White Papers
Table Of Contents
- Dell Command Line Reference Guide for the S6000–ON System 9.14.1.5
- About this Guide
- CLI Basics
- File Management
- Control and Monitoring
- banner exec
- banner login
- banner motd
- cam-acl
- clear average-power
- clear line
- configure
- disable
- do
- enable
- enable optic-info-update interval
- end
- exec-timeout
- exit
- ftp-server enable
- ftp-server topdir
- ftp-server username
- hostname
- ip ftp password
- ip ftp source-interface
- ip tftp vrf
- ip ftp username
- ip ftp vrf
- ip telnet server enable
- ip telnet server vrf
- ip telnet source-interface
- ip tftp vrf
- line
- logging disable-syslog snmp auth-failure
- login concurrent-session
- login statistics
- motd-banner
- ping
- reload
- send
- service timestamps
- show alarms
- show cpu-traffic-stats
- show debugging
- show environment
- show inventory
- show login statistics
- show memory
- show processes cpu
- show processes ipc flow-control
- show processes memory
- show reset-reason
- show software ifm
- show system
- show tech-support
- ssh-peer-stack-unit
- telnet
- telnet-peer-stack-unit
- terminal length
- traceroute
- undebug all
- virtual-ip
- write
- 802.1X
- debug dot1x
- dot1x auth-fail-vlan
- dot1x auth-server
- dot1x auth-type mab-only
- dot1x authentication (Configuration)
- dot1x authentication (Interface)
- dot1x critical-vlan
- dot1x guest-vlan
- dot1x host-mode
- mac
- dot1x mac-auth-bypass
- dot1x max-eap-req
- dot1x max-supplicants
- dot1x port-control
- dot1x profile
- dot1x quiet-period
- dot1x reauthentication
- dot1x reauth-max
- dot1x server-timeout
- dot1x static-mab
- dot1x supplicant-timeout
- dot1x tx-period
- show dot1x cos-mapping interface
- show dot1x interface
- show dot1x profile
- Access Control Lists (ACL)
- Commands Common to all ACL Types
- Common IP ACL Commands
- Standard IP ACL Commands
- Extended IP ACL Commands
- Common MAC Access List Commands
- Standard MAC ACL Commands
- Extended MAC ACL Commands
- IP Prefix List Commands
- Route Map Commands
- continue
- description
- match as-path
- match community
- match interface
- match ip address
- match ip next-hop
- match ip route-source
- match metric
- match origin
- match route-type
- match tag
- route-map
- set as-path
- set automatic-tag
- set comm-list delete
- set community
- set level
- set local-preference
- set metric
- set metric-type
- set next-hop
- set origin
- set tag
- set weight
- show config
- show route-map
- deny (for Standard IP ACLs)
- deny (for Extended IP ACLs)
- seq (for Standard IPv4 ACLs)
- deny tcp (for Extended IP ACLs)
- deny ether-type (for Extended MAC ACLs)
- deny (for Standard MAC ACLs)
- deny (for Extended MAC ACLs)
- permit (for Standard IP ACLs)
- permit arp (for Extended MAC ACLs)
- permit ether-type (for Extended MAC ACLs)
- permit icmp (for Extended IP ACLs)
- permit udp (for Extended IP ACLs)
- permit (for Extended IP ACLs)
- permit (for Standard MAC ACLs)
- seq (for Standard MAC ACLs)
- permit tcp (for Extended IP ACLs)
- seq arp (for Extended MAC ACLs)
- seq ether-type (for Extended MAC ACLs)
- seq (for IP ACLs)
- seq (for IPv6 ACLs)
- permit udp (for IPv6 ACLs)
- permit tcp (for IPv6 ACLs)
- permit icmp (for IPv6 ACLs)
- permit (for IPv6 ACLs)
- deny udp (for IPv6 ACLs)
- deny arp (for Extended MAC ACLs)
- deny tcp (for IPv6 ACLs)
- deny icmp (for Extended IPv6 ACLs)
- deny (for IPv6 ACLs)
- Bidirectional Forwarding Detection (BFD)
- Boot Command Line Interface
- boot change
- boot message
- boot show net config retries
- boot write net config retries
- boot zero
- default-gateway
- etheraddr
- ignore enable-password
- ignore startup-config
- interface management ethernet ip address
