Related Commands Note...
Rev 1.6.9 email autosupport ssl ca-list email autosupport ssl ca-list {<ca-list-name> | default_ca_list | none} no email autosupport ssl ca-list Configures supplemental CA certificates for verification of server certificates. The no form of the command removes supplemental CA certificate list. Syntax Description default_ca_list Default supplemental CA certificate list.
Rev 1.6.9 email dead-letter email dead-letter {cleanup max-age <duration> | enable} no email dead-letter Configures settings for saving undeliverable emails. The no form of the command disables sending of emails to vendor auto-support upon certain failures. Syntax Description duration Example: “5d4h3m2s” for 5 days, 4 hours, 3 minutes, 2 seconds.
Rev 1.6.9 email domain email domain <hostname or IP address> no email domain Sets the domain name from which the emails will appear to come from (provided that the return address is not already fully-qualified). This is used in conjunction with the system hostname to form the full name of the host from which the email appears to come.
Rev 1.6.9 email mailhub email mailhub <hostname or IP address> no email mailhub Sets the mail relay to be used to send notification emails. The no form of the command clears the mail relay to be used to send notification emails.
Rev 1.6.9 email mailhub-port email mailhub-port <hostname or IP address> no email mailhub-port Sets the mail relay port to be used to send notification emails. The no form of the command resets the port to its default. Syntax Description hostname or IP address hostname or IP address.
Rev 1.6.9 email notify event email notify event <event name> no email notify event <event name> Enables sending email notifications for the specified event type. The no form of the command disables sending email notifications for the specified event type. Syntax Description event name Example event names would include “process-crash”...
Rev 1.6.9 email notify recipient email notify recipient <email addr> [class {info | failure} | detail] no email notify recipient <email addr> [class {info | failure} | detail] Adds an email address from the list of addresses to which to send email notifications of events.
Rev 1.6.9 email return-addr email return-addr <username> no email domain Sets the username or fully-qualified return address from which email notifications are sent. • If the string provided contains an “@” character, it is considered to be fully-qualified and used as-is. •...
Rev 1.6.9 email return-host email return-host no email return-host Includes the hostname in the return address for emails. The no form of the command does not include the hostname in the return address for emails. Syntax Description Default No return host Configuration Mode Config History...
Rev 1.6.9 email ssl mode email ssl mode {none | tls | tls-none} no email ssl mode Sets the security mode(s) to try for sending email. The no form of the command resets the email SSL mode to its default. Syntax Description none No security mode, operates in plaintext.
Rev 1.6.9 email ssl cert-verify email ssl cert-verify no email ssl cert-verify Enables verification of SSL/TLS server certificates for email. The no form of the command disables verification of SSL/TLS server certificates for email. Syntax Description Default Configuration Mode Config History 3.2.3000 Role...
Rev 1.6.9 email ssl ca-list email ssl ca-list {<ca-list-name> | default-ca-list | none} no email ssl ca-list Specifies the list of supplemental certificates of authority (CA) from the certificate configuration database that is to be used for verification of server certificates when sending email using TLS, if any.
Rev 1.6.9 show email show email [events] Shows email configuration or events for which email should be sent upon. Syntax Description events show event list Default Configuration Mode Any Command Mode History 3.1.0000 Role admin Example switch (config) # show email Mail hub: Mail hub port: Domain:...
Rev 1.6.9 stats alarm <alarm-id> enable stats alarm <alarm-id> enable no stats alarm <alarm-id> enable Enables the alarm. The no form of the command disables the alarm, notifications will not be received. Syntax Description alarm ID Alarms supported by the system, for example: •...
Rev 1.6.9 stats alarm <alarm-id> event-repeat stats alarm <alarm ID> event-repeat {single | while-not-cleared} no stats alarm <alarm ID> event-repeat Configures repetition of events from this alarm. Syntax Description alarm ID Alarms supported by the system, for example: • cpu_util_indiv - Average CPU utilization too high: per- cent utilization •...
Rev 1.6.9 stats chd <chd-id> clear stats chd <CHD ID> clear Clears CHD counters. Syntax Description CHD ID CHD supported by the system, for example: • cpu_util - CPU utilization: percentage of time spent • cpu_util_ave - CPU utilization average: percentage of time spent •...
Rev 1.6.9 stats chd <chd-id> enable stats chd <chd-id> enable no stats chd <chd-id> enable Enables the CHD. The no form of the command disables the CHD. Syntax Description chd-id CHD supported by the system, for example: • cpu_util - CPU utilization: percentage of time spent •...
Rev 1.6.9 stats chd <chd-id> compute time stats chd <CHD ID> compute time {interval | range} <number of seconds> Sets parameters for when this CHD is computed. Syntax Description CHD ID Possible IDs: • cpu_util - CPU utilization: percentage of time spent •...
Page 273
Rev 1.6.9 Related Commands show stats chd Note Mellanox Technologies Mellanox® Technologies Confidential...
Rev 1.6.9 stats sample <sample-id> enable stats sample <sample-id> enable no states sample <sample-id> enable Enables the sample. The no form of the command disables the sample. Syntax Description sample-id Possible sample IDs are: • congested • cpu_util - CPU utilization: milliseconds of time spent •...
Rev 1.6.9 stats sample <sample-id> interval stats sample <sample ID> interval <number of seconds> Sets the amount of time between samples for the specified group of sample data. Syntax Description sample ID Possible sample IDs are: • congested • cpu_util - CPU utilization: milliseconds of time spent •...
Rev 1.6.9 stats clear-all stats clear all Clears data for all samples, CHDs, and status for all alarms. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # stats clear-all switch (config) # Related Commands Note Mellanox Technologies Mellanox®...
Rev 1.6.9 stats export stats export <format> <report name> [{after | before} <yyyy/mm/dd> <hh:mm:ss>] [filename <filename>] Exports statistics to a file. Syntax Description format Currently the only supported value for <format> is “csv” (comma-separated value). report name Determines dataset to be exported. Possible report names are: •...
