Users Guide
Table Of Contents
- Dell EMC Networking CLI
- Introduction
- Command Groups
- Mode Types
- ACL
- MAC Address Table
- Auto-VoIP
- CDP Interoperability
- DHCP L2 Relay
- DHCP Snooping
- Dynamic ARP Inspection
- Ethernet Configuration
- Ethernet CFM
- Green Ethernet
- GVRP
- IGMP Snooping
- IGMP Snooping Querier
- Interface Error Disable and Auto Recovery
- IP Addressing
- IPv6 ACL
- IPv6 MLD Snooping
- IPv6 MLD Snooping Querier
- IP Source Guard
- iSCSI Optimization
- Link Dependency
- LLDP
- Loop Protection
- MLAG
- Multicast VLAN Registration
- Port Channel
- Port Monitor
- QoS
- Spanning Tree
- UDLD
- VLAN
- Switchport Voice VLAN
- AAA
- Administrative Profiles
- E-mail Alerting
- RADIUS
- TACACS+
- 802.1x
- Captive Portal
- Denial of Service
- Management ACL
- Password Management
- SSH
- MMRP
- MVRP
- MSRP
- 802.1AS Timesync
- Data Center Bridging
- OpenFlow
- Priority Flow Control
- ARP (IPv4)
- BFD
- BGP
- BGP Routing Policy
- DHCP Server and Relay Agent (IPv4)
- DHCPv6
- DHCPv6 Snooping
- DVMRP
- GMRP
- IGMP
- IGMP Proxy
- IP Helper/DHCP Relay
- IP Routing
- IPv6 Routing
- Loopback Interface
- Multicast
- IPv6 Multicast
- OSPF
- OSPFv3
- Router Discovery Protocol
- Routing Information Protocol
- Tunnel Interface
- Virtual Router
- Virtual Router Redundancy
- Application Deployment
- Auto-Install
- CLI Macro
- Clock
- Command Line Configuration Scripting
- DHCP Client
- HiveAgent
- Line
- PHY Diagnostics
- Power Over Ethernet (PoE)
- RMON
- Serviceability Tracing
- sFlow
- SNMP
- Support Assist
- SYSLOG
- System Management
- Telnet Server
- Time Ranges
- USB Flash Drive
- User Interface
- Web Server
- Using the CLI
- Layer 2 Switching Commands
- ACL Commands
- ACL Logging
- Commands in this Section
- ip access-list
- deny | permit (IP ACL)
- deny | permit (Mac-Access-List-Configuration)
- ip access-group
- mac access-group
- mac access-list extended
- mac access-list extended rename
- remark
- service-acl input
- show service-acl interface
- show access-lists interface
- show ip access-lists
- show mac access-lists
- MAC Address Table Commands
- Commands in this Section
- clear mac address-table
- mac address-table aging-time
- mac address-table multicast forbidden address
- mac address-table static
- switchport port-security (Global Configuration)
- switchport port-security (Interface Configuration)
- show mac address-table multicast
- show mac address-table
- show mac address-table address
- show mac address-table count
- show mac address-table dynamic
- show mac address-table interface
- show mac address-table static
- show mac address-table vlan
- show port-security
- Auto-VoIP Commands
- CDP Interoperability Commands
- DHCP Layer 2 Relay Commands
- Commands in this Section
- dhcp l2relay (Global Configuration)
- dhcp l2relay (Interface Configuration)
- dhcp l2relay circuit-id
- dhcp l2relay remote-id
- dhcp l2relay trust
- dhcp l2relay vlan
- show dhcp l2relay all
- show dhcp l2relay interface
- show dhcp l2relay stats interface
- show dhcp l2relay agent-option vlan
- show dhcp l2relay vlan
- show dhcp l2relay circuit-id vlan
- show dhcp l2relay remote-id vlan
- clear dhcp l2relay statistics interface
- DHCP Snooping Commands
- Commands in this Section
- clear ip dhcp snooping binding
- clear ip dhcp snooping statistics
- ip dhcp snooping
- ip dhcp snooping binding
- ip dhcp snooping database
- ip dhcp snooping database write-delay
- ip dhcp snooping limit
- ip dhcp snooping log-invalid
- ip dhcp snooping trust
- ip dhcp snooping verify mac-address
- show ip dhcp snooping
- show ip dhcp snooping binding
- show ip dhcp snooping database
- show ip dhcp snooping interfaces
- show ip dhcp snooping statistics
- DHCPv6 Snooping Commands
- clear ipv6 dhcp snooping binding
- clear ipv6 dhcp snooping statistics
- ipv6 dhcp snooping
- ipv6 dhcp snooping vlan
- ipv6 dhcp snooping binding
- ipv6 dhcp snooping database
- ipv6 dhcp snooping database write-delay
- ipv6 dhcp snooping limit
- ipv6 dhcp snooping log-invalid
- ipv6 dhcp snooping trust
- ipv6 dhcp snooping verify mac-address
- ipv6 verify binding
- ipv6 verify source
- show ipv6 dhcp snooping
- show ipv6 dhcp snooping binding
- show ipv6 dhcp snooping database
- show ipv6 dhcp snooping interfaces
- show ipv6 dhcp snooping statistics
- show ipv6 source binding
- show ipv6 verify
- show ipv6 verify source
- Dynamic ARP Inspection Commands
- Ethernet Configuration Commands
- Commands in this Section
- clear counters
- description
- default (interface)
- duplex
- flowcontrol
- interface
- interface range
- link debounce time
- rate-limit cpu
- show interfaces
- show interfaces advertise
- show interfaces configuration
- show interfaces counters
- show interfaces debounce
- show interfaces description
- show interfaces detail
- show interfaces status
- show interfaces transceiver
- show interfaces trunk
- show statistics
- show statistics switchport
- show storm-control
- show storm-control action
- shutdown
- speed
- switchport protected