- NVRAM erase
- reload
- serial console
- show bootvar
- show default-gateway
- show interface management ethernet
- show serial console baud rate
- watchdog
- Border Gateway Protocol
- BGP IPv4 Commands
- address-family
- aggregate-address
- bgp add-path
- bgp always-compare-med
- bgp asnotation
- bgp bestpath as-path ignore
- bgp bestpath as-path multipath-relax
- bgp bestpath med confed
- bgp bestpath med missing-as-best
- bgp bestpath router-id ignore
- bgp client-to-client reflection
- bgp cluster-id
- bgp confederation identifier
- bgp confederation peers
- bgp dampening
- bgp default local-preference
- bgp dmzlink-bw
- bgp enforce-first-as
- bgp fast-external-fallover
- bgp four-octet-as-support
- bgp graceful-restart
- bgp non-deterministic-med
- bgp outbound-optimization
- bgp recursive-bgp-next-hop
- bgp regex-eval-optz-disable
- bgp router-id
- clear ip bgp
- clear ip bgp dampening
- clear ip bgp flap-statistics
- clear ip bgp peer-group
- debug ip bgp
- debug ip bgp dampening
- debug ip bgp events
- debug ip bgp keepalives
- debug ip bgp notifications
- debug ip bgp soft-reconfiguration
- debug ip bgp updates
- default-metric
- deny bandwidth
- description
- maximum-paths
- neighbor activate
- neighbor add-path
- neighbor advertisement-interval
- neighbor advertisement-start
- neighbor allowas-in
- neighbor default-originate
- neighbor description
- neighbor distribute-list
- neighbor ebgp-multihop
- neighbor fall-over
- neighbor local-as
- neighbor maximum-prefix
- neighbor next-hop-self
- neighbor password
- neighbor peer-group (assigning peers)
- neighbor peer-group (creating group)
- neighbor peer-group passive
- neighbor remote-as
- neighbor remove-private-as
- neighbor route-map
- neighbor route-reflector-client
- neighbor send-community
- neighbor shutdown
- neighbor soft-reconfiguration inbound
- neighbor timers
- neighbor timers extended
- neighbor update-source
- neighbor weight
- network
- network backdoor
- permit bandwidth
- redistribute
- redistribute ospf
- router bgp
- shutdown all
- shutdown address-family-ipv4–multicast
- shutdown address-family-ipv4–unicast
- shutdown address-family-ipv6–unicast
- set extcommunity bandwidth
- show capture bgp-pdu neighbor
- show config
- show ip bgp
- show ip bgp cluster-list
- show ip bgp community
- show ip bgp community-list
- show ip bgp dampened-paths
- show ip bgp detail
- show ip bgp extcommunity-list
- show ip bgp filter-list
- show ip bgp flap-statistics
- show ip bgp inconsistent-as
- show ip bgp neighbors
- show ip bgp next-hop
- show ip bgp paths
- show ip bgp paths community
- show ip bgp peer-group
- show ip bgp regexp
- show ip bgp summary
- show running-config bgp
- timers bgp
- timers bgp extended
- MBGP Commands
- BGP IPv4 Commands
- Content Addressable Memory (CAM)
- Control Plane Policing (CoPP)
- control-plane-cpuqos
- cpu-protocol-group
- copp-profile
- cpu-queue
- copp-policy
- protocol-list
- queue-length
- service-policy rate-limit-cpu-queues
- service-policy rate-limit-protocols
- show cpu-queue rate cp
- show ip protocol-queue-mapping
- show ipv6 protocol-queue-mapping
- show mac protocol-queue-mapping
- show running-config copp-profile
- show running-config cpu-protocol-group
- Data Center Bridging (DCB)
- DCB Command
- PFC Commands
- ETS Commands
- DCBX Commands
- dcb-map
- priority-pgid
- priority-group bandwidth pfc
- dcb-map stack-unit all stack-ports all
- dcb pfc-shared-buffer-size
- dcb-buffer-threshold
- priority
- qos-policy-buffer
- dcb-policy buffer-threshold (Interface Configuration)
- dcb-policy buffer-threshold (Global Configuration)
- show qos dcb-buffer-threshold