Rev 1.6.9 show stats alarm show stats alarm [<Alarm ID> [rate-limit]] Displays status of all alarms or the specified alarm. Syntax Description Alarm ID May be: • cpu_util_indiv - Average CPU utilization too high: per- cent utilization • disk_io - Operating System Disk I/O per second too high: kilobytes per second •...
Rev 1.6.9 show stats chd show stats chd [<CHD ID>] Displays configuration of all statistics CHDs. Syntax Description CHD ID May be: • cpu_util_indiv - Average CPU utilization too high: per- cent utilization • disk_io - Operating System Disk I/O per second too high: kilobytes per second •...
Rev 1.6.9 show stats cpu show stats cpu Displays some basic stats about CPU utilization: • the current level • the peak over the past hour • the average over the past hour Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin...
Rev 1.6.9 show stats sample show stats sample [<sample ID>] Displays sampling interval for all samples, or the specified one. Syntax Description sample ID Possible sample IDs are: • congested • cpu_util - CPU utilization: milliseconds of time spent • disk_device_io - Storage device I/O statistics •...
Rev 1.6.9 2.21 Chassis Management health health {max-report-len <length> | re-notif-cntr <counter> | report-clear} Configures health daemon settings. Syntax Description max-report-len <length> Sets the length of the health report - number of line entries. Possible values: 10-2048. re-notif-cntr <counter> Health control changes notification counter, in seconds. Possible values: 120-7200 seconds.
Rev 1.6.9 power enable power enable <module name> no power enable <module name> Powers on the module. The no form of the command shuts down the module. Syntax Description module name Enables power for selected module. Default Power is enabled on all modules. Configuration Mode Config History...
Rev 1.6.9 usb eject usb eject Gracefully turns off the USB interface. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # usb eject switch (config) # Related Commands Note Applicable only for systems with USB interface. Mellanox Technologies Mellanox®...
Rev 1.6.9 system profile system profile <profile> [force] Sets the profile of the system to either InfiniBand, Ethernet or VPI. In ib-single-switch profile, all network interfaces link protocol set to InfiniBand. In eth-single-switch profile, all network interfaces link protocol set to Ethernet. In vpi-single-switch profile, some ports can be defined as Ethernet while some other as InfiniBand.
Rev 1.6.9 show fan show fan Displays fans status. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show fan switch (config) # show fan ===================================================== Module Device Speed Status (RPM) ===================================================== 5340.00 5340.00 5640.00 5640.00 5730.00 NOT PRESENT...
Rev 1.6.9 show version show version [concise] Displays version information for the currently running system image. Syntax Description concise The concise variant fits the description onto one line. Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show version Product name: SX_PPC_M460EX Product release:...
Rev 1.6.9 show inventory show inventory Displays system inventory. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show inventory =================================================================================== Module Type Part number Serial Number Asic revision =================================================================================== CHASSIS SX1036 MSX1036B-1SFR MT1205X01549 MGMT SX1036 MSX1036B-1SFR MT1205X01549...
Rev 1.6.9 show module show module Displays modules status. Syntax Description Default Configuration Mode Config History 3.1.0000 Initial version 3.3.0000 Added “Is Fatal” column Role admin Example switch (config) # show module ==================================================== Module Type Present Power Is Fatal ==================================================== MGMT SX1036 Not Fatal...
Rev 1.6.9 show power show power Displays power supplies and power usage. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show power ================================================================= Module Power Voltage Current Capacity Grid Status (Watts) (Amp) (Watts) Group ================================================================= 0.00 47.11...
Rev 1.6.9 show power consumers show power consumers Displays power consumers. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show power consumers ================================================ Module Power Voltage Current Status (Watts) (Amp) ================================================ MGMT 17.47 48.00 0.36 33.26 48.00...
Rev 1.6.9 show temperature show temperature Displays the system's temperature sensors status. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show temperature =================================================== Module Component CurTemp Status (Celsius) =================================================== MGMT BOARD_MONITOR 25.00 MGMT CPU_BOARD_MONITOR 26.00 MGMT CPU_BOARD_MONITOR...
Rev 1.6.9 show voltage show voltage Displays power supplies voltage level. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show voltage ======================================================================= Module Power Meter Expected Actual Status High Voltage Voltage Range Range ======================================================================= MGMT BOARD_MONITOR 5.00...
Rev 1.6.9 show health-report show health-report Displays health report. Syntax Description Default Configuration Mode Config History 3.1.0000 Initial version 3.3.0000 Output update Role admin Example switch (config) # show health-report ======================== | ALERTS CONFIGURATION | ======================== Re-notification counter (sec):[3600] Report max counter: [50] ======================== HEALTH REPORT...
Rev 1.6.9 show resources show resources Displays system resources. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show resources Total Used Free Physical 2027 MB 761 MB 1266 MB Swap 0 MB 0 MB 0 MB Number of CPUs: CPU load averages: 0.11 / 0.23 / 0.23...
Rev 1.6.9 show system profile show system profile Displays system profile. Syntax Description Default Configuration Mode Any Command Mode History 3.2.0000 Role admin Example switch (config) # show system profile eth-single-switch switch (config) # Related Commands system profile Note Mellanox Technologies Mellanox®...
Rev 1.6.9 show system capabilities show system capabilities Displays system capabilities. Syntax Description Default Configuration Mode Config History 3.1.0000 Initial version. 3.3.0000 Added gateway support. Role admin Example switch (config) # show system capabilities IB: Supported Ethernet: Supported, Full L2 GW: Supported Max number of GW ports: 0 Max SM nodes: 648...