- switchport protected name
- show switchport protected
- show system mtu
- system jumbo mtu
- Ethernet CFM Commands
- Commands in this Section
- ethernet cfm domain
- service
- ethernet cfm cc level
- ethernet cfm mep level
- ethernet cfm mep enable
- ethernet cfm mep active
- ethernet cfm mep archive-hold-time
- ethernet cfm mip level
- ping ethernet cfm
- traceroute ethernet cfm
- show ethernet cfm errors
- show ethernet cfm domain
- show ethernet cfm maintenance-points local
- show ethernet cfm maintenance-points remote
- show ethernet cfm statistics
- Green Ethernet Commands
- GMRP Commands
- GVRP Commands
- IGMP Snooping Commands
- Commands in this Section
- ip igmp snooping
- show ip igmp snooping
- show ip igmp snooping groups
- show ip igmp snooping mrouter
- ip igmp snooping vlan immediate-leave
- ip igmp snooping vlan groupmembership-interval
- ip igmp snooping vlan last-member-query- interval
- ip igmp snooping vlan mcrtrexpiretime
- ip igmp snooping report-suppression
- ip igmp snooping unregistered floodall
- ip igmp snooping vlan mrouter
- IGMP Snooping Querier Commands
- Interface Error Disable and Auto Recovery
- IPv6 Access List Commands
- IPv6 MLD Snooping Commands
- Commands in this Section
- ipv6 mld snooping vlan groupmembership- interval
- ipv6 mld snooping vlan immediate-leave
- ipv6 mld snooping listener-message-suppression
- ipv6 mld snooping vlan last-listener-query- interval
- ipv6 mld snooping vlan mcrtrexpiretime
- ipv6 mld snooping vlan mrouter
- ipv6 mld snooping (Global)
- show ipv6 mld snooping
- show ipv6 mld snooping groups
- show ipv6 mld snooping mrouter
- IPv6 MLD Snooping Querier Commands
- IP Source Guard Commands
- iSCSI Optimization Commands
- Link Dependency Commands
- LLDP Commands
- Commands in this Section
- clear lldp remote-data
- clear lldp statistics
- dcb enable
- debug lldp
- lldp med
- lldp med confignotification
- lldp med faststartrepeatcount
- lldp med transmit-tlv
- lldp notification
- lldp notification-interval
- lldp receive
- lldp timers
- lldp transmit
- lldp tlv-select
- show lldp
- show lldp interface
- show lldp local-device
- show lldp med
- show lldp med interface
- show lldp med local-device detail
- show lldp med remote-device
- show lldp remote-device
- show lldp statistics
- Loop Protection
- MLAG Commands
- Commands in this Section
- clear vpc statistics
- feature vpc
- peer detection enable
- peer detection interval
- peer-keepalive destination
- peer-keepalive enable
- peer-keepalive timeout
- role priority
- show vpc
- show vpc brief
- show vpc consistency-parameters
- show vpc consistency-features
- show vpc peer-keepalive
- show vpc role
- show vpc statistics
- system-mac
- system-priority
- vpc
- vpc domain
- vpc peer-link
- Multicast VLAN Registration Commands
- Port Channel Commands
- Static LAGS
- VLANs and LAGs
- LAG Thresholds
- LAG Hashing
- Enhanced LAG Hashing
- Manual Aggregation of LAGs
- Flexible Assignment of Ports to LAGs
- Commands in this Section
- channel-group
- interface port-channel
- interface range port-channel
- hashing-mode
- lacp port-priority
- lacp system-priority
- lacp timeout
- port-channel local-preference
- port-channel min-links
- show interfaces port-channel
- show lacp
- show statistics port-channel
- Port Monitor Commands
- QoS Commands
- Access Control Lists
- Layer 2 ACLs
- Layer 3/4 IPv4 ACLs
- Class of Service (CoS)
- Queue Mapping
- DiffServ
- Commands in this Section
- assign-queue
- class
- class-map
- class-map rename
- classofservice dot1p-mapping
- classofservice ip-dscp-mapping
- classofservice trust
- conform-color
- cos-queue min-bandwidth
- cos-queue random-detect
- cos-queue strict
- diffserv
- drop
- mark cos
- mark ip-dscp
- mark ip-precedence
- match access-group
- match class-map
- match cos
- match destination-address mac
- match any
- match dstip
- match dstip6
- match dstl4port
- match ethertype
- match ip6flowlbl
- match ip dscp
- match ip precedence
- match ip tos
- match protocol
- match source-address mac
- match srcip
- match srcip6
- match srcl4port
- match vlan
- mirror
- police-simple
- police-single-rate
- police-two-rate
- policy-map
- random-detect queue-parms
- random-detect exponential-weighting-constant
- redirect
- service-policy
- show class-map
- show classofservice dot1p-mapping
- show classofservice ip-dscp-mapping
- show classofservice trust
- show diffserv
- show diffserv service interface
- show diffserv service brief
- show interfaces cos-queue
- show interfaces random-detect
- show policy-map
- show policy-map interface
- show service-policy
- traffic-shape
- vlan priority
- Spanning Tree Commands
- Commands in this Section
- clear spanning-tree detected-protocols
- exit (mst)
- instance (mst)
- name (MST)
- revision (mst)
- show spanning-tree
- show spanning-tree summary
- show spanning-tree vlan
- spanning-tree
- spanning-tree auto-portfast
- spanning-tree backbonefast
- spanning-tree bpdu flooding
- spanning-tree bpdu-protection
- spanning-tree cost
- spanning-tree disable