- dcb pfc-total-buffer-size
- show running-config dcb-buffer-threshold
- service-class buffer shared-threshold-weight
- dcb pfc-queues
- dcb {ets | pfc} enable
- Debugging and Diagnostics
- Diagnostics and Monitoring Commands
- Offline Diagnostic Commands
- Hardware Commands
- clear hardware stack-unit
- clear hardware system-flow
- clear hardware vlan-counters
- hardware watchdog
- show hardware mac
- show hardware ip
- show hardware stack-unit
- show hardware stack-unit buffer
- show hardware buffer service-pool
- show hardware buffer-stats-snapshot
- show hardware counters interface
- show hardware drops
- show hardware system-flow
- show hardware vlan-counters
- show hardware stack-unit buffer-stats-snapshot
- show hardware stack-unit buffer-stats-snapshot (Total Buffer Information)
- Dynamic Host Configuration Protocol (DHCP)
- Commands to Configure the System to be a DHCP Server
- Commands to Configure Secure DHCP
- arp inspection
- arp inspection-limit
- arp inspection-trust
- clear ip dhcp snooping
- clear ipv6 dhcp snooping binding
- ip dhcp relay
- ip dhcp snooping
- ipv6 dhcp snooping
- ipv6 dhcp snooping vlan
- ip dhcp snooping binding
- IPv6 DHCP Snooping Binding
- ip dhcp snooping database
- ipv6 dhcp snooping database write-delay
- ip dhcp snooping database renew
- ipv6 dhcp snooping database renew
- ip dhcp snooping trust
- ipv6 dhcp snooping trust
- ip dhcp source-address-validation
- ip dhcp relay information-option
- ip dhcp relay source-interface
- ipv6 dhcp relay source-interface
- ip dhcp snooping verify mac-address
- ipv6 dhcp snooping verify mac-address
- ip helper-address
- ipv6 helper-address
- show ip dhcp snooping
- show ipv6 dhcp snooping
- Commands to Configure DNS
- Equal Cost Multi-Path (ECMP)
- Flex Hash and Optimized Boot-Up
- FIP Snooping
- clear fip-snooping database interface vlan
- clear fip-snooping statistics
- debug fip snooping
- debug fip snooping rx
- feature fip-snooping
- fip-snooping enable
- fip-snooping fc-map
- fip-snooping max-sessions-per-enodemac
- fip-snooping port-mode fcf
- fip-snooping port-mode fcoe-trusted
- show fip-snooping config
- show fip-snooping enode
- show fip-snooping fcf
- show fip-snooping statistics
- show fip-snooping system
- show fip-snooping vlan
- show fips status
- Force10 Resilient Ring Protocol (FRRP)
- GARP VLAN Registration (GVRP)
- ICMP Message Types
- Internet Group Management Protocol (IGMP)
- Interfaces
- Basic Interface Commands
- clear counters
- clear dampening
- dampening
- default interface
- description
- duplex (10/100 Interfaces)
- encapsulation dot1q
- errdisable recovery cause
- errdisable recovery interval
- flowcontrol
- interface
- interface group
- interface loopback
- interface managementEthernet
- interface null
- interface range
- interface range macro (define)
- interface range macro name
- interface vlan
- intf-type cr4 autoneg
- keepalive
- monitor interface
- mtu
- negotiation auto
- portmode hybrid
- rate-interval
- rate-interval (Configuration Mode)
- show config
- show config (for speed)
- show config (from INTERFACE RANGE mode)
- show interfaces
- show interfaces configured
- show interfaces dampening
- show interfaces stack-unit
- show interfaces status
- show interfaces vlan
- show system stack-unit quad-port-profile
- stack-unit portmode quad
- show interfaces switchport
- show interfaces transceiver
- show range
- shutdown
- speed (for 10/100/1000/10000 interfaces)
- speed (Management interface)
- stack-unit portmode
- switchport
- wavelength
- Port Channel Commands
- ip http source-interface
- Basic Interface Commands
- IPv4 Routing
- arp
- arp backoff-time
- arp learn-enable