Rev 1.6.9 show system mac show system mac Displays system MAC address. Syntax Description Default Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # show system mac 00:02:C9:5E:AF:18 switch (config) # Related Commands Note Mellanox Technologies Mellanox® Technologies Confidential...
Rev 1.6.9 show protocols show protocols Displays all protocols enabled in the system. Syntax Description Default Configuration Mode Config History 3.2.3000 Role admin Example switch (config) # show protocols Ethernet enabled spanning-tree enabled lacp disabled lldp disabled igmp-snooping disabled enabled priority-flow-control disabled IP routing...
Rev 1.6.9 Ethernet Switching 3.1 Interface interface ethernet interface ethernet <slot>/<port>[/<subport>]-[<slot>/<port>[/<subport>]] Enters the Ethernet interface or Ethernet interface range configuration mode. Syntax Description <slot>/<port> Ethernet port number. subport Ethernet subport number. to be used in case of split port. Default Configuration Mode Config History...
Rev 1.6.9 flowcontrol flowcontrol {receive | send} {off | on} [force] Enables or disables IEEE 802.3x link-level flow control per direction for the speci- fied interface. Syntax Description receive | send receive - ingresses direction send - egresses direction off | on on - enables IEEE 802.3x link-level flow control for the specified interface on receive or send.
Rev 1.6.9 mtu <frame-size> Configures the Maximum Transmission Unit (MTU) frame size for the interface. Syntax Description frame-size This value may be 1518-9216 bytes. Default 1522 bytes Configuration Mode Config Interface Ethernet Config Interface Port Channel History 3.1.0000 Role admin Example switch (config interface ethernet 1/1) # mtu 9216 switch (config interface ethernet 1/1) #...
Rev 1.6.9 shutdown shutdown no shutdown Disables the interface. The no form of the command enables the interface. Syntax Description Default The interface is enabled. Configuration Mode Config Interface Ethernet Config Interface Port Channel History 3.1.0000 Role admin Example switch (config interface ethernet 1/1) # shutdown switch (config interface ethernet 1/1) # Related Commands show interfaces ethernet...
Rev 1.6.9 description description <string> no description Sets an interface description. The no form of the command returns the interface description to its default value. Syntax Description string 40 bytes Default “” Configuration Mode Config Interface Ethernet Config Interface Port Channel History 3.1.0000 Role...
Rev 1.6.9 speed speed <port speed> [force] no speed Sets the speed of the interface. The no form of the command sets the speed of the interface to its default value. Syntax Description port speed 10000 - 10GbE 40000 - 40GbE auto - auto negotiates link speed force force changing the speed.
Rev 1.6.9 load-interval load-interval <time> no load-interval Sets the interface counter interval. The no form of the command resets the interval to its default value. Syntax Description time In seconds. Default 300 seconds. Configuration Mode Config Interface Ethernet History 3.3.0000 Role admin Example...
Rev 1.6.9 show interfaces ethernet show interfaces ethernet <inf> [counters [priority]] Displays the configuration and status for the interface. Syntax Description Interface number: <slot>/<port>. counters Displays interface extended counters. priority Displays interface extended counters, per priority (0-7). Default Configuration Mode Any Command Mode History 3.1.0000...
Rev 1.6.9 show interfaces ethernet [<inf>] capabilities show interfaces ethernet [<inf>] capabilities Displays the interface capabilities. Syntax Description shows only one interface capabilities. Interface number: <slot>/<port>. Default Configuration Mode Any Command Mode History 3.1.0000 Role admin Example switch (config) # show interfaces ethernet 1/1 capabilities Eth1/1 Speed : 10000,40000...
Rev 1.6.9 show interfaces ethernet [<inf>] description show interfaces ethernet [<inf>] description Displays the admin status and protocol status for the specified interface. Syntax Description Interface number: <slot>/<port>. Default Configuration Mode Any Command Mode History 3.1.0000 Role admin Example switch (config) # show interfaces ethernet 0/1 description Interface Status Protocol...
Rev 1.6.9 show interfaces ethernet [<inf>] status show interfaces ethernet [<inf>] status Displays the status, speed and negotiation mode of the specified interface. Syntax Description Interface number: <slot>/<port>. Default Configuration Mode Any Command Mode History 3.1.0000 Role admin Example switch (config) # show interfaces ethernet status Port Operational state Speed...
Rev 1.6.9 show interfaces ethernet [<inf>] transceiver show interfaces ethernet [<inf>] transceiver Displays the transceiver info. Syntax Description interface number: <slot>/<port> Default Configuration Mode Any Command Mode History 3.1.0000 Role admin Example switch (config) # show interfaces ethernet 1/1 transceiver Port 1/1 state identifier : QSFP+...
Rev 1.6.9 3.1.1 Brake-Out Cables module-type module-type <type> [force] Splits or un-splits the interface, as desired. Syntax Description type qsfp - Port runs at 40000/56000Mbps. qsfp-split-2 - Port is split and runs at 2X10000Mbps. qsfp-split-4 - Port is split and runs at 4X10000Mbps. force force the split operation without asking for user confir- mation.
Rev 1.6.9 3.2 Link Aggregation Group (LAG) and LACP interface port-channel interface port-channel <1-4096>[-<2-4096>] no interface port-channel <1-4096>[-<2-4096>] Creates a port channel and enters the port-channel configuration mode. There is an option to create a range of port-channel interfaces. The no form of the command deletes the port-channels, or range of port-channels. Syntax Description 1-4096 / 2-4096 Port channel number.
Rev 1.6.9 lacp lacp no lacp Enables LACP in the switch. The no form of the command disables LACP in the switch. Syntax Description Default LACP is disabled. Configuration Mode Config History 3.1.1400 Role admin Example switch (config)# lacp switch (config)# Related Commands Note Mellanox Technologies...