- spanning-tree forward-time
- spanning-tree guard
- spanning-tree loopguard
- spanning-tree max-age
- spanning-tree max-hops
- spanning-tree mode
- spanning-tree mst configuration
- spanning-tree mst cost
- spanning-tree mst port-priority
- spanning-tree mst priority
- spanning-tree portfast
- spanning-tree portfast bpdufilter default
- spanning-tree portfast default
- spanning-tree port-priority (Interface Configuration)
- spanning-tree priority
- spanning-tree tcnguard
- spanning-tree transmit hold-count
- spanning-tree uplinkfast
- spanning-tree vlan
- spanning-tree vlan forward-time
- spanning-tree vlan hello-time
- spanning-tree vlan max-age
- spanning-tree vlan root
- spanning-tree vlan priority
- UDLD Commands
- VLAN Commands
- Double VLAN Mode
- Independent VLAN Learning
- Protocol Based VLANs
- IP Subnet Based VLANs
- MAC-Based VLANs
- Private VLAN Commands
- Commands in this Section
- interface vlan
- interface range vlan
- name (VLAN Configuration)
- private-vlan
- protocol group
- protocol vlan group
- protocol vlan group all
- show dot1q-tunnel
- show interfaces switchport
- show port protocol
- show switchport ethertype
- show vlan
- show vlan association mac
- show vlan association subnet
- show vlan private-vlan
- switchport access vlan
- switchport dot1q ethertype (Global Configuration)
- switchport dot1q ethertype (Interface Configuration)
- switchport general forbidden vlan
- switchport general acceptable-frame-type tagged-only
- switchport general allowed vlan
- switchport general ingress-filtering disable
- switchport general pvid
- switchport mode
- switchport mode dot1q-tunnel
- switchport mode private-vlan
- switchport private-vlan
- switchport trunk
- switchport trunk encapsulation dot1q
- vlan
- vlan association mac
- vlan association subnet
- vlan makestatic
- vlan protocol group
- vlan protocol group add protocol
- vlan protocol group name
- vlan protocol group remove
- Switchport Voice VLAN Commands
- ACL Commands
- Security Commands
- AAA Commands
- Administrative Authentication
- Administrative Accounting
- Accounting Method Lists
- Access Line Modes
- Command Authorization
- Network Authentication
- Local 802.1x Authentication Server
- MAC Authentication Bypass
- Guest VLAN
- Unauthenticated VLAN
- Commands in this Section
- aaa accounting
- aaa accounting delay-start
- aaa accounting update
- aaa authentication dot1x default
- aaa authentication enable
- aaa authentication login
- aaa authorization
- aaa authorization network default radius
- aaa ias-user username
- aaa new-model
- aaa server radius dynamic-author
- authentication enable
- authentication order
- authentication priority
- authentication restart
- clear (IAS)
- clear authentication statistics
- clear authentication authentication-history
- enable password
- ip http authentication
- ip https authentication
- password (AAA IAS User Configuration)
- password (User Exec)
- show aaa ias-users
- show aaa statistics
- show accounting methods
- show accounting update
- show authentication
- show authentication authentication-history
- show authentication methods
- show authentication statistics
- show authorization methods
- show users accounts
- show users login-history
- username
- username unlock
- Administrative Profiles Commands
- E-mail Alerting Commands
- Commands in this Section
- logging email
- logging email urgent
- logging email message-type to-addr
- logging email from-addr
- logging email message-type subject
- logging email logtime
- logging email test message-type
- show logging email statistics
- clear logging email statistics
- security
- mail-server ip-address | hostname
- port (Mail Server Configuration Mode)
- username (Mail Server Configuration Mode)
- password (Mail Server Configuration Mode)
- show mail-server
- RADIUS Commands
- RADIUS-based Dynamic VLAN Assignment
- RADIUS Change of Authorization
- Commands in this Section
- acct-port
- attribute 6
- attribute 8
- attribute 25
- attribute 31
- attribute 168 include-in-access-req
- authentication event fail retry
- auth-port
- automate-tester
- deadtime
- key
- msgauth
- name (RADIUS Server)
- primary
- priority
- radius server attribute 4
- radius server attribute 6
- radius server attribute 8
- radius server attribute 25
- radius server attribute 31
- radius server attribute 168
- radius server deadtime
- radius server
- radius server key
- radius server retransmit
- radius server source-ip
- radius server source-interface
- radius server timeout
- radius server vsa send authentication
- retransmit
- show aaa servers
- show radius statistics
- source-ip
- timeout
- usage
- TACACS+ Commands
- 802.1x Commands
- 802.1x Monitor Mode
- Commands in this Section
- dot1x dynamic-vlan enable
- dot1x eapolflood
- dot1x initialize
- mab
- default mab
- mab request format
- dot1x max-reauth-req
- dot1x max-req
- dot1x max-users
- dot1x port-control
- dot1x re-authenticate
- dot1x reauthentication
- dot1x system-auth-control
- dot1x system-auth-control monitor