- arp max-entries
- arp retries
- arp timeout
- clear arp-cache
- clear host
- clear ip fib stack-unit
- clear ip route
- clear tcp statistics
- debug arp
- debug ip dhcp
- debug ip icmp
- debug ip packet
- icmp6-redirect enable
- ip address
- ip directed-broadcast
- ip domain-list
- ip domain-lookup
- ip domain-name
- ip helper-address
- ip helper-address hop-count disable
- ip host
- ip icmp source-interface
- ipv6 icmp source-interface
- ip max-frag-count
- ip name-server
- ip proxy-arp
- ip route
- ip source-route
- ip tcp initial-time
- ip unknown-unicast
- ipv4 unicast-host-route
- show ip tcp initial-time
- ip unreachables
- load-balance
- load-balance hg
- management route
- show arp
- show arp retries
- show hosts
- show ip cam stack-unit
- show ip fib stack-unit
- show ip flow
- show ip interface
- show ip management-route
- show ip protocols
- show ip route
- show ip route list
- show ip route summary
- show ip traffic
- show tcp statistics
- IPv6 Basics
- IPv6 Access Control Lists (IPv6 ACLs)
- Intermediate System to Intermediate System (IS-IS)
- adjacency-check
- advertise
- area-password
- clear config
- clear isis
- clns host
- debug isis
- debug isis adj-packets
- debug isis local-updates
- debug isis snp-packets
- debug isis spf-triggers
- debug isis update-packets
- default-information originate
- description
- distance
- distribute-list in
- distribute-list out
- distribute-list redistributed-override
- domain-password
- graceful-restart ietf
- graceful-restart interval
- graceful-restart restart-wait
- graceful-restart t1
- graceful-restart t2
- graceful-restart t3
- hello padding
- hostname dynamic
- ignore-lsp-errors
- ip router isis
- ipv6 router isis
- isis circuit-type
- isis csnp-interval
- isis hello-interval
- isis hello-multiplier
- isis hello padding
- isis ipv6 metric
- isis metric
- isis network point-to-point
- isis password
- isis priority
- is-type
- log-adjacency-changes
- lsp-gen-interval
- lsp-mtu
- lsp-refresh-interval
- max-area-addresses
- max-lsp-lifetime
- maximum-paths
- metric-style
- multi-topology
- net
- passive-interface
- redistribute
- redistribute bgp
- redistribute ospf
- router isis
- set-overload-bit
- show config
- show isis database
- show isis graceful-restart detail
- show isis hostname
- show isis interface
- show isis neighbors
- show isis protocol
- show isis traffic
- spf-interval
- Link Aggregation Control Protocol (LACP)
- Layer 2
- MAC Addressing Commands
- mac-address-table aging-time
- mac-address-table disable-learning
- mac-address-table static
- mac-address-table station-move refresh-arp
- mac learning-limit
- mac learning-limit learn-limit-violation
- mac learning-limit mac-address-sticky
- mac learning-limit station-move-violation
- mac learning-limit reset
- mac port-security
- show mac-address-table
- show mac-address-table aging-time
- show mac learning-limit
- Virtual LAN (VLAN) Commands
- Far-End Failure Detection (FEFD)
- MAC Addressing Commands
- Link Layer Discovery Protocol (LLDP)
- Microsoft Network Load Balancing
- Multicast Source Discovery Protocol (MSDP)
- clear ip msdp peer
- clear ip msdp sa-cache
- clear ip msdp statistic
- ip msdp cache-rejected-sa
- ip msdp default-peer
- ip msdp log-adjacency-changes
- ip msdp mesh-group
- ip msdp originator-id
- ip msdp peer
- ip msdp redistribute
- ip msdp sa-filter
- ip msdp sa-limit
- ip msdp shutdown
- ip multicast-msdp
- show ip msdp
- show ip msdp sa-cache rejected-sa
- Multicast Listener Discovery Protocol
- Multiple Spanning Tree Protocol (MSTP)
- Multicast
- Neighbor Discovery Protocol (NDP)
- IPv6 Router Advertisement (RA) Guard
- clear ipv6 neighbors
- debug ipv6 nd ra–guard