Rev 1.6.9 lacp system-priority lacp system-priority <1-65535> no lacp system-priority Configures the LACP system priority. The no form of the command sets the LACP system-priority to default. Syntax Description 1-65535 LACP system-priority. Default 32768 Configuration Mode Config History 3.1.1400 Role admin Example switch (config)# lacp system-priority 1...
Rev 1.6.9 lacp (interface) lacp {rate fast | port-priority <1-65535>} no lacp {rate fast | port-priority} Configures the LACP interface parameters. The no form of the command sets the LACP interface configuration to default. Syntax Description rate fast Sets LACP PDUs on the port to be in fast (1 second) or slow rate.
Rev 1.6.9 port-channel load-balance port-channel load-balance <method> no port-channel load-balance <method> Configures the port-channel load balancing distribution function method. The no form of the command sets the distribution function method to default. Syntax Description method Possible load balance methods: • destination-ip •...
Rev 1.6.9 channel-group channel-group <1-4096> [mode {on | active | passive}] no channel-group Assigns and configures a physical interface to a port channel. The no form of the command removes a physical interface from the port-channel. Syntax Description 1-4096 The port channel number. mode on Static assignment the port to LAG.
Rev 1.6.9 show lacp system-identifier show lacp system-identifier Displays the system identifier of LACP. Syntax Description Default Configuration Mode Any Command Mode History 3.1.1400 Role admin Example switch (config)# show lacp system-identifier 00:02:c9:5c:61:70 switch (config)# Related Commands show lacp interface port-channel Note Mellanox Technologies Mellanox®...
Rev 1.6.9 show lacp counters show lacp counters Displays the LACP PDUs counters. Syntax Description Default Configuration Mode Any Command Mode History 3.1.1400 Role admin Example switch (config)# show lacp counters LACPDUs Marker Marker Response LACPDUs Port Sent Recv Sent Recv Sent Recv Illegal Unknown ----------------------------------------------------------------------...
Rev 1.6.9 show lacp interface ethernet show lacp interface etherent <inf> Displays the LACP interface configuration and status. Syntax Description Interface number, for example “1/1”. Default Configuration Mode Any Command Mode History 3.1.1400 Role admin Example switch (config) # show lacp interfaces ethernet 1/4 Port : 1/4 ------------- Port State = Down...
Rev 1.6.9 show lacp interface neighbor show lacp interface neighbor Displays the LACP interface neighbor status. Syntax Description Default Configuration Mode Any Command Mode History 3.1.1400 Role admin Example switch (config) # show lacp interfaces neighbor Flags: A - Device is in Active mode P - Device is in Passive mode Channel group 1 neighbors Port 1/4...
Rev 1.6.9 show lacp interfaces port-channel show lacp interfaces port-channel Displays the LACP global parameters. Syntax Description Default Configuration Mode Any Command Mode History 3.1.1400 Role admin Example switch (config) # show lacp interfaces port-channel Port-channel Module Admin Status is enabled Port-channel System Identifier is 00:01:02:03:04:05 LACP System Priority: 32768 switch (config) #...
Rev 1.6.9 show interfaces port-channel show interfaces port-channel {compatibility-parameters | load-balance | sum- mary} Displays port-channel parameters. Syntax Description compatibility-parameters Displays the parameters that must be the same among the member ports of the port-channel interface. load-balance Displays the type of load-balancing in use for port- channels.
Rev 1.6.9 3.3 VLANs vlan vlan {<vlan-id> | <vlan-range>} no vlan {<vlan-id> | <vlan-range>} Creates a VLAN or range of VLANs, and enters a VLAN context. The no form of the command deletes the VLAN or VLAN range. vlan-id Syntax Description 1-4094.
Rev 1.6.9 name name <vlan-name> no name Adds VLAN name. The no form of the command deletes the VLAN name. Syntax Description vlan-name 40-character long string. Default No name available. Configuration Mode Config Vlan History 3.1.1400 Role admin Example switch (config) # vlan 10 switch (config vlan 10) # name my-vlan-name switch (config vlan 10) # show vlan VLAN...
Rev 1.6.9 switchport mode switchport mode {access | trunk | hybrid | access-dcb} no switchport mode Sets the switch port mode. The no form of the command sets the switch port mode to access. Syntax Description access Un-tagged port. 802.1q tagged traffic will be filtered. egress traffic is un-tagged.
Rev 1.6.9 switchport access switchport access vlan <vlan-id> no switchport access vlan Sets the port access VLAN. The no form of the command sets the port access VLAN to 1. Syntax Description vlan-id 1-4094. Default Configuration Mode Config Interface Ethernet Config Interface Port Channel History 3.1.1400...
Rev 1.6.9 switchport {hybrid, trunk} allowed vlan switchport {hybrid, trunk} allowed vlan {<vlan> | add <vlan> | remove <vlan> all | except <vlan> | none} Sets the port allowed VLANs. Syntax Description vlan VLAN ID (1-4094) or VLAN range. Add VLAN or range of VLANs. remove Remove VLANs or range of VLANs.
Rev 1.6.9 3.4 MAC Address Table mac-address-table aging-time mac-address-table aging-time <age> no mac-address-table aging-time Sets the maximum age of a dynamically learnt entry in the MAC address table. The no form of the command resets the aging time of the MAC address table to its default.
Rev 1.6.9 mac-address-table static mac-address-table static <mac address> vlan <vlan> interface <if-type> <if- number> no mac-address-table static <mac address> vlan <vlan> interface <if-type> <if- number> Configures a static MAC address in the forwarding database. The no form of the command deletes a configured static MAC address from the for- warding database.
Rev 1.6.9 show mac-address-table show mac-address-table [address <mac-address> | interface ethernet <if-num- ber> | vlan [<vlan> | range <range>] | unicast | multicast] Displays the static and dynamic unicast and multicast MAC addresses for the switch. Various of filter options available. Syntax Description mac-address Filter the table to a specific MAC address.