- dot1x timeout quiet-period
- dot1x timeout re-authperiod
- dot1x timeout server-timeout
- dot1x timeout supp-timeout
- dot1x timeout tx-period
- auth-type
- client
- ignore
- port
- server-key
- show dot1x
- show dot1x authentication-history
- show dot1x clients
- show dot1x interface
- show dot1x interface statistics
- show dot1x users
- clear dot1x authentication–history
- dot1x guest-vlan
- dot1x timeout guest-vlan-period
- dot1x unauth-vlan
- show dot1x advanced
- Captive Portal Commands
- Commands in this Section
- authentication timeout
- captive-portal
- enable
- http port
- https port
- show captive-portal
- show captive-portal status
- block
- configuration
- enable
- group
- interface
- locale
- name (Captive Portal)
- protocol
- redirect
- redirect-url
- session-timeout
- verification
- captive-portal client deauthenticate
- show captive-portal client status
- show captive-portal configuration client status
- show captive-portal interface client status
- show captive-portal interface configuration status
- clear captive-portal users
- no user
- show captive-portal user
- user group
- user-logout
- user name
- user password
- user session-timeout
- show captive-portal configuration
- show captive-portal configuration interface
- show captive-portal configuration locales
- show captive-portal configuration status
- user group
- user group moveusers
- user group name
- Denial of Service Commands
- Management ACL Commands
- Password Management Commands
- Configurable Minimum Password Length
- Password History
- Password Aging
- User Lockout
- Password Strength
- Commands in this Section
- passwords aging
- passwords history
- passwords lock-out
- passwords min-length
- passwords strength-check
- passwords strength minimum uppercase-letters
- passwords strength minimum lowercase-letters
- passwords strength minimum numeric- characters
- passwords strength minimum special-characters
- passwords strength max-limit consecutive- characters
- passwords strength max-limit repeated- characters
- passwords strength minimum character-classes
- passwords strength exclude-keyword
- enable password encrypted
- show passwords configuration
- show passwords result
- SSH Commands
- AAA Commands
- Audio Visual Bridging Commands
- Multiple MAC Registration Protocol Commands
- Multiple VLAN Registration Protocol Commands
- Multiple Stream Reservation Protocol Commands
- 802.1AS Timesync Commands
- Commands in this Section
- clear dot1as statistics
- dot1as (Global Configuration)
- dot1as (Interface Configuration)
- dot1as priority
- dot1as interval announce
- dot1as interval sync
- dot1as interval pdelay
- dot1as timeout announce
- dot1as timeout sync
- dot1as pdelay-threshold
- dot1as interval pdelay-loss
- show dot1as
- show dot1as statistics
- Data Center Technology Commands
- Data Center Bridging Commands
- Data Center Bridging Exchange Protocol
- Interoperability with IEEE DCBX
- Port Roles
- Commands in this Section
- Data Center Bridging Capability Exchange Commands
- datacenter-bridging
- lldp dcbx version
- lldp dcbx port-role
- show lldp tlv-select
- show lldp dcbx
- Enhanced Transmission Selection (ETS) Commands
- classofservice traffic-class-group
- traffic-class-group max-bandwidth
- traffic-class-group min-bandwidth
- traffic-class-group strict
- traffic-class-group weight
- show classofservice traffic-class-group
- show interfaces traffic
- show interfaces traffic-class-group
- OpenFlow Commands
- Priority Flow Control Commands
- Data Center Bridging Commands
- Layer 3 Routing Commands
- ARP Commands
- Bidirectional Forwarding Detection Commands
- Border Gateway Protocol Commands
- Commands in this Section
- router bgp
- address-family
- address-family ipv4 vrf
- address-family ipv6
- address-family vpnv4 unicast
- aggregate-address
- bgp aggregate-different-meds (BGP Router Configuration)
- bgp aggregate-different-meds (IPv6 Address Family Configuration)
- bgp always-compare-med
- bgp client-to-client reflection (BGP Router Configuration)
- bgp client-to-client reflection (IPv6 Address Family Configuration)
- bgp cluster-id
- bgp default local-preference
- bgp fast-external-fallover
- bgp fast-internal-fallover
- bgp listen
- bgp log-neighbor-changes
- bgp maxas-limit
- bgp router-id
- clear ip bgp
- clear ip bgp counters
- default-information originate (BGP Router Configuration)
- default-information originate (IPv6 Address Family Configuration)
- default metric (BGP Router Configuration)
- default metric (IPv6 Address Family Configuration)
- distance
- distance bgp (BGP Router Configuration)
- distance bgp (IPv6 Address Family Configuration)
- distribute-list prefix in
- distribute-list prefix out (BGP Router Configuration)
- distribute-list prefix out (IPv6 Address Family Configuration)
- enable
- ip as-path access-list
- ip bgp-community new-format
- ip bgp fast-external-fallover
- ip community-list
- ip extcommunity-list
- match extcommunity
- maximum-paths (BGP Router Configuration)