- device–role
- hop–limit
- ipv6 nd ra–guard attach–policy
- ipv6 nd ra–guard enable
- ipv6 nd ra–guard policy
- ipv6 neighbor
- managed-config-flag
- match ra
- match ra
- mtu
- other–config–flag
- reachable–time
- retrans-time
- router–lifetime
- router–preference maximum
- show config
- show ipv6 nd ra–guard policy
- show ipv6 neighbors
- trusted–port
- IPv6 Router Advertisement (RA) Guard
- Object Tracking
- Open Shortest Path First (OSPFv2 and OSPFv3)
- OSPFv2 Commands
- area default-cost
- area nssa
- area range
- area stub
- auto-cost
- clear ip ospf
- clear ip ospf statistics
- debug ip ospf
- default-information originate
- default-metric
- description
- distance
- distance ospf
- distribute-list in
- distribute-list out
- fast-convergence
- flood-2328
- graceful-restart grace-period
- graceful-restart helper-reject
- graceful-restart mode
- graceful-restart role
- ip ospf auth-change-wait-time
- ip ospf authentication-key
- ip ospf cost
- ip ospf dead-interval
- ip ospf hello-interval
- ip ospf message-digest-key
- ip ospf mtu-ignore
- ip ospf network
- ip ospf priority
- ip ospf retransmit-interval
- ip ospf transmit-delay
- log-adjacency-changes
- maximum-paths
- mib-binding
- network area
- passive-interface
- redistribute
- redistribute bgp
- redistribute isis
- router-id
- router ospf
- show config
- show ip ospf
- show ip ospf asbr
- show ip ospf database
- show ip ospf database asbr-summary
- show ip ospf database external
- show ip ospf database network
- show ip ospf database nssa-external
- show ip ospf database opaque-area
- show ip ospf database opaque-as
- show ip ospf database opaque-link
- show ip ospf database router
- show ip ospf database summary
- show ip ospf interface
- show ip ospf neighbor
- show ip ospf routes
- show ip ospf statistics
- show ip ospf timers rate-limit
- show ip ospf topology
- summary-address
- timers spf
- timers throttle lsa all
- timers throttle lsa arrival
- OSPFv3 Commands
- area authentication
- area encryption
- area nssa
- auto-cost
- clear ipv6 ospf process
- debug ipv6 ospf bfd
- debug ipv6 ospf events
- debug ipv6 ospf packet
- debug ipv6 ospf spf
- default-information originate
- graceful-restart grace-period
- graceful-restart mode
- ipv6 ospf area
- ipv6 ospf authentication
- ipv6 ospf cost
- ipv6 ospf dead-interval
- ipv6 ospf encryption
- ipv6 ospf graceful-restart helper-reject
- ipv6 ospf hello-interval
- ipv6 ospf priority
- ipv6 router ospf
- maximum-paths
- max-metric router-lsa
- passive-interface
- redistribute
- router-id
- show crypto ipsec policy
- show crypto ipsec sa ipv6
- show ipv6 ospf database
- show ipv6 ospf interface
- show ipv6 ospf neighbor
- snmp context
- timers spf
- OSPFv2 Commands
- Policy-based Routing (PBR)
- PIM-Sparse Mode (PIM-SM)
- IPv4 PIM-Sparse Mode Commands
- clear ip pim rp-mapping
- clear ip pim tib
- debug ip pim
- ip pim bsr-border
- ip pim bsr-candidate
- ip pim dr-priority
- ip pim join-filter
- ip pim neighbor-filter
- ip pim query-interval
- ip pim register-filter
- ip pim rp-address
- ip pim rp-candidate
- ip pim sparse-mode
- ip pim sparse-mode sg-expiry-timer
- ip pim ssm-range
- ip pim spt-threshold
- show ip pim bsr-router
- show ip pim interface
- show ip pim neighbor
- show ip pim rp
- show ip pim ssm-range
- show ip pim summary
- show ip pim tib
- IPv6 PIM-Sparse Mode Commands
- clear ipv6 pim tib
- debug ipv6 pim
- ipv6 pim bsr-border
- ipv6 pim bsr-candidate
- ipv6 pim dr-priority
- ipv6 pim query-interval
- ipv6 pim rp-address
- ipv6 pim rp-candidate
- ipv6 pim sparse-mode
- ipv6 pim sparse-mode sg-expiry-timer
- ipv6 pim spt-threshold
- show ipv6 pim bsr-router