Rev 1.6.9 show mac-address-table aging-time show mac-address-table aging-time Displays the MAC address table aging time. Syntax Description Default Configuration Mode Any Command Mode History 3.1.0600 Role admin Example switch (config) # mac-address-table aging-time 300 switch (config) # show mac-address-table aging-time Mac Address Aging Time: 300 switch (config) # Related Commands...
Rev 1.6.9 3.5 Spanning Tree spanning-tree spanning-tree no spanning-tree Globally enables the spanning tree feature. The no form disables the spanning tree feature. Syntax Description Default Spanning tree is enabled. Configuration Mode Config History 3.1.0000 Role admin Example switch (config) # no spanning-tree switch (config) # Related Commands show spanning-tree...
Rev 1.6.9 spanning-tree (timers) spanning-tree [forward-time <time in secs> | hello-time <time in secs> | max-age <time in secs>] no spanning-tree [forward-time | hello-time | max-age] Sets the spanning tree timers. The no form of the command sets the timer to default. Syntax Description forward-time Controls how fast a port changes its spanning tree state...
Rev 1.6.9 spanning-tree port type (default global) spanning-tree port type <port-type> default no spanning-tree port type default Configures all switch interfaces as edge/network/normal ports. These ports can be connected to any type of device. The no form of the command disables the spanning tree operation. Syntax Description port-type •...
Rev 1.6.9 spanning-tree priority spanning-tree priority <bridge-priority> no spanning-tree priority Sets the spanning tree bridge priority. The no form of the command sets the bridge priority to default. Syntax Description bridge-priority Sets the bridge priority for the spanning tree. Its value must be in steps of 4096, starting from 0.
Rev 1.6.9 spanning-tree port-priority spanning-tree port-priority <priority> no spanning-tree port-priority Configures the spanning-tree interface priority. The no form of the command returns configuration to its default. Syntax Description priority Spanning tree interface priority. The possible values are: 0, 16, 32,48, 64, 80, 96, 112, 128,144, 160, 176, 192, 208, 224, 240.
Rev 1.6.9 spanning-tree cost spanning-tree cost <port cost> no spanning-tree cost Configures the interface cost of the spanning tree. The no form of the command returns configuration to its default. Syntax Description port cost Sets the spanning tree cost of an interface. Value range is 0-200000000.
Rev 1.6.9 spanning-tree port type spanning-tree port type <port type> no spanning-tree port type Configures spanning-tree port type The no form of the command returns configuration to default. Syntax Description port type Sets the spanning-tree port type. The port type parame- ter has four options: •...
Rev 1.6.9 spanning-tree guard spanning-tree guard {loop | root} no spanning-tree guard {loop | root} Configures spanning-tree guard. The no form of the command returns configuration to default. Syntax Description loop Enables loop-guard on the interface. If the loop-guard is enabled, upon a situation where the interface fails to receive BPDUs the switch will not egress data traffic on this interface.
Rev 1.6.9 spanning-tree bpdufilter spanning tree bpdufilter {disable | enable} no spanning tree bpdufilter Configures spanning-tree BPDU filter on the interface. The interface will ignore any BPDU that it receives and will not send PDBUs, The STP state on the port will move to the forwarding state.
Rev 1.6.9 show spanning-tree show spanning-tree [detail | interface <type> <number>] Displays spanning tree information. Syntax Description detail Displays detailed spanning-tree configuration and sta- tistics. interface <type> <num- Displays the running state for a specific interface. ber> Options for “type”: ethernet or port-channel. Options for “number”: <slot/port>...
Rev 1.6.9 3.6 IGMP Snooping ip igmp snooping (admin) ip igmp snooping no ip igmp snooping Enables IGMP snooping globally or per VLAN. The no form of the command disables IGMP snooping globally or per VLAN. Syntax Description Default IGMP snooping is disabled, globally and per VLAN. Configuration Mode Config Config Vlan...
Rev 1.6.9 ip igmp snooping (config) ip igmp snooping {last-member-query-interval <1-25> | proxy reporting mrouter-timeout <60-600> | port-purge-timeout <130-1225> | report-suppres- sion-interval <1-25>} no ip igmp snooping {last-member-query-interval | proxy reporting | mrouter- timeout | report-suppression-interval} Configures IGMP global parameters. The no form of the command resets the IGMP global parameters to default.
Page 355
Rev 1.6.9 Example switch (config) # ip igmp snooping report-suppression-interval 3 switch (config) # show ip igmp snooping IGMP snooping global configuration: IGMP snooping globally enabled IGMP snooping operationally enabled Proxy-reporting globally disabled Last member query interval is 1 seconds Mrouter timeout is 125 seconds Port purge timeout is 260 seconds Report suppression interval is 3 seconds...
Rev 1.6.9 ip igmp snooping fast-leave ip igmp snooping fast-leave no ip igmp snooping fast-leave Enables fast leave processing on a specific interface. The no form of the command disables fast leave processing on a specific interface. Syntax Description Default Normal-leave is enabled.
Rev 1.6.9 ip igmp snooping static-group ip igmp snooping static-group <IP address> interface <type> <number> no ip igmp snooping static-group <IP address> interface <type> <number> Creates a static multicast group and attaches a port to a specified group. The no form of the command deletes the interface from the multicast group. Syntax Description Ip address Multicast IP address <224.x.x.x - 239.255.255.255>...
Rev 1.6.9 ip igmp snooping mrouter ip igmp snooping mrouter interface <type> <number> no ip igmp snooping mrouter interface <type> <number> Creates a static multicast router port on a specific VLAN, on a specific interface. The no form of the command removes the static multicast router port from a specific VLAN.
Rev 1.6.9 ip igmp snooping unregistered multicast ip igmp snooping unregistered multicast <options> no ip igmp snooping unregistered multicast Sets the behavior of the snooping switch for unregistered multicast traffic. The no form of the command sets it default. Syntax Description options •...