- maximum-paths (IPv6 Address Family Configuration)
- maximum-paths ibgp (BGP Router Configuration)
- maximum-paths ibgp (IPv6 Address Family Configuration)
- neighbor activate
- neighbor advertisement-interval (BGP Router Configuration)
- neighbor advertisement-interval (IPv6 Address Family Configuration)
- neighbor allowas-in
- neighbor connect-retry-interval
- neighbor default-originate (BGP Router Configuration)
- neighbor default-originate (IPv6 Address Family Configuration)
- neighbor description
- neighbor ebgp-multihop
- neighbor filter-list (BGP Router Configuration)
- neighbor filter-list (IPv6 Address Family Configuration)
- neighbor inherit peer
- neighbor local-as
- neighbor maximum-prefix (BGP Router Configuration)
- neighbor maximum-prefix (IPv6 Address Family Configuration)
- neighbor next-hop-self (BGP Router Configuration)
- neighbor next-hop-self (IPv6 Address Family Configuration)
- neighbor password
- neighbor prefix-list (BGP Router Configuration)
- neighbor prefix-list (IPv6 Address Family Configuration)
- neighbor remote-as
- neighbor remove-private-as
- neighbor rfc5549-support
- neighbor route-map (BGP Router Configuration)
- neighbor route-map (IPv6 Address Family Configuration)
- neighbor route-reflector-client (BGP Router Configuration)
- neighbor route-reflector-client (IPv6 Address Family Configuration)
- neighbor send-community (BGP Router Configuration)
- neighbor send-community (IPv6 Address Family Configuration)
- neighbor shutdown
- neighbor timers
- neighbor update-source
- network (BGP Router Configuration)
- network (IPv6 Address Family Configuration)
- rd
- redistribute (BGP)
- redistribute (BGP IPv6)
- route-target
- set extcommunity rt
- set extcommunity soo
- show bgp ipv6
- show bgp ipv6 aggregate-address
- show bgp ipv6 community
- show bgp ipv6 community-list
- show bgp ipv6 listen range
- show bgp ipv6 neighbors
- show bgp ipv6 neighbors advertised-routes
- show bgp ipv6 neighbors policy
- show bgp ipv6 neighbors received-routes
- show bgp ipv6 statistics
- show bgp ipv6 summary
- show bgp ipv6 update-group
- show bgp ipv6 route-reflection
- show ip bgp
- show ip bgp aggregate-address
- show ip bgp community
- show ip bgp community-list
- show ip bgp extcommunity-list
- show ip bgp listen range
- show ip bgp neighbors
- show ip bgp neighbors advertised-routes
- show ip bgp neighbors received-routes
- show ip bgp neighbors policy
- show ip bgp route-reflection
- show ip bgp statistics
- show ip bgp summary
- show ip bgp template
- show ip bgp traffic
- show ip bgp update-group
- show ip bgp vpn4
- template peer
- timers bgp
- BGP Routing Policy
- Commands in this Section
- ip as-path access-list
- ip bgp-community new-format
- ip community-list
- ip prefix-list
- ip prefix-list description
- ipv6 prefix-list
- match as-path
- match community
- match ip address prefix-list
- match ipv6 address prefix-list
- show ip as-path-access-list
- show ip community-list
- show ip prefix-list
- show ipv6 prefix-list
- clear ip prefix-list
- clear ipv6 prefix-list
- clear ip community-list
- set as-path
- set comm-list delete
- set community
- set ipv6 next-hop (BGP)
- set local-preference
- set metric
- DVMRP Commands
- IGMP Commands
- Commands in this Section
- ip igmp last-member-query-count
- ip igmp last-member-query-interval
- ip igmp mroute-proxy
- ip igmp query-interval
- ip igmp query-max-response-time
- ip igmp robustness
- ip igmp startup-query-count
- ip igmp startup-query-interval
- ip igmp version
- show ip igmp
- show ip igmp groups
- show ip igmp interface
- show ip igmp membership
- show ip igmp interface stats
- IGMP Proxy Commands
- IP Helper/DHCP Relay Commands
- Commands in this Section
- bootpdhcprelay maxhopcount
- bootpdhcprelay minwaittime
- clear ip helper statistics
- ip dhcp relay information check
- ip dhcp relay information check-reply
- ip dhcp relay information option
- ip dhcp relay information option-insert
- ip helper-address (global configuration)
- ip helper-address (interface configuration)
- ip helper enable
- show ip helper-address
- show ip dhcp relay
- show ip helper statistics
- IP Routing Commands
- Static Routes/ECMP Static Routes
- Static Reject Routes
- Default Routes
- Commands in this Section
- encapsulation
- ip icmp echo-reply
- ip icmp error-interval
- ip netdirbcast
- ip policy route-map
- ip redirects
- ip route
- ip route default
- ip route distance
- ip routing
- ip unnumbered
- ip unnumbered gratuitous-arp accept
- ip unreachables
- match ip address
- match length
- match mac-list
- route-map
- set interface null0
- set ip default next-hop
- set ip next-hop
- set ip precedence
- show ip brief
- show ip interface
- show ip policy
- show ip protocols
- show ip route
- show ip route static
- show ip route preferences
- show ip route summary
- show ip traffic
- show ip vlan
- show route-map
- show routing heap summary
- IPv6 Routing Commands
- IPv6 Limitations & Restrictions
- Commands in this Section
- clear ipv6 neighbors
- clear ipv6 statistics