- show ipv6 pim interface
- show ipv6 pim neighbor
- show ipv6 pim rp
- show ipv6 pim summary
- show ipv6 pim tib
- IPv4 PIM-Sparse Mode Commands
- Port Monitoring
- Private VLAN (PVLAN)
- Per-VLAN Spanning Tree Plus (PVST+)
- Quality of Service (QoS)
- Global Configuration Commands
- Per-Port QoS Commands
- Policy-Based QoS Commands
- bandwidth-percentage
- buffer-stats-snapshot
- class-map
- clear qos statistics
- description
- match ip access-group
- match ip dscp
- match ip precedence
- match mac access-group
- match mac dot1p
- match mac vlan
- policy-aggregate
- policy-map-input
- policy-map-output
- qos-policy-input
- qos-policy-output
- rate-police
- rate-shape
- service-policy input
- service-policy output
- service-queue
- set
- show qos class-map
- show qos policy-map
- show qos policy-map-input
- show qos policy-map-output
- show qos qos-policy-input
- show qos qos-policy-output
- show qos statistics
- show qos wred-profile
- service-class buffer shared-threshold-weight
- test cam-usage
- threshold
- trust
- wred
- wred ecn
- wred weight
- wred-profile
- rate shape
- service-pool wred
- DSCP Color Map Commands
- Routing Information Protocol (RIP)
- auto-summary
- clear ip rip
- debug ip rip
- default-information originate
- default-metric
- description
- distance
- distribute-list in
- distribute-list out
- ip poison-reverse
- ip rip receive version
- ip rip send version
- ip split-horizon
- maximum-paths
- neighbor
- network
- offset-list
- output-delay
- passive-interface
- redistribute
- redistribute isis
- redistribute ospf
- router rip
- show config
- show ip rip database
- show running-config rip
- timers basic
- version
- Remote Monitoring (RMON)
- Rapid Spanning Tree Protocol (RSTP)
- Security
- AAA Accounting Commands
- Authorization and Privilege Commands
- Obscure Password Commands
- Authentication and Password Commands
- RADIUS Commands
- aaa radius auth-method
- aaa radius auth-method
- client
- client-key
- coa-bounce-port
- coa-disable-port
- coa-reauthenticate
- debug radius
- da-rsp-timeout
- disconnect-user
- dynamic-auth-enable
- ip radius source-interface
- port
- radius dynamic-auth
- radius-server deadtime
- radius-server group
- radius-server host
- radius-server vrf
- radius-server key
- radius-server retransmit
- radius-server timeout
- rate-limit
- replay-protection-window
- terminate-session
- TACACS+ Commands
- Port Authentication (802.1X) Commands
- dot1x authentication (Configuration)
- dot1x authentication (Interface)
- dot1x auth-fail-vlan
- dot1x auth-server
- dot1x guest-vlan
- dot1x mac-auth-bypass
- dot1x max-eap-req
- dot1x port-control
- dot1x quiet-period
- dot1x reauthentication
- dot1x reauth-max
- dot1x server-timeout
- dot1x supplicant-timeout
- dot1x tx-period
- show dot1x interface
- SSH and SCP Commands
- crypto key generate
- crypto key zeroize rsa
- debug ip ssh
- ip scp topdir
- ip ssh authentication-retries
- ip ssh challenge–response–authentication
- ip ssh cipher
- ip ssh connection-rate-limit
- ip ssh hostbased-authentication
- ip ssh key-size
- ip ssh mac
- ip ssh password-authentication
- ip ssh rekey
- ip ssh pub-key-file
- ip ssh rhostsfile
- ip ssh rsa-authentication (Config)
- ip ssh server
- ip ssh server dns enable
- ip ssh server vrf
- ip ssh source-interface
- ip ssh vrf
- show crypto
- show ip ssh
- show ip ssh client-pub-keys
- show ip ssh rsa-authentication
- ssh
- Secure DHCP Commands
- Role-Based Access Control Commands
- ICMP Vulnerabilities
- System Security Commands
- Service Provider Bridging
- sFlow
- Simple Network Management Protocol (SNMP) and Syslog
- SNMP Commands
- show snmp
- show snmp engineID
- show snmp group