Rev 1.6.9 show ip igmp snooping show ip igmp snooping Displays IGMP snooping information for all VLANs or a specific VLAN. Syntax Description Default Configuration Mode Any Command Mode History 3.1.1400 Role admin Example switch (config) # show ip igmp snooping IGMP snooping global configuration: IGMP snooping globally enabled IGMP snooping operationally enabled...
Rev 1.6.9 show ip igmp snooping groups show ip igmp snooping groups Displays per VLAN the list of multicast groups attached (static or dynamic allocated) per port. Syntax Description Default Configuration Mode Any Command Mode History 3.1.1400 Role admin Example switch (config) # show ip igmp snooping groups Vlan ID Group...
Rev 1.6.9 show ip igmp snooping vlan show ip igmp snooping vlan {<vlan/vlan-range> | all} Displays IGMP configuration per VLAN or VLAN range. Syntax Description vlan/vlan range Displays IGMP VLAN configuration per specific VLAN or VLAN range. Display IGMP VLAN configuration on all VLAN. Default Configuration Mode Any Command Mode...
Rev 1.6.9 show ip igmp snooping mrouter show ip igmp snooping mrouter Displays IGMP snooping multicast router information. Syntax Description Default Configuration Mode Any Command Mode History 3.1.1400 Role admin Example switch (config) # show ip igmp snooping mrouter Vlan Ports -------- ------------...
Rev 1.6.9 show ip igmp snooping interfaces show ip igmp snooping interfaces Displays IGMP snooping interface information. Syntax Description Default Configuration Mode Any Command Mode History 3.1.1400 Role admin Example switch (config) # show ip igmp snooping interfaces interface leave-mode ----------- ------------ Normal...
Rev 1.6.9 show ip igmp snooping statistics show ip igmp snooping statistics Displays IGMP snooping statistical counters. Syntax Description Default Configuration Mode Any Command Mode History 3.1.1400 Role admin Example switch (config) # show ip igmp snooping statistics Snooping Statistics for VLAN 1 General queries received : 0 Group specific queries received : 0 V1/V2 reports received : 0...
Rev 1.6.9 3.7 Link Layer Discovery Protocol (LLDP) lldp lldp no lldp Enables LLDP globally. The no form of the command disables the LLDP. Syntax Description Default Disabled Configuration Mode Config History 3.2.0300 Role admin Example switch (config)# lldp switch (config)# Related Commands show lldp local Note...
Rev 1.6.9 lldp reinit lldp reinit <seconds> no lldp reinit Sets the delay in seconds from enabling the LLDP on the port until re-initialization will be attempted. The no form of the command sets the parameter to default. Syntax Description seconds 1-10 Default...
Rev 1.6.9 lldp timer lldp timer <seconds> no lldp timer Sets the LLDP interval at which LLDP frames are transmitted. (lldpMessageTxInter- val) The no form of the command sets the parameter to default. Syntax Description seconds 5-32768 Default Configuration Mode Config History 3.2.0300...
Rev 1.6.9 lldp tx-delay lldp tx-delay <seconds> no lldp tx-delay Indicates the delay in seconds between successive LLDP frame transmissions The no form of the command sets the parameter to default. Syntax Description seconds 1-8192 Default Configuration Mode Config History 3.2.0300 Role admin...
Rev 1.6.9 lldp tx-hold-multiplier lldp tx-hold-multiplier <seconds> no lldp tx-hold-multiplier The time-to-live value expressed as a multiple of the lldpMessageTxInterval object. The no form of the command sets the parameter to default. Syntax Description seconds 1-8192 Default Configuration Mode Config History 3.2.0300 Role...
Rev 1.6.9 lldp {receive | transmit} lldp {receive | transmit} no lldp {receive | transmit} Enables LLDP to be received or transmitted on this port. The no form of the command disables the LLDP to be received or transmitted on this port.
Rev 1.6.9 lldp tlv-select lldp tlv-select { [port-description] [sys-name] [sys-description] [sys-capababili- ties] [management-address] [none] all} Sets the LLDP basic TLVs to be transmitted on this port. Syntax Description port-description LLDP port description TLV sys-name LLDP system name TLV sys-description LLDP system description TLV sys-capabilities LLDP system capabilities TLV management-address...
Rev 1.6.9 show lldp local show lldp local Shows LLDP local information. Syntax Description Default Configuration Mode Any Command Mode History 3.2.0300 Role admin Example switch (config)# show lldp local LLDP is Enabled Local global configuration Chassis sub type: macAddress (4) Chassis id: 0002C9030046AF00 System Name: my-switch System Description: SX1036...
Rev 1.6.9 show lldp statistics global show lldp statistics global Shows LLDP global statistics Syntax Description Default Configuration Mode Any Command Mode History 3.2.0300 Role admin Example switch (config)# show lldp timers Remote Table Last Change Time : 10300 Remote Table Inserts : 5 Remote Table Deletes : 0 Remote Table Drops : 0 Remote Table Ageouts : 0...
Rev 1.6.9 3.8 Quality of Service 3.8.1 Enhanced Transmission Selection (ETS) dcb ets enable dcb ets enable no dcb ets enable Sets the switch egress scheduling mode to be weighted round robin. The no form of the command sets the switch egress scheduling mode to be strict pri- ority.
Rev 1.6.9 dcb ets tc bandwidth dcb ets tc bandwidth <tc-0> <tc-1> <tc-2> <tc-3> no dcb ets tc bandwidth Configures the bandwidth limit of the traffic class. The no form of the command sets the bandwidths per traffic class back to its default. Syntax Description 0-100.
Rev 1.6.9 vlan map-priority vlan map priority <priority> traffic-class <tc> no vlan map priority <priority> Maps an VLAN user priority to a traffic class. The no form of the command sets the mapping back to default. Syntax Description Default Priority 0,1 mapped to tc 0. Priority 2,3 mapped to tc 1.