- ipv6 address
- ipv6 enable
- ipv6 hop-limit
- ipv6 host
- ipv6 icmp error-interval
- ipv6 mld last-member-query-count
- ipv6 mld last-member-query-interval
- ipv6 mld host-proxy
- ipv6 mld host-proxy reset-status
- ipv6 mld host-proxy unsolicit-rprt-interval
- ipv6 mld query-interval
- ipv6 mld query-max-response-time
- ipv6 nd dad attempts
- ipv6 nd ra hop-limit unspecified
- ipv6 nd managed-config-flag
- ipv6 nd ns-interval
- ipv6 nd nud max-multicast-solicits
- ipv6 nd nud max-unicast-solicits
- ipv6 nd nud retry
- ipv6 nd other-config-flag
- ipv6 nd prefix
- ipv6 nd raguard attach-policy
- ipv6 nd ra-interval
- ipv6 nd ra-lifetime
- ipv6 nd reachable-time
- ipv6 nd suppress-ra
- ipv6 redirect
- ipv6 route
- ipv6 route distance
- ipv6 unicast-routing
- ipv6 unreachables
- show ipv6 brief
- show ipv6 interface
- show ipv6 mld groups
- show ipv6 mld interface
- show ipv6 mld host-proxy
- show ipv6 mld host-proxy groups
- show ipv6 mld host-proxy groups detail
- show ipv6 mld host-proxy interface
- show ipv6 mld traffic
- show ipv6 nd raguard policy
- show ipv6 neighbors
- show ipv6 protocols
- show ipv6 route
- show ipv6 route preferences
- show ipv6 route summary
- show ipv6 snooping counters
- show ipv6 traffic
- show ipv6 vlan
- traceroute ipv6
- Loopback Interface Commands
- IP Multicast Commands
- Commands in this Section
- clear ip mroute
- ip multicast boundary
- ip mroute
- ip multicast-routing
- ip multicast ttl-threshold
- ip pim
- ip pim bsr-border
- ip pim bsr-candidate
- ip pim dense-mode
- ip pim dr-priority
- ip pim hello-interval
- ip pim join-prune-interval
- ip pim rp-address
- ip pim rp-candidate
- ip pim sparse-mode
- ip pim ssm
- show ip mfc
- show ip multicast
- show ip pim boundary
- show ip multicast interface
- show ip mroute
- show ip mroute group
- show ip mroute source
- show ip mroute static
- show ip pim
- show ip pim bsr-router
- show ip pim interface
- show ip pim neighbor
- show ip pim rp-hash
- show ip pim rp mapping
- show ip pim statistics
- IPv6 Multicast Commands
- clear ipv6 mroute
- ipv6 pim (VLAN Interface config)
- ipv6 pim bsr-border
- ipv6 pim bsr-candidate
- ipv6 pim dense-mode
- ipv6 pim dr-priority
- ipv6 pim hello-interval
- ipv6 pim join-prune-interval
- ipv6 pim register-threshold
- ipv6 pim rp-address
- ipv6 pim rp-candidate
- ipv6 pim sparse-mode
- ipv6 pim ssm
- show ipv6 pim
- show ipv6 pim bsr-router
- show ipv6 mroute group
- show ipv6 mroute source
- show ipv6 pim interface
- show ipv6 pim neighbor
- show ipv6 pim rp-hash
- show ipv6 pim rp mapping
- show ipv6 pim statistics
- OSPF Commands
- Route Preferences
- OSPF Equal Cost Multipath (ECMP)
- Forwarding of OSPF Opaque LSAs Enabled by Default
- Passive Interfaces
- Graceful Restart
- Commands in this Section
- area default-cost (Router OSPF)
- area nssa (Router OSPF)
- area nssa default-info-originate (Router OSPF Config)
- area nssa no-redistribute
- area nssa no-summary
- area nssa translator-role
- area nssa translator-stab-intv
- area range (Router OSPF)
- area stub
- area stub no-summary
- area virtual-link
- area virtual-link authentication
- area virtual-link dead-interval
- area virtual-link hello-interval
- area virtual-link retransmit-interval
- area virtual-link transmit-delay
- auto-cost
- bandwidth
- bfd
- capability opaque
- clear ip ospf
- clear ip ospf stub-router
- compatible rfc1583
- default-information originate (Router OSPF Configuration)
- default-metric
- distance ospf
- distribute-list out
- enable
- exit-overflow-interval
- external-lsdb-limit
- ip ospf area
- ip ospf authentication
- ip ospf cost
- ip ospf database-filter all out
- ip ospf dead-interval
- ip ospf hello-interval
- ip ospf mtu-ignore
- ip ospf network
- ip ospf priority
- ip ospf retransmit-interval
- ip ospf transmit-delay
- log adjacency-changes
- max-metric router-lsa
- maximum-paths
- network area
- nsf
- nsf helper
- nsf helper strict-lsa-checking
- nsf restart-interval
- passive-interface default
- passive-interface
- redistribute (OSPF)
- router-id
- router ospf
- show ip ospf
- show ip ospf abr
- show ip ospf area
- show ip ospf asbr
- show ip ospf database
- show ip ospf database database-summary
- show ip ospf interface
- show ip ospf interface brief
- show ip ospf interface stats
- show ip ospf lsa-group
- show ip ospf neighbor
- show ip ospf range
- show ip ospf statistics
- show ip ospf stub table
- show ip ospf traffic
- show ip ospf virtual-links
- show ip ospf virtual-links brief
- timers pacing flood
- timers pacing lsa-group
- timers spf
- OSPFv3 Commands
- area default-cost (Router OSPFv3)
- area nssa (Router OSPFv3)
- area nssa default-info-originate (Router OSPFv3 Config)
- area nssa no-redistribute
- area nssa no-summary
- area nssa translator-role
- area nssa translator-stab-intv
- area range (Router OSPFv3)
- area stub
- area stub no-summary
- area virtual-link
- area virtual-link dead-interval
- area virtual-link hello-interval
- area virtual-link retransmit-interval