- show snmp supported-mibs
- show snmp supported-traps
- show snmp user
- snmp context
- snmp ifmib ifalias long
- snmp-server community
- snmp-server contact
- snmp-server enable traps
- snmp-server engineID
- snmp-server group
- snmp-server host
- snmp-server location
- snmp-server packetsize
- snmp-server trap-source
- snmp-server user
- snmp-server user (for AES128-CFB Encryption)
- snmp-server view
- snmp-server vrf
- snmp trap link-status
- Syslog Commands
- clear logging
- clear logging auditlog
- default logging buffered
- default logging console
- default logging monitor
- default logging trap
- logging
- logging buffered
- logging console
- logging extended
- logging facility
- logging history
- logging history size
- logging monitor
- logging on
- logging source-interface
- logging synchronous
- logging trap
- logging version
- show logging auditlog
- show logging
- show logging driverlog stack-unit
- terminal monitor
- SNMP Commands
- SNMP Traps
- Storm Control
- polling-interval
- xoff-state threshold polling-count
- storm-control pfc in queue-drop
- queue-drop backoff-force
- queue-drop backoff-on-norxpfc
- storm-control pfc in queue-drop-state clear
- disable storm-control pfc
- show storm-control pfc status
- clear storm-control pfc drop-counters
- show storm-control pfc statistics
- clear storm-control pfc statistics
- show storm-control broadcast
- show storm-control multicast
- show storm-control unknown-unicast
- storm-control broadcast (Configuration)
- storm-control broadcast (Interface)
- storm-control PFC/LLFC
- storm-control multicast (Configuration)
- storm-control multicast (Interface)
- storm-control unknown-unicast (Configuration)
- storm-control unknown-unicast (Interface)
- Spanning Tree Protocol (STP)
- SupportAssist
- System Time and Date
- clock summer-time date
- clock summer-time recurring
- clock timezone
- debug ntp
- ntp authenticate
- ntp broadcast client
- ntp control-key-passwd
- ntp disable
- ntp master
- ntp offset-threshold
- ntp server
- ntp source
- ntp trusted-key
- ntp authentication-key
- show clock
- show ntp associations
- show ntp vrf associations
- show ntp status
- Tunneling
- Uplink Failure Detection (UFD)
- VLAN Stacking
- Virtual Routing and Forwarding (VRF)
- VLT Proxy Gateway
- Virtual Link Trunking (VLT)
- back-up destination
- clear vlt statistics
- delay-restore
- delay-restore abort-threshold
- lacp ungroup member-independent
- multicast peer-routing timeout
- peer-link port-channel
- peer-routing
- peer-routing-timeout
- primary-priority
- show vlt brief
- show vlt backup-link
- show vlt counters
- show vlt detail
- show vlt inconsistency
- show vlt mismatch
- show vlt role
- show vlt statistics
- show vlt statistics igmp-snoop
- unit-id
- vlt domain
- vlt-peer-lag port-channel
- Virtual Extensible LAN (VXLAN)
- clear vxlan vxlan-instance statistics
- clear mac-address-table dynamic
- controller
- debug vxlan
- feature vxlan
- fail-mode
- gateway-ip
- local-vtep-ip
- max_backoff
- peer-ovsdbserver-ip
- remote-vtep-ip
- vnid
- vni-profile
- vxlan-instance
- vxlan-instance (VAP)
- vxlan-instance loopback
- vxlan-instance static
- vxlan-vnid
- show running-config vxlan
- show vxlan vxlan-instance
- show vxlan vxlan-instance logical network
- show vxlan vxlan-instance physical-locator
- show vxlan vxlan-instance statistics interface
- show vxlan vxlan-instance statistics remote-vtep-ip
- show vxlan vxlan-instance unicast-mac-local
- show vxlan vxlan-instance unicast-mac-remote
- show vxlan vxlan-instance vtep-vni-map
- Virtual Router Redundancy Protocol (VRRP)
- X.509v3
Version Description
9.8(0.0P5) Introduced on the S4048-ON.