Rev 1.6.9 show dcb ets show dcb ets Displays ETS configuration and operational data. Syntax Description Default ETS is enabled. Configuration Mode Any Command Mode History 3.1.0000 Role admin Example switch (config)# show dcb ets ETS enabled Bandwidth -------------------------- Number of Traffic Class: 4 switch (config) # Related Commands Note...
Rev 1.6.9 show dcb ets interface show dcb ets interface <type> <number> Displays ETS configuration and operational data, per interface. Syntax Description type ethernet or port-channel number interface number, i.e. 1/1 Default ETS is enabled. Configuration Mode Any Command Mode History 3.1.0000 Role...
Page 384
Rev 1.6.9 Example switch (config)# show dcb ets interface ethernet 1/1 ETS Port Mode :ON MODE ETS Oper State :INIT STATE ETS State Machine Type :Assymetric ----------------------------------------------- ETS Local Port Info ----------------------------------------------- TC bandwidth table ----------------------------------------------- Bandwidth RecomBandwidth ----------------------------------------------- priority assignment table -------------------------------------- Priority --------------------------------------...
Rev 1.6.9 3.8.2 Priority Flow Control (PFC) dcb priority-flow-control enable dcb priority-flow-control enable no dcb priority-flow-control enable Enables PFC globally on the switch. The no form of the command globally disables PFC on the switch. Syntax Description Default PFC is disabled. Configuration Mode Config History...
Rev 1.6.9 dcb priority-flow-control priority dcb priority-flow-control priority <prio> enable no dcb priority-flow-control priority <prio> enable Enables PFC per priority on the switch. The no form of the command disables PFC per priority on the switch. Syntax Description prio 0-7. Default PFC is disabled for all priorities.
Rev 1.6.9 dcb priority-flow-control mode on dcb priority-flow-control mode on [force] no dcb priority-flow-control mode Enables PFC per interface. The no form of the command disables PFC per interface. Syntax Description force Force command implementation. Default PFC is disabled for all interfaces. Configuration Mode Config Interface Ethernet Config Interface Port Channel...
Rev 1.6.9 show dcb priority-flow-control show dcb priority-flow-control [interface <type> <inf>] [detail] Displays DCB priority flow control configuration and status. Syntax Description type • ethernet • port-channel The interface number. detail Adds details information to the show output. Default Configuration Mode Any Command Mode History 3.1.0000...
Rev 1.6.9 3.9 Access Control List (ACL) ipv4/mac access-list {ipv4 | mac} access-list <acl-name> no {ipv4 | mac} access-list <acl-name> Creates a MAC or IPv4 ACL and enter the ACL configuration mode. The no form of the command deletes the ACL. Syntax Description ipv4 | mac IPv4 or MAC - access list.
Rev 1.6.9 ipv4/mac port access-group {ipv4 | mac} port access-list <acl-name> no {ipv4 | mac} port access-list <acl-name> Binds an ACL to the interface. The no form of the command unbinds the ACL from the interface. Syntax Description IPv4 or MAC - access list. ipv4 | mac ACL name.
Rev 1.6.9 deny/permit (MAC ACL rule) [seq-number <sequence-number>] {deny|permit } {any | <source-mac> [mask <mac>]} {any |<destination-mac> [mask <mac>]} [protocol <protocol>] [cos <cos-value>] [vlan <vlan-id>] [action <action-id>] no <sequence-number> Creates a rule for MAC ACL. The no form of the command deletes a rule from the MAC ACL. Syntax Description sequence-number Optional parameter to set a specific sequence number...
Rev 1.6.9 deny/permit (IPv4 ACL rule) [seq-number <sequence-number>] {permit | deny} ip {<source-ip> [mask <ip>] | [any]} {<dest-ip> [mask <ip>] | [any]} [action <action-id>] no <sequence-number> Creates a rule for IPv4 ACL. The no form of the command deletes a rule from the IPv4 ACL. Syntax Description sequence-number Optional parameter to set a specific sequence number...
Rev 1.6.9 deny/permit (IPv4 TCP/UDP ACL rule) [seq-number <sequence-number>] {permit | deny} {tcp | udp} {<source-ip> [mask <ip>] | [any]} {<dest-ip> [mask <ip>]| [any]} [eq-source <port-number>] [eq-destination <port-number>] [action <action-id>] no <sequence-number> Creates a rule for IPv4 UDP/TCP ACL. The no form of the command deletes a rule from the ACL. Syntax Description sequence-number Optional parameter to set a specific sequence number...
Rev 1.6.9 access-list action access-list action <action-profile-name> no access-list action <action-profile-name> Creates access-list action profile and entering the action profile configuration mode. The no form of the command deletes the action profile. Syntax Description action-profile-name given name for the profile. Default Configuration Mode Config...
Rev 1.6.9 vlan-map vlan-map <vlan-id> no vlan-map Adds action to map a new VLAN to the packet (in the ingress port or VLAN). The no form of the command removes the action to map a new VLAN. Syntax Description vlan-id 0-4095.
Rev 1.6.9 show access-list action show access-list action {<action-profile-name> | summary} Displays the access-list action profiles summary. Syntax Description action-profile-name Filter the table according to the action profile name. summary Display summary of the action list. Default Configuration Mode Config History 3.2.0230 Role...
Rev 1.6.9 show mac/ipv4 access-lists show [mac |ipv4 |] access-lists <access-list-name> Displays the list of rules for the MAC/IPv4 ACL. Syntax Description ipv4 | mac IPv4 or MAC - access list. access-list-name ACL name. Default Configuration Mode Any Command Mode History 3.1.1400 Role...