- area virtual-link transmit-delay
- default-information originate (Router OSPFv3 Configuration)
- default-metric
- distance ospf
- enable
- exit-overflow-interval
- external-lsdb-limit
- ipv6 ospf
- ipv6 ospf area
- ipv6 ospf cost
- ipv6 ospf dead-interval
- ipv6 ospf hello-interval
- ipv6 ospf mtu-ignore
- ipv6 ospf network
- ipv6 ospf priority
- ipv6 ospf retransmit-interval
- ipv6 ospf transmit-delay
- ipv6 router ospf
- maximum-paths
- nsf
- nsf helper
- nsf helper strict-lsa-checking
- nsf restart-interval
- passive-interface
- passive-interface default
- redistribute (OSPFv3)
- router-id
- show ipv6 ospf
- show ipv6 ospf abr
- show ipv6 ospf area
- show ipv6 ospf asbr
- show ipv6 ospf border-routers
- show ipv6 ospf database
- show ipv6 ospf database database-summary
- show ipv6 ospf interface
- show ipv6 ospf interface brief
- show ipv6 ospf interface stats
- show ipv6 ospf interface vlan
- show ipv6 ospf neighbor
- show ipv6 ospf range
- show ipv6 ospf stub table
- show ipv6 ospf virtual-links
- show ipv6 ospf virtual-link brief
- timers throttle spf
- Router Discovery Protocol Commands
- Routing Information Protocol Commands
- Commands in this Section
- auto-summary
- default-information originate (Router RIP Configuration)
- default-metric
- distance rip
- distribute-list out
- enable
- hostroutesaccept
- ip rip
- ip rip authentication
- ip rip receive version
- ip rip send version
- redistribute (RIP)
- router rip
- show ip rip
- show ip rip interface
- show ip rip interface brief
- split-horizon
- Tunnel Interface Commands
- Virtual Router Commands
- Virtual Router Redundancy Protocol Commands
- Pingable VRRP Interface
- VRRP Route/Interface Tracking
- Interface Tracking
- Route Tracking
- Commands in this Section
- ip vrrp
- vrrp accept-mode
- vrrp authentication
- vrrp description
- vrrp ip
- vrrp mode
- vrrp preempt
- vrrp priority
- vrrp timers advertise
- vrrp timers learn
- vrrp track interface
- vrrp track ip route
- show vrrp
- show vrrp interface
- Switch Management Commands
- Application Deployment
- Auto-Install Commands
- CLI Macro Commands
- Clock Commands
- Real-time Clock
- Simple Network Time Protocol
- Commands in this Section
- show sntp configuration
- show sntp server
- show sntp status
- sntp authenticate
- sntp authentication-key
- sntp broadcast client enable
- sntp client poll timer
- sntp server
- sntp source-interface
- sntp trusted-key
- sntp unicast client enable
- clock set
- clock timezone hours-offset
- no clock timezone
- clock summer-time recurring
- clock summer-time date
- no clock summer-time
- show clock
- Command Line Configuration Scripting Commands
- Configuration and Image File Commands
- DHCP Client Commands
- DHCP Server Commands
- Commands in this Section
- ip dhcp pool
- bootfile
- clear ip dhcp binding
- clear ip dhcp conflict
- client-identifier
- client-name
- default-router
- dns-server (IP DHCP Pool Config)
- domain-name (IP DHCP Pool Config)
- hardware-address
- host
- ip dhcp bootp automatic
- ip dhcp conflict logging
- ip dhcp excluded-address
- ip dhcp ping packets
- lease
- netbios-name-server
- netbios-node-type
- network
- next-server
- option
- service dhcp
- sntp
- show ip dhcp binding
- show ip dhcp conflict
- show ip dhcp global configuration
- show ip dhcp pool
- show ip dhcp server statistics
- DHCPv6 Server Commands
- clear ipv6 dhcp
- dns-server (IPv6 DHCP Pool Config)
- domain-name (IPv6 DHCP Pool Config)
- ipv6 dhcp pool
- ipv6 dhcp relay
- ipv6 dhcp server
- prefix-delegation
- service dhcpv6
- show ipv6 dhcp
- show ipv6 dhcp binding
- show ipv6 dhcp interface (User Exec)
- show ipv6 dhcp interface (Privileged Exec)
- show ipv6 dhcp pool
- show ipv6 dhcp statistics
- HiveAgent Commands
- IP Addressing Commands
- Commands in this Section
- clear host
- clear ip address-conflict-detect
- interface out-of-band
- ip address
- ip address (Out-of-Band)
- ip address-conflict-detect run
- ip address dhcp (Interface Configuration)
- ip default-gateway
- ip domain-lookup
- ip domain-name
- ip host
- ip name-server
- ip name-server source-interface
- ipv6 address (Interface Configuration)
- ipv6 address (OOB Port)
- ipv6 address dhcp
- ipv6 enable (Interface Configuration)
- ipv6 enable (OOB Configuration)
- ipv6 gateway (OOB Configuration)
- show hosts
- show ip address-conflict
- show ip helper-address
- show ipv6 dhcp interface out-of-band statistics
- show ipv6 interface out-of-band
- Line Commands
- PHY Diagnostics Commands
- Power Over Ethernet Commands
- Flexible Power Management
- Commands in this Section
- power inline
- power inline detection
- power inline four-pair forced
- power inline limit
- power inline management
- power inline powered-device
- power inline priority
- power inline reset
- power inline usage-threshold
- clear power inline statistics
- show power inline
- show power inline firmware-version
- RMON Commands
- Serviceability Commands
- Commands in this Section
- debug aaa accounting
- debug arp
- debug authentication interface