9.8(0.0P2) Introduced on the S3048-ON.
9.7(0.0) Introduced on the S6000–ON.
9.4.(0.0) Introduced on the S-Series and Z-Series.
Usage
Information
You can use this command to associate a group of TACACS servers with a VRF and source interface. You
can configure the source interface only with the VRF attribute and source interface is optional with the
VRF attributes.
If VRF is not configured on the TACACS group, then the group is considered to be on the default VRF.
RADIUS groups and VRFs have one-to-one mapping. If a VRF is configured with one RADIUS group,
then you cannot use the same VRF with another RADIUS group. When the VRF is removed, then the
corresponding RADIUS group is also removed automatically.
Example
DellEMC(conf)# tacacs-server group group1
DellEMC(conf-tacacs-group)# tacacs-server vrf vrf1 source-interface
tengigabitethernet 1/3/1
DellEMC(conf)# tacacs-server group group2
DellEMC(conf-tacacs-group)# tacacs-server vrf default
DellEMC(conf-tacacs-group)#
Port Authentication (802.1X) Commands
An authentication server must authenticate a client connected to an 802.1X switch port. Until the authentication, only
Extensible Authentication Protocol over LAN (EAPOL) traffic is allowed through the port to which a client is connected. After
authentication is successful, normal traffic passes through the port.
Dell EMC Networking OS supports RADIUS and Active Directory environments using 802.1X Port Authentication.
Important Points to Remember
Dell EMC Networking OS limits network access for certain users by using VLAN assignments. 802.1X with VLAN assignment has
these characteristics when configured on the switch and the RADIUS server.
● 802.1X is supported on Dell EMC Networking OS.
● 802.1X is not supported on the LAG or the channel members of a LAG.
● If no VLAN is supplied by the RADIUS server or if 802.1X authorization is disabled, the port is configured in its access VLAN
after successful authentication.
● If 802.1X authorization is enabled but the VLAN information from the RADIUS server is not valid, the port returns to the
Unauthorized state and remains in the configured access VLAN. This prevents ports from appearing unexpectedly in an
inappropriate VLAN due to a configuration error. Configuration errors create an entry in Syslog.
● If 802.1X authorization is enabled and all information from the RADIUS server is valid, the port is placed in the specified
VLAN after authentication.
● If port security is enabled on an 802.1X port with VLAN assignment, the port is placed in the RADIUS server assigned VLAN.
● If 802.1X is disabled on the port, it is returned to the configured access VLAN.
● When the port is in the Force Authorized, Force Unauthorized, or Shutdown state, it is placed in the configured access
VLAN.
● If an 802.1X port is authenticated and put in the RADIUS server assigned VLAN, any change to the port access VLAN
configuration does not take effect.
● The 802.1X with VLAN assignment feature is not supported on trunk ports, dynamic ports, or with dynamic-access port
assignment through a VLAN membership.
1376
Security