Rev 1.6.9 show mac/ipv4 access-lists summary show [mac |ipv4 |] access-lists summary Displays the summary of number of rules per ACL, and the interfaces attached. Syntax Description ipv4 | mac IPv4 or MAC - Access list access-list-name ACL name Default Configuration Mode Any Command Mode History...
Rev 1.6.9 3.10 Port Mirroring 3.10.1 Config monitor session monitor session <session-id> no monitor session <session-id> Creates session and enters monitor session configuration mode upon using this com- mand for the first time. The no form of the command deletes the session. Syntax Description session-id The monitor session ID.
Rev 1.6.9 3.10.2 Config Monitor Session destination interface destination interface <type> <number> [force] no destination interface Sets the egress interface number. The no form of the command deletes the destination interface. Syntax Description interface <type> <num- Sets the interface type and number (e.g. ethernet 1/2) ber>...
Rev 1.6.9 shutdown shutdown no shutdown Disables the session. The no form of the command enables the session. Syntax Description Default Disabled Configuration Mode Config Monitor Session History 3.3.3500 Role admin Example switch (config monitor session 1) # no shutdown switch (config monitor session 1)# Related Commands Note...
Rev 1.6.9 add source interface add source interface <type> <number> direction <d-type> no source interface <type> <number> Adds a source interface to the mirrored session. The no form of the command deletes the source interface. Syntax Description interface <type> <num- Configures interface as “ethernet”...
Rev 1.6.9 header-format header-format {local [traffic-class <tc>] | add-vlan <vlan-id> [priority <prio>] [traffic-class <tc>] | add-ethernet-header destination-mac <mac-address> [add- vlan <vlan-id> [priority <prio>]] [traffic-class <tc>]} no header-format Sets the header format of the mirrored traffic. The no form of the command resets the parameter values back to default. Syntax Description local The mirrored header of the frame is not changed.
Rev 1.6.9 truncate truncate no truncate Truncates the mirrored frames to 64-byte packets. The no form of the command disables truncation. Syntax Description Default no truncate Configuration Mode Config Monitor Session History 3.3.3500 Role admin Example switch (config monitor session 1) # truncate switch (config monitor session 1)# Related Commands Note...
Rev 1.6.9 congestion congestion [drop-excessive-frames | pause-excessive-frames] no congestion Sets the system’s behavior when congested The no form of the command disables truncation. Syntax Description drop-excessive-frames Drops excessive frames. pause-excessive-frames Pauses excessive frames. Default drop-excessive-frames Configuration Mode Config Monitor Session History 3.3.3500 3.3.4000...
Rev 1.6.9 3.10.3 Show show monitor session show monitor session <session-id> Displays monitor session configuration and status. Syntax Description session-id The monitor session ID. Range is 1-7. Default Configuration Mode Any Command Mode History 3.3.3500 Role admin Example switch (config) # show monitor session 1 Admin: Enable Status: Up Truncate: Enable...
Rev 1.6.9 show monitor session summary show monitor session summary Displays monitor session configuration and status summary. Syntax Description Default Configuration Mode Any Command Mode History 3.3.3500 Role admin Example switch (config) # show monitor session summary Session Admin Status Mode Destination Source...
Rev 1.6.9 3.11 sFlow 3.11.1 Config protocol sflow protocol sflow no protocol sflow Unhides the sFlow commands. The no form of the command deletes sFlow configuration and hides the sFlow com- mands. Syntax Description Default Disabled Configuration Mode Config History 3.3.3500 Role admin...
Rev 1.6.9 sflow enable sflow enable no sflow enable Enables sFlow in the system. The no form of the command disables sFlow without deleting the configuration. Syntax Description Default Disabled Configuration Mode Config History 3.3.3500 Role admin Example switch (config) # sflow enable switch (config) # Related Commands Note...
Rev 1.6.9 3.11.2 Config sFlow sampling-rate sampling-rate <rate> no sampling-rate Sets sFlow sampling ratio. The no form of the command resets this parameter to its default value. Syntax Description rate Sets the number of packets passed before selecting one for sampling. The range is 4000-16777215. Zero dis- ables sampling.
Rev 1.6.9 max-sample-size max-sample-size <packet-size> no max-sample-size Sets the maximum size of sampled packets by sFlow. The no form of the command resets the parameter to its default value. Syntax Description packet-size The sampled packet size. The range is 64-256 bytes. Default 128 bytes Configuration Mode...
Rev 1.6.9 counter-poll-interval counter-poll-interval <seconds> no counter-poll-interval Sets the sFlow statistics polling interval. The no form of the command resets the parameter to its default value. Syntax Description seconds The sFlow statistics polling interval in seconds. Range is 5-3600 seconds. Zero disables the statistic polling. Default 20 seconds Configuration Mode...
Rev 1.6.9 max-datagram-size max-datagram-size <packet-size> no max-datagram-size Sets the maximum sFlow packet size to be sent to the collector. The no form of the command resets the parameter to its default value. Syntax Description packet-size The packet size of the packet being sent to the collector. The range is 200-9216 bytes.
Rev 1.6.9 collector-ip collector-ip <ip-address> [udp-port <udp-port-number>] no collector-ip [<ip-address> udp-port] Sets the collector’s IP. The no form of the command resets the parameters to their default values. Syntax Description ip-address The collector IP address. udp-port <udp-port-num- Sets the collector UDP port number. ber>...
Rev 1.6.9 agent-ip agent-ip {<ip-address> | interface {<if-name> | vlan <id> | loopback <number>}} no agent-ip Sets the IP address associated with this agent. The no form of the command resets the parameters to their default values. Syntax Description loopback <number> Loopback interface.
Rev 1.6.9 sflow enable sflow enable [view-port-channel members] no sflow enable [view-port-channel members] Enables sflow on this interface. The no form of the command disables sFlow on the interface. Syntax Description view-port-channel mem- Reports sFlow samples and statistics per LAG member. bers This option is applicable only on LAG interfaces.