- debug auto-voip
- debug bfd
- debug cfm
- debug clear
- debug console
- debug crashlog
- debug dhcp packet
- debug dhcp server packet
- debug dot1ag
- debug dot1x
- debug igmpsnooping
- debug ip acl
- debug ip bgp
- debug ip dvmrp
- debug ip igmp
- debug ip mcache
- debug ip pimdm packet
- debug ip pimsm packet
- debug ipv6 dhcp
- debug ipv6 mcache
- debug ipv6 mld
- debug ipv6 pimdm
- debug ipv6 pimsm
- debug isdp
- debug lacp
- debug mldsnooping
- debug ospf
- debug ospfv3
- debug ping
- debug rip
- debug sflow
- debug spanning-tree
- debug udld
- debug vpc
- debug vrrp
- exception core-file
- exception dump
- exception protocol
- exception switch-chip-register
- ip http timeout-policy
- show debugging
- show supported mibs
- snapshot bgp
- write core
- Sflow Commands
- SNMP Commands
- Commands in this Section
- show snmp
- show snmp engineid
- show snmp filters
- show snmp group
- show snmp user
- show snmp views
- show trapflags
- snmp-server community
- snmp-server community-group
- snmp-server contact
- snmp-server enable traps
- snmp-server engineID local
- snmp-server filter
- snmp-server group
- snmp-server host
- snmp-server location
- snmp-server user
- snmp-server view
- snmp-server v3-host
- snmp-server source-interface
- SupportAssist Commands
- SYSLOG Commands
- Command Logging
- Commands in this Section
- clear logging
- clear logging file
- description (Logging)
- level
- logging cli-command
- logging
- logging audit
- logging buffered
- logging console
- logging facility
- logging file
- logging monitor
- logging on
- logging protocol
- logging snmp
- logging source-interface
- logging traps
- logging web-session
- port
- show logging
- show logging file
- show syslog-servers
- terminal monitor
- System and Stack Management Commands
- asset-tag
- banner exec
- banner login
- banner motd
- banner motd acknowledge
- buffers
- clear checkpoint statistics
- clear counters stack-ports
- connect
- cut-through mode
- disconnect
- exit
- hardware profile portmode
- hostname
- initiate failover
- load-interval
- locate
- logout
- member
- memory free low-watermark
- nsf
- ping
- process cpu threshold
- quit
- reload
- service unsupported-transceiver
- set description
- slot
- show banner
- show buffers
- show checkpoint statistics
- show cut-through mode
- show hardware profile
- show idprom interface
- show interfaces
- show interfaces advanced firmware
- show interfaces utilization
- show memory cpu
- show nsf
- show power-usage-history
- show process app-list
- show process app-resource-list
- show process cpu
- show process proc-list
- show router-capability
- show sessions
- show slot
- show supported cardtype
- show supported switchtype
- show switch
- show system
- show system fan
- show system id
- show system power
- show system temperature
- show tech-support
- show users
- show version
- stack
- stack-port
- stack-port shutdown
- standby
- switch renumber
- telnet
- traceroute
- traceroute ipv6
- update bootcode
- Telnet Server Commands
- Time Ranges Commands
- USB Flash Drive Commands
- User Interface Commands
- Web Server Commands
- Web Sessions
- Commands in this Section
- common-name
- country
- crypto certificate generate
- crypto certificate import
- crypto certificate request
- duration
- ip http port
- ip http server
- ip http secure-certificate
- ip http secure-port
- ip http secure-server
- key-generate
- location
- no crypto certificate
- organization-unit
- show crypto certificate mycertificate
- show ip http server status
- show ip http server secure status
- state
- Appendix A: List of Commands
Security Commands 1083
If the priority-value is not specified when inputing a rule, the system assigns
the lowest numbered unused priority-value in the range 1–64. If a rule is
input with an existing priority-value, the original rule is overwritten.
Examples
The following example shows how to allow global access for two management
interfaces, Gigabit Ethernet 1/0/1 and Gigabit Ethernet 1/0/9.
console(config)#management access-list mlist
console(config-macal)# permit gigabitethernet 1/0/1 priority 1
console(config-macal)# permit gigabitethernet 1/0/9 priority 2
console(config-macal)# exit
console(config)# management access-class mlist
The following example shows how to configure all the interfaces to be
management interfaces except for two interfaces, Gigabit Ethernet 1/0/1 and
1/0/9.
console(config)# management access-list mlist
console(config-macal)# deny gigabitethernet 1/0/1 priority 1
console(config-macal)# deny gigabitethernet 1/0/9 priority 2
console(config-macal)# permit priority 3
console(config-macal)# exit
console(config)# management access-class mlist
show management access-class
Use the show management access-class command to display information
about the active management access list.
Syntax
show management access-class
Default Configuration
This command has no default configuration.
Command Mode
Privileged Exec mode, Global Configuration mode and all Configuration
submodes